last executing test programs:

3m5.777067502s ago: executing program 32 (id=163):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f0000000500)={0x1, r3})
gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2m59.491186188s ago: executing program 33 (id=195):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030000170000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a00000000fdffffffffffffff0400000000000000000000000000000000000404000400000000000000000000000000000000000000000000000000000000000200010000000000000026000000000005000500000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0xb8}}, 0x0)

2m40.802811045s ago: executing program 34 (id=299):
socket(0xa, 0x3, 0x6)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1008a, &(0x7f00000003c0)=ANY=[], 0x21, 0x150f, &(0x7f0000000480)="$eJzs3AuYjtX6MPD7Xms9DE16m+QwrLXuhzcNliFJDklySJJkS5JTQmiSJCExzpKGJMlxkhyGkBymMWmcz4eckyRpkiQkJFnfNW199t7tvfv2/9/3ub7/3L/rei7rfp/3Xu/9vPfzeg7v9c63PUfXbV6vVlMigv8W/Os/yQAQAwDDAeA6AAgAoFJcpbic9fkkJv/3XoT9uR5Ku9oVsKuJ+5+7cf9zN+5/7sb9z924/7kb9z934/7nbtx/xnKz7XOKXs9L7l34/n9uxsf//0Gyy03+cmO5G3v9Bync/9yN+5+7cf9zN+5/7sb9z924/7kb9z934/4zlpv91+8d83cH/xOWq73/McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLHc77KxQA/Da+2nUxxhhjjDHGGGPsz+PzXu0KGGOMMcYYY4wx9n8fggAJCgLIA3khBvJBfrgGYuFaKADXQQSuhzi4AQrCjVAICkMRKArxUAyKgwYDFghCKAElIQo3QSm4GRKgNJSBsuCgHCRCeagAt0BFuBUqwW1QGW6HKlAVqkF1uANqwJ1QE+6CWnA31IY6UBfqwT1QH+6FBnAfNIT7oRE8AI3hQWgCf4Gm8BA0g4ehOTwCLeBRaAmtoDW0gbb/pfwXoC+8CP2gPyTDABgIg2AwDIGhMAyGw0swAl6GkfAKpMAoGA2vwhh4DcbC6zAO3oDx8CZMgIkwCSbDFJgKqfAWTIO3YTq8AzNgJsyC2ZAGc2AuvAvzYD4sgPdgIbwPi2AxLIGlkA4fQAYsg0z4EJbDR5AFK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fww7YCbtgN+yBvbAPPoH98CkcgM/gIHz+H+af+4f8XggIKFCgQoV5MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfiaNAgIaG6vCeVwlKYgAlYBsugQ4eJmIgV8BasiBWxElbCylgZq2BVrIrVsTrWwBpYE2tiLayFtbE21sW6eA/eg/diA2yADbEhNsJG2BgbYxNsgk2xKTbDZtgcm2MLbIEtsSW2xtbYFttiO2yH7bE9dsSO2Ak7YRfsgkmYhF2xK3bDbtgdu2MP7IE9sSf2wt7YG1/AF/BFfBH7Y20xAAfiQByMg3EoDsNh+BKOwJfxZXwFU3AUjsZX8VV8DcfiWRyHb+B4HI81xESchJORxFRMxVSchtNwOk7HGTgTZ+JsTMM5OBfn4jycj/PxPVyI7+P7uBgX41JMx3TMwGWYiZm4HM9hFq7AlbgKV+MaXI3rcD2uw424CTfiFtyC23Abfowf407cibtxN+7Nea/xE/wUP8UUPIgH8RAewsN4GI/gEczGbDyKR/EYHsPjeBxP4Ak8iafwNJ7CM3gGz+I5PI/n8QJewIv4XPzXzfaW3pACIocSSuQReUSMiBH5RX4RK2JFAVFARERExIk4UVAUFIVEIVFEFBHxIl4UF8WFEUaQCEUJUUJERVSUEqVEgkgQZUQZ4YQTiSJRVBAVREVRUVQSt4nK4nZRRVQVHVx1UV3UEB1dTXGXqCVqidqijqgr6ol6or6oLxqIBqKhaCgaiUaisXhQNBEDcCg+JHI601yMwhZiNLYUrURr0Ua8ho+JdmIsthcdREfxhHgDx2EX0c4liadEVzEJu4lnxGR8VvQQU7GneF70Er1FH/GC6Cvau36iv5iBA8RAMRsHiyFiqBgm5mEdkdOxuuIVkSJGidHiVbEUXxO/7ePjxZtigpgoJonJYoqYKlLFW2KaeFtMF++IGWKmmCVmizQxR8wV74p5Yr5YIN4TC8X7YpFYLJaIpSJdfCAyxDKRKT4Uy8VHIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCx2iJ1il9gt9oi9Yp/4ROwXn4oD4jNxUHwuDokvxGHxpTgivhLZ4mtxVHwjjolvxXHxnTghvhcnxSlxWvwgzogfxVlxTpwXP4kL4mdxUfwiLgkvQKIUUkolA5lH5pUxMp/ML6+RsfJaWUBeJyPyehknb5AF5Y2ykCwsi8iiMl4Wk8WllkZaSTKUJWRJGZU3yVLyZpkgS8sysqx0spxMlOVlBXmLrChvlZXkbbKyvF1WkVVlNVld3iFryDtlTXmXrCXvlrVlHVlX1pP3yPryXtlA3icbyvtlI/mAbCwflE3kX2RT+ZBsJh+WzeUjsoV8VLaUrWRr2Ua2lY/JdvJx2V52kB3lE7KT7Cy7yCdlknxKdpVPy27yGdldPit7yOdkT/m87CV7yz7yF3lJetlP9pfJcoAcKAfJwXKIHCqHyeHyJTlCvixHyldkSgwAyFflGPmaHCtfl+PkG3K8fFNOkBPlJDlZTpFTZap8S06Tb8vp8h05Q86Us+RsmSbnyKGXZ1rwf5D/9j/JHylT5Ci5TW6XH8sdcqfcJXfLPXKv3Cf3yf1yvzwgD8iD8qA8JA/Jw/KwPCKPyGyZLY/Ko/KYPCaPy+PyhDwhT8pT8if5gzwjf5Rn5Tl5Tv4kL8gL8uLl9wAUKqGkUipQeVReFaPyqfzqGhWrrlUF1HUqoq5XceoGVVDdqAqpwqqIKqriVTFVXGlllFWkQlVClVRRdRNe/oioMqqscqqcSlTl/5N8VUrdrBJU6b/L/6P62qq2qp1qp9qr9qqj6qg6qU6qi+qiklSS6qq6qm6qm+quuqseqofqqXqqXqqX6qP6qL6qr+qn+qlklawGqkFqsBqihqphavgAUCPUCDVSjVQpKkWNVqPVGDVGjVVj1Tg1To1X49UENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUAdVAfVIXVIHVaH1RF1RGWrbHVUHVXH1DF1XB1XJ9QJdVKdVKfVaXVGnVFn1Vl1Xp1XF9QFdVFdVJfUpZzTvkAEIlCBCvIEeYKYICbIH+QPYoPYoEBQIIgEkSAuiAsKBjcGhYLCQZGgaBAfFAuKBzowgQ0oCIMSQckgGtwUlApuDhKC0kGZoGzggnJBYlA+qBDcElQMbg0qBbcFlYPbgypB1aBaUD24I6gR3BnUDO4KagV3B7WDOkHdoF5wT1A/uDdoENwXNAzuDxoFDwSNgweDJsFfgqbBQ0Gz4OGgefBI0CJ4NGgZtApaB22Ctn/q/N6fLfy466f762Q9QA/Ug/RgPUQP1cP0cP2SHqFf1iP1KzpFj9Kj9at6jH5Nj9Wv63H6DT1ev6kn6Il6kp6sp+ipOlW/pafpt/V0/Y6eoWfqWXq2TtNz9Fz9rp6n5+sF+j29UL+vF+nFeoleqtP1BzpDL9OZ+kO9XH+ks/QKvVKv0qv1Gr1Wr9Pr9Qa9UW/Sm/UWvVVv09v1x3qH3ql36d16j96r9+lP9H79qT6gP9MH9ef6kP5CH9Zf6iP6K52tv9ZH9Tf6mP5WH9ff6RP6e31Sn9Kn9Q/6jP5Rn9Xn9Hn9k76gf9YX9S/6kvY5J/c5h3ejjDJ5TB4TY2JMfpPfxJpYU8AUMBETMXEmzhQ0BU0hU8gUMUVMvIk3xU1xk4MMmRKmhImaqCllSpkEk2DKmDLGGWcSTaKpYCqYiqaiqWQqmcqmsqliqphqppq5w9xh7jR3mrvMXeZuc7epY+qYeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlumpsWpoVpaVqa1qa1aWvamnamnWlv2puOpqPpZDqZLqaLSTJJpqvparqZbqa76W56mB6mp+lpeplepo/pY/qavqaf6WeSTbIZaAaawWawGWqGmuFmuBlhRpiRZqRJMSlmtBltxpgxZqwZa8aZN8x486aZYCaaSWaymWKmmlSTaqaZaWa6mW5mmBlmlpll0kyamWvmmnlmnllgFpiFZqFZZBaZJWaJSTfpJsNkmEyTaZab5SbLZJmVZqVZbVabtWatWW/Wm41mo9lsNputZqvZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOeQQwR8wRk22yzVFz1Bwzx8xxc9ycMCfMSXPSnDanzRlzxpw1Z815c95cMD+bi+YXc8l4E2Pz2fz2Ghtrr7UF7HX2H+MitqiNt8VscattIVv472JjrU2wpW2Z3y4xbXmbkHMstWWts+Vsoi1vq9iqtpqtbu+wNeydtubv4vr2XtvA3mcb2vttPXvP38WN7AO2sX3ENrGP2qa2lW1m29jm9hHbwj5qW9pWtrVtYzvZzraLfdIm2adsV/v07+IMu8yutxvsRrvJ7ref2vP2J3vMfmsv2J9tP9vfDrcv2RH2ZTvSvmJT7KjfxePtm3aCnWgn2cl2ip36u3iWnW3T7Bw7175r59n5v4vT7Qd2oc20i+xiu8Qu/TXOqSnTfmiX249sll1hV9pVdrVdY9fadf+71lV2i91qt9l99hO7w+60u+xuu8fu/TXO2Y4D9jN70H5uj9pv7GH7pT1ij9ts+/Wvcc72Hbff2RP2e3vSnrKn7Q/2jP3RnrXncrbf52z7D/YXe8l6C4QkSJKigPJQXoqhfJSfrqFYupYK0HUUoespjm6ggnQjFaLCVISKUjwVo+KkyZAlopBKUEmK0k1Uim6mBCpNZagsOSpHiVSeKtAtVJFupUp0G1Wm26kKVaVqVJ3uoBp0J9Wku6gW3U21qQ7VpXp0D9Wne6kB3UcN6X5qRA9QY3qQmtBfqCk9RM3oYWpOj1ALepRaUitqTW2oLT1G7ehxak8dqCM9QZ2oM3WhJymJnqKu9DR1o2eoOz1LPeg56knPUy/qTX3oBepLL1I/6k/JNIAG0iAaTENoKA2j4fQSjaCXaSS9Qik0ikbTqzSGXqOx9DqNozdoPL1JE2giTaLJNIWmUiq9RdPobZpO79AMmkmzaDal0RyaS+/SPJpPC+g9Wkjv0yJaTEtoKaXTB5RByyiTPqTl9BFl0QpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTx7SDdtIu2k17aC/to09oP+W7/IH7nA7RF3SYvqQj9BVl09d0lL6hY/QtHafv6AR9TyfpFJ2mH+gM/Uhn6Rydp5/oAv1MF+kXukSeIMRQhDJUYRDmCfOGMWG+MH94TRgbXhsWCK8LI+H1YVx4Q1gwvDEsFBYOi4RFw/iwWFg81KEJbUhhGJYIS4bR8KawVHhzmBCWDsuEZUMXlgsTw/JhhfCWsGJ4a1gpvC2sHN4eVgmrho/cXz28I6wR3hnWDO8Ka4V3h7XDOmHdsF54T1g/vDdsEN4XNgzvDyuGD4SNwwdDuPx7lWbhw2Hz8JGwRfho2DJsFbYO24Rtw8fCduHjYfuwQ9gxfCLsFHYOu4RPhknhU2HX8Ok/XJ8cDggHhoPCQaH398kl0aXR9OgH0Yzosmhm9MPo8uhH0azoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lao9/XygkMnnHTKBS6Py+tiXD6X313jYt21roC7zkXc9S7O3eAKuhtdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucqXczS7BlXZlXFnnXDmX6Nq4tq6ta+ced+1dB9fRPeGecJ1dZ/eke9I95bq6p10394zr7p51Pdxz7jn3vOvlers+7gXX173o+rn+Ltklu4FuoBvsBruhbqgb7oa7EW6EG+lGuhSX4ka70W6MG+PGurFunBvnxrvxboKb4Ca5SW6Km+JSXaqb5qa56W66CwBglpvl0lyam+vmunlunlvgFriFCQvdIrfILXFLXLpLdxkuw2W6TLfcLXdZLsutdCvdarfarXVr3Xq33m10G91mt9ltdVvddrfd7XA73C63y+1xe9w+t8/td/vdAXfAHXQH3SF3yB12h90R95XLdl+7o+4bd8x9646779wJ97076U650+4Hd8b96M66c+68+8ldcD+7i+4Xd8l5lxp5KzIt8nZkeuSdyIzIzMisyOxIWmROZG7k3ci8yPzIgsh7kYWR9yOLIosjSyJLI+mRDyIZkWWRzMiHkeWRjyJZkRWRlZFVkdWRNQp8sR2hL+FL+qi/yZfyN/sEX9qX8WW98+V8oi/vK/hbfEV/q6/kb/OV/e2+iq/qq/lHfUvfyrf2bXxb/5hv5x/37X0H39E/4Tv5zr6Lf9In+ad8V/+07+af8d39s76Hf8739M/7Xr637+Nf8H39i76f7++T/QA/0A/yg/0QP9QP88P9S36Ef9mP9K/4FD/Kj/av+jH+NT/Wv+7H+Tf8eP+mn+An+kl+sp/ip/pU/5af5t/20/07foaf6Wf52T7Nz/Fz/bt+np/vF/j3/EL/vl/kF/slfqlP9x/4DL/MZ/oP/XL/kc/yK/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9x/7HX6n3+V3+z1+r9/nP/H7/af+gP/MH/Sf+0P+C3/Yf+mP+K98tv/aH836xh/z3/rj/jt/wn/vT/pT/rT/wZ/xP/qz/pw/73/yF/zP/qL/xV/6D3+zVufPuHXOGGOMMfb/oUF/sH7AP3lMAYC4PP7Ze3/tzqLZf7teAsDmQn8dDxHxnSIA8FT/ng/9ttSunZycfPm5WRKCkosBIPIPL3A5XgEdoTMkQQeo8E/rGyJ6X6B/M3/GWJoSvQ0g/9/kxMCV+Mr8X/yL+R97YnxG5fB83L+uP7oYIKHklZycq/Df4hXQ8devDjtAxX8xf+F2/67+LAn5vkwFaP83ObEA0D7fP9afCI/D05D0d89kjDHGGGOMMcb+aoio1v0Prj9/vT6PV1dy8sKV+I+uzxljjDHGGGOMMXb1Pdu7z5OPJSV16M4DHvAglw06/5vnXO3/mRhjjDHGGGN/tisn/Vcey3c1C2KMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKh/xd/aexqbyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2vAAAA///aYjRz")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
unlink(&(0x7f0000000180)='./file1\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x5c12, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$nl_route(r2, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000092fb7aa12641000000000000000000"], 0x48)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
timer_gettime(0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7a680000)

2m4.999453799s ago: executing program 35 (id=516):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x21085e, &(0x7f00000001c0)={[{@data_err_ignore}, {@nouid32}, {@minixdf}]}, 0x1, 0x51c, &(0x7f0000000780)="$eJzs3c9vI1cdAPCvvXHiZNMmLT0AgnZpCwtarZN426jqgZYTQqgSokeQtiHxRlHsOIqd0oSVmp65IlGJExz5Azhw6ok7FwQ3LuWAxI8I1CBxGDTjSdabtTcWSewo/nyk2Zk3bzLf74t33lu/bPwCGFu3IuIgIiYj4r2ImMvPF/It3u5s6XWfHT5cPTp8uFqIJHn3H4WsPj0XXV+TupnfsxwR3/92xI8KT8Zt7e1vrtTrtZ28vNBubC+09vbvbjRW1mvrta1qdXlpefGNe69XL6ytLzUm86Mvf/r7g2/8JE1rNj/T3Y6L1Gl66SROaiIivnsZwUbgRt6eyVEnwv+lGBHPR8TL2fM/FzeyVxMAuM6SZC6Sue4yAHDdFbM5sEKxks8FzEaxWKl05vBeiJlivdlq33nQ3N1a68yVzUep+GCjXlvM5wrno1RIy0vZ8aNy9VT5XkQ8FxE/m5rOypXVZn1tlP/wAYAxdvPU+P/vqc74HxHJh6NODgC4POVRJwAADJ3xHwDGj/EfAMaP8R8Axk9n/J8e4MKdy08GABgK7/8BYPwY/wFgrHzvnXfSLTnKP/967f293c3m+3fXaq3NSmN3tbLa3NmurDeb69ln9jTOul+92dxeei12P5j/5narvdDa27/faO5ute9nn+t9v1bKrjoYQssAgH6ee+mTPxXSEfnN6WyLrrUcSiPNDLhsxVEnAIzMjVEnAIyM1b5gfJ3jPb7pAbgmeizR+5hyr18QSpIkubyUgEt2+wvm/2Fcdc3/+1/AMGbM/8P4Mv8P4ytJCoOu+R+DXggAXG3m+IE+P/9/Pt//Ov/hwA/XHtX9Nvvz455fd5B3LxebJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwxx+v/VvK1wGejWKxUIp6JiPkoFR5s1GuLEfFsRPxxqjSVlpdGnDMAcF7Fvxby9b9uz706+1jVizdPDicj4se/ePfnH6y02zt/iJgs/HPq+Hz74/x8dfjZAwBnOx6ns33XG/nPDh+uHm/DzOdv34qIcif+0eFkHJ3En4iJbF+OUkTM/KuQlzsKXXMX53HwUUR8vlf7CzGbzYF0Vj49HT+N/cxQ4xcfi1/M6jr79HvxuQvIBcbNJ2n/83av568Yt7J97+e/nPVQ55f3f+mtVo+yPvBR/OP+70af/u/WoDFe+913OkfTT9Z9FPHFiYjj2Edd/c9x/EKf+K8OGP/PX3rx5X51yS8jbkfv+N2xFtqN7YXW3v7djcbKem29tlWtLi8tL75x7/XqQjZHvdB/NPj7m3ee7VeXtn+mT/zyGe3/6oDt/9V/3/vBV54S/+uv9IpfjBeeEj8dE782YPyVmd+U+9Wl8df6tP+s1//OgPE//cv+2oCXAgBD0Nrb31yp12s7Dp48SJLkw/SbdFXycZC+GlcgjZ4Hbw0r1mSfv5A/faXzTJ+qSpKn3/Ct3lX9eoyLmHUDroKThz4i/jPqZAAAAAAAAAAAAAAAgJ6G8RtLo24jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//99m9kb")
r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x4, [@datasec={0x1, 0x1, 0x0, 0xf, 0x2, [{}], "dcb8"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x2, [], "e173"}]}, {0x0, [0x5f, 0x5f]}}, &(0x7f0000000340)=""/209, 0x44, 0xd1, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/reserved_size', 0x0, 0x70)
sendfile(r6, r0, 0x0, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
fchownat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file0\x00', 0x0, 0x0, 0x100)

1m58.194563154s ago: executing program 36 (id=557):
r0 = syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461002018bbdecde39739fcd1df176dde746ec834120600000000003b048000000000000072462abc30ef5b65c70f73ecea54b5e5bec5aca9836c319f653557e79a002208ceae6dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e36868736000000f6a55493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1174e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc369c71e57fafab52f325ca91e684160191acf5ae7469c82ab4145b595b987d75912afdcc1c061835294cc0c618aba204f8adaa20c80108d356cd887ba217c8f569e6d0caf75052a77056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6ac0d90ea79b8027cf75964dd86c2ed2b5e75779677a28c76b848dd03dab190b5f02ec52830f3ff01eaae1c3df076000000000000000000000000000083a48a6b926c668b9ba42490175018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac011170182f99766e86fb125cc6799c43aa4dc708dc4a00a6decad26f0378072a571da000000aec3dfbae348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0f1415e90fd0400bad5f796374bb196e60e537b8ffca80a5ec3c5c063aab2c87a7824c4fbfab7264185e1b2e59012acbf3732abe75b848de8ec4aaba2e3c8cd14dd9bf9499952815b9fb34057a585a9c18a11f3d496825b3fcb0c8aa89e079fd78997da864b302139b2b10597100846b55f7d0b050b7b0ef7e9c897c50b53404acdd701425323201b33465fddec69c37cb13fd441a830af5ea73f4ac82d7926eb0db1141003d148473077a76c3bee7e37dc799abb47bd67cde7958c50fb2d15c9cc196e4bff1d00"/716], 0x5, 0x558b, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64auumCJWPBPEEisWPIbWMASdogFiB1SkWcmULdJC63jQPs80vjMHL8+874jK9KZiRzAU2sp/e2XJI7FoYhYiIijSeT7SblF3I44X4x9LiKOR0Tlri0p838m9kfE4Yg4Nile1EzKtz47OT5x9uc3f/362wP7jnz+1Xd7unBgTz0fEf31Yv9mv4hZJw93Fsp8Y9zNY//MuIzrUzX6WZG/2V7LK9xsbI1r5PF0pxifrd8YTuLVXqM5iZ3u1Ty/PihOOBx3tupMPpBea2zkx632Wh67wyyPnVvFeTdvFX/bbg1HRZ1WWe+jvHyMRluxyLc328V61q/nsTkYlfmibtZqb07iuIzl6aKZ9Vr5PNYe9Sr/+73VHdzYTMftjWE3G6Rna/UXavVz1fpG1mqP2meqjX7r3Jl0udObDKuO2o3++U6WdXrtWjPrr6TLnWazWq+nyxfaa93GIK3Xa6drp6pnV8q9k+lrl99Le610eRJf6Q5ujLq9YXo120iLT6ykq7XTL66kJ+rpO5eupFfevnjx0pV3P7jw/uWXL73xajnovmmly6unVler9VPV1frKU7T+j8tJ/4P1J9unf/j+8S4bFHb4ggGws/v6/7i3/w/9PzBzD+j/49pD+v/+9fJ4d/r/2Lb/r0z3/zHL/n/SUun/H97/Vvag/10M/f8urh8ey6P1//tnPg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObux8UvXs93lorjI2X+f2XqmfI4iYhKRNzZxkLsn6q5UNZZ3GH84j1z+CaJvMLkHAfK7XBEnC+33/+/21cBAAAAnlxf3j7+adGtFy9Lez0h5qm4aVM5+uGM6iURsbj004yqVSYvz86oWP793hebM6qW38A6OKNixS23fbOq9rcsTIWDd4WkCJW5TgcAAJiL6U5gvl0IAAAA8/TJA999aW7zYM6S2HqUufUsOP/P+78eCB6aeg8AAAD4D0r2egIAAADArsv7f7//BwAAAE+24vf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YOd+ctMGojgAPxsM/auiqvtepTs4Ro/QZZeFA/QSHIGeoFIvwBmolEWOkIQIe4LkBKRIjHGCvk+ynRlHP88AmzeWBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu/a9Wsz+/vv4+Mebv7fY0maYDAAAAHLCpVrP6j0nTfp/6P6auz6ldREQZEYdq90GMWpmDlFMd+f/q0Rj+RdQJu/5xOt5FxLd03Hzq+lMAAACAy7VeLKdNtd6c0hLAVb+j4kyaRZvyw/dMeUVEVJPrTGnl7vQlU1j9+x7Gz0xp9QLWm0xhzZLb8PC9Ua6HtA1al4eZzOsvsW6V3TwXAADoU7sSOFKFAAAAcAF+9D0AzuFpaV/sT/v3jOPmkl4Ivm21AAAAgFeo6HsAAAAAQOfq+v8l7f9X2P8PAAAAsmv2/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLm2o1Wy+W02P358/MudueJt+MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB79ucdBUIgDMJg7/rOZO5/WGnQ0NikCoSPvzEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYn5cUCIEgiII5438nff/DSoKeQYQIaHhUUYsGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYt2PfNqowAOCffbbbFBAhoEgEUJE6wEJTt7R0RQgUMfAnIEWpUwIuhTYDrSJKFjaUuQuCESEkUNjyP3RupC5l65AhSEwMQXe+S8+JoVFp79zm95Oe3+fz9b3vna0qn98ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKCw9W682szjJH2YHMTFsdvbKwtpv7mnT22s3ZlJWxo3Ks77CfBa+cnx6foSAQAA4PBIivo+Iu621+fSvjmZ1f/t4py05v/huUFc1PN76/7N7ZWj+UszRf3/+2/3XtqdaDLJ5kkHXVzq907tT6X1mJY49p5/4Bmt7Mpn370k2RvS/HD1xa12dj0b39269X4nC49UkS0A8DBOFn0eFH8PpX23zsQAODRapcK7qP+TyXpzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjC1mo8U8SNiJhp3Y9Tm9srC6P6b9buzGzk7dzNm2vlMdMh2hGxuNTvnapwLeOruJrXP5vv93tXrl6rOjgeESNeunGwf57k6f/rOZ2IGDpy4uUR43x8gLn2jLMvyD+eUe01nEjX98CTG0NHGvsu+Hs7A3V8AKoKmvn7My75PMqg+Ow9+pEr/u8IAICnXjtvaSV6t70+lx5rTEXs/Dhc/79RimOo7t+5MTgyeL5Rqv/vfXLudnmucv3frWh9T4LZ5UtfzF69dv2tpUvzF3sXe5+/fbr7TvfM+bNnz89m35XMLkbTNyYAAAD8D528lev/5tT+/f9jpTj+Y/+/XP9/+X336/Jcifp/pPubfnVnAgAAcBh1dqMXXv/rz8aIMxqdTnw1v7x8pTt43H1+evBYaboP6UjeyvV/MlV3VgAAAEAVtlYbQ/v/F0pxHHD//9mfXvmlPGYSERMRlyOid3Lhcv9CdcsZa1X8UDmbqFP3SgEAAKjLRN7K+//t7P7/5u4tD82IePNExN/5b/jjgPV/8sG3P5fnKt//f6bSVY6f5vTgemT9dERruu6MAAAAeJodzVta7P/RXp/79NdjH3Xc/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQtX8CAAD//4ztMoY=")
r1 = open(0x0, 0x400141042, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
fcntl$setlease(r0, 0x400, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r1, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x1670e68)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1m43.739857943s ago: executing program 5 (id=642):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000", @ANYRES32=0x0], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0)

1m43.739191083s ago: executing program 5 (id=644):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0xf0, 0x10, 0x633, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0xff80, 0x0, 0xa}, {@in6=@loopback, 0x0, 0x32}, @in=@local, {}, {0xac2, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0xa, 0x4}}, 0xf0}}, 0x0)

1m43.68537776s ago: executing program 5 (id=645):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100001f00702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_register(r1, &(0x7f0000000100)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, '/proc/sys/fs/binfmt_misc/register\x00', 0x3a, '/proc/sys/fs/binfmt_misc/register\x00', 0x3a, './file0/../file0', 0x3a, [0x46]}, 0x75)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
r3 = ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
splice(r2, &(0x7f0000000080)=0x4, r3, &(0x7f0000000180)=0x2, 0xfe, 0xd)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x4, 0x24, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r4, 0xc0085508, &(0x7f0000000500))
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000f80)='mmap_lock_acquire_returned\x00', r6}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$BINDER_SET_CONTEXT_MGR(0xffffffffffffffff, 0x40046207, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x11, 0x23, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000090000000000000001000000850000000f00000018120000ad2bfc39d575268f43e801ce73af02e02b2e3a90ee53126d674c0f262097073f78287dee712e917a68765bec6014b2235795c5ca62de", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000085200000010000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000100000085000000060000001838000001000000000000000000000095000000000000008500000081000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000300)='GPL\x00', 0x7fff, 0xee, &(0x7f0000000800)=""/238, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x0, 0x0, 0x9, 0x25a}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000400)=[r5, r5, r7, r5, r7, r7], &(0x7f00000004c0)=[{0x934, 0x2, 0x0, 0xb}], 0x10, 0xa2b2, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='ext4_ext_convert_to_initialized_fastpath\x00', r8}, 0x10)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r11}, 0x10)
r12 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r12, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="0200000001"], 0xfe44, 0x0)

1m42.454915332s ago: executing program 5 (id=653):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f00000006c0)=ANY=[@ANYRES16=r0, @ANYBLOB="65bc58392e33d840f2ce4959658deff7ed9d55a77f5e7208a560c743f253cb7685761f4fc60ddf02086a42d7e449879a276229b15a3c55722b39ae7d43e90b058b84ed909df6da9d2eae32b9983366834bff400a92cf426c969e96f8aa1e5a6470ea8405edb1df3b8b97f14dc9fd82c10995b39433599628fac94adafca04c09ac196e24cb9fd78e831136bf18549a23dbce9ee9963d0dd15f08dfc2f6e145677a89ce65769c172ed66f5dc9428fb68842f85d34e23eba70da34ec400a22c21ea7c81a1004788566a2e2fc06a2aa7d5e4c1cf4f680bcf68b8763087780730adc7459"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x30, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x112ce3, 0x0, 0x8, 0x0, &(0x7f0000000040))
mkdir(&(0x7f0000000380)='./file0/file0\x00', 0x0)
mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mkdir(&(0x7f0000000400)='./file1/file0\x00', 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
openat(r2, &(0x7f0000000000)='./file1/file0\x00', 0x4000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x6)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1m41.579547292s ago: executing program 5 (id=659):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r1, &(0x7f0000000240)=[{0x0}], 0x1)
close(r1)
mremap(&(0x7f0000638000/0x1000)=nil, 0x6aa000, 0x2000, 0x3, &(0x7f00005c0000/0x2000)=nil)

1m41.477475834s ago: executing program 5 (id=660):
openat$rtc(0xffffffffffffff9c, 0x0, 0x3, 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000010000000000000000000000000034d70000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) (async)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) (async, rerun: 32)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x3654}]}, 0x10) (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) (async)
setsockopt$sock_int(r4, 0x1, 0x20, &(0x7f0000000080), 0x4) (async)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") (async)
r5 = creat(0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000005c0)) (async)
r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async)
r7 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
pwritev2(r7, &(0x7f0000000500), 0x0, 0x8000, 0x0, 0x0) (async)
ioctl$EXT4_IOC_MIGRATE(r6, 0x6609) (async, rerun: 64)
recvmsg(r4, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700) (async, rerun: 64)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000140), 0x4) (async, rerun: 32)
ioctl$TUNSETGROUP(r2, 0x400454ce, r3) (async, rerun: 32)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0)

1m41.477232504s ago: executing program 37 (id=660):
openat$rtc(0xffffffffffffff9c, 0x0, 0x3, 0x0) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000010000000000000000000000000034d70000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) (async)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) (async, rerun: 32)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32)
setsockopt$inet_tcp_int(r4, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f00000001c0)=[{0x6, 0x0, 0x0, 0x3654}]}, 0x10) (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
sendmsg$inet(r4, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0) (async)
setsockopt$sock_int(r4, 0x1, 0x20, &(0x7f0000000080), 0x4) (async)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000001080), 0x1, 0x4e2, &(0x7f0000000b80)="$eJzs3c9vG1kdAPDvTOImm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7ZkLhRFDuOYmdpQiXS/wGJSpzgT+CAxAGpJ+7c4MalHJAKVKAGiYPRjCdpSOMkbRMb7M9HGs28eeP5vldr3nO/SfwCGFlXI2IvIq5ExMcRMVOcT4ot3u9u2XWPH91Z3n90ZzmJTuejvyV5fXYujrwm83Jxz8mI+N63I36YPB23tbO7vlSv17aKcqXd2Ky0dnZvrDWWVmurtY1qdWF+Ye7dm+9UL6yvbzR+9fBbax98/7e/+eKD3+9948dZs6aLuqP9uEjdrpcO42TGI+KDywg2AGNFf64MuiE8lzQiPhURb+bP/0yM5e/m+ZzwWAMA/wc6nZnozBwtAwDDLs1zYElaLnIB05Gm5XI3h/d6TKX1Zqt9/VZze2OlmyubjVJ6a61emytyhbNRSrLyfH78pFw9Vr4ZEa9FxE8nXsrL5eXz5xkAgIv18rH5/58T3fkfABhyk2ddsNifdgAA/XPm/A8ADB3zPwCMHvM/AIwe8z8AjB7zPwCMnmL+Hxt0OwCAvvjuhx9mW2e/+P7rlU92ttebn9xYqbXWy43t5fJyc2uzvNpsrtZr5eVm46z71ZvNzfm3Y/t2pV1rtSutnd3FRnN7o72Yf6/3Yq3Ul14BAKd57Y37f0wiYu+9l/ItjqzlYK6G4ZYOugHAwMj5w+jyLdwwuvwfHzhrLc+evyJ87zmCdX7yHC8CLtq1z8n/w6iS/4fRJf8Po0v+H0ZXp5P0WvM/PbwEABgqcvxAX3/+DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAENiOt+StFysBT4daVouR7wSEbNRSm6t1WtzEfFqRPxhojSRlecH3WgA4AWlf0mK9b+uzbw1fbz2SvKviXwfET/6+Uc/u73Ubm/NZ+f/fni+fa84Xx1E+wGAsxzM0wfz+IHHj+4sH2z9bM/Db3YXF83i7hdbt2Y8xvP9ZJQiYuofSVHuyj6vjF1A/L27EfHZk/qf5LmR2WLl0+Pxs9iv9DV++l/x07yuu8/+LT79DDHPWusVRsX9bPx5/6TnL42r+X7yxMWPJ/MR6sUdjH/7T41/6eH4N9Zj/Lt63hhv/+47PevuRnx+/KT4yWH8pEf8t84Z/09f+NKbveo6v4i4FifHPxqr0m5sVlo7uzfWGkurtdXaRrW6ML8w9+7Nd6qVPEddOchUP+2v711/9bT+T/WIP3lG/796aq87EwdHv/z3xz/48inxv/6Vk9//10+Jn82JXzs1/hNLU7/uuXx3Fn+l2/+7z/r+Xz9n/Ad/3l0556UAQB+0dnbXl+r12taFHpTigm945CC5pDY7GPKD7PP4i97nM0XK7H+gO5d9MOiRCbhsTx76QbcEAAAAAAAAAAAAAADo5dL/nCgddA8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYZv8JAAD//wqryik=") (async)
r5 = creat(0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000005c0)) (async)
r6 = creat(&(0x7f0000000040)='./bus\x00', 0x0) (async)
r7 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
pwritev2(r7, &(0x7f0000000500), 0x0, 0x8000, 0x0, 0x0) (async)
ioctl$EXT4_IOC_MIGRATE(r6, 0x6609) (async, rerun: 64)
recvmsg(r4, &(0x7f0000000580)={0x0, 0x7, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700) (async, rerun: 64)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000140), 0x4) (async, rerun: 32)
ioctl$TUNSETGROUP(r2, 0x400454ce, r3) (async, rerun: 32)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10) (async)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_clone(0x24001100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0)

1m27.096875395s ago: executing program 8 (id=733):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
r5 = dup(r2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m27.05353787s ago: executing program 8 (id=734):
personality(0x1bb2baf3005ac137)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6f, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5d, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, "df"}, {0x5, 0x24, 0x0, 0x584e}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x400}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a00000000000061117000000000001800008eac00000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sched_setscheduler(0x0, 0x0, &(0x7f00000005c0)=0x8)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x2, &(0x7f00000008c0)=@raw=[@call={0x85, 0x25, 0x0, 0x6f}, @exit, @call, @printk={@s}, @kfunc, @map_idx, @cb_func, @cb_func], &(0x7f0000000180)='GPL\x00', 0x2, 0xe9, &(0x7f0000000240)=""/233, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x83)

1m24.743520046s ago: executing program 7 (id=749):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0xffff, 0x10000)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r5, 0x0, 0x13, 0x0, &(0x7f0000000b00))
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0xa, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

1m23.926259771s ago: executing program 8 (id=753):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES32, @ANYBLOB="1800000000b07700000000000000000018110000f7e99f7b3557098259c21a85dddc78407f8959138d21d93cebd8636c277f9c2c22626defbbc8589def91bfefa51d64d97ab169e38dd28518b88046b0f0fd3350431f221ab5134abd336327131410f05a6608ec7363f6f2fe5c12e393102f822ee17f4b101ec5dab91e5008ae89360a621f811495cbfb2f184410bec91a76b754c8752c48ef27265e83e73fd663056e278e99148bf9cc639f8e0000000000000004c7b37118cdf8ac57eaafbe7d987514fedfca420f783aee2dd1163320b98ea201b2058f35f6f4183cdd79ecdb6265bae4327d48389cda00f8ffff93a0d2539ff51d0a6b88de3a530c8f9aca0ad4e628e4d3c444079b2d57b6f2e583e0072099b264a9e2f3", @ANYRES64, @ANYRESHEX=r0, @ANYRESHEX=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x42000000)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0x6e)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1}, 0x6e)
connect$unix(r1, &(0x7f0000000280), 0x6e)
r3 = socket$unix(0x1, 0x1, 0x0)
mremap(&(0x7f0000ff8000/0x3000)=nil, 0x7fffdf00a000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00'}, 0x10)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x0, 0xe8030000}})
bind$unix(r3, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@abs={0x1}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1m23.864015418s ago: executing program 7 (id=754):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113b70000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767562a90a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e42e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1m22.740467238s ago: executing program 7 (id=763):
personality(0x1bb2baf3005ac137)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6f, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5d, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, "df"}, {0x5, 0x24, 0x0, 0x584e}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x400}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="250a00000000000061117000000000001800008eac00000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sched_setscheduler(0x0, 0x0, &(0x7f00000005c0)=0x8)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x2, &(0x7f00000008c0)=@raw=[@call={0x85, 0x25, 0x0, 0x6f}, @exit, @call, @printk={@s}, @kfunc, @map_idx, @cb_func, @cb_func], &(0x7f0000000180)='GPL\x00', 0x2, 0xe9, &(0x7f0000000240)=""/233, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x83)

1m22.736811228s ago: executing program 8 (id=764):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r4, &(0x7f00000002c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac211541591", 0x43, 0xc001, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000540)={'#! ', './file0'}, 0xb)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x0)
stat(&(0x7f00000003c0)='./bus\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0})
fchown(r5, r6, r7)
r8 = getgid()
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000280)='./file0\x00', 0x206040, &(0x7f0000000340)={{}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {'group_id', 0x3d, r8}, 0x2c, {[{@allow_other}, {@max_read={'max_read', 0x3d, 0x100000001}}, {@max_read={'max_read', 0x3d, 0x8}}], [{@audit}, {@smackfsfloor}, {@audit}, {@fsmagic={'fsmagic', 0x3d, 0x9}}]}}, 0x0, 0x0, &(0x7f0000000440)="743926b98fdd9e1b7ddab39dd800c2f7252500b3d1f3644c0f7448f36b94a229f6f0")
setsockopt$inet6_udp_int(r4, 0x11, 0x1, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

1m20.832668438s ago: executing program 8 (id=770):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x4000)

1m20.589638306s ago: executing program 8 (id=771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000", @ANYRES32=0x0], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0)

1m20.575063808s ago: executing program 38 (id=771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000", @ANYRES32=0x0], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0)

1m18.200453562s ago: executing program 7 (id=781):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x5, &(0x7f0000000880)={[{@bsdgroups}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@usrquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@nobarrier}, {@errors_remount}, {@jqfmt_vfsold}]}, 0x1, 0x40b, &(0x7f0000000dc0)="$eJzs201oHFUcAPD/zGbT2rQm1vrVVt02iAE1aRIVAl4qKgqCB715kNCkpZg0pYnYFg8qgqfixZOePOnBoxcPgnj3JHiydykEKZ5lZWZnmk2yG/O9tvP7wSbvzb7lvf+8fbtv3psNoLIa2Z8k4nBE/BERg63s6gKN1r+/b390Lnsk0Wy+/VeSl8vyZdHydQNFZiSNSD9L4kSHehevXX9/em5u9kqRH1uavzy2eO36cxfnpy/MXpi9NDn1wpmJyakXpyZ3I8z+rG03bp/8feHrt/754vTNgZdvvPdKduxwUaA9jt3SiMbqc9nmqd2urMeOtKWTvh42hC2pRUTWXfV8/A9GLVY6bzBe/bSnjQP2VLPZbB7o/vTHTeAelkSvWwD0RvlFX17b78V18P/Z8tnWBdD6+PsiLcrU11zf7qZGRFx99/Ofskfs0ToEAEC7n7P5z7Od5j9pPNxW7v5ib2goIh6IiKMR8WBEHIuIhyLyso9ExKNbrL+xJr9+/pPe2lZgm5TN/17qOP8tZ38xVIv+PHEkj7+enL84N3umOCcjUT+Q5cc3qOO3N777ttuWSPv8L3tk9ZdzwaIdt/rWLNDNTC9N7yDkVZY/iTjecf6b3NkJSCLisYg4vs06fjzb/Krbc/8d/95qfhPxdMf+X9m5SzbenxzL3w9j5btivZMfXp7pVn+v48/6/9DG8Q8l7fu1i1uv44ehU8vdntvu+78/eSdP9xfHrk4vLV0Zj+hP3lx/fGLltWW+LJ/FPzLcefwfjZUzcSLrx4h4PCKeiIgni7afiojTETG8QfyvDb8+2zX+gxHR0/7/fqCV2mz/bz0xP/HLr2uqrZeJzfX/83lqpDiymc+/zTZwRycPAAAA7hJpfg98ko7eSafp6GjrHv5jcSidW1hceub8wgeXZlr3yg9FPS1Xugbb1kPHi7XhMj+xJj9ZrBt/Wbsvz4+eW5jruigG7IuBLuM/82et160D9pzfa0F1Gf9QXcY/VJfxD9Vl/EN1bTj+D+5fO4B9drPm+x8qzPiH6jL+obqMf6iknfyuX0JC4l5N9PqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYHf8GwAA//80y941")
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f00000002c0)='./mnt\x00', 0x0, &(0x7f0000000540)={[{@data_ordered}, {@mblk_io_submit}, {@nomblk_io_submit}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@resgid={'resgid', 0x3d, 0xffffffffffffffff}}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@dax}, {@data_writeback}]}, 0x1, 0x24f, &(0x7f0000000600)="$eJzs3TFoJFUcBvBvZmc9926RUxtBUEFENBDOTrBZG4UDOQ4RQYUTERvlTjjvsLtY2VhorZLKJoid0VLSBBtFsIqaIjaCBgWDhRYrs7uBNYkkusmOOL8fzO7M7nvzf8PM96aa3QCtdTbJIEknyUKSbpJiusE94+XsZHO5t34pGQ6f/LkYtRtvj+32O5NkKcnDSdbKIi9XyfXVZ7d+23j8/reude/7YPWZ3lwPcmJ7a/OJnfcvvPnx+Yeuf/n1jxeKDNL/y3Edv+KAz6oiue0kiv1HFFXTI+AoLr7+0Td17m9Pcu8o/92UGZ+8t6/etNbNg+/9Xd93fvrqznmOFTh+w2G3vgcuDYHWKZP0U5SLScbrZXd3bvi2c7p85crV1xZeunLt8ovNzlPA8eknm499euqTM3vy/0OnLBcXmx4dcJLq/D91ceW7en2n0/RogHmq87/w/I0HIv/QOvIP7dUfyD+0lfs//M8Mjt5U/qG95B/aS/6hveQf2kv+ob3kH9prOv8AQLsMTzX9BDLQlKbnHwAAAAAAAAAAAAAAAAAAYL/l3vql3WVeNT9/N9l+NElVHFC/M/o/4uTm0evpX4tUU32LutuM9Z+7e8Yd7PXLP2v+YcNPX9/yfbP1v7jrhAsc8rt2Ny4nS28kOVdV+6+/YnL9/Xu3HvJ994UZC8zokaebrf/HSoPFq+T8RvJZPf+cm57/epMGZe4YvR88//Tr8zfjEF79fcYdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDd/BgAA//+s920g")
mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/pm_freeze_timeout', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f00000003c0)={0x2, 0x2, 0x7fffffffffffffff, 0x7})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, <r2=>0x0}, &(0x7f0000000280)=0x7)
fchown(r0, 0x0, r2)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file1\x00', 0x80b0, &(0x7f0000000540)=ANY=[], 0x0, 0x0, 0x0)

1m18.196582872s ago: executing program 7 (id=783):
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}})

1m17.897504207s ago: executing program 7 (id=787):
r0 = syz_io_uring_setup(0x52f3, &(0x7f0000000000)={0x0, 0x97a1, 0x80, 0x2, 0x163}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_enter(r0, 0x35d5, 0xcf6d, 0x10, &(0x7f0000000100), 0x8) (async, rerun: 32)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (rerun: 32)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) (async)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@RTM_GETNSID={0x1c, 0x5a, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NETNSA_NSID={0x8, 0x1, 0x2}]}, 0x1c}}, 0x800)
recvmsg(r1, &(0x7f0000002900)={&(0x7f0000000340)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000001880)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/218, 0xda}, {&(0x7f00000014c0)=""/65, 0x41}, {&(0x7f0000001540)=""/117, 0x75}, {&(0x7f00000015c0)=""/211, 0xd3}, {&(0x7f00000016c0)=""/102, 0x66}, {&(0x7f0000001740)=""/214, 0xd6}, {&(0x7f0000001840)=""/54, 0x36}], 0x8, &(0x7f0000001900)=""/4096, 0x1000}, 0x1)
sendto$inet6(r1, &(0x7f0000002940)="9c379d3944548dcc323df30cce901179aad30a17f00b668da81bd4537ac80d18fb7c50b8767be5a58a57a14db86870856cd520cdecad91d31e0f7170fd0853ba62091b05280fdfaa727b6b4a23e77e642239f9206cc941df646681cc4018a4e85ffba1c995aaded7018b0b03dd41b5d817789990daacfd87a0cdf1dbc15d517e26b1c347a2d8424ca51a5d506708a50b02b2ff1055caef3d43f5eba9fa2f5f28ea986fbf34a6b2be7f152dc4989a3c482b9e3f38771118a49ef2c963453e29007744d4bc9bd2f06e4f8c3bcef9b5194052e16b88ac58eefeaf6f01d5c7269f9e074aa24b190159d21b751380e647a7ace9afdf181e2b8a502f88c59099810e5b9b937ad1a7d3732c6cd6f3844b4e32c96ca1961a0fba3f7dcfc15e95ce9f3d79dfe571932c73e8c157786670f009fd25b3f2aa5a10bcfeda69cd042e179ad3a322dfaf94034bd1caa16f5863685c92da0a2ff2dce61963de639d78e0e96f1a8fcbd3119b4fd304c593bb36921bde5a4a88f3d0407193d68c726901f062c58e7dd766dbe241af7a4c7d1f52b158d923a4e01b326271be9a55f926dd1eca94dd8e57f437c0fa79a6867cb74966b39c3a523c74d8a99782995ebdf0ce7dc210793dfee3277babd09aa9a31d656e977f34bc42268537b7fb980f608cd3fb4b62b8282b21ce5ddc0eb819e82734657a1d5e4b0cea6785b9402f1ed671c4d226a63df69e4d0cc6c6452b4065610d960a9a42bb5695632b68ff2193eeccbd2ab396be519563ae4b343bd13b3360c1ad3467c2492e4e953a6de6eb290a31eeea6ec4024a8c41bf81d944f355abafca4d0d71aace03d56dcb382262e8903ab4b8297e602e11a769363074e6961c57a94771fae8c462d5eb02a6b561ace0670fb15a28f756c7d8ab47bb563961e313b6ba59d34bfb52f834c790d283985cee8f50baab9386adfc215b7151690cd06470010549f900c75015a38a3c590aedfe83897f5884994ddd3e6d54765a9ae9c8f3abbe78e891b597730227a9573a7695f926cbe8fd5a6d056d2810f9483e29bedc3b03f16dbbda2b322327cc4bfb0ed4d12e95d94648e37caa9c2b6bffaf3303365c6d62ee6895dd8683d7deeac9322ec453d5349bba002b51fffd596d711f299bb7dfccd6113201eb5ba3223980aa353689d3d306c994d09aae3cc6b8069f1eb1d4321570ecfa6b59ddac649423dd704063ce1ccd46627da7159eac4ecfbe84beff065b48ccd0a8c279f170f2b6587aed78e7ae74c8aad36818768e76b82546d800bb584eaa487132bc04b931a32ee841ce552c766dda018c3713619d2408b452f7ac4d869eb6a0d80874d52fcdaa49455a7020d8c4d4d9eb64778e02ecc623909f68d9a20d8d1e1eb0012a02cc03ebb956714df5c0f7917ab5b2a1f5d559c9465100ef8dde76a068dfe7aa4f416407dca7cfe07fc5af12ec2c9dcd52c8b3583b84cacf2c82bdbc26411fc5cabc9f0281f86ce69fed4bbc58315371878de7989c5bd209f0dee0866209fa9668cefdf324e61998f40232015ec8695c3c21a8df9bb0a6311e12b4fb5554ef6be48e7863f1d77b6f0c0e3906322023d7a5fa84eb074afe11d723dbc5a80f14bf3f3c9b7cae7196c4acde307ef3f6b4c2ac26171a2721dfa9f8a2163f0ed6fe61b881e9133146c4bea3daeb07f20c01f70fdd53f8354f4000fb794348ccc55a764a2e5fbc6d7b760c7b98461fd7097c5b6c4b255390b75559e43b9ac0db9219d83be354d5d5ebc85f2f69e53965da073b8be5dfbaa51229bc4948b82b590a88353a52c3e81900fd93753bda97fbda3050b61fa6d409e2f0c8e04716c4b67669f7d83fc636e2badc4f697960fc2a7ab7795fb38592ae407055775584bfbf7fdaabacfe22e0be6844d0645ee44eae720342d4928cda2e27d78753cf2d64258694b5574bf6790d308aed7a028e5e9881c0ee1a1892afc05e3a6ad8a1ebbf8909fe0da1d828493edc7e9acbd84e2dc4a66882315e6536338d3e6dd5dfe01cda9719ee43575b4da3faf5e6728c73b1ee4a9cb66857a09ae8645b34aa9d4645e49f71951aec4e935c036b0d465ef7ea5d6a71a84508b21dbc73d6bed94c400898c8796f12c5c612cc7765c9218e0f02d85220909060292cd69043160977db18f6699438debacd2188fb3f9f2a244945636c6c265a430615e0c54e83322bdbb39f70b0601d6069ec2f7902c88cb52002292d056be39e6357d54a937f5cf7977ead2ca5b945639e3fe91f8e66166fe7ff757121d08005c76831be58d1afdbfe4c2d961c5284389a6881fd08574d03e21a91c253e77e0ba331fed700b66f38bfb49fb7478aabb91b13a72c44d958235e43f1dd7b869a8870c5a411e56f78ab5eb136bf3cd0502e518a1d4d26336f08e03ee444f4560feb36f6fe4a2c14f82688c905ddb58145e1bb917164d46742e4a37966077717909fd855dd5b1443312223a0f9712ab0e5e185618f5238839d09cb34ff4d8b269529dfee34ac215e6c38ce1dd8d6b4d8127a745b729b4fe7f1f57ecd25f761a31632b20370c9fb3b196d6c160abde3b654b900749056d2c91c784bb3bc1ccb1cac43b4f9a384d2e6042675fc944306414e377439429daac2e94230fd58b467319f251d445113dcd7aecf9b4009fea65c2243eee1692f52cd0d8a72f9265de6d3722a0da34a71c5e99e63c89891fbb92c27444185ebdb276a30cf35e92f5730a63d304cc9531882bc2fdce31dc3cb882785bc682f2ee9e24acd5cf90d233a011063dc0980b2f5d579029d6d05c578f94ca1066543278837a7168785204ac5cbd099d7907befabcfac082ea42d83651418efb8e816325cf5e01c8050e84661f45b0f4a18b9efcdbf0e637d25a5cc193bcf7df17683e9299293eadfe9bc67758d1c30b2145cc0cdd0f984383b636d968d7c8f64c50f06dcd642991057c9817c6628bf07d6bce76714ab165d81e47c368cdde272558171094df47513294d4eb4d397a178644aca86b4b33ac45b2667eced46eb6d47a63f91b306fbf814ffad7624019f2959cea7b8b285f9e93d1269d7be0433db173c1c4d3a529ebe65f1c696679dca8b9b17d07f5a8361c74ee215d411760adb6f35e9e17e982c17dc598ee59c082d4d259aee86bb9225cba827a3408d8649fe458a7dba4c227ce5b7ffc8195f78574437641b283fa6e0d53b24d89150768ab4ea38a8348527d06671950afeebafa0607e8d2817cb6d8c7a3187a88232448a61d5350615002f1643bc0aeac06f4bbab4e875cd153d8aba72a8ef991df6d2feeb4386c0943513dd28b1a16ae4ae1d1b67baa36a1b200865bcb0513bac2d4b094468660f1febb2b5e1918131075d2207c1608a2d9267b92c44300224028ce61115d4d6e6196da5a9b992801ec89003799e70b7703bcccc74680f1fbc902c78ba9f9dea247a81cefe459cfa2f35f36a47e8d5bac1ef343e7914bbf934cdd8b6d53ec4deb57a4244c692c5a7967d05b19c2820c148c5b92d67c757e6573441bf4c1b2e8fc94153c81c98c5cf858a13ffb157a190fc43a4eb85447e48fa824587bc98ca223f42936f7615bf6a7c09388da7d67e3e502af1b503b38335619226716c098fac770b6198ca868855c1aa93962193e1872bdb8e03cc84498182e40c115120f80ffe04bd54113f93f3b465ee90a98e6733328f403e41825534067ffc9dd5047eec0060fc3c88b5a5f7b32f083c9622fd5833ce2e4e2fdb865e9a6cd6da137e4549b3c026529916009878b11fbc98267294a4b613f2dde41cff17ab4520683ead7794477d65ddcc31909b23b8eb80915c85523925982c7f291830bc13d6dd9d6946c40fe3a952a3610aad0865792e39898f64692d7c0821b92c9484c4f11ee3cf5f53fcccb4257bc6045c7b36e1e8a6ead6487cc64db159aa2fa6438f46dac893bedd379643aaea3645df611f0f1258b09aa19ac6f537c5f8d53e8d804369170c6720cfc21dcce00d111afd9b53bf92a47e32329d876473ad2c954e30dd94671e5f4278fe0be88483119ae25c6355888413383dab9d2a4d646c8505dc784594c60f67b8b610a4b2176032f22f9dfd5392a704cbce88b6ba3c4e7ae574939d6b57046d33fd4592ebe5711f0ab7918ffbf3125ff14be0c541059ab66e841ea8dcad3229dac9f11a8f8687e3c5c8618723e21893b44fe2228d1d6d3dc86ec230e8f76ba53debdb79be015a208dde1a983d2797d92bc810ee83a5860d3aee778f03106fa8d20fd7359aa2d7f524883d8f8f9b3f9a1fc8411c349b839489f3f08186900f50c94bc4924e53da659aaed72fb08355ae11760f5765e46a12b818f54ed6376514e3de8c87fc6d8f52443e1c6b89d9552cd9fc2ae523c664465cbde86fee226dbf86fbb91f2a4233b7a84ee13435f71aa2e663835066cd7e94df6918fc20abc355ccad22b3e9b8e075bd92834ec3d3173a586dbac428e878f359649ba78d0009b26664980e3f0ffef80e7b95277ff283dffc36cac9db6c68552c1b09b2870bf1171d455c205835ba00a4ff2eac0f0fdfc26a180a7370c38c07e0639e650610e2788ff0d897c885d09c450505e42d412a39d38c1bb7001c9cc7f768f199dd87db57007e6226ef1b1e382df7869d0298b526bcc4edbb5299b9823b44f07c3d062f861885a50d4ec536a74d747382dd0ce34876627744bc66849678708b7499f7476491bbc8b2b87092727731472fd8669bce4260e7ad4029011317365dff3ae82c51f98e22a6ab2823df7d3ea68e59c46aea86d3ac12ca59e97646ef29a9c7f4d55238290d6e86abade0b4ef7c71acba4c5e1bc1e4e7abbef76df500fb9a5b2bf3e6fd763a9bd23a02768fad232e4b0c323b50edc80bbc6ca44c28eb10fd45de35fbde071e4f4ced064ab1907191369a432fc2bb6faa84c4babfdc1c45c2731f7797797bbdbd8ad0f67f367e61f2f8ad14ae4617a792d416ffb610d8a3703c32ae5e37181f069c713ca77f89f7ec8cefe7cca2e043a42b8ad28cbc4b9f634b34c18fefadde7c41da7d7f4a9ccc145f5599e3d6faa7332bbb02ff1610a55c7a49b1213451db3546178611749309c99c30d0732da1a94b583f7dcc61eec14a3f480e6edd1996814f181e269b54c5ec9a7a834c193aab56412fbdacd36dbf2c1f691434364b66fb66a4be84241d1ed92c1ca2e7c848807352f1be65f8a93d52a812ce303da749e1543a113bac116c8573b058cce3275b5e6136815f34771c1150b9cbb836090cf24eef234d9a091f45f460811b5e6158851ccb81e6b4ca8d913cfaf010dce56f5962653a7851606b08968b59d0053440e5a503c44fe3d225eff201607b12de26e6a2d20e0d32a6ff2263bf12ab9402e1fa7304c668c2883b7ff77e060511ff019bd9e58a768ceaf8af732af72ba7f9204f3fcee15ee3e902d32441ce29d3ae9270b8fb5848041bf5d39da58385ad4f08db52e2df7e7a662ce6517788d0f18fc799677677aac3e88cc3e3f56ecb32cad5e81b099a596a8cd103f3c9019bd1bf48fa1b78d60b2147f09d3902b18b96ae902361ea3b37f5af92b7d0748034a391fb39e3e46436973fd815b944e0119024558a0a564e28710911a76ea002515b05cd07868415fe9dda0576d6baa3528ce31cd74c3766693cc3b2e73acab2ba456cd0df31c9ab35d5303b3a4c89590cd1c1cc1a1859d330794dfbc633897256463fcf1220a87a53fc060070fb243cb069dbeae352461f36f942a3450199bbf0b3b3512ee87a4f77f9341972193badc9c081a9856093a46693d1ad6cceeac271a664b7ab20", 0x1000, 0x800, &(0x7f0000003940)={0xa, 0x4e23, 0x1ff, @private1, 0x401}, 0x1c) (async)
r4 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000003980), 0x1, 0x0)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000039c0), 0x1, 0x0)
r6 = fcntl$dupfd(r4, 0x0, r5)
r7 = socket$tipc(0x1e, 0x2, 0x0) (async)
rename(&(0x7f0000003a00)='./file0\x00', &(0x7f0000003a40)='./file0\x00') (async)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000003b80)={&(0x7f0000003a80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000003b40)={&(0x7f0000003ac0)={0x54, r2, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}, @NL80211_ATTR_HE_BSS_COLOR={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_HE_BSS_COLOR={0x10, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x28}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x1}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x2}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c880) (async)
lseek(r3, 0xaa8000000, 0x1) (async)
connect$tipc(r6, &(0x7f0000003bc0)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10) (async)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r6, &(0x7f0000003c00)={0x4}) (async)
sendmsg$tipc(r6, &(0x7f0000004100)={&(0x7f0000003c40)=@name={0x1e, 0x2, 0x2, {{0x40, 0x1}, 0x3}}, 0x10, &(0x7f0000003fc0)=[{&(0x7f0000003c80)="3d9de644cbf00b75adb11c6d0dcc93e588ff0fc1ae3c83e7764e3be975238dbedbd40077870e4f52305cfa4026917685882e17406cb642b13b18126d538511550cfe00c2083425c6e3b8293c282c2c4aba09a5ad78a4520789538c410f7addb15a4ca924b65e9fa589d090ee0ccd196a57d64d1a7039dfd07ef3ffc263583dfa8622ea6937a5a036347dc012e0c6161d4b7b4af365becb8444c1c50ecd697f010675f96a0529388237eb722ff238921ededd4ab42a59cbbf26b366cb89ad07aa4b0eaeb043f98bf08000b50b86e4a6fed7d43830a07d144362", 0xd9}, {&(0x7f0000003d80)="a9c46177900e4480bb32bcd4b0aaf38bfe613bf7fbc89070642178872395449f8e14240d9e8c8b9bc542786ee968b0bb02e99b230d7191097ecf2401d8f989151191290bf6cf16d25a3622791f177e947722fb2437cf47b796fefb6c18d4c7e12b4a7853f76b05522969660dafb447fb0e3b33e7a3e9537922b9fa4a1f6cd18704dbea567160ae47d7f58ed03e7fffae33fb9669b8b65be168e6470b0290f470d9fba7b75d3658c9252cc4662b1bd2039f15d340c16545ba5966498049b8610c2d9a5dcb38ee9da01dfb3d0d6a17303c9a24bffda4a4a6410b0dd8029b503c9cf6", 0xe1}, {&(0x7f0000003e80)="94ac161d2abe130cd7af4c0c4e3ec759b6847ca81ba4fdcd7647572315d26e552eb2e023ccac74db423c10520a658b075eda6bf3654164a7d6e578ee6db3642f5f5dabca052b0688a9ee8536", 0x4c}, {&(0x7f0000003f00)="e28c665635afbc8e5fb1dab3e798413fc6d6de7e69b72f5f42f0ebb88b05e2bd80a45755fc7651a3f17229ddf0bb2ea3824e217bb6c6fc7a037db215d84b9a1cae3945a2be6c90df7c05947eed6c80147085892e1e692e2ea8fc3bdade5397c0735681215c845adc041f796974d1c1b9723eb92ee2efb8387768fdd01b014f812fe67577c57f68ddff7f3e892688b06be03fc1284eef7e2d2c3872f5893959e417d5de9c15447002c660f758", 0xac}], 0x4, &(0x7f0000004000)="1a494dc85ca0abb261d32c3f486a103a0323e2c78657098e91ffd771af658b394d7ba0eeb44ebbda324b365937ea2cf0b9d079a646e19731b89d074bdebc8966927d5844701c9dc39c9349146b2700d2420caa11d624d0eb2c3c0fb90fe3be30f8f03b17992f3aac0f6067e53acc3f40169a0e0f1ee7cb72c10f4bcd6250675a4e8ee8d8112f3325549b65b5db52f7259f4adf91e0d83e849e98c151a4ec70a8bb3bc4e06700e5fec8e5b65081d608a422e11693acee8d2f07a28651eb707ca3b7436d537b93a6d4fc1c9d0ee097cce5f1418570c4e1", 0xd6, 0x20000080}, 0x8004)
r8 = accept4$unix(r5, 0x0, &(0x7f0000004180), 0x800)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f00000042c0)={&(0x7f0000004140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000004280)={&(0x7f00000041c0)=@newtclass={0xa8, 0x28, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xf}, {0xffe0, 0x10}, {0xb, 0xf}}, [@c_atm={{0x8}, {0x34, 0x2, [@TCA_ATM_HDR={0x17, 0x3, "f729a76d19c3421fa49bcfcd44e6027b860b36"}, @TCA_ATM_FD={0x8, 0x1, r7}, @TCA_ATM_EXCESS={0x8, 0x4, {0xf, 0x6}}, @TCA_ATM_FD={0x8, 0x1, r8}]}}, @c_atm={{0x8}, {0xc, 0x2, [@TCA_ATM_EXCESS={0x8, 0x4, {0xd, 0x2}}]}}, @c_atm={{0x8}, {0x2c, 0x2, [@TCA_ATM_HDR={0x17, 0x3, "082a9852352191f98f238f45b0a3999de8c216"}, @TCA_ATM_FD={0x8, 0x1, r6}, @TCA_ATM_EXCESS={0x8, 0x4, {0x10, 0x1}}]}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x50}, 0x8000) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000004300))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmsg$nl_route(r6, &(0x7f0000004400)={&(0x7f0000004340), 0xc, &(0x7f00000043c0)={&(0x7f0000004380)=@getaddr={0x14, 0x16, 0x1, 0x70bd26, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x180}, 0x11)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
read$hiddev(r6, &(0x7f0000004440)=""/89, 0x59)
openat(r5, &(0x7f00000044c0)='./file0\x00', 0x1, 0x9a)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

1m17.890630777s ago: executing program 39 (id=787):
r0 = syz_io_uring_setup(0x52f3, &(0x7f0000000000)={0x0, 0x97a1, 0x80, 0x2, 0x163}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_enter(r0, 0x35d5, 0xcf6d, 0x10, &(0x7f0000000100), 0x8) (async, rerun: 32)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (rerun: 32)
ioctl$SNAPSHOT_FREE(r1, 0x3305)
ioctl$KVM_RUN(r1, 0xae80, 0x0) (async)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000180)) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) (async)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200), 0x200000, 0x0) (async)
sendmsg$nl_route(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@RTM_GETNSID={0x1c, 0x5a, 0x200, 0x70bd27, 0x25dfdbff, {}, [@NETNSA_NSID={0x8, 0x1, 0x2}]}, 0x1c}}, 0x800)
recvmsg(r1, &(0x7f0000002900)={&(0x7f0000000340)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000001880)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/218, 0xda}, {&(0x7f00000014c0)=""/65, 0x41}, {&(0x7f0000001540)=""/117, 0x75}, {&(0x7f00000015c0)=""/211, 0xd3}, {&(0x7f00000016c0)=""/102, 0x66}, {&(0x7f0000001740)=""/214, 0xd6}, {&(0x7f0000001840)=""/54, 0x36}], 0x8, &(0x7f0000001900)=""/4096, 0x1000}, 0x1)
sendto$inet6(r1, &(0x7f0000002940)="9c379d3944548dcc323df30cce901179aad30a17f00b668da81bd4537ac80d18fb7c50b8767be5a58a57a14db86870856cd520cdecad91d31e0f7170fd0853ba62091b05280fdfaa727b6b4a23e77e642239f9206cc941df646681cc4018a4e85ffba1c995aaded7018b0b03dd41b5d817789990daacfd87a0cdf1dbc15d517e26b1c347a2d8424ca51a5d506708a50b02b2ff1055caef3d43f5eba9fa2f5f28ea986fbf34a6b2be7f152dc4989a3c482b9e3f38771118a49ef2c963453e29007744d4bc9bd2f06e4f8c3bcef9b5194052e16b88ac58eefeaf6f01d5c7269f9e074aa24b190159d21b751380e647a7ace9afdf181e2b8a502f88c59099810e5b9b937ad1a7d3732c6cd6f3844b4e32c96ca1961a0fba3f7dcfc15e95ce9f3d79dfe571932c73e8c157786670f009fd25b3f2aa5a10bcfeda69cd042e179ad3a322dfaf94034bd1caa16f5863685c92da0a2ff2dce61963de639d78e0e96f1a8fcbd3119b4fd304c593bb36921bde5a4a88f3d0407193d68c726901f062c58e7dd766dbe241af7a4c7d1f52b158d923a4e01b326271be9a55f926dd1eca94dd8e57f437c0fa79a6867cb74966b39c3a523c74d8a99782995ebdf0ce7dc210793dfee3277babd09aa9a31d656e977f34bc42268537b7fb980f608cd3fb4b62b8282b21ce5ddc0eb819e82734657a1d5e4b0cea6785b9402f1ed671c4d226a63df69e4d0cc6c6452b4065610d960a9a42bb5695632b68ff2193eeccbd2ab396be519563ae4b343bd13b3360c1ad3467c2492e4e953a6de6eb290a31eeea6ec4024a8c41bf81d944f355abafca4d0d71aace03d56dcb382262e8903ab4b8297e602e11a769363074e6961c57a94771fae8c462d5eb02a6b561ace0670fb15a28f756c7d8ab47bb563961e313b6ba59d34bfb52f834c790d283985cee8f50baab9386adfc215b7151690cd06470010549f900c75015a38a3c590aedfe83897f5884994ddd3e6d54765a9ae9c8f3abbe78e891b597730227a9573a7695f926cbe8fd5a6d056d2810f9483e29bedc3b03f16dbbda2b322327cc4bfb0ed4d12e95d94648e37caa9c2b6bffaf3303365c6d62ee6895dd8683d7deeac9322ec453d5349bba002b51fffd596d711f299bb7dfccd6113201eb5ba3223980aa353689d3d306c994d09aae3cc6b8069f1eb1d4321570ecfa6b59ddac649423dd704063ce1ccd46627da7159eac4ecfbe84beff065b48ccd0a8c279f170f2b6587aed78e7ae74c8aad36818768e76b82546d800bb584eaa487132bc04b931a32ee841ce552c766dda018c3713619d2408b452f7ac4d869eb6a0d80874d52fcdaa49455a7020d8c4d4d9eb64778e02ecc623909f68d9a20d8d1e1eb0012a02cc03ebb956714df5c0f7917ab5b2a1f5d559c9465100ef8dde76a068dfe7aa4f416407dca7cfe07fc5af12ec2c9dcd52c8b3583b84cacf2c82bdbc26411fc5cabc9f0281f86ce69fed4bbc58315371878de7989c5bd209f0dee0866209fa9668cefdf324e61998f40232015ec8695c3c21a8df9bb0a6311e12b4fb5554ef6be48e7863f1d77b6f0c0e3906322023d7a5fa84eb074afe11d723dbc5a80f14bf3f3c9b7cae7196c4acde307ef3f6b4c2ac26171a2721dfa9f8a2163f0ed6fe61b881e9133146c4bea3daeb07f20c01f70fdd53f8354f4000fb794348ccc55a764a2e5fbc6d7b760c7b98461fd7097c5b6c4b255390b75559e43b9ac0db9219d83be354d5d5ebc85f2f69e53965da073b8be5dfbaa51229bc4948b82b590a88353a52c3e81900fd93753bda97fbda3050b61fa6d409e2f0c8e04716c4b67669f7d83fc636e2badc4f697960fc2a7ab7795fb38592ae407055775584bfbf7fdaabacfe22e0be6844d0645ee44eae720342d4928cda2e27d78753cf2d64258694b5574bf6790d308aed7a028e5e9881c0ee1a1892afc05e3a6ad8a1ebbf8909fe0da1d828493edc7e9acbd84e2dc4a66882315e6536338d3e6dd5dfe01cda9719ee43575b4da3faf5e6728c73b1ee4a9cb66857a09ae8645b34aa9d4645e49f71951aec4e935c036b0d465ef7ea5d6a71a84508b21dbc73d6bed94c400898c8796f12c5c612cc7765c9218e0f02d85220909060292cd69043160977db18f6699438debacd2188fb3f9f2a244945636c6c265a430615e0c54e83322bdbb39f70b0601d6069ec2f7902c88cb52002292d056be39e6357d54a937f5cf7977ead2ca5b945639e3fe91f8e66166fe7ff757121d08005c76831be58d1afdbfe4c2d961c5284389a6881fd08574d03e21a91c253e77e0ba331fed700b66f38bfb49fb7478aabb91b13a72c44d958235e43f1dd7b869a8870c5a411e56f78ab5eb136bf3cd0502e518a1d4d26336f08e03ee444f4560feb36f6fe4a2c14f82688c905ddb58145e1bb917164d46742e4a37966077717909fd855dd5b1443312223a0f9712ab0e5e185618f5238839d09cb34ff4d8b269529dfee34ac215e6c38ce1dd8d6b4d8127a745b729b4fe7f1f57ecd25f761a31632b20370c9fb3b196d6c160abde3b654b900749056d2c91c784bb3bc1ccb1cac43b4f9a384d2e6042675fc944306414e377439429daac2e94230fd58b467319f251d445113dcd7aecf9b4009fea65c2243eee1692f52cd0d8a72f9265de6d3722a0da34a71c5e99e63c89891fbb92c27444185ebdb276a30cf35e92f5730a63d304cc9531882bc2fdce31dc3cb882785bc682f2ee9e24acd5cf90d233a011063dc0980b2f5d579029d6d05c578f94ca1066543278837a7168785204ac5cbd099d7907befabcfac082ea42d83651418efb8e816325cf5e01c8050e84661f45b0f4a18b9efcdbf0e637d25a5cc193bcf7df17683e9299293eadfe9bc67758d1c30b2145cc0cdd0f984383b636d968d7c8f64c50f06dcd642991057c9817c6628bf07d6bce76714ab165d81e47c368cdde272558171094df47513294d4eb4d397a178644aca86b4b33ac45b2667eced46eb6d47a63f91b306fbf814ffad7624019f2959cea7b8b285f9e93d1269d7be0433db173c1c4d3a529ebe65f1c696679dca8b9b17d07f5a8361c74ee215d411760adb6f35e9e17e982c17dc598ee59c082d4d259aee86bb9225cba827a3408d8649fe458a7dba4c227ce5b7ffc8195f78574437641b283fa6e0d53b24d89150768ab4ea38a8348527d06671950afeebafa0607e8d2817cb6d8c7a3187a88232448a61d5350615002f1643bc0aeac06f4bbab4e875cd153d8aba72a8ef991df6d2feeb4386c0943513dd28b1a16ae4ae1d1b67baa36a1b200865bcb0513bac2d4b094468660f1febb2b5e1918131075d2207c1608a2d9267b92c44300224028ce61115d4d6e6196da5a9b992801ec89003799e70b7703bcccc74680f1fbc902c78ba9f9dea247a81cefe459cfa2f35f36a47e8d5bac1ef343e7914bbf934cdd8b6d53ec4deb57a4244c692c5a7967d05b19c2820c148c5b92d67c757e6573441bf4c1b2e8fc94153c81c98c5cf858a13ffb157a190fc43a4eb85447e48fa824587bc98ca223f42936f7615bf6a7c09388da7d67e3e502af1b503b38335619226716c098fac770b6198ca868855c1aa93962193e1872bdb8e03cc84498182e40c115120f80ffe04bd54113f93f3b465ee90a98e6733328f403e41825534067ffc9dd5047eec0060fc3c88b5a5f7b32f083c9622fd5833ce2e4e2fdb865e9a6cd6da137e4549b3c026529916009878b11fbc98267294a4b613f2dde41cff17ab4520683ead7794477d65ddcc31909b23b8eb80915c85523925982c7f291830bc13d6dd9d6946c40fe3a952a3610aad0865792e39898f64692d7c0821b92c9484c4f11ee3cf5f53fcccb4257bc6045c7b36e1e8a6ead6487cc64db159aa2fa6438f46dac893bedd379643aaea3645df611f0f1258b09aa19ac6f537c5f8d53e8d804369170c6720cfc21dcce00d111afd9b53bf92a47e32329d876473ad2c954e30dd94671e5f4278fe0be88483119ae25c6355888413383dab9d2a4d646c8505dc784594c60f67b8b610a4b2176032f22f9dfd5392a704cbce88b6ba3c4e7ae574939d6b57046d33fd4592ebe5711f0ab7918ffbf3125ff14be0c541059ab66e841ea8dcad3229dac9f11a8f8687e3c5c8618723e21893b44fe2228d1d6d3dc86ec230e8f76ba53debdb79be015a208dde1a983d2797d92bc810ee83a5860d3aee778f03106fa8d20fd7359aa2d7f524883d8f8f9b3f9a1fc8411c349b839489f3f08186900f50c94bc4924e53da659aaed72fb08355ae11760f5765e46a12b818f54ed6376514e3de8c87fc6d8f52443e1c6b89d9552cd9fc2ae523c664465cbde86fee226dbf86fbb91f2a4233b7a84ee13435f71aa2e663835066cd7e94df6918fc20abc355ccad22b3e9b8e075bd92834ec3d3173a586dbac428e878f359649ba78d0009b26664980e3f0ffef80e7b95277ff283dffc36cac9db6c68552c1b09b2870bf1171d455c205835ba00a4ff2eac0f0fdfc26a180a7370c38c07e0639e650610e2788ff0d897c885d09c450505e42d412a39d38c1bb7001c9cc7f768f199dd87db57007e6226ef1b1e382df7869d0298b526bcc4edbb5299b9823b44f07c3d062f861885a50d4ec536a74d747382dd0ce34876627744bc66849678708b7499f7476491bbc8b2b87092727731472fd8669bce4260e7ad4029011317365dff3ae82c51f98e22a6ab2823df7d3ea68e59c46aea86d3ac12ca59e97646ef29a9c7f4d55238290d6e86abade0b4ef7c71acba4c5e1bc1e4e7abbef76df500fb9a5b2bf3e6fd763a9bd23a02768fad232e4b0c323b50edc80bbc6ca44c28eb10fd45de35fbde071e4f4ced064ab1907191369a432fc2bb6faa84c4babfdc1c45c2731f7797797bbdbd8ad0f67f367e61f2f8ad14ae4617a792d416ffb610d8a3703c32ae5e37181f069c713ca77f89f7ec8cefe7cca2e043a42b8ad28cbc4b9f634b34c18fefadde7c41da7d7f4a9ccc145f5599e3d6faa7332bbb02ff1610a55c7a49b1213451db3546178611749309c99c30d0732da1a94b583f7dcc61eec14a3f480e6edd1996814f181e269b54c5ec9a7a834c193aab56412fbdacd36dbf2c1f691434364b66fb66a4be84241d1ed92c1ca2e7c848807352f1be65f8a93d52a812ce303da749e1543a113bac116c8573b058cce3275b5e6136815f34771c1150b9cbb836090cf24eef234d9a091f45f460811b5e6158851ccb81e6b4ca8d913cfaf010dce56f5962653a7851606b08968b59d0053440e5a503c44fe3d225eff201607b12de26e6a2d20e0d32a6ff2263bf12ab9402e1fa7304c668c2883b7ff77e060511ff019bd9e58a768ceaf8af732af72ba7f9204f3fcee15ee3e902d32441ce29d3ae9270b8fb5848041bf5d39da58385ad4f08db52e2df7e7a662ce6517788d0f18fc799677677aac3e88cc3e3f56ecb32cad5e81b099a596a8cd103f3c9019bd1bf48fa1b78d60b2147f09d3902b18b96ae902361ea3b37f5af92b7d0748034a391fb39e3e46436973fd815b944e0119024558a0a564e28710911a76ea002515b05cd07868415fe9dda0576d6baa3528ce31cd74c3766693cc3b2e73acab2ba456cd0df31c9ab35d5303b3a4c89590cd1c1cc1a1859d330794dfbc633897256463fcf1220a87a53fc060070fb243cb069dbeae352461f36f942a3450199bbf0b3b3512ee87a4f77f9341972193badc9c081a9856093a46693d1ad6cceeac271a664b7ab20", 0x1000, 0x800, &(0x7f0000003940)={0xa, 0x4e23, 0x1ff, @private1, 0x401}, 0x1c) (async)
r4 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000003980), 0x1, 0x0)
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000039c0), 0x1, 0x0)
r6 = fcntl$dupfd(r4, 0x0, r5)
r7 = socket$tipc(0x1e, 0x2, 0x0) (async)
rename(&(0x7f0000003a00)='./file0\x00', &(0x7f0000003a40)='./file0\x00') (async)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000003b80)={&(0x7f0000003a80)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000003b40)={&(0x7f0000003ac0)={0x54, r2, 0x100, 0x70bd27, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}, @NL80211_ATTR_HE_BSS_COLOR={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_HE_BSS_COLOR={0x10, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x28}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x1}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x2}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x2}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000c880) (async)
lseek(r3, 0xaa8000000, 0x1) (async)
connect$tipc(r6, &(0x7f0000003bc0)=@id={0x1e, 0x3, 0x2, {0x4e20}}, 0x10) (async)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r6, &(0x7f0000003c00)={0x4}) (async)
sendmsg$tipc(r6, &(0x7f0000004100)={&(0x7f0000003c40)=@name={0x1e, 0x2, 0x2, {{0x40, 0x1}, 0x3}}, 0x10, &(0x7f0000003fc0)=[{&(0x7f0000003c80)="3d9de644cbf00b75adb11c6d0dcc93e588ff0fc1ae3c83e7764e3be975238dbedbd40077870e4f52305cfa4026917685882e17406cb642b13b18126d538511550cfe00c2083425c6e3b8293c282c2c4aba09a5ad78a4520789538c410f7addb15a4ca924b65e9fa589d090ee0ccd196a57d64d1a7039dfd07ef3ffc263583dfa8622ea6937a5a036347dc012e0c6161d4b7b4af365becb8444c1c50ecd697f010675f96a0529388237eb722ff238921ededd4ab42a59cbbf26b366cb89ad07aa4b0eaeb043f98bf08000b50b86e4a6fed7d43830a07d144362", 0xd9}, {&(0x7f0000003d80)="a9c46177900e4480bb32bcd4b0aaf38bfe613bf7fbc89070642178872395449f8e14240d9e8c8b9bc542786ee968b0bb02e99b230d7191097ecf2401d8f989151191290bf6cf16d25a3622791f177e947722fb2437cf47b796fefb6c18d4c7e12b4a7853f76b05522969660dafb447fb0e3b33e7a3e9537922b9fa4a1f6cd18704dbea567160ae47d7f58ed03e7fffae33fb9669b8b65be168e6470b0290f470d9fba7b75d3658c9252cc4662b1bd2039f15d340c16545ba5966498049b8610c2d9a5dcb38ee9da01dfb3d0d6a17303c9a24bffda4a4a6410b0dd8029b503c9cf6", 0xe1}, {&(0x7f0000003e80)="94ac161d2abe130cd7af4c0c4e3ec759b6847ca81ba4fdcd7647572315d26e552eb2e023ccac74db423c10520a658b075eda6bf3654164a7d6e578ee6db3642f5f5dabca052b0688a9ee8536", 0x4c}, {&(0x7f0000003f00)="e28c665635afbc8e5fb1dab3e798413fc6d6de7e69b72f5f42f0ebb88b05e2bd80a45755fc7651a3f17229ddf0bb2ea3824e217bb6c6fc7a037db215d84b9a1cae3945a2be6c90df7c05947eed6c80147085892e1e692e2ea8fc3bdade5397c0735681215c845adc041f796974d1c1b9723eb92ee2efb8387768fdd01b014f812fe67577c57f68ddff7f3e892688b06be03fc1284eef7e2d2c3872f5893959e417d5de9c15447002c660f758", 0xac}], 0x4, &(0x7f0000004000)="1a494dc85ca0abb261d32c3f486a103a0323e2c78657098e91ffd771af658b394d7ba0eeb44ebbda324b365937ea2cf0b9d079a646e19731b89d074bdebc8966927d5844701c9dc39c9349146b2700d2420caa11d624d0eb2c3c0fb90fe3be30f8f03b17992f3aac0f6067e53acc3f40169a0e0f1ee7cb72c10f4bcd6250675a4e8ee8d8112f3325549b65b5db52f7259f4adf91e0d83e849e98c151a4ec70a8bb3bc4e06700e5fec8e5b65081d608a422e11693acee8d2f07a28651eb707ca3b7436d537b93a6d4fc1c9d0ee097cce5f1418570c4e1", 0xd6, 0x20000080}, 0x8004)
r8 = accept4$unix(r5, 0x0, &(0x7f0000004180), 0x800)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f00000042c0)={&(0x7f0000004140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000004280)={&(0x7f00000041c0)=@newtclass={0xa8, 0x28, 0x1, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0xf}, {0xffe0, 0x10}, {0xb, 0xf}}, [@c_atm={{0x8}, {0x34, 0x2, [@TCA_ATM_HDR={0x17, 0x3, "f729a76d19c3421fa49bcfcd44e6027b860b36"}, @TCA_ATM_FD={0x8, 0x1, r7}, @TCA_ATM_EXCESS={0x8, 0x4, {0xf, 0x6}}, @TCA_ATM_FD={0x8, 0x1, r8}]}}, @c_atm={{0x8}, {0xc, 0x2, [@TCA_ATM_EXCESS={0x8, 0x4, {0xd, 0x2}}]}}, @c_atm={{0x8}, {0x2c, 0x2, [@TCA_ATM_HDR={0x17, 0x3, "082a9852352191f98f238f45b0a3999de8c216"}, @TCA_ATM_FD={0x8, 0x1, r6}, @TCA_ATM_EXCESS={0x8, 0x4, {0x10, 0x1}}]}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x50}, 0x8000) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000004300))
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmsg$nl_route(r6, &(0x7f0000004400)={&(0x7f0000004340), 0xc, &(0x7f00000043c0)={&(0x7f0000004380)=@getaddr={0x14, 0x16, 0x1, 0x70bd26, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x180}, 0x11)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
read$hiddev(r6, &(0x7f0000004440)=""/89, 0x59)
openat(r5, &(0x7f00000044c0)='./file0\x00', 0x1, 0x9a)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

47.613479303s ago: executing program 9 (id=954):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
close(r0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, 0x0, 0x0)

47.594499526s ago: executing program 9 (id=955):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc0000001900674c8000000000000000ac000000000000000000000000000000ac1e000100000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000004400050000000000000000000000ffffac1414bb0000000033"], 0xfc}}, 0x0)

47.529151243s ago: executing program 9 (id=957):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r6 = socket(0x2, 0x80802, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r6, &(0x7f00000000c0)={0x2001})
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080)=[{}], 0x1, 0x80000001, 0x0, 0x0)
shutdown(r6, 0x0)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
clock_adjtime(0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040))
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)

46.653324184s ago: executing program 9 (id=965):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000380)={[{@nogrpid}, {@resuid={'resuid', 0x3d, 0xee01}}, {@resgid}, {@data_journal}, {@nombcache}, {@block_validity}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x2000035e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f00000002c0)="69fcc5d50c23e1a3", 0x8}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c0000001a000f"], 0x1c}}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r3, 0x0)
r4 = dup(r2)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x10002, 0x2, 0x80a0000, 0x1000, &(0x7f0000a84000/0x1000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x4000})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0e00000004000000080000000600000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000040000000000000000000000000000000d68d2cb91acece9308a4783686895b2f4692785f2b53299adf0d571239e99e2478e5c69b45da062ce9c04b048e8a578eed43233b50d49ae2aae3a0a2ea74cd424aeeb6d3240d26d3fa220f837c66e464367eb3df6a2a983913f7a2e74ae59a3137bd93d6da"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1b, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r7, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @adiantum, 0x0, @desc3})
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f00000000c0)='.\x00', 0x0, 0x1ce)

46.501859292s ago: executing program 9 (id=967):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="bc0000001900010010000000fdffffffffffffff000000000000000000000000fc01000000000000000000000000000000000004000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000000009000000f717000000000000000000000000000000000000000000000000000070000000860000000000000000000000ffffffffffffffff00000000000000000000000000000004010000000000000004000500"], 0xbc}}, 0x0)

45.753576748s ago: executing program 9 (id=972):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0000000000000000020000d4787503000000000000007310fa980000000066ff6fa1e83fac0cda9c323a981096bd96febdfb7d1c72ae666a7c14c8c1686d9a52cfd5c88e42ab38f9059e0d694faa35183b71f4f87f0f7ba843becd7ba8eae7aa2fd1a8e0e3863002afb4ff2125a107ee27", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r1, &(0x7f0000000000), 0x10) (async, rerun: 64)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) (rerun: 64)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kvm_dirty_ring_exit\x00', r2, 0x0, 0x5}, 0x18)
syz_clone(0x4010e000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000580)=""/4096) (rerun: 64)

45.753365698s ago: executing program 40 (id=972):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0000000000000000020000d4787503000000000000007310fa980000000066ff6fa1e83fac0cda9c323a981096bd96febdfb7d1c72ae666a7c14c8c1686d9a52cfd5c88e42ab38f9059e0d694faa35183b71f4f87f0f7ba843becd7ba8eae7aa2fd1a8e0e3863002afb4ff2125a107ee27", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) (async)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r1, &(0x7f0000000000), 0x10) (async, rerun: 64)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}}], 0x10) (rerun: 64)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kvm_dirty_ring_exit\x00', r2, 0x0, 0x5}, 0x18)
syz_clone(0x4010e000, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000580)=""/4096) (rerun: 64)

31.416411703s ago: executing program 0 (id=1026):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x0) (fail_nth: 6)

31.065185274s ago: executing program 0 (id=1030):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000a000000000000f0e50000000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x3c}, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x40000000000000, 0x0, 0x7, 0x0, 0x0, 0x2000000000}, {}, 0x0, 0x0, 0x2}, {{@in=@local, 0x0, 0x2b}, 0x0, @in6=@loopback, 0x0, 0x3, 0x2}}, 0xe8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, 0x0, &(0x7f00000001c0)=r8}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
epoll_create1(0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)

30.876822185s ago: executing program 0 (id=1032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000007000000010001000900000001000000", @ANYRES32, @ANYRES16, @ANYRES32=0x0, @ANYRES32, @ANYRES32=0x0], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$binfmt_aout(0xffffffffffffffff, 0x0, 0x0)
fcntl$setpipe(r1, 0x407, 0x100000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000b3bee450b4997abef562c7a81557d07ef8a6af53c01e3eabe22d54b9fe50428966a5d2ad51eb523066846783d5c9fbb97fa2ab45a1bd0329570d45ecb3a285fc9aa989b2743abcf95a35aae6669b91bb9c52f61f1ffcd2387d56cf4b63ddb5deb19fb94b4ab94c6d702a0fceadf28570226736bda0e3aaad6a7d1e11c6635f1bbbf647c61ff96e483898c905c14899604f7d3dd6f7ea46de2f8a1e228e7b81a85756e68d84cbb483250604912747fea9913c89a8bbc71772a3aae06079b00b165a97daf340fb9c6dfcdfa8cbb93f0073b8ce60aa4e3d751d91a9e05df9f9eae0ad5b798aad0d67ac38e7a544e4a4c1d526aa98880ea01353c3186e5095f8e8acc3f239443cf9e06f656c457c5b184975d4e9a76a1d3cb556924d35491637df347e7714f47c874b147a89f8c70cdeb91610fce0e7b66018b76c7a5e94358e9fcb9babcf0e2e06939879f1a154cf9c857cc0e91ccf0af5b26294a9702b997b710f44ac564cc5ddf05ae5aedf1edcda0b9aa019561fc76d6d68a6591422e48c3ca1cd41e89140b425463a357ac1949059afa32d1e532ce45027473defccee8b7ae74276a9aece2d0176cbf7f77e4ab2aec42a045d4e8b9a1941fcd5f6c4ae2b", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r2}, &(0x7f0000000740), &(0x7f0000000780)='%pi6   \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r4, r6, 0x1, 0x0, @void}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x13)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r8, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r8, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="3000000010000304000000000000000000000400", @ANYRES32=r9, @ANYBLOB="0000000000000000050021000000000008000d"], 0x30}}, 0x0)
listen(r7, 0x3)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c20000000800450000280000000000069078640101080000000000000022", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c02000090780000"], 0x0)

30.758230449s ago: executing program 0 (id=1034):
r0 = socket$inet6(0xa, 0x80002, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[], &(0x7f00000000c0)=""/192, 0x32, 0xc0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
syz_mount_image$ext4(&(0x7f00000004c0)='ext2\x00', &(0x7f0000000140)='./file1\x00', 0x188080, &(0x7f0000000a40), 0x1, 0x4a6, &(0x7f0000000580)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
setgroups(0x3, &(0x7f0000000180)=[0x0, 0x0, 0x0])
r3 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r4 = syz_open_procfs(r3, &(0x7f0000000040)='status\x00')
syz_fuse_handle_req(r4, &(0x7f0000006cc0)="e5764a472ca256e4fa5b5c56951c8f08af5d99e71897669c71fa860cf20a75629af1256217099aca1bda14ba0aa9883f48db9ed5a33a3461dbad1b0cb88d915c13c46e3255dbcef87241d6e8bbdc0af465b5e10de7397890f60b7d673da3f4ada9fd0137de4362bb6075b0b60baa3480333acfd9bc4462c5a0ffb0c0db5d5ce6e5417030c6329e4e0668ccd1f4194092e759ed68ff784037033e0506fdcacd90c7f7ab82d418ff94dd32be27529b78f97f5a6e7617bec7306cc9907ced4a784a573da93140b49f73d9ad5d1058eac72ec68148d31397864a0b1050d28785a85a6acc3c646387d2566ff475585803538cb6d0d538505a48750034348a5e59b542c4c447b81e5bb821986f7b7ea2b5d484d0d015c4fe348942338c81fc84e5d3c9176dbfbfaff46d8ffdbe07755c44efdd2b07deae0312853736e0505a57c977334f43d0d7f6330924af8231eaf28da538745381d650ec1c2112eb5559aa618440bb5b32971e86cd5028035ebfe231b056206a13885da986a6ab7eb272f6a9ce00787c55e9d3e89895ccd3c3200b8a6f762c93b92bdea11733c02c07b42570e9eca34963c1e7df374283ab2cb95dfee7b22623cac2e4be2f09a5707b2df557f1e041296a3c830f4b01749e9996afbd9c29db8febca4aa67b541fca5b9a80231ff8f8da50db95870f39c717e14548248af8948ee0c56dd6f85f7d4f1fa3d979029130813ac8ea51d7736434346b387c02fa3b0620d6aa765e58af683dc7cb7e8b4bf4b53ceddc289e3dec9ff8ea5eededf4fbe3e2204b1a3f1f2a70563aa0db8ca938d23aab42570eb97a03e420f14d1e32b2ae3927c4fd58be2154e5bc8b6aca8aafbe9bad78a6d0177c6f42ea763969339d55424b2f84233f4aaf0f51ca58934b4845cc2a91f774a180bf38bc1b7fe917dc1652f924074a7343e7e07bae9de7823b9ac60e06ad9a89749715c3902f644fa284574bfa606f2d4e0113695d51ac90af285aa80647798f7f552786d72ad8251a11022780e5d4eb01255e74f40ca3826b4cbfb2fce8f482bdec9b50b3c1b50751e5424f53d5be1277cd1ddf0f15b452f04011b4de6d6ad5913b76713f527282eb9ff75187b281433df4b121b5b0c75a37e438608a4ae937060d7996b193ad52cc3d8850846273a94e3d718070064757c0374845a81d70ae139fc9af3df467437a0e0a8a058bcc0feeaf8d4379a690e3f7f96757827d1ff02e9dd287715fef9a5bc48399e102e804a4fe6cc7d04a0381a15c15f2409d1421fd52246b95b936be5327f4d03d172faa82d1198f8693b2385aadee482c2e2cfaf674d2d30953d65bd6bc7016fa22cead75c9f0bf24157020aad51c75d1c8b09830adc0f59a0da7ccfac3b0b7518dee240e32c81d30a62b50a170fbd510197ba1bfc4456aff6383d01624779e54131bb5aec4a0c1c09dae5951b5a62a2f8a1742bea3877adef6c8db75ba03f6730d770f460c686cc93032b4ab56db7a61d3b3f6e2d68b60de52daa2e922ae8207069f090261a7fab9d18ba52c1d191dd8949b3ac13082b9a4faffdce6a0fdb61ba07ceefd3242a228408598c4b4d7f5dbddfe3143221ac6bf7ca0cbe917d011cee0d5cf596c649e06fdabe45098b15fc27f3fd5a39ce9cab4bd3efe65837d600c7fbc3e91538dc54722636f918dd236274bd0aaad67f20adda5c565e793d4b24585ec4e4fdb315e3ed3de851a716ae8bcca394b1db7b467f88e490e75ed204cfaf507fb4740fe8b4e2d59f012c7ed42afc62e6ee446efe39c19bd0767f3691fdd5b8dbe89a040f407e7e6be6adc327d4bee9d8f4cc38731f024ec50dea800a18b9eb86643d10ce4cb8a867803d063093eec9df6656d924096a1554dc6ad7d5c5f35bfb51b404b7f6d82d545eea9d5ab6afb885cf59db15bbb6ed8dc8a6f6d6cf296a61308de0f91cf594def1df755db2385760d2973a381f49bc27138bb065ea75d203b25f543d07786d6d7b022785a5bb718dbdcd3021631b34f7722d9e835c235298e12151c59d1fc14fe36adc8257d7d2dd0dd5b02cabaae66dd7d9b18d8c2f45abe593baa6cb06d88bc5e4eeb573064761beb2163a2be2e6d39499d0b4ceaa5cfde49897e84b1fb0fea6a8ae061e90f16054e6cac934584ecac1706972a59de70b140fdd675764f5218b4553c964d095583335b744947de42bd7adaf22ca0199b12593d82ac4661449725fb1ed1693c36e91304c7a7f27357813bb388b5962c11ab282d8ac2e6c1f2f7bdc1838d75dbd67e7961ab4be3f052eb69664829bf85b13621965e72f86ac82992319a9cf70ad965b68f58ed889834c2aa20eec8e89a95bc1a92df6db2264f6ec7133567325b530212b05622225129c0fa5fa47f61fbc01b3d84cdbbe7bc597c953bf6c1c95e70eabe95cfc154d0d8fb9f3364e4c5fa6b2a0220fd2b0b3f472a925491f4b5c0259ee1730169e8503972d42f60b9380533d08750bf69a06913bed2fbfdcdcc2a7b727a33533242effa756ee8ebede0a64da858db32f3b6a9f37d3aea3dbf762a881e183308b41b3cb439ac8908811c3a57a45e65b9b21c25635c2fe4c3aff7da65b9c90ea47a3b906fba85464718c771387e29118f15d54b63694828f6377bc59bf5f1181027dca4c959eb27e060e9039a5f1fb955b332c9aebcc89be493185c15fdf9a9c74f96e5bba7d192d3263aaf701d36c37323780f1037930d2a2cb58591fa29acd2760e0873151c4570959df1106f435d2fc3a4f897186acf0a0f7be957b5b8efdf892abf99e4ec02a8e957707278c9ce279f1aa1c0f6f3f40e876a3b08959ea6a2f1c7ceb17fe599b33851d6fc4b93254379f0bf28e9954c8abc7151e110a38966f11defe13597bb30c003f6b98d88978c242f57ed3022360d686a0e762b035ba6eca21c86701953c2ffb4d0e9e259c29fb922a4f9138898e038e6925543c6c20777e18a5fadfa3a30ad55c6b8ae42489356764a7ada4565a73128dd7686ebd6a5d599c1f87a70e0534f16eb76dbf3c88e87772ebc7eaf27be2d693e86cdbb93029d9174872997bbc884adb46f6f3b7b560eb0da7ce0a2f0643c6271988321fd6a6597cf904beb1bc2c058c631b927b36fb938000031d79fd3e670746f89d0eea812b3f7e3007eb2f9ca952c1f794b1761d8f3f3e92b15869e9ff431d6280821bcaf374e636a16e1bdf721fff722287e135518163c78921b00e593a5d80efce94766cb197f224839ccebb7316c1f9471454eae766c76708e7cfa1f73e178235858e0f507528d63861bd363d639794c0087b12ce94719c5aa4778c0da6eca565b2c880a5b17cd42e852193e1962dd94862ba8e1f44831a8f708fdd8d03933e2967bd54571c0e8c2305288d87586cf621dc95c7e8d3f3264aea0ca799e098f0efb7ca9c42b686907b8a9da68c1e3e53274461ec3f4d1b60e5a6abf5f126d397ee0f6919e20950127ea092bad9af0c295b1133fb1fa39d974e1523d86f3bb23d238db4b5d025aeb59b7ffbce90ad38f4326a2dadc62b4ab9c62451126ab2a19221367f8bdae9abbbee8acd94f644e0cec7b4535bf4885f677400e727db3fa21cffbf5225e8c2c59bd03b09dd6a3141c6c2bacec5e6232e9f2534947d40ee7250e73fa700d475a58781878d46b91ecaa464af77282b5fe4581720e850e6c6cd720eff24e7fdd682cb278e3994ebd2502ef99d41d473244ac1acca4c36a1f2a0667fb784997c229e0ecd9b70bf3925ec1ca6ebaaa2c33a1e21fd099bd964fa1892b08096b7804fd588627ad549a62806352aeb49f4dbd3ff001e8f08f6dbe04aaa73aec27a822a1ccf03f08c08517c1af8111366ddc19fada67ce1c31092421db983a86ad01a974aabac8306929fdcfaeeb60c0527a1a800a1317e569fb6fd88f2245c3334f638b4b6665e7f2c6961b6594792218d3398f3cab22250f4be8e8700a57e1dc044f93701239016638ae6c21d53eb42d235ebe03f891e92111462de50b153e60e34263b09beb1dde74f488333d704bee63f67370de17b86c0541b9f4cb02fa2fc0e61f14273f6a3085068e945634440b65bc55fb48b35d763f27cc21eb37009f37c6548de6e6b75bf5d73ebe77ad4926bf03389a6e69d3d67fd40a821a224fb0b27ec005693aa3fc94cfc9ee8ab2ba3555bf1ec303cda06e2f092dd6be7f36befa648a81d953012fa9d09c9931d3e2cd1bf15449c3f93ce091bf4aa345fde77bde9c01bc0aba57f4a78ff383f96296043a40dcd9585a92aa07338ddeaa6809847ee28388c2bdf24d2ade550b0468648628211a99a5d124460533cf99458b0ac138683bb627b44dd3a93caa7d221d9792d63e2908516577885af4d13e5ab08a12307d4a17bbf84dd32ce5d5700cadf01bc297ed0013e1fd44899e0dab47a468099dfdb231588bf007d1544ea6701037b97746dd975535b1e7e37f285e8f4b56a297921513fef951341a5344384d97245f0269b047e02f2e8c6adcfc4d31721d566e1a5cb1b3e73d3f676c7e50cc1294d265b0c4427878c0b26800a7e9dd7d013912bdecd03be666ee2b540c1d70939c7df13f11a44e7d166c4fd3d60394a91c7a9044d141227b052f73f081141200a713af7f7f218ca478ed4448181e8c02ce0f093899620106af2d0d8896df8c5f075741bdd28571b34d5f0c2f89fc46f0900da9c9ed0bd9ad92aa5ec6e351ab7cf8e6da3242a38543e556f7ca1743b8a9cb983b4be8e4d082cea0862aa3bd9f1a03042db0875d2ea16248430575f8b6cfe03f7f4ee35465fad4c3daa404a22469bd3b422c3a5d537e9a3cf0bac559fd51ed3c090bb7efd0569cea9650a1fd9c4479790055960ea5e81a637a47394f4e8cf708a1651a4b32fd0da280f20f39be7d60804de18a3ac86b54428121614953c74155b885c5eb81e2a846b9f795fd1d218866f668b83484995da516f876f7557133d34345ccf78b06d90b438e924eb0ddcfdb7ec8df40aaf65284037d739b3762b15a926f85e95c2fa10cbd0d36a3d1463723cf28fb9c2fa175de373a5f555ec31d02bccc3fabd973e2f630a8c8bacf29beabfffd13b104158e2469a869294e92f7d682dcef4d5ddd388ce6eb4e10a64eae05d91725413e622dd6d313084d26a89e82e6b1394a1a20ee8c27981079611b56086199e888268a41d9f7a93e4a2e2e2bf6a37ee36112a15143789a38e77794e3c47b3313095448dff6de678ffbae2756a9f74b6d5107f2bb474850b845fc3ea7baa08f652e2d304197418e9d57de2686fd7dff13e3c6b9732597d0c8d15a8b80b99c951c1a2033c98cc6e155244974c420f80b7cb62dd5ce77f95a31c48f79d0353df38dac26ba9243e840dbc4c0ce343df6da7a9228e736baf181ce40adcc34170a56b2fd611de20a0d64f71320d2804ae0bbf937839690a1334358d0e9fb400e41cd718e29f0df31ca07ac5c64eba44ef0d13e362c09440114eabd7c2af6a6a75601fd7bf1d5ca7dd5fe09da13745db73d72792647ee8f3a5f6af295ad2d00df40b936aafd6780fbbcb194576af128ffd24fa5c135b8359f9fdbfbe9c626150528e62169a5f7f8490e90def090422d1f0f6417e38b22e8652181242e15b12b835a7ea89bf2693bfe4cbe486e15dd7e270883e4cb2901f41b3c4531c2c09c62c92ab85d666160f563e05c29c52347c88ac45384ed71bc1d5fdc67def268c2eec5768e1a219f483848be33aa7f508681729b583fc0a9345c1336f8799942214e821f801543fe7c2ab8dc52cb2107ef21ed9ccf4234df0a639b01a2621435a93876b399f07dd0e03ca699aa3aad421ccf84540ec4fc9402fb23bf5c555d3a34c72217d011e92d7e8e477e8786f5dedb503816dbeb5aab92e2888a0ca2da214b972ce0390fa9c7bccdc675bfbf5158ca30bcac7f650f1de05eb0a3846c6480289c28fce600a9d6c3dd9f480904497bbefd98e218347f46de84de345da1843e3f47063635a55645b9f9bb7829cf4ad7b434123593c9c3bce1f662975d37a9896be6dfc1f00b0a566adaecc57b8f5ff1eb9205480d1a6f08b2a46dfe1844a05a060b44bdd85cd93550b3fbc76c628c19bf6ce510e3e021145a8f81997679a6bdf841210101866cf0ebcc9ea2d34f58c0c91ecc813263dbfc72a1c188a42425ad88a8be82b9ea6367a996297c57c7ab89fac931822f501e529e583601ca6ec92613520c78e1baebb72745e4639b21162b6e71bdfd91623ad0633980c94cc733c113f25a8fc9d84c778d9cf0ec8120c2aca29578e8d9709240575e0009cd8fa84c98d9718a1d0d8efffd1229b74fe1d05024778df93b1d2db31ac5f18a06852e402165549ae0942554115b5add3d37b4f89cf78579b05bed44d5f358266abe7c78d79474cb6b3ec62b3ddcb2142bb4a19bb26ab92f66b240c38b0a7ac7c164558606f1bbec6977bf6700fbb3fedc09d4e388251ba8d4bbe7fc1eb5d47dec9a783e4543c664b97fd28a4f59dc3fe2e58e843b1f4aa4e5ccb06ee50608e3d39610f422924884df99c43cf2d5821eb16a476d75126d1107a75b20840873915b492f6e77bf40c09c51ef668ae71669ab49be50a885ed65b7a2641f143a7bdcdd35633779f0913e13d461b6fb1b15d2946ecf22e3008f2ad1fdb856da299e924f96566ce5184812d85641737cfef7aa447bd2c51b1d2e7f4f19a291fb20d1860dac1b0417478e5d0b244aac4262437910fb640a905a7b30853a40b83799e6677f1859ff90c8d7bf885923aa129b6917e5bc1647a99440f3317b5ca68aed8037809034ca38db679f2f108804a02a5383cb0be013849ed4d320e8bd9decdf2f109f6148142b8e5c504e2a01a1f5da2efe4d37712c7257785a2d7d3cb480b2f039768c6ff96a1be03bb0ef231b48d1cc83733387fb8628da569e4ea177e05fd49a6252c54e79bacf456de1dcacd37fd0dff3e763efdb5cd024a0be664af60b818de35206b792c986efec24924fecb2dd4f2b35f62c554572c3a1eed1d358bda4b9f7ba1b57cba1824914346461ed04a5f559fb1f5036179b7862f6a8e0cbb2ffc1190ea1e5172895103a3ad1c9d7e0836da723d88976d54520c045f5aee5c22c904143bd77fcebe94508d1b1cd552786678742c5fb9509b1b0301b997a0812a537a78e08af211b1e5d01c07b59b9b3a5d01850e05941c5d4a2bd5dc3a3c992b45908fa4b0178d838b467463dcff946bc6d48545ae40bb1080cac3c6fd6944d0099bdcab049c0e623e499f4a8799032c61ced17272264234a47edf1b3ae25c2988de8c9b98ded411544ce5eb5a273935eb1a437364d749462a40055ddfa62a8fdbc7a6c26a832a2c189a37348b5a3d24a637371d642d7dc6e6bbc9c937856f496b0e53c2a18bf9eca515d662ac3a9dadb56243e28916938b28af06f54e96a6095003f896a971076d738ca515d32c7e21cab0bd85e496a058d4db29f5ae50353bc61a30a5a517a071358f521fbf0cafb95c1fe1166a1778c15bb43c1288bf7f3bad6feddaeab14de1b8906718f167900bdeab2795323cc4f9a6d77a35176798a3ab27c3355f8a1d023dfc7070906060d0cc4556c04db5bf408beeea7fe7469dfad3c85a153ebade2709066d0e78172fe64e555d41259dd00da545ff59b3367116a46ac22e25ffdcbc3795776f554d978466498c8dd3d2cc115352c8bfca181a2a3fd12ec4b61dcd0e5b1cf02f6d2d490a74bf4ec989800aafcee06df27c968930cc1efe36b415db8171e5bdfb7db49237809e46d38b14199f568a0ffde0b237d753da9e98da14b397d206bcd1c28683a4089e8a37845f4e09a78f6309b533e497000fe128ff013f1f4797245ef4697e1a2e8979937b097eccbb547c7f553ad6eb48c7b1a683243fad52af0a72215909ce913d11e2ee5c2b0567e80ae525bc979c2d7f8535e6b4c615fd5a8486c2856fdf8e2d655bdcbcee6f1e324bcb6eec8329e4e0812e401c6453a118f9f75539cef47357e4a9de9f45e92a1acff4af09418350c735d833374fc5ddb14da4e54e70ce182978d7c2325d16e80d61b19bfe68dd24f5fe3c9561665757c7b6a5bf5e83e10eb516cd05613e4dd92ed3ed88b20d5296415a435597f238e95e2af59b8fb2eaffad91705d065a7ff040f0f8ddd9ee2b061d39dfa25f356dec3c755a1519e812e1974df360136aedd7e7548c87ed166f7baf50e4baae7b5693eeb3ee63f2689ace372d45466cc815cb11605bd453b2d918824c1b2f64e623e291c728a9e2e89c4d9cba3acd26af584c69945908c76259d299d3bb53e5b9ae821cfdde11a3de624cdaf569dc970d9af1174032d707b135e9bed30a638d3e13fe70520ad80e95ef39d5f6fb45b8edb017dd2b82b6c4656c546132df5b1c710e798133b15c4f05202e785c78150820f6ad47f6651c8df21bf5eb6ec851df349b13588e02220cdf25227bc63bf254b1e2364247adec4d5957a958da5577e3884754362d4c04b8985ba7f3827fd135a5978ee8a7ee2c0ca66755c1cbb76039b2821577b05636755e5474929b1db27e7088c0a4fc3f723f4427f4005bf4113d21c5fac806c1b9d0e78b1eba78ea74b55e3a4701d13074ed2324a9cc6dd16b21fe4a0b890cee10669b43775f55c73f38f44cbde28fa7dae1ba3c66ec25845f80be816ef93b66ef9c7b7ae86cc1580aa1ef612de516b302063aee622e03f47b0ba65532156634ac4511efcf53524e13e259f9786aefa745bef9eea6fb8c7a1f7556305f225f4cebb09306a97644112b8611e8e67476596de3db229fa3be432cdb2e1e4131cec8ea8c6d70395b374b85303e52cd6f23ecfea536b405b3aa065856b8530b3049acd7bb31ccbf9e02a8e4cdcca252142adc55563be912edcbc5a7210b7358dc9d9d2c9cdabe80de999de9cd40aa9f87295c549f42734a62df307f18c5d850774aab8df61042dd0add51554f7afaf4deb59f73c7238ddc78fdde7266fe479871f76cc037d822d23b3ccad7b591ee9b0c81eab7fe91a150b13f082674a6d079234ca4c1c2f49bc3b4df95a7ba7e9668c385b344060be72a39518c0685f8834fe1d37aa57a9109258f735a6143217166a2613a985f2e3a721b7e71a30a063c8b4f93898a2e4b478b513649a0cedda2a9f37b58145e0a75907d21a806e524a3f5e45297fd4c46280d951d8ada3a761f359164a5c0abb2573f0c65aac8b3542cc32f6a0bfb9484708a0caeefbf3616d03026c2f0614d17963de26d6db565cc463385d5872b5a865a517f55e0cdd817a8cb4f31aa2b1ea8c099ef96fb6d2e5864031d894b5923c474ff00aec195310b0c1aa82536e8e75dc9aba7605544ed86df31122aca480c22cb715ee8df04180e7d3040501379669f3de4adf2acf49a47b7564b52b85006430633fbcee176970d67857552ced405eae8ac2fa8e0c2d980795e7f854f842b811a919313d63164b04f8521225867d8af3ac59360ee7c5f8d3d0a738071a123a2a599c7e2bdbaa746c42f0af77e7b446ab223a0e585da5f403c9bd55a6af48fc8f2d251d53c49f64652991ca7549e282ab85611898896808fa8249bd600fae28b81ba815a798d12acdc97a2d6bfcae5833b6c0676ce65157675f28f73aeb10443c10c720398e3d75eb2cab9df437af68d25fe0fb282bbebf668da9a082c36889ee22bc13b1c2b9b7125c3270a87f09fe7da289906f7185d84064c5444fce22ab40d57ae504513019fe8e36bfe702083e545b94d1490000f9b5759cded7ca04415200c8e3bdc7a4534d73e8f97a757a2899d69132c3e0a4c7f5deed010e0c4f458c7f379810e304dd47548141ef906a7b96d939f61963d3fbc58b18c9de2903ffb7176025e38941e3e18398c5e387042d4f356d8d009225187cfe77bafb9316fd02e66f3469d4048e5b8f02188ae60f066e32c23ddebb2327996347c974cdf2f215037d96bfacbc7f1f65a95d66e60192d0d9d3902fd73935f281c3b3c50de162d0e9ca250278d32b810797de787fccb79e44e3e1a0a7e188b44971d41cc8fc11e9abb0b9a9cbd220b2c0a4f3fd8d7f8efddfe916bf3df7fc834453d32f61c850061d6d788c63d3f2dc42d0f54a64a09c0e1ffb51c15baef47c36ec8e319daa6ee46b51f2de27817b866a68b78089b5904bf1f9379990ac2a947f4c7dae0db2c17789e07d4b16f054889f6040709c812be047f53cec5fbc71d058772de66f539732abc8c7e75be4bbcec99119007493f6de01f68af52d2dbd594539c44ae4ec34908ef25ba46a02fc90d354a4a83cf2c588c4e1fe41966c0b2443875611cc9f21b08864ffa1f5072720eb756c4ff257e69e6e398b7e84a5904fc69db17879202ceb6c57fe6bd94ca578e3313a9a79538c840af82283a76dd7f53f5c3d8ec17c5be4c36136a53f0c46b14614e71dfe4ba7974ac4494311d4cda2fc7d0402acb637a9a6f491af9068c5c6fe71becfddb9fc07c785da5eddbb3a51043a0ae15aa9ddadd53f35dffed09a2127d3e0c5e1057ccec567791d9ce6e8082f0beb7ae912a4b30804abfa5347be87c6eff4fdb70b3064011950efd0ef30b84ee4b00f9247c2005a2dfa8e1c78ba0006185e2feeaea7f2c77d11c7e85499306ba769e404b6e6f7a7e5b45199817b31423eb439c50d850b22c1b63c4831f8da7ed462b0f8827f44c05df2e24673b360a58477e77b4835fae97e7d6375f0ccb339b4549652f20efeff931d14c0688713e78c81387ca6706258f9589090f2c8a4ef9e2cceb1775673f43f61f68736c966f757e6239ec7eb8ea70140f2c967a5a9f80f88b410f160aa14e083f6ff90f3324c59e4eb043e86117c362469e9c55a4689b137ccb04089e5d1ed875332083c41e8e3b28aad11472190b6dfddc18685e492fcf0a9c1f2ee287f7f1044f0bc98a9ad230978f97710839d1fc3e9f150cb03da9a1f55c608124ed27aa6b4c2c3cb7388432e15b02e55e1fcacee563c11f4f0ed9549fcd95d931243b95b394963da03982228f29a9501d7f1df7e44fec415fa7dc0edc1ec86850feb9f0dcd2d9dba983bbf44ff312462c73afc49519eb7440cd7d26ae73a137ae1c2b166d94730bf964452b4c82a49d110f48a894a427dc2cc4dacd66524b137ff54b49ec2938c829bf8934769c076001b54f280f862935a0cee4d69b3c3bf7773f2a7a235f9f188901f655e7b0bf790cfe49f5f079b90e0bad0fdd25e0c302af3687ba1feb58f3d3e78c34cb11f3dc494ddf4702fc009fd7c9e2671730709f60b83c75c1fea0738cbf87a19eff5698a39ecc8c22218be5f9426b225b52e3020b6782ece5451b716c975996afd0fc20fdad4acd8836ffd14d0ae932589be8ddb2b21328cec26d7321cc4cd5a2a01562b597abdd7f81f326c0a0f849d11053e4909db9cd9d18cbd4bdcea72bda5cc1cea86283c8fdebd5e55087cecced746f424bdf4358b65c958b84a2436025996e105425ed4784e2de1602b3ead37b87f104178f5a9db22ccbdae040b01e69b72aabc59c10af1e7f48b6701705b433fec40bbc07846d4c66b16f300906635e4fbf8ba61f2700b1726c6a4c14573fbb16d1af58f6301b41f7022a4c84651354e057d9383ecc10c32f07d332ddca591fd29", 0x2000, &(0x7f0000009680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000280)={@remote, @multicast1}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)

30.565655851s ago: executing program 0 (id=1037):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000ff80400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e2ffffffffffffff000000000000000000000000000000000000000000000300000000000000000040"], 0xb8}}, 0x0)

30.413584889s ago: executing program 0 (id=1040):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)={0x18, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x4}]}, 0x18}}, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1e502d0000ecff000109022400010000300009040000010300020009210700b90122070009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
syz_usb_control_io(r4, &(0x7f0000000380)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="0000070000000700cb030f47"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r7, &(0x7f0000000140)='./file0\x00')
openat2(r7, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

30.412880619s ago: executing program 41 (id=1040):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)={0x18, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0x4}]}, 0x18}}, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1e502d0000ecff000109022400010000300009040000010300020009210700b90122070009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
syz_usb_control_io(r4, &(0x7f0000000380)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="0000070000000700cb030f47"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r7, &(0x7f0000000140)='./file0\x00')
openat2(r7, &(0x7f00000003c0)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

7.819697487s ago: executing program 1 (id=1183):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="73e532000000df6bb791fd6d9a01a2dec6d0530b267ca79dff8c07f2a3934869dc22673441a46c880bd847af1cfaa13608be63813811658d322d8d9775f602e5efa528770d8a5d64ffae8ff927461d2878bc90947e1fda777feef75bcf6ced4a2bd93f5027c883fd1f742e5d5290a7e73584412a1138b57b6d6caadc262a76abd5a8ab4a1d7be92417a40425b4753f99e2743583cd197e96abe3f6bf30b9ca75e95dd1ed8106870da2766d1a47d33cecf4fce8b3aad34ac98bd886cca66e442f6d026c8759aac8501ca2b9fe04a1dbd59386bb6244dea0201e200d45504dac112039e1f02c93fc98b10f5d2fe0eb677f1d51e0c8a0d6cd714057b0f0f4ffbf3c94795d4c1eaf7510683d8f726bd219147d4b1430971476d9368d80e6ef2c25d968a997c85842e29d69d8d39b6744afad82dcaa136ac091c45fa463151a44b3c27e487dfbdf006e84b8066e29edba1827d27757895b6c18e1d46851fa2d4810ee788a42468fb9a4bf06fe59ce1173b4713fec92e020713f00fd", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0)
pread64(r2, &(0x7f0000000280)=""/4096, 0x1000, 0x0)
bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1e)

7.243927354s ago: executing program 1 (id=1185):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000a000000000000f0e50000000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x3c}, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x40000000000000, 0x0, 0x7, 0x0, 0x0, 0x2000000000}, {}, 0x0, 0x0, 0x2}, {{@in=@local, 0x0, 0x2b}, 0x0, @in6=@loopback, 0x0, 0x3, 0x2}}, 0xe8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)

7.10655575s ago: executing program 1 (id=1188):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000840)=ANY=[@ANYBLOB="12010000000000407d1ed43000af06000000000904000038f969eebfe82270b3cca80103000000092100000001000905810300"/63], 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
syz_emit_ethernet(0x3ef, &(0x7f0000000300)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd60cb651503b93afffe800000000000000000000000000000ff0200000000000000000000000000013b000e3064000000020090780000183e67696fd400005cfffe88000000000000000000000000000100000000000000000000ffffac1414aa001f000000000000c20400000008c910fc010000000000000000000000000000010700000000000000c91000000000000000000000ffff640101000401fa05020800010200000502fe030401f980b39e463eaf4ff759148e2e5ace6e65a8dc278f7e6a58976b105d42691cd03358629e70323d8c6958f3d0b0bf89ae9c3002c84588f09b52b7decf7cca4f2268da08178fc4552cad9dd0c86eec01acc175f65fac634d47ab3cbaa3b2272d89fd2efc96eff4eb54f2d7c37916a59c69fdecc5ae18d04c406acea701167ebafaab9f8627e3d487dff29bc1ad5f35440665bb382e9bc8b0d2106e53115cab183e5e710277d1c50647c2374d384d1f4702767c5c95d5b50000000000003c08010800000000fe8000000000000000000000000000330000000000000000000000000000000100000000000000000000ffffe0000001fc02000000000000000000000000000101050000000000000105000000000004010901050000000000c2040000fda2c9102001000000000000000000000000000100000000000000000e040702180800fc01000000000000000000000000000100000000000000000000ffffac141429fe80000000000000000000000000002b20010000000000000000000000000002ff010000000000000000000000000001fc020000000000000000000000000000fc0200000000000000000000000000010014020c00000000fc0100000000000000000000000000002001000000000000000000000000000200000000000000000000000000000000fc020000000000000000000000000001fc010000000000000000000000000001fe88000000000000000000000000000120010000000000000000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000abfc0100000000000000000000000000002d3d5f6c1443ab41636c251dcb6c57cff3361cc0f4e4d6371aa7a0e0ae7b891e8a05a20a49df20fc17e4d1b0741c5ae2553b779bdf2d996f3c3a13ed61af92157cf47ee0d9322116075c2047aee5e68b41263e0896afd09e8c0aba086f5772b42cb1776c0331ff1ae13fecf7135fdc1d2238f2e2f47a59ef87e80b11d90cb31843e948c1e8322dca132624c46f0849837f70e2eff3f73590a79653be499e316570c4f62f5c4294ec9a0aee1769e491e1029f3c840e9d3062b54504739dc014efddba8334e8c8b42beac8110b15c00ff189fca667241ea16d77"], 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@bsdgroups}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@noauto_da_alloc}, {@nolazytime}, {@errors_continue}, {@grpjquota}, {@errors_remount}, {@nobarrier}]}, 0x1, 0x46a, &(0x7f0000000980)="$eJzs289vFFUcAPDvzLZFQWhFFEFUFI2NP1paUDl40WjiQRMTPeCxtoUACzW0JkKIVmPwaEi8G48m/gWe9GLUk4lXvBsSolxAT2tmd6Zsl93tLpRd6H4+yTbv7bzpe9+deTNv5s0EMLD2Zn+SiPsi4mJEjNayKyp5oazctSvnZv+9cm42iUrl3b+TarmrV87NFmWL9bbkmfE0Iv0iyStZbfHM2RMz5fL86Tw/uXTyw8nFM2dfOHZy5uj80flT04cOHTww9fJL0y+uS5xZfFd3f7KwZ9eb7194e/bwhQ9+/T7Jv4+GODox3EGZvVng/1SqGpc93U1ld4GtdelkqI8NoSuliBjK9+eLMRqluL7xRuONz/vaOOC2ys5Nm1ovXq4AG1gS/W4B0B/FiT67/i0+PRp63BEuv1q7AMrivpZ/akuGIs3LDDdc366nvRFxePm/b7JP3MR9CACAbv2YjX+ebzb+S6N+jLgtnxsai4j7I2J7RDwQETsi4sGIeCgidkbEw51Ve7xINE4N3Tj+SS/daoztZOO/V/K5rdXjv2L0F2OlPLe1Gv9wcuRYeX5//puMx/CmLD/Vpo6fXv/jq1bL6sd/2Ser//CqyaX00lDDDbq5maWZjiagOnD5s4jdQ83iT1ZmApKI2BURu7v719uKxLFnv9vTqlDT+POx8JrWYZ6p8m3EM7XtvxwN8ReS9vOTk/dEeX7/ZLFX3Oi338+/06r+W4p/HWTbf/Pq/b+xyFhSP1+72H0d5//8suU1zdrxN9//R5L3qsejkfy7j2eWlk5PRYwkb9XWqv9++vq6Rb4on8U/vq95/9+er5PF/0hEZDvxoxHxWEQ8nrf9iYh4MiL2tYn/l9eeOt5l/Embf7eusvjnmh7/VprQsP27T5RO/PxDq/o72/4Hq6nx/Jvq8W8NnTbwVn47AAAAuFuk1Wfgk3RiJZ2mExO1Z/h3xOa0vLC49NyRhY9OzdWelR+L4bS40zVadz90KlnOnyaO6tX3dH6vuFh+IL9v/HXp3mp+YnahPNfn2GHQbanr/9t3Xu//mb9Kq8uuzIh4vwM2Dv0ZBldj/0/71A6g95z/YXDp/zC49H8YXM36/6cN+VKP2gL0lvM/DK61+n/P3kYCes75HwaX/g8Dqd278cnNv/Iv0d9ELN/+KtI7ItLblRjpoINs6MSNx4oh4wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAu9H8AAAD//xjg70M=")
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
r1 = socket$inet6(0xa, 0x3, 0x38)
setsockopt$inet6_int(r1, 0x29, 0x7, &(0x7f0000000040)=0xeffe, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @mcast1, 0xf}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xf338}], 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000030057f1511fb650a343e10271e5161f8e0b17de63d5a1bf2d3abf8fde63dc183d40c0cd36a15ef74bcaaefed03281c99cb332ac3a19b9c16088e71e23f6da62b4050c46f8dc59b760aa53e56b4412f9387bf486b58a01fcb2c275b946d5cb453530442521fa839e0dcf650880a30016faa790cabd59a11d879ebc"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5d, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000acb39500000000000000", @ANYRESDEC=r2, @ANYRESDEC=r3, @ANYRES8=r3], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4001ff, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c812e5d6000"})
r6 = socket(0x3, 0x4, 0xb8af)
bind$netlink(r6, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000001000000000000000000000071120b000000000095000000000000008405f71de023f91d6358071032a609c797ab117649d1da3a569acdeed7b54438c6e98fdba3635d12a474561118d63e000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f00000003c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r7, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
execveat(r7, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
write(r6, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000b6895323009500000000000000"], &(0x7f0000000740)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f0000000580)={'vxcan1\x00'})

4.906442914s ago: executing program 2 (id=1199):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000a000000000000f0e50000000000000000"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fcae68da850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x3c}, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x40000000000000, 0x0, 0x7, 0x0, 0x0, 0x2000000000}, {}, 0x0, 0x0, 0x2}, {{@in=@local, 0x0, 0x2b}, 0x0, @in6=@loopback, 0x0, 0x3, 0x2}}, 0xe8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)

4.85054227s ago: executing program 2 (id=1201):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="500000001a00000128bd7000fddbdf250a108035cf976b184889ed0000000047", @ANYRES32=0x0, @ANYBLOB="05001400000000000400088008000600030000000600150008000000050014000f00000005001400e4000000"], 0x50}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="b800000000000000", @ANYRES64=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000013c5759e96828b10ef1fbb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000335baaad353b980000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00P\v\x00\x00\x00\x00\x00\x00\t\x00\x00\x00\x00\x00\x00\x00trans=fd,\x00\x00\x00\x00\x00\x00\x00'], 0xb8)
write$FUSE_INIT(r3, &(0x7f0000000240)={0x50}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180800000000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x800012, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6bedbcb800140600fc020000000000000000000000000001200100000000000000000000000000004e214e24", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2000390780001db142aec8d330525699ffc55bb248ab3e312d8f41c36d46f8c0d919dd4cae1e7bf71189cf126ebeadff8b26c5a125f54d8000c2c9c0f1c464d666dc9b8d49870ebd5e20fa65fa2e82a496ac65e7703cfab51e1af8185fa3cf56fbed332aada87585e2c74e779e1950e823598514b466e7e21dce4f0ff286fcfaf21d45a7f28d25b4b68d9332b09ab1f77d10c1142b39398467011fdf2ecfda8877c1df4d5718dc3dc862d6bf9e02a9b02d1867c77f7bdeed4c666223400a8758be856bad271ccae13c2fb5ef07ac5685d210292ec56734d13ac12c78c26383ed6ae0faa20ed2eda3cc4951c"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2e1, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)='X', 0x1}], 0x1)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, 0x0, &(0x7f0000000300)=""/6, 0x2}, 0xffffffffffffff96)
bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000001c0)={r5, &(0x7f0000000240), 0x0}, 0x20)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x7, &(0x7f00000003c0)=0x6)

4.743098133s ago: executing program 2 (id=1202):
syz_usb_connect(0x4, 0x4d, &(0x7f00000006c0)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x169142, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
fchown(r0, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0500000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000e0ffffff000000000000000000000000000216caa1e874e48e2c000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = dup2(r10, r9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r11}, 0x10)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f00000000c0)={[{@discard}, {@bsdgroups}, {@resuid}, {@noblock_validity}, {@minixdf}, {@errors_remount}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000600)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")

4.174298248s ago: executing program 6 (id=1205):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
unlink(&(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00') (async)
r0 = socket(0x21, 0x5, 0x7)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000001900)={'pim6reg1\x00', {0x2, 0x4e24, @multicast2}}) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0) (async)
mlock(&(0x7f0000a74000/0x1000)=nil, 0x1000) (async)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000001940)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
r2 = accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000080)) (async, rerun: 64)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0) (rerun: 64)
sync_file_range(r3, 0x6, 0x401, 0x5) (async, rerun: 64)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da070000000000010902240001000000000904000009030000000921000000012222000905810308"], 0x0) (rerun: 64)
syz_usb_control_io$hid(r4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 32)
syz_usb_control_io$hid(r4, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_4={0x3, 0x1, 0x2, "f7940ef7"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @global=@item_4={0x3, 0x1, 0x3, "bd6ac505"}, @local=@item_012={0x2, 0x2, 0x0, "1a70"}, @main=@item_012={0x2, 0x0, 0x8, "5294"}, @local=@item_4={0x3, 0x2, 0x2}, @local=@item_4={0x3, 0x2, 0x0, "83632df5"}]}}, 0x0}, 0x0) (rerun: 32)
dup(0xffffffffffffffff) (async)
syz_usb_ep_write(r4, 0x81, 0x1, &(0x7f0000000000)='B')
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001140), 0xffffffffffffffff)
futex(&(0x7f0000001980)=0x1, 0xd, 0x1, &(0x7f00000019c0)={0x77359400}, &(0x7f0000001a00), 0x2) (async)
sendmsg$NL80211_CMD_SET_COALESCE(r3, &(0x7f00000018c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001180)={&(0x7f00000015c0)={0x2c4, r5, 0x400, 0x70bd2a, 0x7ff, {{}, {@void, @void}}, [@NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x100, 0x3, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0x21, 0x2, "b2aab9d89d00bf655c794e4e841290f2b06518b3b16d9209cb5b4f65ac"}}, {0xd4, 0x0, 0x0, 0x1, @NL80211_PKTPAT_PATTERN={0xcf, 0x2, "1a68a3a0142cb90427e20f141ec0fd0e5f6062330d3e52b7994cab76e0699bce4df391ed9ce75e6403045c45946c8b840b5eb063e273ac4de39c8db17ea755ad7997e055364bd2b2ddd338b4f32d014e411c1b8c5be6ecd5269e4f94d8336c2bf7004671404ed43dbd0fbf8c8e862f73543dab97460c6d8b8d2f838a2d380fb50c14e6499388b4233c65b82a9cac27097764deaad7a4d43dda72a40a48644e6567327d3041d11a20de5b3b49ea275975ef335cfc5ed8227c6b0a11ad2c64d010532662304f74aab7f49899"}}]}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x6c, 0x3, 0x0, 0x1, [{0x68, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x63, 0x1, "9d828c019221658ab3f73648a23f6ca39e2c4c8505b62da38a26b013597af1e07b77e123b7a757a523600395ee01afa9816981ffd4fdba5b73b3ebb9e8f80ef39d5923a7ef31053779286a9b147b7b91ab5c174406a4a66858f892adef6e0c"}}]}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x30, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x865b}}, {0x20, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x19, 0x1, "2b647d5c5a154194a3a8364120e9027eef984286e7"}}]}, @NL80211_ATTR_COALESCE_RULE_PKT_PATTERN={0x114, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, @NL80211_PKTPAT_OFFSET={0x8, 0x3, 0x2}}, {0x104, 0x0, 0x0, 0x1, @NL80211_PKTPAT_MASK={0x100, 0x1, "874786b99185af4b32de2e168bd7bc1bf40298ee11918b28aa19787398e25d783b57ffed87863d3c10fc1cae97ce8d9b3b3e1f17a803a1b66642f79175eca2f22ab7904d7908f2d9cdc4456bcd395f45a815487bae121d27668c39358f6da280000a2759791b050e9f013d28d747ca1056fd443a27587d5379c88e3928bc96a4559e18dfb6d14a646bfb1db48f93974e1b707e605380d56f57bc615992eab30b86d5f5bac0854f1a0f88cfa226141ddae1715698445515efe106630cc5d146e03201ffff275a365a03a0467c29db8e164815fa067a55088e9fb09e66cb1514b1cf2f8b5f6b6f340291b20897a354f741d1a6318f325e522f04a9d2b1"}}]}]}, 0x2c4}, 0x1, 0x0, 0x0, 0x44}, 0x1) (async)
sendmmsg$inet6(r2, &(0x7f0000001400)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000180)="37fb59917b2b96424175b0840daf70252a75d4e5fa51bc2132abea3fade78b597ceb9f4501b1d12304707ee23407b3be79cc14cce8ab394dc4859feb17b05cca24e06bc9cf012233443899ddafff68a0473f04022d1f28dd6b043920e6ef312d9d569b9c71afc7c3bad4f2ad8cf6b7ca97c59f9ff1ac498bac973d574ef8dbc3892f10ee3ebf9b6138e4638d5c218f26cb4426e681128caa413b44e92b3a128536c251fec6274b2d8dda3b496b2c5457a85ec5cd3830671d9022e530f2f5e625f36ce9903c028766802195f3325ea8006e735a31b34b72c4cfba0cf5a2ce8b5284d3bae44a", 0xe5}, {&(0x7f0000000300)="837f40f1c4daa6174a53e2151ef9017338e0c438a3763f3a982553128e6a1657279e45ea60978a7099494e4a46a8a0757551c9520f7bcee69fbd406e29170dab485cb80705d87feefa2c24fb5e51e6992df0f8357d7e4336ed5f012dc6b197c4d45c6e513c6953a544a760128e60d2567dec1a85b10602e3df98499185b64edecadc0b85edd0b07513950733d32463cd3f86924205df12f7d352661ca0829f17bdea69d54ab0e4eb580002ff", 0xac}, {&(0x7f0000000540)="c8a0c828338c153e0667762299d822bf0f9ac95afa2a94650da35c70722338491a67259c8bb48ca021601e9f998246055aadeef44f36b6358410e9f079d7a996ef4f6f1760b72984c5d50a22f19fe667899f5cb07aad37212b5cb45b7c198e958d9ee280a082a4d1f092a87e54950ea6d800c53e824083a677404423779d652a2b708fe34bdda4dba82db52e657c58353a53719cf5c4702a189eb205fd05b0f91bc46d451449674305a6", 0xaa}, {&(0x7f0000000280)="fab76c75440cf29d144bd5fea7282f4139c85b4fe0db1eadbae64f8aa09d38db3d25", 0x22}, {&(0x7f00000003c0)}], 0x5, &(0x7f0000000680)=[@rthdr={{0x58, 0x29, 0x39, {0x2b, 0x8, 0x0, 0xbd, 0x0, [@mcast2, @private0, @ipv4, @private2]}}}, @rthdr={{0x88, 0x29, 0x39, {0x2c, 0xe, 0x1, 0x31, 0x0, [@private2={0xfc, 0x2, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @local, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast2, @local]}}}, @tclass={{0x14, 0x29, 0x43, 0x4}}], 0xf8}}, {{&(0x7f0000000400)={0xa, 0x4e23, 0x1, @mcast2, 0x9}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000780)="f1a4042c91a8c5e345dcb4c0bc58eeadb222a464bc2367da2beccdd6fc794e5876b784fc2c37fbe6f6317827a899e42ad45f7a25cbab4c068216aa86a44a1b88e6e1b1ef1c04f45f673ec44fc2aeeb58964f62565d7c9a055f0aefef7f8e598981d51cfb2ba5550845951353866d24fb3bbeab4f2083ee25c57e454457e8d4efe77e84dd9a1766958081a30307cbea9823a75bf1ee20dd42bc2191ed67245985af395aca3f755736f3e5468cef8ceac515e5ff5f9ea5c00aae12ead94bbfb12cd65832d2ef50dc1bbf56de35d7951d8ffdfe0506dfca072059d7119ad2d6986b72cc0784b83a8a809cd8089462298a4d1d5f13e5e28f9c5ac090f32c", 0xfc}, {&(0x7f0000000880)="b71f4ecfe33caa97fde68a89c04db7c62b96c9c6c33c2b721fde70711acd5fb55f20d55aed7f23480465e0786df85c98edf1f9fd8956d925ef352ce7adacb983d5a4ac0811141a1a646639402e4b7a553e7a86c81878bb60a5d91476e67a1f6247d5afdef8e3fb5e1ba5e1aec1df1237d8dd17e4c3d42b6a948b8518bacbc7b24773d823d57b9012d171a32320ec859e025563d6b918ed89028b44f1cd1ca57def962858540cb28e22560689d5f20e9010a8a9f1c64083824ad407311b8b", 0xbe}], 0x2, &(0x7f0000000a00)=[@hopopts_2292={{0x20, 0x29, 0x36, {0x8, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x8}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}, @hopopts_2292={{0x160, 0x29, 0x36, {0x0, 0x28, '\x00', [@ra={0x5, 0x2, 0xb}, @jumbo={0xc2, 0x4, 0xb8}, @generic={0x2, 0xc7, "338a747356724fecf6f8f247e691a61f2612a99ce539e3487fec71db47376e36c896888920e7a2d33de43dd51a7f3e4593233e7b4ecac6ee51ff5c60c8cd331d309eae4141c055f26d7e1b2de74bcea5df5c577e37c4cf3b48c46b317d3e606c60d95b04dc1f13e0e8cd18d8e880907e557746e27eb359c13d9fa6818ed4323e68cd156a79149a1b4bd68a0773b8aa3a2e6aad8f611410facf1260c503acc154aff186a7eefdee81c79694e81b29c86a080e85e30752f2be0d4cf0414f94b47b08fe143ff97eb5"}, @generic={0x0, 0x64, "4c9812e6c5a51d6b968cc7dfe85ab889b093f0d8b29ecedd9da5465efdad502238dc43688bf217ec4d50fed0e6f87fd54ec96c442fd12ffe65ab3c456bb3b95f20b939adce21b1c5442cebd88e7281320aec278e9b45d889098a9a83c520822de7f46de0"}, @ra={0x5, 0x2, 0xc}, @ra={0x5, 0x2, 0xffbb}]}}}, @hopopts_2292={{0x80, 0x29, 0x36, {0xc, 0xd, '\x00', [@pad1, @jumbo={0xc2, 0x4, 0x122}, @ra={0x5, 0x2, 0x5}, @padn={0x1, 0x1, [0x0]}, @calipso={0x7, 0x50, {0x1, 0x12, 0x31, 0xc74, [0x3ff, 0x8, 0x80, 0x80000000, 0x6, 0x2, 0x8000000000000001, 0x1, 0x58]}}, @jumbo={0xc2, 0x4, 0x263}]}}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x2c, 0x1, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @pad1, @ra={0x5, 0x2, 0x5}, @padn={0x1, 0x1, [0x0]}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x68d5}}, @flowinfo={{0x14, 0x29, 0xb, 0x100}}], 0x270}}, {{&(0x7f0000000940)={0xa, 0x4e24, 0xffffbc78, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x76c2b08e}, 0x1c, &(0x7f0000000f80)=[{&(0x7f0000000980)="7f3bf707c8fb88195ef06f16ea811d99d5c03a31a73e450a04764fdb43c1b31424523e5f959c", 0x26}, {&(0x7f0000000c80)="8d880243ce41a6c7f03161e29f946134478e00f20aa9fe18e724f3763cf6f5570ae842037cff846f89d0fc825d90da9170ff9c980bbfb3871dfff7017f5fdd1211184a2085ac2ad3942a0f67ed97b26e886f360085db9bd50ad8c95fef7565264a497ecb3392e003c9b3a11990769499a2b5bbce21a0ee626c83fc5cda6f2f41858fbd45e426c6d230a2092eaa1a59013c7f7d23b64e8690642a9a946b5c27b3ad8befc5cb0d1db954338a7253c3dffad7b405e54fbac8caba062807bf06e0094dc534b4daea7478a0f3ba4dd8b80dae88b9cad1888642048549b4d73eda83495b37", 0xe2}, {&(0x7f0000000d80)="b9f7d670c29ff5c6e909e1f5845832134988a2e3451e39f93103185167902ad7752f1d23667d58135254859a7bb54839d7a5f36002172688bc00f8c00f6de94dc232aeabd7fca5150ad493fc50463fb0cd21bc4bcd388874747d27e16ecf83908a940150894327d3ae5e42bd4e5db6d43f0b4b8ccdd8dd899e5df69b7447c473060ea5c1326765a5c8fe6fb1e5cc43ecb5bfc7f836935c0d666944f24649701e787451858dc17db1830125b2dfc32fa883317d6e411d51f522aad6f05773b39f6547b6bedee02bb113bbfe573287146f064048d14ddc5e33af8158e08b57668e1d020d4bc716d149af8b1466cbdc275d7c7c68408ddd7fb56c77", 0xfa}, {&(0x7f0000000e80)="2449b3398d1520e2ef41c3a9c4a307a3c49dcc5334cf5b06f54ef4d8f3a50ef252817c898c48e86c51ca58c5e022cb776c4860e7490d6df62a9c4a76048447f84b904f0ff24118d62de1af0205d722d85c668b74426da6b2a0f72e2f69c402133ac85c4aa3e1f77d7477cd7f79f377bcb19037a5afe73faf1fe0abb191ebcbc0912cf87b07fb7ceeb07872ebd3a4859c67526d721ff6c9b4a9a45c9b200858f3e8494370244998f5b8f1ede7f7d9438fde552fd20091517d8e40dd8e96123dfdff49dbd3", 0xc4}], 0x4, &(0x7f0000000fc0)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x73b}}, @hopopts_2292={{0x30, 0x29, 0x36, {0x67, 0x2, '\x00', [@enc_lim={0x4, 0x1, 0x1}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x4}, @pad1, @jumbo={0xc2, 0x4, 0x9}, @enc_lim={0x4, 0x1, 0x33}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x43}}}}, @rthdr={{0x38, 0x29, 0x39, {0x2e, 0x4, 0x0, 0x1, 0x0, [@dev={0xfe, 0x80, '\x00', 0xa}, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x8}}], 0xc0}}, {{0x0, 0x0, &(0x7f0000001100)=[{&(0x7f0000001080)="464e107310d039ce2ee7002b4732d45fe9002844035557248c3e11cad3169113778acdae6cbc324b600e12f35620834ab33045a767e137115e495b454e12e5ed862715b66ea8d097cb5b08e6890666c2d24ebd", 0x53}], 0x1, &(0x7f0000001540)=ANY=[@ANYBLOB="1400000000000000290000000b000000000000020000000014000000000000002900000034000000000000000009000028ac3c4bf20c1e838a91a3640a000000000000002900000037000000167eb8a7dfded45e5c5a95b0010000000000fff202059500"], 0x58}}, {{&(0x7f00000011c0)={0xa, 0x4e21, 0x2, @private2, 0x5}, 0x1c, &(0x7f0000001380)=[{&(0x7f0000001200)="a562ee3bd154619bb4d388e61ee393805b32a9469e2da78ceacb009ddffb84f6ece3989e87ebeb1419ea706617023f8fcf74d33e0b3c6a570c79f27bcd05fc51c5d573429ea4f06753ba447fa0bdee289ab1ab44e55e0a642f873fdff088cf20e6286e59e9b4a5b60bd996eb33ddd6de44acf8932cb455b07a66bf3e519e0e64e2bcc05c4d34f9c32788c3ae3d9f77dea7f970cc", 0x94}, {&(0x7f00000012c0)="625b7d0da4a7345a7a0f711581d55204d3afbfaa5452a5b925949c3fd4dd1f519bdcc1d79e2dd5f378e00f3389f26242c8504670507430c9795952a937847f24b21157daf5df873d2b75c43a3a4a056b11", 0x51}, {&(0x7f0000001340)="570ec77d6fbd89ee18f5303093678fe4ba4624ed8b484aacdf5f8695f9a34a158fab13003a755014", 0x28}], 0x3, &(0x7f00000013c0)=[@hoplimit={{0x14, 0x29, 0x34, 0x7}}], 0x18}}], 0x5, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000003c0)='io_uring_req_failed\x00', r1}, 0x18) (async)
syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x0)

4.081090209s ago: executing program 1 (id=1206):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = socket(0x2, 0x80802, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)={0x2001})
epoll_pwait(r5, &(0x7f0000000080)=[{}], 0x1, 0x80000001, 0x0, 0x0)
shutdown(r4, 0x0)
add_key$keyring(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
clock_adjtime(0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040))
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)

3.917539708s ago: executing program 6 (id=1207):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x20, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x20}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

3.010293153s ago: executing program 4 (id=1208):
mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103)
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b8004", 0xd}], 0x1)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120010001600020000000600180040000000050017"], 0x50}, 0x1, 0x0, 0x0, 0x3000000}, 0x0)

2.94926676s ago: executing program 6 (id=1209):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x59f, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
readlink(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r1}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0xffb}, 0x10)
write(r2, &(0x7f00000002c0)="2000000012005f02050df4070000fbe40a00001000008e5a39092db4d30cbcb4", 0x20)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0xd08, 0x4)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x3, 0x4)
recvfrom$inet(r0, 0x0, 0x0, 0x12002, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x10200b, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6d656d6f72793d6c6f772c616c6c6f635f6d6f64653d7265757365020000006e745f6d6f64653d757365722d62617365642c646973636172642c6261636b67726f756e645f67633d6f6e2c6261636b67726f756e645f67633d6f66662c6e6f666c7573685f6d657267652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6d6f64653d61646170746976652c6a71666d743d7666736f6c642c6e6f696e6c696e655f64656e7472793800"], 0x1, 0x5518, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eTkBEIjBMBjfelu2LfvvR37Qo1dBmAHhIyHIAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/NNxfjU9MiVZVc6aJJeNeVWtWiS2rxJ6DxJGD/vqbs333JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAi527942bDAMA/tg+X2kBEQLKEIRAYoCFptdS6IYYQBEDOwtSlF5L6JWPNgOtKkQWNpS5C4IRISRQ2PI/dKZSl7J1yFAkNqQifyXuh+jxUfva/H7S6/c5y/H7vLYU5fHrHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBE7Ly1F2fFZq6K03rfrzcvrRb91Tv6wvbmtcWiFXHSZdIPh+fbH5KF/hIBAABg/8ia+j4irudby0WfzpX1f94cU9T83z5ZxU09f2fd3/RN7V+0X36+8ezuQHPVOMVJT61NxkfuTmXw4GY525667xGD8sqXz16y8oak7248s5OX1zP5+sqVt4dleKCLbAGAf+Nw09dB8/dQ0Y/6TAyAfWPQKryb+j+b6zcnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC7sbMTjTZxExOJgLy5cvXlp9V799ua1xaa9fvnyZny5d87iFHlEnFqbjI90OpvZdv7CxTMrk8n4XPfBCxHR1+hv1tM/88EUB0f0cn0E/1OQ1jd7VvJ5OIIefykBAPBIyutW1PXX863lYl8yH3Hru9vr/5dbcfxN/T9sPQO48eGftyrVz7Tr/1HH8+zL9vv3P2Zp/eynS+cvXHx17ezK6fHp8cevHR29MTp24vjxE0vls5IlT0wAAAD4b4Z1a9f/6fzd6/+HWnFMuf7/2TejL9pjZfuw/p/G3qJf35kAAADsb0+/+MfvyT32J8NhfL6yvn5uVG13Px+ttj2k+o8dqFu7/s/m+84KAAAA6MLORnLb+v/JVhxTrv8/8f1zP7bPmUXEwXr9//DqJ5OT3U1npnXx78R9zxEAAIB+Haxbe/0/L9//T3dfeUgj4pWXqrj+GsCp6v/sna9+aI/Vfv//WHdTnEnpQnU9yn4hYrDQd0YAAAA8yh6rW1Hs/5ZvLX/006H3ht7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjaXwEAAP//jG9Erg==")

2.901480585s ago: executing program 1 (id=1210):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_open_dev$loop(&(0x7f00000001c0), 0x1e6, 0x10000)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@loopback, 0xff80, 0x32}, @in=@local, {}, {0xac2, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)

2.870675919s ago: executing program 4 (id=1211):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2804049, &(0x7f0000000300)=ANY=[@ANYRES16=0x0, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRES8, @ANYRES16], 0x42, 0x304, &(0x7f0000000a40)="$eJzs3M9rE1sUwPGTNG3SlDZZPB6v7/HoRTe6Gdq4V4K0IAaU2og/QJg2Ew0Zk5CJlRSxceXWf8PQZTdS0PoHdOPOlRtx043gpqA1ksykSdpJG1ObtOT7gXJP594zP3In4czAzPadV4/TSUtL6gXxBpR4RUqyKxKuRo6lcRHxiEdqzYi9MGA3Jbk49u3j/0pEorHY7LxSc9GFSxGl1MTU26fP1s5tFsZur09s+GUr/GD7a+Tz1t9bk9s/Fx6lLJWyVCZbULpazH4q6IumoRIpK60pddM0dMtQqYxl5O3+bMHZrORyRaVnEuPBXN6wLKVniiptFFUhqwr5otIf6qmM0jRNjQdlcOxM1Zrc7+bFy/PzerTLjS51mYc/bvPQ3ny+/uV5X2ntiZdPbp8AAMBpVa///c31/05r/e9xWm9z/e8oSala/9+6e+96B/X/xkib+j97oP53ri+kpT9pZqn/uxU4uCheHuq+/scZkR8VKa9J4xv94v7adC2g/gcAAAAAAAAAAAAAAAAAAAAA4CzYqVRClUolVG29YsfVP7/zwEj9/37vJ05G8/zbc+2rzjrzPyCaHtwLiJgvl+PLcbu1+6NJSYkphkxLSH7UzgeHHc9di816VE1Y3pmrTv7qcnyoNX9GQhJ2z5+x81Vr/rAEm/MjEpK/3PMjrvkjcuF8U74mIfmwJFkxJVE7rxv5z2eUunojti9/VBIuT8wBAAAAAHAWaWqP6/W7prXrt/M7uT8w7Xp97pN/ff09dgAAAAAABoVVXEnrpmnkjwxeOxlHDv7iDOx4zccNhjs9Cn/na35TCzzt1hzY++ie/NPDI20E9XcyHzp41BnU0uXcnlnt/T4fO5jqy9Z91ZO+aUmw7eCJIbcP/LDA77yVubpkt7JvzOX1/74XV65MHjHLJxT09GcIAAAAQA80iv5+7wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOrF68T6/cxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfFrwAAAP//CgoTZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}})

2.792637218s ago: executing program 4 (id=1212):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f00000006c0)=ANY=[], 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$key(0xf, 0x3, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="38010000100013070000000000000000ffffffff00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8000000000000000002000000000bb0000000032000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000200000000000000000048000200656362286369706865725f6e756c6c2900"/214], 0x138}, 0x1, 0xe}, 0x0)

2.68163916s ago: executing program 4 (id=1213):
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r2, r4, 0x1, 0x0, @void}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)

2.609072159s ago: executing program 4 (id=1214):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x1c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

2.608888549s ago: executing program 3 (id=1215):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000056, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@noblock_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='ext4_request_blocks\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r3, &(0x7f0000000180), 0x4000)

2.138407674s ago: executing program 3 (id=1216):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b80000001900674c0000000000000000ff010000000000000000000000000001e000000100000000000000000000000000000000000000000a00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000400006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e2ffffffffffffff000000000000000000000000000000000000000000000300000000000000000040"], 0xb8}}, 0x0)

2.041597105s ago: executing program 3 (id=1217):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030000170000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a0000000000000026000000000400000000000000000000000000000000000404000400000000000000000000000000000000000000000000000000000000000200010000000000000026000000000005000500000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0xb8}}, 0x0)

2.014355857s ago: executing program 1 (id=1218):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000240)=[{0x0, 0x19, 0x81, 0x6}, {0x0, 0x7, 0x1, 0x10}, {0x8400, 0x4f, 0x0, 0x2}]})
syslog(0x0, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2968e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)={0x80, 0xfffffffc}, 0x10)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000c472a440b72040155ab7d29a03010902"], 0x0)
syz_usb_connect$uac1(0x3, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x46, &(0x7f00000001c0)=ANY=[@ANYBLOB="46039d701f158c1fc0ebfebfd64ec170885c771505132894a6fa3ba78fb181784c8da8fbb19d9b79e95ea8cdf475"]}]})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="8000b6000a000200aaaaaaaaaaaa000006000500"], 0x30}}, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}]}, 0x38}}, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r8 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mknodat(r8, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')

1.90727326s ago: executing program 6 (id=1219):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x20, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x4}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x20}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

1.197827192s ago: executing program 4 (id=1220):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4b3, 0x3108, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_usb_control_io(r0, &(0x7f0000000600)={0x2c, &(0x7f0000000280)=ANY=[@ANYBLOB="0000050000000503588438ae0b2c3399eabff68380868f56fd8c60691d075a5bccd4d8194ec4e6e98033ce3658dc97df34f19b9df837c45d63ec11f0577cb8d6ad190363d9466fc03171988c1b5bae3007ce35dc73fd11fa777bc128270afa66df60925202e5f720c4baea51ee10"], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.141252428s ago: executing program 3 (id=1221):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="020300001b0000000000000000000000040003000000000000000000000000000000000000000000000000000000000005000600000000000a0089fc00000000fe8000000000000000000b00000000bb000000000000000004000400000000000000000000000000000000000000000000000000000000000200010000000000000000000000000005000500000000000a00000000000000fe8800000000000000000001000000010000000000000000030007000000000002004e24ac14141f000000000000000002001300", @ANYRES8=r0], 0xd8}}, 0x24000000)

1.139552778s ago: executing program 3 (id=1222):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x2804049, &(0x7f0000000300)=ANY=[@ANYRES16=0x0, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRES8, @ANYRES16], 0x42, 0x304, &(0x7f0000000a40)="$eJzs3M9rE1sUwPGTNG3SlDZZPB6v7/HoRTe6Gdq4V4K0IAaU2og/QJg2Ew0Zk5CJlRSxceXWf8PQZTdS0PoHdOPOlRtx043gpqA1ksykSdpJG1ObtOT7gXJP594zP3In4czAzPadV4/TSUtL6gXxBpR4RUqyKxKuRo6lcRHxiEdqzYi9MGA3Jbk49u3j/0pEorHY7LxSc9GFSxGl1MTU26fP1s5tFsZur09s+GUr/GD7a+Tz1t9bk9s/Fx6lLJWyVCZbULpazH4q6IumoRIpK60pddM0dMtQqYxl5O3+bMHZrORyRaVnEuPBXN6wLKVniiptFFUhqwr5otIf6qmM0jRNjQdlcOxM1Zrc7+bFy/PzerTLjS51mYc/bvPQ3ny+/uV5X2ntiZdPbp8AAMBpVa///c31/05r/e9xWm9z/e8oSala/9+6e+96B/X/xkib+j97oP53ri+kpT9pZqn/uxU4uCheHuq+/scZkR8VKa9J4xv94v7adC2g/gcAAAAAAAAAAAAAAAAAAAAA4CzYqVRClUolVG29YsfVP7/zwEj9/37vJ05G8/zbc+2rzjrzPyCaHtwLiJgvl+PLcbu1+6NJSYkphkxLSH7UzgeHHc9di816VE1Y3pmrTv7qcnyoNX9GQhJ2z5+x81Vr/rAEm/MjEpK/3PMjrvkjcuF8U74mIfmwJFkxJVE7rxv5z2eUunojti9/VBIuT8wBAAAAAHAWaWqP6/W7prXrt/M7uT8w7Xp97pN/ff09dgAAAAAABoVVXEnrpmnkjwxeOxlHDv7iDOx4zccNhjs9Cn/na35TCzzt1hzY++ie/NPDI20E9XcyHzp41BnU0uXcnlnt/T4fO5jqy9Z91ZO+aUmw7eCJIbcP/LDA77yVubpkt7JvzOX1/74XV65MHjHLJxT09GcIAAAAQA80iv5+7wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOrF68T6/cxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfFrwAAAP//CgoTZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc1}})

1.138840399s ago: executing program 2 (id=1224):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
read$FUSE(r0, &(0x7f000000e280)={0x2020}, 0x2020)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$loop(&(0x7f00000001c0), 0x1e6, 0x10000)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in=@multicast2, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0xa}, {@in6=@loopback, 0x0, 0x32}, @in=@local, {0x80ff}, {0xac2, 0x0, 0x0, 0x5}, {}, 0x2, 0x0, 0xa, 0x4}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)
ioctl$sock_SIOCBRDELBR(r3, 0x89a1, &(0x7f00000003c0)='ip_vti0\x00')
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)

1.014590243s ago: executing program 6 (id=1225):
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r2, r4, 0x1, 0x0, @void}, 0x10)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)

1.005674295s ago: executing program 3 (id=1226):
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r1, @ANYBLOB="01000000000000000000010000001400020077673100000000010000000000000000f40108807000008048000980280000f8060001000a00000014000200fe8000000000000000000000000000aa05000300000000001c000080060001000200000908000200e0000001050003000000000024000100000000000000000000000000000000000000000000000000000000000000000080010080200004000a004e2000000005200100000000000000000000000000000800000006000500b01f00000800030006000000060005000500000008000a000100000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff200004000a034e200000040100000000000000000000ffffac14142a06000000240001000000000000000000000000000000000000000000000000000000000000000000d4000980", @ANYRES16=r0], 0x21c}}, 0x0)

657.162954ms ago: executing program 6 (id=1227):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001500)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xa000000}]}, 0x1c}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r8, 0x400448ca, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

193.412468ms ago: executing program 2 (id=1228):
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffd, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000100)=""/47, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000500)=""/69, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f00000016c0))
ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af00, 0x0)
r5 = eventfd(0x0)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000180)=r5)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000040)=0x1)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000380)={0x0, r5})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x792, &(0x7f0000001a40)="$eJzs3ctrXFUYAPDvTl5NWk0EQesqINhA6cTU2Cq4qLgQwUJB17ZhMg01k0zJTEoTAraI4EZQcSHopmsfdefWx1b/CxdSKZoWKy4kciczybSZSSdpZiaQ3w9O5pz7yDnfnPs4d+5lJoADazT9k4k4GhEfJxHD1elJRPRVcr0RZ9aXu7e6kktTEmtrb/2ZVJa5u7qSi7p1Uoerhacj4qcPIo5nttZbWlqenSoU8gvV8nh57vJ4aWn5xKW5qZn8TH7+1MTk5MnTL54+tXex/v3r8pE/Pnn92Ldn/n3/qZsf/ZzEmThSnVcfx14ZjdHqe9KXvoX3eW2vK+uypNsNYFfSXbNnfS+PozEcPZVcE4Ob2YnljjQPAGiD9yJiDQA4YBLnfwA4YGqfA9xdXcnVUnc/keis269GxKH1+Gv3N9fn9Fbv2R2q3Acdupvcd2ckiYiRPah/NCK+/P6dr9MU1X5wLw3ohGvXI+LCyOjW43+y5ZmFnXp+u5lrA5WX0QcmH7TzD3TTD+n456VG47/MxvgnGox/Bhrsu7vx8P0/c2sPqmkqHf+9Uvds2726+KtGeqqlxypjvr7k4qVCPj22PR4RY9E3kJYnKos2HrmN3fnvTrP668d/f3367ldp/enr5hKZW70D968zPVWeetS4a25fj3imt1H8yUb/J03Gv+darOONlz/8otm8NP403lraGn97rd2IeK5h/2/2ZbLt84njlc1hvLZRNPDdb58PNat/9Fj/Rv+nKa2/di3QCWn/D20f/0hS/7xmaed1/HJj+Mdm8+q3/8bxN97++5O3K/n+6rSrU+XywkREf/Lm1uknN9etlWvLp/GPPdt4/1+vtvH2n14TXmgx/t7e+Gb38bdXGv/0jvp/55mb92Z7mtXfWv9PVnJj1SmtHP9abeCjvHcAAAAAAAAAAAAAAAAAAAAAAAAA0KpMRByJJJPdyGcy2ez6b3g/GUOZQrFUPn6xuDg/HZXfyh6Jvkztqy6H674PdaL6ffi18skHyi9ExBMR8dnAYKWczRUL090OHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACqDjf5/f/U7wPdbh0A0DaHut0AAKDjnP8B4ODZ2fl/sG3tAAA6x/U/ABw8LZ//L7S3HQBA57j+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM3OnT2bprV/VldyaXn6ytLibPHKiel8aTY7t5jL5ooLl7MzxeJMIZ/NFeea/qNr6y+FYvHyZMwvXh0v50vl8dLS8vm54uJ8+fyluamZ/Pl8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDWlZaWZ6cKhfyCzLaZwf3RjH2T6Y190QyZh2QyEbG71euPEoPdO0ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7HP/BwAA///F9Cf0")
r7 = open(&(0x7f00000006c0)='./file1\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000003c0)=0x6, 0xdc)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4800000010001fff0000000000ff030000000000", @ANYRES32=0x0, @ANYBLOB="0040040000c10000280012800900010076657468"], 0x48}, 0x1, 0x0, 0x0, 0x84}, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000009196bd"], 0x14}}, 0x0)

0s ago: executing program 2 (id=1229):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x5, 0xe80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0xffffff50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xf, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x13, r4, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100000014000000140000000300"], 0x0, 0x2f, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000180), 0x10)
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
shutdown(0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB, @ANYBLOB])
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c956fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d68d7489cfcb0176"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r5, 0x0, &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x3, &(0x7f00000001c0)={r5, &(0x7f0000000240), 0x0}, 0x20)

kernel console output (not intermixed with test programs):

 registered, leaving
[  186.911055][ T3487] EXT4-fs (loop2): mounted filesystem without journal. Opts: user_xattr,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[  186.998842][  T357] plantronics 0003:047F:FFFF.0021: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  187.014464][ T3487] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038 (0x7fffffff)
[  187.105407][  T357] usb 4-1: USB disconnect, device number 6
[  187.156818][ T3468] loop0: detected capacity change from 0 to 40427
[  187.219291][  T561] logitech-djreceiver 0003:046D:C71B.0022: item fetching failed at offset 3/7
[  187.228440][  T561] logitech-djreceiver 0003:046D:C71B.0022: logi_dj_probe: parse failed
[  187.242109][  T561] logitech-djreceiver: probe of 0003:046D:C71B.0022 failed with error -22
[  187.298699][ T3501] loop0: detected capacity change from 0 to 256
[  187.420021][    T6] usb 2-1: USB disconnect, device number 6
[  187.454044][ T3503] fuse: Bad value for 'group_id'
[  187.557421][   T42] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  187.565197][ T3506] loop9: detected capacity change from 0 to 512
[  187.648038][ T3506] EXT4-fs (loop9): Unrecognized mount option "subj_user=GPL" or missing value
[  187.947780][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.018349][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.124915][  T561] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  188.132279][   T42] usb 3-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  188.209506][   T42] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.212382][ T3519] netlink: 'syz.9.896': attribute type 22 has an invalid length.
[  188.228511][   T42] usb 3-1: config 0 descriptor??
[  188.867459][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  188.867480][   T30] audit: type=1326 audit(2134217782.910:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.160205][   T30] audit: type=1326 audit(2134217782.910:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.190341][ T3534] 9pnet: Insufficient options for proto=fd
[  189.191873][   T30] audit: type=1326 audit(2134217782.910:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.221071][   T30] audit: type=1326 audit(2134217782.910:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.244819][   T30] audit: type=1326 audit(2134217782.910:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.269387][   T30] audit: type=1326 audit(2134217782.910:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.292551][  T561] usb 1-1: Using ep0 maxpacket: 16
[  189.292931][   T30] audit: type=1326 audit(2134217782.910:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.320884][   T30] audit: type=1326 audit(2134217782.910:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.371637][   T30] audit: type=1326 audit(2134217782.910:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.425449][   T30] audit: type=1326 audit(2134217782.910:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3520 comm="syz.9.897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5831d46719 code=0x7ffc0000
[  189.457609][  T561] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.468481][  T561] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.478884][  T561] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  189.479115][ T3541] FAULT_INJECTION: forcing a failure.
[  189.479115][ T3541] name failslab, interval 1, probability 0, space 0, times 0
[  189.492036][  T561] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  189.503928][ T3541] CPU: 1 PID: 3541 Comm: syz.3.902 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  189.503959][ T3541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  189.513497][  T561] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.522630][ T3541] Call Trace:
[  189.522641][ T3541]  <TASK>
[  189.522660][ T3541]  dump_stack_lvl+0x151/0x1c0
[  189.550925][ T3541]  ? io_uring_drop_tctx_refs+0x190/0x190
[  189.556565][ T3541]  ? __kasan_check_write+0x14/0x20
[  189.561511][ T3541]  ? _raw_spin_lock_irqsave+0xf9/0x210
[  189.566801][ T3541]  dump_stack+0x15/0x20
[  189.570796][ T3541]  should_fail+0x3c6/0x510
[  189.575052][ T3541]  __should_failslab+0xa4/0xe0
[  189.579647][ T3541]  should_failslab+0x9/0x20
[  189.583987][ T3541]  slab_pre_alloc_hook+0x37/0xd0
[  189.588759][ T3541]  kmem_cache_alloc_trace+0x48/0x210
[  189.593889][ T3541]  ? h4_open+0x52/0x150
[  189.597876][ T3541]  h4_open+0x52/0x150
[  189.601691][ T3541]  hci_uart_tty_ioctl+0x846/0xa60
[  189.606552][ T3541]  ? hci_uart_tty_write+0x10/0x10
[  189.611413][ T3541]  tty_ioctl+0x93b/0xc90
[  189.615497][ T3541]  ? tty_get_icount+0xa0/0xa0
[  189.620007][ T3541]  __se_sys_ioctl+0x114/0x190
[  189.624517][ T3541]  __x64_sys_ioctl+0x7b/0x90
[  189.628946][ T3541]  x64_sys_call+0x98/0x9a0
[  189.633195][ T3541]  do_syscall_64+0x3b/0xb0
[  189.637449][ T3541]  ? clear_bhb_loop+0x35/0x90
[  189.641967][ T3541]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  189.647689][ T3541] RIP: 0033:0x7f57ab73d719
[  189.651945][ T3541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.671385][ T3541] RSP: 002b:00007f57aa3b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.679637][ T3541] RAX: ffffffffffffffda RBX: 00007f57ab8f4f80 RCX: 00007f57ab73d719
[  189.687440][ T3541] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  189.695253][ T3541] RBP: 00007f57aa3b6090 R08: 0000000000000000 R09: 0000000000000000
[  189.703244][ T3541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.711049][ T3541] R13: 0000000000000000 R14: 00007f57ab8f4f80 R15: 00007ffe25f78d28
[  189.718913][ T3541]  </TASK>
[  189.726440][  T561] usb 1-1: config 0 descriptor??
[  189.737660][   T42] hid (null): report_id 0 is invalid
[  189.743695][   T42] lenovo 0003:04B3:3108.0023: report_id 0 is invalid
[  189.757444][   T42] lenovo 0003:04B3:3108.0023: item 0 0 1 8 parsing failed
[  189.777595][   T42] lenovo 0003:04B3:3108.0023: hid_parse failed
[  189.783603][   T42] lenovo: probe of 0003:04B3:3108.0023 failed with error -22
[  189.969877][   T42] usb 3-1: USB disconnect, device number 17
[  190.429859][ T3565] loop3: detected capacity change from 0 to 1024
[  190.458874][  T561] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[  190.465979][  T561] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[  190.468104][ T3565] EXT4-fs (loop3): Ignoring removed orlov option
[  190.479246][ T3565] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  190.481506][  T561] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[  190.500070][  T561] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[  190.507277][  T561] microsoft 0003:045E:07DA.0024: unknown main item tag 0x0
[  190.522118][ T3565] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  190.548852][ T3565] EXT4-fs (loop3): shut down requested (1)
[  190.555442][ T3565] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  190.564187][ T3565] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  190.572957][ T3565] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop3 ino=15
[  190.583900][  T561] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.0024/input/input12
[  190.607586][ T3577] loop2: detected capacity change from 0 to 128
[  190.640092][ T3577] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  190.978637][  T561] microsoft 0003:045E:07DA.0024: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  190.984065][ T3577] attempt to access beyond end of device
[  190.984065][ T3577] loop2: rw=3, want=6952, limit=128
[  191.002191][ T3577] attempt to access beyond end of device
[  191.002191][ T3577] loop2: rw=2051, want=7894, limit=128
[  191.091509][ T3581] loop9: detected capacity change from 0 to 256
[  191.210043][ T3581] serio: Serial port ptm0
[  191.289846][ T3585] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  191.298210][ T3585] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  191.346965][   T42] usb 1-1: USB disconnect, device number 6
[  191.398227][ T3593] loop3: detected capacity change from 0 to 512
[  191.487685][ T3593] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  191.614259][ T3593] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038 (0x7fffffff)
[  191.668366][ T3600] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2 sclass=netlink_route_socket pid=3600 comm=syz.9.915
[  191.974360][ T2703] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  192.305689][ T3611] loop9: detected capacity change from 0 to 512
[  192.379026][ T3583] loop2: detected capacity change from 0 to 131072
[  192.885380][ T3583] F2FS-fs (loop2): Found nat_bits in checkpoint
[  192.949523][ T3583] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  193.081835][ T3631] loop0: detected capacity change from 0 to 128
[  193.105952][ T3637] netlink: 248 bytes leftover after parsing attributes in process `syz.3.929'.
[  193.181309][ T3631] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[  193.189125][ T3631] System zones: 1-3, 19-19, 35-36
[  193.234955][ T3631] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,,errors=continue. Quota mode: none.
[  193.246295][ T3631] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038 (0x7fffffff)
[  193.295266][ T3643] loop1: detected capacity change from 0 to 2048
[  193.929994][  T561] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  194.014908][   T30] kauditd_printk_skb: 168 callbacks suppressed
[  194.014924][   T30] audit: type=1400 audit(2134217788.080:1763): avc:  denied  { create } for  pid=3656 comm="syz.0.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  194.049201][   T30] audit: type=1400 audit(2134217788.120:1764): avc:  denied  { read write } for  pid=3656 comm="syz.0.933" name="fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  194.072372][   T30] audit: type=1400 audit(2134217788.120:1765): avc:  denied  { open } for  pid=3656 comm="syz.0.933" path="/dev/fuse" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  194.177440][  T561] usb 4-1: Using ep0 maxpacket: 16
[  194.249235][  T522] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  194.498512][ T3665] loop2: detected capacity change from 0 to 128
[  194.569403][ T3665] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  194.578779][   T30] audit: type=1400 audit(2134217788.650:1766): avc:  denied  { mount } for  pid=3664 comm="syz.2.935" name="/" dev="loop2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  194.607525][  T522] usb 2-1: Using ep0 maxpacket: 16
[  194.608519][ T3665] attempt to access beyond end of device
[  194.608519][ T3665] loop2: rw=3, want=6952, limit=128
[  194.623551][ T3665] attempt to access beyond end of device
[  194.623551][ T3665] loop2: rw=2051, want=7894, limit=128
[  194.641693][   T30] audit: type=1400 audit(2134217788.710:1767): avc:  denied  { unmount } for  pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  194.689526][   T30] audit: type=1400 audit(2134217788.760:1768): avc:  denied  { accept } for  pid=3666 comm="syz.2.936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  194.767532][  T561] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  194.776495][  T561] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.784507][  T561] usb 4-1: Product: syz
[  194.788640][  T561] usb 4-1: Manufacturer: syz
[  194.793072][  T561] usb 4-1: SerialNumber: syz
[  194.799092][  T561] r8152-cfgselector 4-1: config 0 descriptor??
[  194.818459][   T30] audit: type=1400 audit(2134217788.890:1769): avc:  denied  { setopt } for  pid=3666 comm="syz.2.936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  195.027513][  T522] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  195.042909][  T522] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.051110][  T522] usb 2-1: Product: syz
[  195.055107][  T522] usb 2-1: Manufacturer: syz
[  195.057527][  T561] r8152-cfgselector 4-1: Unknown version 0x0000
[  195.059757][  T522] usb 2-1: SerialNumber: syz
[  195.070203][   T30] audit: type=1400 audit(2134217789.140:1770): avc:  denied  { setopt } for  pid=3669 comm="syz.0.937" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  195.077551][  T561] r8152-cfgselector 4-1: Unknown version 0x0000
[  195.098253][  T561] r8152-cfgselector 4-1: bad CDC descriptors
[  195.105917][  T522] r8152-cfgselector 2-1: config 0 descriptor??
[  195.117502][  T561] r8152-cfgselector 4-1: Unknown version 0x0000
[  195.125000][  T561] r8152-cfgselector 4-1: USB disconnect, device number 7
[  195.191481][ T3678] netlink: 4 bytes leftover after parsing attributes in process `syz.9.939'.
[  195.425929][   T30] audit: type=1400 audit(2134217789.470:1771): avc:  denied  { unlink } for  pid=3679 comm="syz.9.940" name="#2f" dev="tmpfs" ino=453 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  195.471853][ T3643] UDC core: couldn't find an available UDC or it's busy: -16
[  195.479383][ T3643] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  195.510844][   T30] audit: type=1400 audit(2134217789.570:1772): avc:  denied  { create } for  pid=3642 comm="syz.1.931" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  195.707511][ T3687] FAULT_INJECTION: forcing a failure.
[  195.707511][ T3687] name failslab, interval 1, probability 0, space 0, times 0
[  195.720096][ T3687] CPU: 1 PID: 3687 Comm: syz.3.942 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  195.729966][ T3687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  195.739865][ T3687] Call Trace:
[  195.742986][ T3687]  <TASK>
[  195.745763][ T3687]  dump_stack_lvl+0x151/0x1c0
[  195.750278][ T3687]  ? io_uring_drop_tctx_refs+0x190/0x190
[  195.755745][ T3687]  ? memset+0x35/0x40
[  195.759564][ T3687]  ? number+0xb5a/0xf80
[  195.763553][ T3687]  dump_stack+0x15/0x20
[  195.767548][ T3687]  should_fail+0x3c6/0x510
[  195.771887][ T3687]  __should_failslab+0xa4/0xe0
[  195.776490][ T3687]  should_failslab+0x9/0x20
[  195.780829][ T3687]  slab_pre_alloc_hook+0x37/0xd0
[  195.785602][ T3687]  __kmalloc+0x6d/0x270
[  195.789596][ T3687]  ? alloc_workqueue+0x159/0x11b0
[  195.794976][ T3687]  alloc_workqueue+0x159/0x11b0
[  195.799660][ T3687]  ? ptr_to_hashval+0x60/0x60
[  195.804173][ T3687]  ? ida_alloc_range+0x9fd/0xa80
[  195.808948][ T3687]  ? snprintf+0xd6/0x120
[  195.813115][ T3687]  ? vsnprintf+0x1b89/0x1c70
[  195.817540][ T3687]  ? apply_workqueue_attrs_locked+0x1e0/0x1e0
[  195.823530][ T3687]  hci_register_dev+0x1a0/0x900
[  195.828215][ T3687]  hci_uart_tty_ioctl+0x8f8/0xa60
[  195.833078][ T3687]  ? hci_uart_tty_write+0x10/0x10
[  195.837938][ T3687]  tty_ioctl+0x93b/0xc90
[  195.842017][ T3687]  ? tty_get_icount+0xa0/0xa0
[  195.846533][ T3687]  __se_sys_ioctl+0x114/0x190
[  195.851042][ T3687]  __x64_sys_ioctl+0x7b/0x90
[  195.855467][ T3687]  x64_sys_call+0x98/0x9a0
[  195.859720][ T3687]  do_syscall_64+0x3b/0xb0
[  195.863975][ T3687]  ? clear_bhb_loop+0x35/0x90
[  195.868493][ T3687]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  195.874216][ T3687] RIP: 0033:0x7f57ab73d719
[  195.878479][ T3687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.897916][ T3687] RSP: 002b:00007f57aa3b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  195.906153][ T3687] RAX: ffffffffffffffda RBX: 00007f57ab8f4f80 RCX: 00007f57ab73d719
[  195.914195][ T3687] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  195.921951][ T3687] RBP: 00007f57aa3b6090 R08: 0000000000000000 R09: 0000000000000000
[  195.929761][ T3687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.937572][ T3687] R13: 0000000000000000 R14: 00007f57ab8f4f80 R15: 00007ffe25f78d28
[  195.945393][ T3687]  </TASK>
[  195.977488][  T522] r8152-cfgselector 2-1: Unknown version 0x0000
[  195.987640][ T3687] Bluetooth: Can't register HCI device
[  195.997653][  T522] r8152-cfgselector 2-1: Unknown version 0x0000
[  196.003779][  T522] r8152-cfgselector 2-1: bad CDC descriptors
[  196.047508][  T522] r8152-cfgselector 2-1: Unknown version 0x0000
[  196.061803][  T522] r8152-cfgselector 2-1: USB disconnect, device number 7
[  196.113682][ T3695] loop9: detected capacity change from 0 to 256
[  196.127543][  T466] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  196.228432][ T3703] loop0: detected capacity change from 0 to 2048
[  197.259940][ T3704] loop3: detected capacity change from 0 to 2048
[  197.322729][ T3704] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  197.337934][ T3703] Alternate GPT is invalid, using primary GPT.
[  197.343982][ T3703]  loop0: p1 p2 p3
[  197.371590][ T3695] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  197.389003][ T3704] EXT4-fs (loop3): can't mount with journal_async_commit, fs mounted w/o journal
[  197.398291][  T466] usb 3-1: Using ep0 maxpacket: 8
[  197.449240][ T3712] loop1: detected capacity change from 0 to 512
[  197.486052][  T402] udevd[402]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  197.497197][  T401] udevd[401]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  197.499342][  T316] udevd[316]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  197.567708][  T466] usb 3-1: config 1 has an invalid descriptor of length 241, skipping remainder of the config
[  197.579500][  T466] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  197.682271][  T466] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  197.828409][ T3712] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  197.841202][ T3712] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038 (0x7fffffff)
[  197.995564][ T3736] netlink: 248 bytes leftover after parsing attributes in process `syz.3.959'.
[  198.006129][  T466] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  198.015538][  T466] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.035038][ T3739] netlink: 28 bytes leftover after parsing attributes in process `syz.3.960'.
[  198.122005][  T466] usb 3-1: Product: syz
[  198.137452][  T466] usb 3-1: Manufacturer: syz
[  198.141879][  T466] usb 3-1: SerialNumber: syz
[  198.187907][  T466] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  198.200422][  T466] cdc_ncm 3-1:1.0: bind() failure
[  198.314063][  T377] Bluetooth: hci0: Frame reassembly failed (-84)
[  198.819446][ T3756] loop9: detected capacity change from 0 to 512
[  198.868530][ T3756] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  198.880215][ T3756] EXT4-fs (loop9): 1 truncate cleaned up
[  198.885692][ T3756] EXT4-fs (loop9): mounted filesystem without journal. Opts: nogrpid,resuid=0x000000000000ee01,resgid=0x0000000000000000,data=journal,nombcache,block_validity,,errors=continue. Quota mode: none.
[  198.963977][ T2349] EXT4-fs error (device loop9): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /85/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  198.985873][ T2349] EXT4-fs error (device loop9): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  199.006623][ T2349] EXT4-fs error (device loop9): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /85/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  199.028905][ T2349] EXT4-fs error (device loop9): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  199.048829][ T2349] EXT4-fs error (device loop9): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /85/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  199.070451][ T2349] EXT4-fs error (device loop9): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  199.090401][ T2349] EXT4-fs error (device loop9): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /85/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  199.112042][ T2349] EXT4-fs error (device loop9): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  199.132238][ T2349] EXT4-fs error (device loop9): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /85/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  199.153916][ T2349] EXT4-fs error (device loop9): ext4_empty_dir:3175: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  199.174975][  T294] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  199.472923][  T466] usb 3-1: USB disconnect, device number 18
[  199.657724][  T294] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  199.680276][  T294] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  199.689318][  T294] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  199.705728][   T30] kauditd_printk_skb: 74 callbacks suppressed
[  199.705745][   T30] audit: type=1400 audit(2134217793.770:1847): avc:  denied  { write } for  pid=3775 comm="syz.2.971" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  199.741376][   T30] audit: type=1400 audit(2134217793.810:1848): avc:  denied  { mounton } for  pid=3779 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  199.762974][   T30] audit: type=1400 audit(2134217793.810:1849): avc:  denied  { module_request } for  pid=3779 comm="syz-executor" kmod="netdev-nr6" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  199.798326][ T3779] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.805180][ T3779] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.812574][ T3779] device bridge_slave_0 entered promiscuous mode
[  199.819488][ T3779] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.826318][ T3779] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.833616][ T3779] device bridge_slave_1 entered promiscuous mode
[  199.887473][  T294] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  199.890328][ T3779] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.896643][  T294] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.903216][ T3779] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.903328][ T3779] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.911314][  T294] usb 2-1: Product: syz
[  199.918143][ T3779] bridge0: port 1(bridge_slave_0) entered forwarding state
[  199.925116][  T294] usb 2-1: Manufacturer: syz
[  199.940557][  T294] usb 2-1: SerialNumber: syz
[  199.956154][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  199.964177][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.972062][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.984091][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  199.992491][  T294] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  199.997778][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.999146][  T294] cdc_ncm 2-1:1.0: bind() failure
[  200.005955][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.023222][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  200.031337][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.038192][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.074356][ T3779] device veth0_vlan entered promiscuous mode
[  200.089320][ T3779] device veth1_macvtap entered promiscuous mode
[  200.103052][   T30] audit: type=1400 audit(2134217794.170:1850): avc:  denied  { write } for  pid=3783 comm="syz.0.974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  200.103333][ T3784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.974'.
[  200.133176][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  200.142358][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  200.168504][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  200.175935][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  200.183974][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  200.261375][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  200.270514][   T30] audit: type=1400 audit(2134217794.340:1851): avc:  denied  { read } for  pid=3759 comm="syz.1.966" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  200.270655][   T10] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  200.295086][   T30] audit: type=1400 audit(2134217794.340:1852): avc:  denied  { open } for  pid=3759 comm="syz.1.966" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  200.343613][  T466] usb 2-1: USB disconnect, device number 8
[  200.427306][   T30] audit: type=1326 audit(2134217794.450:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3785 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  200.496558][   T30] audit: type=1326 audit(2134217794.460:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3785 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  200.543993][   T30] audit: type=1326 audit(2134217794.460:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3785 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  200.561099][    T6] Bluetooth: hci0: command 0x1003 tx timeout
[  200.575615][  T340] Bluetooth: hci0: sending frame failed (-49)
[  200.600651][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  200.609388][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  200.626705][   T30] audit: type=1326 audit(2134217794.460:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3785 comm="syz.0.975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  200.728153][  T377] device bridge_slave_1 left promiscuous mode
[  200.734281][  T377] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.741946][  T377] device bridge_slave_0 left promiscuous mode
[  200.748180][  T377] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.756532][  T377] device veth1_macvtap left promiscuous mode
[  200.767706][ T3791] FAULT_INJECTION: forcing a failure.
[  200.767706][ T3791] name failslab, interval 1, probability 0, space 0, times 0
[  200.780768][ T3791] CPU: 1 PID: 3791 Comm: syz.2.976 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  200.790657][ T3791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  200.800550][ T3791] Call Trace:
[  200.803675][ T3791]  <TASK>
[  200.806455][ T3791]  dump_stack_lvl+0x151/0x1c0
[  200.810967][ T3791]  ? io_uring_drop_tctx_refs+0x190/0x190
[  200.816433][ T3791]  dump_stack+0x15/0x20
[  200.820423][ T3791]  should_fail+0x3c6/0x510
[  200.824681][ T3791]  __should_failslab+0xa4/0xe0
[  200.829281][ T3791]  should_failslab+0x9/0x20
[  200.833617][ T3791]  slab_pre_alloc_hook+0x37/0xd0
[  200.838391][ T3791]  kmem_cache_alloc_trace+0x48/0x210
[  200.843510][ T3791]  ? alloc_workqueue+0x1d3/0x11b0
[  200.848461][ T3791]  alloc_workqueue+0x1d3/0x11b0
[  200.853147][ T3791]  ? ptr_to_hashval+0x60/0x60
[  200.857661][ T3791]  ? snprintf+0xd6/0x120
[  200.861739][ T3791]  ? vsnprintf+0x1b89/0x1c70
[  200.866181][ T3791]  ? apply_workqueue_attrs_locked+0x1e0/0x1e0
[  200.872075][ T3791]  hci_register_dev+0x1a0/0x900
[  200.876757][ T3791]  hci_uart_tty_ioctl+0x8f8/0xa60
[  200.881616][ T3791]  ? hci_uart_tty_write+0x10/0x10
[  200.886478][ T3791]  tty_ioctl+0x93b/0xc90
[  200.890554][ T3791]  ? tty_get_icount+0xa0/0xa0
[  200.895074][ T3791]  __se_sys_ioctl+0x114/0x190
[  200.899583][ T3791]  __x64_sys_ioctl+0x7b/0x90
[  200.904198][ T3791]  x64_sys_call+0x98/0x9a0
[  200.908447][ T3791]  do_syscall_64+0x3b/0xb0
[  200.912701][ T3791]  ? clear_bhb_loop+0x35/0x90
[  200.917302][ T3791]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  200.920708][  T377] device veth0_vlan left promiscuous mode
[  200.923028][ T3791] RIP: 0033:0x7f284a216719
[  200.923051][ T3791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.952285][ T3791] RSP: 002b:00007f2848e8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  200.960521][ T3791] RAX: ffffffffffffffda RBX: 00007f284a3cdf80 RCX: 00007f284a216719
[  200.968332][ T3791] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  200.976230][ T3791] RBP: 00007f2848e8f090 R08: 0000000000000000 R09: 0000000000000000
[  200.984057][ T3791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.991856][ T3791] R13: 0000000000000000 R14: 00007f284a3cdf80 R15: 00007ffc0ced8168
[  200.999669][ T3791]  </TASK>
[  201.085514][ T3791] Bluetooth: Can't register HCI device
[  201.165227][ T3802] SELinux:  policydb magic number 0xdc9f7f8c does not match expected magic number 0xf97cff8c
[  201.177258][ T3802] SELinux: failed to load policy
[  203.129709][  T769] Bluetooth: hci2: sending frame failed (-49)
[  203.136355][    T6] Bluetooth: hci0: command 0x1001 tx timeout
[  203.142418][  T769] Bluetooth: hci0: sending frame failed (-49)
[  203.698112][ T3817] loop2: detected capacity change from 0 to 40427
[  203.767450][    T6] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  203.777892][ T3817] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  203.785629][ T3817] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  203.796090][ T3817] F2FS-fs (loop2): invalid crc value
[  203.805692][ T3817] F2FS-fs (loop2): Found nat_bits in checkpoint
[  203.837516][ T3817] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  203.844424][ T3817] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  204.044912][ T3828] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  204.059838][ T3828] netlink: 8 bytes leftover after parsing attributes in process `syz.6.986'.
[  204.157512][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.168403][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.178018][    T6] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  204.186784][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.195628][    T6] usb 1-1: config 0 descriptor??
[  204.337428][  T522] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  204.347536][  T294] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  204.577460][  T522] usb 7-1: Using ep0 maxpacket: 16
[  204.697488][  T522] usb 7-1: config 0 has an invalid descriptor of length 132, skipping remainder of the config
[  204.707666][  T294] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  204.717507][  T522] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  204.726433][  T294] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  204.735127][  T294] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  204.887547][  T522] usb 7-1: New USB device found, idVendor=067b, idProduct=aaa8, bcdDevice=c3.0c
[  204.896399][  T522] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.904340][  T522] usb 7-1: Product: syz
[  204.908361][  T294] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  204.917135][  T294] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.924985][  T522] usb 7-1: Manufacturer: syz
[  204.929428][  T522] usb 7-1: SerialNumber: syz
[  204.934365][  T294] usb 3-1: Product: syz
[  204.938356][  T294] usb 3-1: Manufacturer: syz
[  204.942758][  T294] usb 3-1: SerialNumber: syz
[  204.947704][  T522] usb 7-1: config 0 descriptor??
[  204.988513][  T294] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  204.995120][  T294] cdc_ncm 3-1:1.0: bind() failure
[  205.128021][    T6] hid-led 0003:27B8:01ED.0025: hidraw0: USB HID v0.00 Device [HID 27b8:01ed] on usb-dummy_hcd.0-1/input0
[  205.140280][    T6] hid-led 0003:27B8:01ED.0025: ThingM blink(1) v1 initialized
[  205.167476][    T6] Bluetooth: hci0: command 0x1009 tx timeout
[  205.173367][    T6] Bluetooth: hci2: command 0x1003 tx timeout
[  205.179264][  T769] Bluetooth: hci2: sending frame failed (-49)
[  205.246027][    T6] usb 3-1: USB disconnect, device number 19
[  205.252099][  T294] usb 7-1: USB disconnect, device number 11
[  205.329928][  T561] usb 1-1: USB disconnect, device number 7
[  205.767206][ T3837] loop6: detected capacity change from 0 to 128
[  205.788352][   T30] kauditd_printk_skb: 54 callbacks suppressed
[  205.788370][   T30] audit: type=1326 audit(2134217799.860:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.817717][   T30] audit: type=1326 audit(2134217799.860:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.851435][ T3837] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  205.867504][   T30] audit: type=1326 audit(2134217799.870:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.907967][   T30] audit: type=1326 audit(2134217799.890:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.920907][ T3837] attempt to access beyond end of device
[  205.920907][ T3837] loop6: rw=3, want=6952, limit=128
[  205.938588][   T30] audit: type=1326 audit(2134217799.890:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.972006][   T30] audit: type=1326 audit(2134217799.910:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  205.980998][ T3837] attempt to access beyond end of device
[  205.980998][ T3837] loop6: rw=2051, want=7894, limit=128
[  205.995807][   T30] audit: type=1326 audit(2134217799.910:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  206.098121][   T30] audit: type=1326 audit(2134217799.910:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f284a216753 code=0x7ffc0000
[  206.121848][   T30] audit: type=1326 audit(2134217800.110:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f284a2151ff code=0x7ffc0000
[  206.153763][   T30] audit: type=1326 audit(2134217800.220:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3838 comm="syz.2.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f284a2167a7 code=0x7ffc0000
[  206.177513][ T3839] loop2: detected capacity change from 0 to 40427
[  206.188425][ T3849] netlink: 4 bytes leftover after parsing attributes in process `syz.6.994'.
[  206.222877][ T3839] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 1)
[  206.428642][ T3839] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  207.194220][ T3859] loop2: detected capacity change from 0 to 512
[  207.218537][ T3859] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  207.232636][ T3859] EXT4-fs warning (device loop2): ext4_multi_mount_protect:326: fsck is running on the filesystem
[  207.243404][ T3859] EXT4-fs warning (device loop2): ext4_multi_mount_protect:326: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  207.262137][  T561] Bluetooth: hci2: command 0x1001 tx timeout
[  207.268279][  T769] Bluetooth: hci2: sending frame failed (-49)
[  207.276232][ T3862] FAULT_INJECTION: forcing a failure.
[  207.276232][ T3862] name failslab, interval 1, probability 0, space 0, times 0
[  207.288752][ T3862] CPU: 1 PID: 3862 Comm: syz.0.998 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  207.298560][ T3862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  207.308449][ T3862] Call Trace:
[  207.311572][ T3862]  <TASK>
[  207.314358][ T3862]  dump_stack_lvl+0x151/0x1c0
[  207.318863][ T3862]  ? io_uring_drop_tctx_refs+0x190/0x190
[  207.324341][ T3862]  dump_stack+0x15/0x20
[  207.328331][ T3862]  should_fail+0x3c6/0x510
[  207.332606][ T3862]  __should_failslab+0xa4/0xe0
[  207.337178][ T3862]  should_failslab+0x9/0x20
[  207.341515][ T3862]  slab_pre_alloc_hook+0x37/0xd0
[  207.346287][ T3862]  kmem_cache_alloc_trace+0x48/0x210
[  207.351410][ T3862]  ? alloc_workqueue+0x1d3/0x11b0
[  207.356268][ T3862]  alloc_workqueue+0x1d3/0x11b0
[  207.360956][ T3862]  ? ptr_to_hashval+0x60/0x60
[  207.365470][ T3862]  ? snprintf+0xd6/0x120
[  207.369556][ T3862]  ? vsnprintf+0x1b89/0x1c70
[  207.373977][ T3862]  ? apply_workqueue_attrs_locked+0x1e0/0x1e0
[  207.379880][ T3862]  hci_register_dev+0x1a0/0x900
[  207.384569][ T3862]  hci_uart_tty_ioctl+0x8f8/0xa60
[  207.389430][ T3862]  ? hci_uart_tty_write+0x10/0x10
[  207.394287][ T3862]  tty_ioctl+0x93b/0xc90
[  207.398366][ T3862]  ? tty_get_icount+0xa0/0xa0
[  207.402878][ T3862]  __se_sys_ioctl+0x114/0x190
[  207.407398][ T3862]  __x64_sys_ioctl+0x7b/0x90
[  207.411817][ T3862]  x64_sys_call+0x98/0x9a0
[  207.416069][ T3862]  do_syscall_64+0x3b/0xb0
[  207.420320][ T3862]  ? clear_bhb_loop+0x35/0x90
[  207.424834][ T3862]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  207.430588][ T3862] RIP: 0033:0x7fbe6127d719
[  207.434814][ T3862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.454259][ T3862] RSP: 002b:00007fbe5fef6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  207.462501][ T3862] RAX: ffffffffffffffda RBX: 00007fbe61434f80 RCX: 00007fbe6127d719
[  207.470337][ T3862] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  207.478126][ T3862] RBP: 00007fbe5fef6090 R08: 0000000000000000 R09: 0000000000000000
[  207.485936][ T3862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.493751][ T3862] R13: 0000000000000000 R14: 00007fbe61434f80 R15: 00007ffd098e84f8
[  207.501572][ T3862]  </TASK>
[  207.535290][ T3862] Bluetooth: Can't register HCI device
[  207.636908][ T3869] loop0: detected capacity change from 0 to 512
[  207.890106][ T3869] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #3: comm syz.0.1000: corrupted inode contents
[  207.902047][ T3869] EXT4-fs error (device loop0): ext4_dirty_inode:6038: inode #3: comm syz.0.1000: mark_inode_dirty error
[  207.913702][ T3869] EXT4-fs error (device loop0): ext4_do_update_inode:5205: inode #3: comm syz.0.1000: corrupted inode contents
[  207.925517][ T3869] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #3: comm syz.0.1000: mark_inode_dirty error
[  207.937028][ T3869] EXT4-fs error (device loop0): ext4_acquire_dquot:6187: comm syz.0.1000: Failed to acquire dquot type 0
[  207.949326][ T3869] EXT4-fs (loop0): 1 orphan inode deleted
[  207.954860][ T3869] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  207.965942][ T3869] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038 (0x7fffffff)
[  208.095919][ T3877] loop0: detected capacity change from 0 to 16
[  208.177808][ T3877] erofs: (device loop0): mounted with root inode @ nid 36.
[  208.185465][ T3877] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=46
[  208.194542][ T3877] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=46
[  208.402207][ T1380] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  208.622464][ T3884] loop6: detected capacity change from 0 to 128
[  208.659417][ T3884] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  208.688615][ T3884] attempt to access beyond end of device
[  208.688615][ T3884] loop6: rw=3, want=6952, limit=128
[  208.699590][ T3884] attempt to access beyond end of device
[  208.699590][ T3884] loop6: rw=2051, want=7894, limit=128
[  208.777477][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.793426][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.810261][ T1380] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  208.824494][ T1380] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.837710][ T1380] usb 3-1: config 0 descriptor??
[  208.880492][ T3889] capability: warning: `syz.6.1006' uses deprecated v2 capabilities in a way that may be insecure
[  209.327718][  T294] Bluetooth: hci2: command 0x1009 tx timeout
[  209.378806][ T1380] hid (null): bogus close delimiter
[  209.587473][ T1380] usb 3-1: language id specifier not provided by device, defaulting to English
[  210.035880][ T1380] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0026/input/input13
[  210.934709][   T30] kauditd_printk_skb: 82 callbacks suppressed
[  210.937478][   T30] audit: type=1326 audit(2134217804.960:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  210.967837][  T769] Bluetooth: hci0: sending frame failed (-49)
[  211.210625][   T30] audit: type=1326 audit(2134217804.960:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.239321][ T1380] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0026/input/input14
[  211.251502][   T30] audit: type=1326 audit(2134217804.960:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.279680][ T3916] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1014'.
[  211.290639][ T1380] uclogic 0003:256C:006D.0026: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  211.290668][   T30] audit: type=1326 audit(2134217804.960:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.304808][ T1380] usb 3-1: USB disconnect, device number 20
[  211.326066][   T30] audit: type=1326 audit(2134217804.960:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.354590][   T30] audit: type=1326 audit(2134217804.960:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.398843][   T30] audit: type=1326 audit(2134217804.960:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.422295][   T30] audit: type=1326 audit(2134217804.960:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.445973][   T30] audit: type=1326 audit(2134217804.960:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.469434][   T30] audit: type=1326 audit(2134217804.960:2010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3904 comm="syz.0.1011" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbe6127d719 code=0x7ffc0000
[  211.667476][  T294] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  211.802400][ T3925] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1017'.
[  211.937426][  T294] usb 1-1: Using ep0 maxpacket: 32
[  212.017468][  T294] usb 1-1: unable to get BOS descriptor or descriptor too short
[  212.097466][  T294] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.107431][  T294] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  212.117031][  T294] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 959
[  212.197426][ T1380] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  212.288729][  T294] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  212.297651][  T294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.305393][  T294] usb 1-1: Product: syz
[  212.309445][  T294] usb 1-1: Manufacturer: syz
[  212.313805][  T294] usb 1-1: SerialNumber: syz
[  212.557468][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.568506][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  212.578203][ T1380] usb 3-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  212.587117][ T1380] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.595584][ T1380] usb 3-1: config 0 descriptor??
[  212.600452][  T294] cdc_ncm 1-1:1.0: bind() failure
[  212.606261][  T294] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  212.612968][  T294] cdc_ncm 1-1:1.1: bind() failure
[  212.620133][  T294] usb 1-1: USB disconnect, device number 8
[  213.007654][  T294] Bluetooth: hci0: command 0x1003 tx timeout
[  213.013542][  T769] Bluetooth: hci0: sending frame failed (-49)
[  213.131179][ T1380] hid (null): report_id 0 is invalid
[  213.137797][ T1380] lenovo 0003:04B3:3108.0027: report_id 0 is invalid
[  213.144306][ T1380] lenovo 0003:04B3:3108.0027: item 0 0 1 8 parsing failed
[  213.151677][ T1380] lenovo 0003:04B3:3108.0027: hid_parse failed
[  213.157820][ T1380] lenovo: probe of 0003:04B3:3108.0027 failed with error -22
[  213.174316][ T3942] loop6: detected capacity change from 0 to 256
[  213.215737][ T3942] exfat: Unknown parameter 'Tn ý�•Öd(¶	ñÿw{017777777777777777777770xffffffffffffffffÅÂ´'
[  213.456069][  T522] usb 3-1: USB disconnect, device number 21
[  213.480057][ T3942] loop6: detected capacity change from 0 to 1024
[  213.529382][ T3942] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  213.544113][ T3942] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  213.559098][ T3942] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 23 with max blocks 1 with error 28
[  213.571325][ T3942] EXT4-fs (loop6): This should not happen!! Data will be lost
[  213.571325][ T3942] 
[  213.581018][ T3942] EXT4-fs (loop6): Total free blocks count 0
[  213.586916][ T3942] EXT4-fs (loop6): Free/Dirty block details
[  213.592709][ T3942] EXT4-fs (loop6): free_blocks=68451041280
[  213.598514][ T3942] EXT4-fs (loop6): dirty_blocks=32
[  213.603487][ T3942] EXT4-fs (loop6): Block reservation details
[  213.609364][ T3942] EXT4-fs (loop6): i_reserved_data_blocks=2
[  213.892057][ T3951] loop1: detected capacity change from 0 to 512
[  213.971005][ T3951] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1025: bg 0: block 393: padding at end of block bitmap is not set
[  213.990592][ T3951] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6185: Corrupt filesystem
[  213.999716][ T3951] EXT4-fs (loop1): 2 truncates cleaned up
[  214.005327][ T3951] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  214.027042][ T3953] FAULT_INJECTION: forcing a failure.
[  214.027042][ T3953] name failslab, interval 1, probability 0, space 0, times 0
[  214.040649][ T3953] CPU: 1 PID: 3953 Comm: syz.0.1026 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  214.050652][ T3953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  214.060546][ T3953] Call Trace:
[  214.063669][ T3953]  <TASK>
[  214.066446][ T3953]  dump_stack_lvl+0x151/0x1c0
[  214.070970][ T3953]  ? io_uring_drop_tctx_refs+0x190/0x190
[  214.076430][ T3953]  dump_stack+0x15/0x20
[  214.080421][ T3953]  should_fail+0x3c6/0x510
[  214.084671][ T3953]  __should_failslab+0xa4/0xe0
[  214.089272][ T3953]  should_failslab+0x9/0x20
[  214.093612][ T3953]  slab_pre_alloc_hook+0x37/0xd0
[  214.098386][ T3953]  kmem_cache_alloc_trace+0x48/0x210
[  214.103519][ T3953]  ? apply_wqattrs_prepare+0x95/0x10b0
[  214.108799][ T3953]  apply_wqattrs_prepare+0x95/0x10b0
[  214.113921][ T3953]  ? __kasan_check_write+0x14/0x20
[  214.118868][ T3953]  ? mutex_lock+0xb6/0x1e0
[  214.123120][ T3953]  ? wait_for_completion_killable_timeout+0x10/0x10
[  214.129542][ T3953]  apply_workqueue_attrs_locked+0xd1/0x1e0
[  214.135186][ T3953]  alloc_workqueue+0xcfd/0x11b0
[  214.139957][ T3953]  ? ptr_to_hashval+0x60/0x60
[  214.144474][ T3953]  ? snprintf+0xd6/0x120
[  214.148551][ T3953]  ? vsnprintf+0x1b89/0x1c70
[  214.152974][ T3953]  ? apply_workqueue_attrs_locked+0x1e0/0x1e0
[  214.158883][ T3953]  hci_register_dev+0x1a0/0x900
[  214.163570][ T3953]  hci_uart_tty_ioctl+0x8f8/0xa60
[  214.168425][ T3953]  ? hci_uart_tty_write+0x10/0x10
[  214.173288][ T3953]  tty_ioctl+0x93b/0xc90
[  214.177369][ T3953]  ? tty_get_icount+0xa0/0xa0
[  214.181879][ T3953]  __se_sys_ioctl+0x114/0x190
[  214.186394][ T3953]  __x64_sys_ioctl+0x7b/0x90
[  214.190823][ T3953]  x64_sys_call+0x98/0x9a0
[  214.195069][ T3953]  do_syscall_64+0x3b/0xb0
[  214.199322][ T3953]  ? clear_bhb_loop+0x35/0x90
[  214.203835][ T3953]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  214.209567][ T3953] RIP: 0033:0x7fbe6127d719
[  214.213819][ T3953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.233259][ T3953] RSP: 002b:00007fbe5fef6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  214.241502][ T3953] RAX: ffffffffffffffda RBX: 00007fbe61434f80 RCX: 00007fbe6127d719
[  214.249315][ T3953] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  214.257147][ T3953] RBP: 00007fbe5fef6090 R08: 0000000000000000 R09: 0000000000000000
[  214.265201][ T3953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.273013][ T3953] R13: 0000000000000000 R14: 00007fbe61434f80 R15: 00007ffd098e84f8
[  214.280825][ T3953]  </TASK>
[  214.291451][ T3953] Bluetooth: Can't register HCI device
[  214.648399][  T377] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  214.665602][  T377] EXT4-fs (loop6): This should not happen!! Data will be lost
[  214.665602][  T377] 
[  214.781015][ T3975] loop0: detected capacity change from 0 to 1024
[  214.798128][ T3975] EXT4-fs (loop0): Ignoring removed bh option
[  214.804064][ T3975] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  214.837047][ T3975] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  214.986014][ T3990] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  214.993837][ T3990] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  215.011558][  T377] tipc: Left network mode
[  215.087455][  T708] Bluetooth: hci0: command 0x1001 tx timeout
[  215.093381][  T340] Bluetooth: hci0: sending frame failed (-49)
[  215.115319][  T561] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  215.158642][ T3995] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.165486][ T3995] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.172915][ T3995] device bridge_slave_0 entered promiscuous mode
[  215.182804][ T3995] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.189903][ T3995] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.201568][ T3995] device bridge_slave_1 entered promiscuous mode
[  215.471815][   T60] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  215.518260][ T3995] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.525112][ T3995] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.532258][ T3995] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.539225][ T3995] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.562935][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  215.571154][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.578767][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.590049][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  215.597926][  T561] usb 7-1: Using ep0 maxpacket: 16
[  215.598180][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.609684][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.619181][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  215.627170][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.634032][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.650477][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  215.659467][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  215.675286][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  215.689900][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  215.698018][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  215.705250][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  215.713871][  T377] device bridge_slave_1 left promiscuous mode
[  215.720021][  T377] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.727559][  T377] device bridge_slave_0 left promiscuous mode
[  215.733617][  T377] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.741573][  T377] device veth1_macvtap left promiscuous mode
[  215.747454][  T377] device veth0_vlan left promiscuous mode
[  215.812998][ T3995] device veth0_vlan entered promiscuous mode
[  215.824089][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  215.833233][ T3995] device veth1_macvtap entered promiscuous mode
[  215.843356][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  215.851742][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  215.862513][   T60] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.866136][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  215.872300][   T60] usb 2-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  215.889298][   T60] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.897896][  T561] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  215.906839][  T561] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.915210][  T561] usb 7-1: Product: syz
[  215.919364][  T561] usb 7-1: Manufacturer: syz
[  215.923769][  T561] usb 7-1: SerialNumber: syz
[  215.929613][   T60] usb 2-1: config 0 descriptor??
[  215.935405][  T561] r8152-cfgselector 7-1: config 0 descriptor??
[  215.954518][   T30] kauditd_printk_skb: 71 callbacks suppressed
[  215.954534][   T30] audit: type=1400 audit(2134217810.020:2082): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/root/syzkaller.DSCQcE/syz-tmp" dev="sda1" ino=1968 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  215.983833][ T4003] loop2: detected capacity change from 0 to 128
[  215.985345][   T30] audit: type=1400 audit(2134217810.020:2083): avc:  denied  { mount } for  pid=3995 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  216.013229][   T30] audit: type=1400 audit(2134217810.020:2084): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/root/syzkaller.DSCQcE/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  216.039789][   T30] audit: type=1400 audit(2134217810.020:2085): avc:  denied  { mount } for  pid=3995 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  216.062183][   T30] audit: type=1400 audit(2134217810.020:2086): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/root/syzkaller.DSCQcE/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  216.089172][   T30] audit: type=1400 audit(2134217810.020:2087): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/root/syzkaller.DSCQcE/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=32243 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  216.117176][   T30] audit: type=1400 audit(2134217810.020:2088): avc:  denied  { unmount } for  pid=3995 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  216.137639][   T30] audit: type=1400 audit(2134217810.070:2089): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=514 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  216.160760][   T30] audit: type=1400 audit(2134217810.070:2090): avc:  denied  { mount } for  pid=3995 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  216.187403][   T30] audit: type=1400 audit(2134217810.070:2091): avc:  denied  { mounton } for  pid=3995 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  216.238147][ T4003] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  216.267465][  T561] r8152-cfgselector 7-1: Unknown version 0x0000
[  216.287815][  T561] r8152-cfgselector 7-1: Unknown version 0x0000
[  216.294007][  T561] r8152-cfgselector 7-1: bad CDC descriptors
[  216.318170][ T4003] attempt to access beyond end of device
[  216.318170][ T4003] loop2: rw=3, want=6952, limit=128
[  216.329023][  T561] r8152-cfgselector 7-1: Unknown version 0x0000
[  216.340824][ T4003] attempt to access beyond end of device
[  216.340824][ T4003] loop2: rw=2051, want=7894, limit=128
[  216.352271][  T561] r8152-cfgselector 7-1: USB disconnect, device number 12
[  216.399769][ T4009] loop4: detected capacity change from 0 to 512
[  216.416078][ T4014] loop2: detected capacity change from 0 to 512
[  216.437647][   T60] hid (null): report_id 0 is invalid
[  216.443724][   T60] lenovo 0003:04B3:3108.0028: report_id 0 is invalid
[  216.450306][   T60] lenovo 0003:04B3:3108.0028: item 0 0 1 8 parsing failed
[  216.457285][   T60] lenovo 0003:04B3:3108.0028: hid_parse failed
[  216.463766][   T60] lenovo: probe of 0003:04B3:3108.0028 failed with error -22
[  216.469352][ T4014] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  216.482095][ T4014] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038 (0x7fffffff)
[  216.650575][  T561] usb 2-1: USB disconnect, device number 9
[  216.684875][ T4021] loop2: detected capacity change from 0 to 256
[  216.691537][ T4021] FAT-fs (loop2): Unrecognized mount option "!6f²X4�Åó>5 4ß4"åÛþ@al" or missing value
[  216.759498][ T4024] loop4: detected capacity change from 0 to 256
[  216.977534][  T522] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  217.167540][  T312] Bluetooth: hci0: command 0x1009 tx timeout
[  217.207420][   T60] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  217.337487][  T522] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 216, changing to 11
[  217.348604][  T522] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 42210, setting to 1024
[  217.359634][  T522] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  217.372304][  T522] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  217.381410][  T522] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.390157][  T522] usb 3-1: config 0 descriptor??
[  217.408831][ T4021] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  217.514987][ T4036] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1052'.
[  217.597477][   T60] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.607761][   T60] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  217.616485][   T60] usb 7-1: config 1 has no interface number 0
[  217.622757][   T60] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.633792][   T60] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  217.643063][   T60] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  217.654595][   T60] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  217.894889][  T522] plantronics 0003:047F:FFFF.0029: No inputs registered, leaving
[  217.961438][  T522] plantronics 0003:047F:FFFF.0029: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  218.047617][   T60] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  218.056584][   T60] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.064559][   T60] usb 7-1: Product: syz
[  218.068959][   T60] usb 7-1: Manufacturer: syz
[  218.073758][   T60] usb 7-1: SerialNumber: syz
[  218.164493][  T312] usb 3-1: USB disconnect, device number 22
[  218.254098][ T4061] loop1: detected capacity change from 0 to 1024
[  218.318559][ T4061] EXT4-fs (loop1): Ignoring removed bh option
[  218.324555][ T4061] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  218.338731][ T4061] EXT4-fs (loop1): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  219.068322][   T60] cdc_ncm 7-1:1.1: bind() failure
[  219.072440][ T4070] loop1: detected capacity change from 0 to 40427
[  219.092597][ T4078] FAULT_INJECTION: forcing a failure.
[  219.092597][ T4078] name failslab, interval 1, probability 0, space 0, times 0
[  219.105157][ T4078] CPU: 1 PID: 4078 Comm: syz.2.1064 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  219.115135][ T4078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  219.125030][ T4078] Call Trace:
[  219.128157][ T4078]  <TASK>
[  219.130927][ T4078]  dump_stack_lvl+0x151/0x1c0
[  219.135568][ T4078]  ? io_uring_drop_tctx_refs+0x190/0x190
[  219.141024][ T4078]  dump_stack+0x15/0x20
[  219.145013][ T4078]  should_fail+0x3c6/0x510
[  219.149289][ T4078]  __should_failslab+0xa4/0xe0
[  219.153867][ T4078]  ? vm_area_dup+0x26/0x230
[  219.158206][ T4078]  should_failslab+0x9/0x20
[  219.162717][ T4078]  slab_pre_alloc_hook+0x37/0xd0
[  219.167492][ T4078]  ? vm_area_dup+0x26/0x230
[  219.171832][ T4078]  kmem_cache_alloc+0x44/0x200
[  219.176444][ T4078]  vm_area_dup+0x26/0x230
[  219.180599][ T4078]  copy_vma+0x3b9/0x6f0
[  219.184592][ T4078]  ? rcu_gp_kthread_wake+0x90/0x90
[  219.189543][ T4078]  move_vma+0x409/0xc30
[  219.193532][ T4078]  ? vma_to_resize+0x550/0x550
[  219.198129][ T4078]  ? selinux_mmap_addr+0xbe/0xe0
[  219.202903][ T4078]  ? security_mmap_addr+0x72/0x90
[  219.207767][ T4078]  ? get_unmapped_area+0x31d/0x380
[  219.212712][ T4078]  __se_sys_mremap+0x1070/0x1380
[  219.217487][ T4078]  ? __x64_sys_mremap+0xd0/0xd0
[  219.222173][ T4078]  ? ksys_write+0x260/0x2c0
[  219.226514][ T4078]  ? debug_smp_processor_id+0x17/0x20
[  219.231727][ T4078]  __x64_sys_mremap+0xbf/0xd0
[  219.236234][ T4078]  x64_sys_call+0xd7/0x9a0
[  219.240498][ T4078]  do_syscall_64+0x3b/0xb0
[  219.244735][ T4078]  ? clear_bhb_loop+0x35/0x90
[  219.249253][ T4078]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  219.254978][ T4078] RIP: 0033:0x7f284a216719
[  219.259251][ T4078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.278680][ T4078] RSP: 002b:00007f2848e6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  219.286919][ T4078] RAX: ffffffffffffffda RBX: 00007f284a3ce058 RCX: 00007f284a216719
[  219.294726][ T4078] RDX: 0000000000002000 RSI: 00000000006aa000 RDI: 0000000020638000
[  219.300817][   T60] usb 7-1: USB disconnect, device number 13
[  219.302543][ T4078] RBP: 00007f2848e6e090 R08: 00000000205c0000 R09: 0000000000000000
[  219.316083][ T4078] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  219.323894][ T4078] R13: 0000000000000000 R14: 00007f284a3ce058 R15: 00007ffc0ced8168
[  219.331711][ T4078]  </TASK>
[  219.348328][ T4070] F2FS-fs (loop1): Invalid segment/section count (31, 24 x 1)
[  219.355626][ T4070] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  219.412837][ T4084] input: syz0 as /devices/virtual/input/input15
[  219.652090][  T522] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  219.981377][ T4097] FAULT_INJECTION: forcing a failure.
[  219.981377][ T4097] name failslab, interval 1, probability 0, space 0, times 0
[  219.994088][ T4097] CPU: 1 PID: 4097 Comm: syz.1.1071 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  220.004082][ T4097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  220.013964][ T4097] Call Trace:
[  220.017090][ T4097]  <TASK>
[  220.019867][ T4097]  dump_stack_lvl+0x151/0x1c0
[  220.024377][ T4097]  ? io_uring_drop_tctx_refs+0x190/0x190
[  220.029935][ T4097]  dump_stack+0x15/0x20
[  220.033924][ T4097]  should_fail+0x3c6/0x510
[  220.038183][ T4097]  __should_failslab+0xa4/0xe0
[  220.042777][ T4097]  should_failslab+0x9/0x20
[  220.047118][ T4097]  slab_pre_alloc_hook+0x37/0xd0
[  220.051889][ T4097]  kmem_cache_alloc_trace+0x48/0x210
[  220.057008][ T4097]  ? apply_wqattrs_prepare+0x13a/0x10b0
[  220.062402][ T4097]  apply_wqattrs_prepare+0x13a/0x10b0
[  220.067601][ T4097]  ? __kasan_check_write+0x14/0x20
[  220.072549][ T4097]  ? mutex_lock+0xb6/0x1e0
[  220.076809][ T4097]  apply_workqueue_attrs_locked+0xd1/0x1e0
[  220.082438][ T4097]  alloc_workqueue+0xcfd/0x11b0
[  220.087123][ T4097]  ? ptr_to_hashval+0x60/0x60
[  220.091639][ T4097]  ? snprintf+0xd6/0x120
[  220.095724][ T4097]  ? vsnprintf+0x1b89/0x1c70
[  220.100152][ T4097]  ? apply_workqueue_attrs_locked+0x1e0/0x1e0
[  220.106045][ T4097]  hci_register_dev+0x1a0/0x900
[  220.110734][ T4097]  hci_uart_tty_ioctl+0x8f8/0xa60
[  220.115590][ T4097]  ? hci_uart_tty_write+0x10/0x10
[  220.120458][ T4097]  tty_ioctl+0x93b/0xc90
[  220.124532][ T4097]  ? tty_get_icount+0xa0/0xa0
[  220.129043][ T4097]  __se_sys_ioctl+0x114/0x190
[  220.133556][ T4097]  __x64_sys_ioctl+0x7b/0x90
[  220.137986][ T4097]  x64_sys_call+0x98/0x9a0
[  220.142234][ T4097]  do_syscall_64+0x3b/0xb0
[  220.146489][ T4097]  ? clear_bhb_loop+0x35/0x90
[  220.151005][ T4097]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  220.156729][ T4097] RIP: 0033:0x7fca7a223719
[  220.160993][ T4097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.180515][ T4097] RSP: 002b:00007fca78e9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  220.188755][ T4097] RAX: ffffffffffffffda RBX: 00007fca7a3daf80 RCX: 00007fca7a223719
[  220.196568][ T4097] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  220.204378][ T4097] RBP: 00007fca78e9c090 R08: 0000000000000000 R09: 0000000000000000
[  220.212209][ T4097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.220003][ T4097] R13: 0000000000000000 R14: 00007fca7a3daf80 R15: 00007ffc015aa898
[  220.227821][ T4097]  </TASK>
[  220.231374][ T4097] Bluetooth: Can't register HCI device
[  220.248226][  T522] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.264191][  T522] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.284026][  T522] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  220.301278][  T522] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.311972][  T522] usb 3-1: config 0 descriptor??
[  220.460062][ T4111] loop4: detected capacity change from 0 to 16
[  220.488665][ T4111] erofs: (device loop4): mounted with root inode @ nid 36.
[  220.527464][  T561] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  221.217711][   T30] kauditd_printk_skb: 231 callbacks suppressed
[  221.217799][   T30] audit: type=1400 audit(2134217815.250:2323): avc:  denied  { block_suspend } for  pid=4079 comm="syz.2.1065" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  221.420014][ T4121] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1079'.
[  221.432430][ T4123] loop4: detected capacity change from 0 to 512
[  221.457702][  T522] usbhid 3-1:0.0: can't add hid device: -71
[  221.463630][  T522] usbhid: probe of 3-1:0.0 failed with error -71
[  221.478014][  T522] usb 3-1: USB disconnect, device number 23
[  221.502022][ T4123] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  221.512947][ T4127] loop2: detected capacity change from 0 to 1024
[  221.531155][ T4127] EXT4-fs (loop2): Ignoring removed bh option
[  221.539218][ T4127] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  221.551292][ T4123] EXT4-fs error (device loop4): ext4_fill_super:4831: inode #2: comm syz.4.1078: iget: bad i_size value: -1
[  221.577501][ T4123] EXT4-fs (loop4): get root inode failed
[  221.583062][ T4123] EXT4-fs (loop4): mount failed
[  221.588308][ T4127] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  221.667498][  T561] usb 7-1: config index 0 descriptor too short (expected 3133, got 61)
[  221.683990][  T561] usb 7-1: config 0 has an invalid interface number: 156 but max is 1
[  221.714275][  T561] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  221.755275][  T561] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  221.788148][  T561] usb 7-1: config 0 has no interface number 0
[  221.794070][  T561] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  221.840569][ T4125] loop3: detected capacity change from 0 to 40427
[  221.847597][  T561] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  221.857317][  T561] usb 7-1: config 0 interface 156 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  221.870429][  T561] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  221.879604][  T561] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.900840][ T4125] F2FS-fs (loop3): Invalid segment/section count (31 != 24 * 1)
[  221.916188][ T4125] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  221.931818][   T30] audit: type=1400 audit(2134217816.000:2324): avc:  denied  { create } for  pid=4135 comm="syz.2.1083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  222.009635][ T4125] F2FS-fs (loop3): invalid crc value
[  222.023516][ T4147] loop2: detected capacity change from 0 to 256
[  222.031525][ T4125] F2FS-fs (loop3): Found nat_bits in checkpoint
[  222.078354][ T4147] FAT-fs (loop2): bogus number of FAT sectors
[  222.086356][ T4147] FAT-fs (loop2): Can't find a valid FAT filesystem
[  222.096874][ T4125] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  222.103983][ T4125] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  222.115860][  T561] usb 7-1: config 0 descriptor??
[  222.158278][  T561] usb 7-1: MIDIStreaming interface descriptor not found
[  222.182678][  T294] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  222.366222][   T30] audit: type=1400 audit(2134217816.430:2325): avc:  denied  { unmount } for  pid=4146 comm="syz.2.1085" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  222.552396][ T4159] attempt to access beyond end of device
[  222.552396][ T4159] loop3: rw=2049, want=53256, limit=40427
[  222.605335][   T30] audit: type=1400 audit(2134217816.620:2326): avc:  denied  { create } for  pid=4124 comm="syz.3.1080" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=lnk_file permissive=1
[  222.643732][  T522] usb 7-1: USB disconnect, device number 14
[  222.708573][  T294] usb 5-1: Using ep0 maxpacket: 16
[  222.797610][ T2703] attempt to access beyond end of device
[  222.797610][ T2703] loop3: rw=2049, want=45104, limit=40427
[  222.850154][   T30] audit: type=1400 audit(2134217816.920:2327): avc:  denied  { write } for  pid=4162 comm="syz.2.1088" name="001" dev="devtmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  222.933015][   T30] audit: type=1400 audit(2134217817.000:2328): avc:  denied  { write } for  pid=4164 comm="syz.3.1089" name="ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  222.955921][   T30] audit: type=1400 audit(2134217817.000:2329): avc:  denied  { create } for  pid=4164 comm="syz.3.1089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  222.978733][ T4167] 9pnet: Insufficient options for proto=fd
[  222.999745][   T30] audit: type=1400 audit(2134217817.000:2330): avc:  denied  { setopt } for  pid=4164 comm="syz.3.1089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  223.022361][   T30] audit: type=1400 audit(2134217817.000:2331): avc:  denied  { append } for  pid=4164 comm="syz.3.1089" name="ppp" dev="devtmpfs" ino=150 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  223.045344][   T30] audit: type=1400 audit(2134217817.000:2332): avc:  denied  { ioctl } for  pid=4164 comm="syz.3.1089" path="socket:[32615]" dev="sockfs" ino=32615 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  223.087555][  T294] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  223.100760][  T294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.119920][  T294] usb 5-1: Product: syz
[  223.123980][  T294] usb 5-1: Manufacturer: syz
[  223.136545][  T294] usb 5-1: SerialNumber: syz
[  223.143675][ T4181] loop3: detected capacity change from 0 to 1024
[  223.146726][  T294] r8152-cfgselector 5-1: config 0 descriptor??
[  223.157412][ T1380] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  223.208603][ T4181] EXT4-fs (loop3): Ignoring removed bh option
[  223.217934][ T4181] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  223.265241][ T4181] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  223.427473][  T294] r8152-cfgselector 5-1: Unknown version 0x0000
[  223.447587][  T294] r8152-cfgselector 5-1: Unknown version 0x0000
[  223.453762][  T294] r8152-cfgselector 5-1: bad CDC descriptors
[  223.477547][  T294] r8152-cfgselector 5-1: Unknown version 0x0000
[  223.490142][  T294] r8152-cfgselector 5-1: USB disconnect, device number 16
[  223.517518][ T1380] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  223.534648][ T1380] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  223.637480][ T1380] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  223.652083][ T1380] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  223.675102][ T1380] usb 3-1: SerialNumber: syz
[  223.687405][    T6] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  223.930138][ T4163] UDC core: couldn't find an available UDC or it's busy: -16
[  223.944615][ T4194] loop4: detected capacity change from 0 to 256
[  223.949844][ T4163] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  224.008430][ T1380] usb 3-1: 0:2 : does not exist
[  224.013304][ T1380] usb 3-1: unit 5: unexpected type 0x09
[  224.019106][ T4194] FAT-fs (loop4): Unrecognized mount option "K ‡³hcheck=strict" or missing value
[  224.037964][ T1380] usb 3-1: USB disconnect, device number 24
[  224.060552][  T402] udevd[402]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[  224.077639][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.096863][    T6] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  224.105789][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.136147][    T6] usb 4-1: config 0 descriptor??
[  224.143887][ T4202] FAULT_INJECTION: forcing a failure.
[  224.143887][ T4202] name failslab, interval 1, probability 0, space 0, times 0
[  224.159114][ T4202] CPU: 1 PID: 4202 Comm: syz.1.1098 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  224.169203][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  224.179099][ T4202] Call Trace:
[  224.182214][ T4202]  <TASK>
[  224.184992][ T4202]  dump_stack_lvl+0x151/0x1c0
[  224.189507][ T4202]  ? io_uring_drop_tctx_refs+0x190/0x190
[  224.195325][ T4202]  dump_stack+0x15/0x20
[  224.199409][ T4202]  should_fail+0x3c6/0x510
[  224.203657][ T4202]  __should_failslab+0xa4/0xe0
[  224.208255][ T4202]  ? anon_vma_clone+0x9a/0x500
[  224.212856][ T4202]  should_failslab+0x9/0x20
[  224.217281][ T4202]  slab_pre_alloc_hook+0x37/0xd0
[  224.222055][ T4202]  ? anon_vma_clone+0x9a/0x500
[  224.226670][ T4202]  kmem_cache_alloc+0x44/0x200
[  224.231253][ T4202]  anon_vma_clone+0x9a/0x500
[  224.235685][ T4202]  __split_vma+0x194/0x470
[  224.239944][ T4202]  __do_munmap+0x3a5/0x1a90
[  224.244273][ T4202]  ? do_mprotect_pkey+0xb20/0xb20
[  224.249133][ T4202]  ? copy_vma+0x672/0x6f0
[  224.253299][ T4202]  do_munmap+0x30/0x40
[  224.257205][ T4202]  move_vma+0x86a/0xc30
[  224.261209][ T4202]  ? vma_to_resize+0x550/0x550
[  224.265801][ T4202]  ? selinux_mmap_addr+0xbe/0xe0
[  224.270572][ T4202]  ? security_mmap_addr+0x72/0x90
[  224.275430][ T4202]  ? get_unmapped_area+0x31d/0x380
[  224.280377][ T4202]  __se_sys_mremap+0x1070/0x1380
[  224.285155][ T4202]  ? __x64_sys_mremap+0xd0/0xd0
[  224.289840][ T4202]  ? ksys_write+0x260/0x2c0
[  224.294185][ T4202]  ? debug_smp_processor_id+0x17/0x20
[  224.299397][ T4202]  __x64_sys_mremap+0xbf/0xd0
[  224.303899][ T4202]  x64_sys_call+0xd7/0x9a0
[  224.308150][ T4202]  do_syscall_64+0x3b/0xb0
[  224.312402][ T4202]  ? clear_bhb_loop+0x35/0x90
[  224.316929][ T4202]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  224.322652][ T4202] RIP: 0033:0x7fca7a223719
[  224.326902][ T4202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  224.346342][ T4202] RSP: 002b:00007fca78e7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  224.354584][ T4202] RAX: ffffffffffffffda RBX: 00007fca7a3db058 RCX: 00007fca7a223719
[  224.362396][ T4202] RDX: 0000000000002000 RSI: 00000000006aa000 RDI: 0000000020638000
[  224.370299][ T4202] RBP: 00007fca78e7b090 R08: 00000000205c0000 R09: 0000000000000000
[  224.378106][ T4202] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  224.385916][ T4202] R13: 0000000000000000 R14: 00007fca7a3db058 R15: 00007ffc015aa898
[  224.393734][ T4202]  </TASK>
[  224.830563][ T4222] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1104'.
[  224.875453][    T6] lenovo 0003:17EF:6047.002A: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[  224.899415][ T4224] loop1: detected capacity change from 0 to 2048
[  224.937453][  T312] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  224.978961][ T4224] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  225.125495][  T377] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  225.140302][  T377] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  225.152635][  T377] EXT4-fs (loop1): This should not happen!! Data will be lost
[  225.152635][  T377] 
[  225.162073][  T377] EXT4-fs (loop1): Total free blocks count 0
[  225.168015][  T377] EXT4-fs (loop1): Free/Dirty block details
[  225.173752][  T377] EXT4-fs (loop1): free_blocks=2415919104
[  225.179370][  T377] EXT4-fs (loop1): dirty_blocks=8192
[  225.184432][  T377] EXT4-fs (loop1): Block reservation details
[  225.190272][  T377] EXT4-fs (loop1): i_reserved_data_blocks=512
[  225.197413][  T312] usb 5-1: Using ep0 maxpacket: 32
[  225.208480][   T10] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  225.221157][   T10] EXT4-fs (loop1): This should not happen!! Data will be lost
[  225.221157][   T10] 
[  225.317475][  T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  225.328573][  T312] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  225.346471][  T312] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  225.355510][  T312] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.378657][  T312] usb 5-1: config 0 descriptor??
[  225.397450][ T4208] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  225.418007][  T312] hub 5-1:0.0: USB hub found
[  225.637503][  T312] hub 5-1:0.0: 2 ports detected
[  225.642280][   T60] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  225.657468][    T6] lenovo 0003:17EF:6047.002A: Sensitivity setting failed: -71
[  225.666230][    T6] usb 4-1: USB disconnect, device number 8
[  225.727407][  T708] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  225.917488][   T60] usb 2-1: Using ep0 maxpacket: 16
[  226.127537][  T708] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  226.137545][  T708] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  226.146130][  T708] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.257517][   T60] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  226.266578][   T60] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.274467][   T60] usb 2-1: Product: syz
[  226.278631][   T60] usb 2-1: Manufacturer: syz
[  226.283041][   T60] usb 2-1: SerialNumber: syz
[  226.312577][   T60] r8152-cfgselector 2-1: config 0 descriptor??
[  226.318676][  T708] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  226.327731][  T708] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.335522][  T708] usb 7-1: Product: syz
[  226.339567][  T708] usb 7-1: Manufacturer: syz
[  226.343946][  T708] usb 7-1: SerialNumber: syz
[  226.537917][  T522] usb 5-1: USB disconnect, device number 17
[  226.731620][  T708] cdc_ncm 7-1:1.0: CDC Union missing and no IAD found
[  226.738320][  T708] cdc_ncm 7-1:1.0: bind() failure
[  226.771418][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  226.771436][   T30] audit: type=1400 audit(2134217820.840:2337): avc:  denied  { read } for  pid=4241 comm="syz.6.1110" name="loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  226.801942][   T30] audit: type=1400 audit(2134217820.840:2338): avc:  denied  { open } for  pid=4241 comm="syz.6.1110" path="/dev/loop-control" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  226.827816][  T708] usb 7-1: USB disconnect, device number 15
[  227.035442][ T4260] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1115'.
[  227.044439][   T60] r8152-cfgselector 2-1: Unknown version 0x5870
[  227.052143][   T60] r8152-cfgselector 2-1: bad CDC descriptors
[  227.146063][  T522] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  227.164175][ T4264] loop2: detected capacity change from 0 to 1024
[  227.460731][   T60] r8152-cfgselector 2-1: Unknown version 0x0000
[  227.467461][   T60] r8152-cfgselector 2-1: USB disconnect, device number 10
[  227.483654][ T4264] EXT4-fs (loop2): Test dummy encryption mode enabled
[  227.491414][ T4264] EXT4-fs (loop2): Ignoring removed orlov option
[  227.498041][ T4264] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  227.509350][ T4264] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000009,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,grpjquota=./bus,data_err=abort,,errors=continue. Quota mode: writeback.
[  227.556252][ T4264] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  227.647482][  T522] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.658319][  T522] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.667996][  T522] usb 5-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  227.676860][  T522] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.685294][  T522] usb 5-1: config 0 descriptor??
[  227.694037][ T4272] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1118'.
[  228.152276][ T4278] loop1: detected capacity change from 0 to 16
[  228.178751][ T4278] erofs: (device loop1): mounted with root inode @ nid 36.
[  228.186431][ T4278] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=46
[  228.195512][ T4278] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=46
[  228.369303][  T522] hid (null): report_id 0 is invalid
[  228.399990][   T30] audit: type=1400 audit(2134217822.470:2339): avc:  denied  { bind } for  pid=4277 comm="syz.1.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  228.429018][  T522] lenovo 0003:04B3:3108.002B: report_id 0 is invalid
[  228.448577][  T522] lenovo 0003:04B3:3108.002B: item 0 0 1 8 parsing failed
[  228.550548][  T522] lenovo 0003:04B3:3108.002B: hid_parse failed
[  228.607633][  T522] lenovo: probe of 0003:04B3:3108.002B failed with error -22
[  228.632429][  T522] usb 5-1: USB disconnect, device number 18
[  228.654119][ T4276] loop3: detected capacity change from 0 to 40427
[  228.673204][ T4276] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  228.680707][ T4276] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  228.713795][ T4276] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  228.740818][ T4276] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  228.747969][ T4276] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  228.977453][ T1380] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  229.038084][ T2703] attempt to access beyond end of device
[  229.038084][ T2703] loop3: rw=2049, want=45104, limit=40427
[  229.165590][ T4302] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1126'.
[  229.182087][ T4304] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1123'.
[  229.203433][   T30] audit: type=1400 audit(2134217823.270:2340): avc:  denied  { create } for  pid=4305 comm="syz.3.1128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.237230][   T30] audit: type=1400 audit(2134217823.300:2341): avc:  denied  { write } for  pid=4305 comm="syz.3.1128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  229.289296][   T30] audit: type=1326 audit(2134217823.330:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.1.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca7a223719 code=0x7ffc0000
[  229.313906][   T30] audit: type=1326 audit(2134217823.330:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.1.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca7a223719 code=0x7ffc0000
[  229.340608][   T30] audit: type=1326 audit(2134217823.330:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.1.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca7a223719 code=0x7ffc0000
[  229.384502][   T30] audit: type=1326 audit(2134217823.330:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.1.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca7a223719 code=0x7ffc0000
[  229.427460][   T30] audit: type=1326 audit(2134217823.330:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4298 comm="syz.1.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca7a223719 code=0x7ffc0000
[  229.427486][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  229.471089][ T1380] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.480962][ T1380] usb 3-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.02
[  229.520031][ T1380] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.535208][ T1380] usb 3-1: config 0 descriptor??
[  229.621371][ T4316] loop6: detected capacity change from 0 to 512
[  229.677429][  T522] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  229.707853][ T4316] EXT4-fs (loop6): Unrecognized mount option "subj_role=" or missing value
[  229.797693][ T4316] loop6: detected capacity change from 0 to 128
[  229.803999][ T4316] FAT-fs (loop6): Unrecognized mount option "Ä2¶ûtname=winnt" or missing value
[  229.987419][  T522] usb 4-1: device descriptor read/64, error -71
[  230.018521][ T1380] sony 0003:1345:3008.002C: unknown main item tag 0x0
[  230.025264][ T1380] sony 0003:1345:3008.002C: unknown main item tag 0x0
[  230.032147][ T1380] sony 0003:1345:3008.002C: unknown main item tag 0x0
[  230.038995][ T1380] sony 0003:1345:3008.002C: unknown main item tag 0x0
[  230.045726][ T1380] sony 0003:1345:3008.002C: unknown main item tag 0x0
[  230.061467][ T1380] sony 0003:1345:3008.002C: hiddev96,hidraw0: USB HID v80.00 Device [HID 1345:3008] on usb-dummy_hcd.2-1/input0
[  230.073245][ T1380] sony 0003:1345:3008.002C: failed to claim input
[  230.407541][  T522] usb 4-1: device descriptor read/64, error -71
[  230.466912][    T6] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  230.474817][  T708] usb 3-1: USB disconnect, device number 25
[  230.677417][  T522] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  230.847467][    T6] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  230.857485][    T6] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  230.866169][    T6] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  230.947412][  T522] usb 4-1: device descriptor read/64, error -71
[  231.005670][ T4334] loop2: detected capacity change from 0 to 40427
[  231.028068][ T4334] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  231.036049][ T4334] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  231.046130][ T4338] loop6: detected capacity change from 0 to 128
[  231.048903][ T4334] F2FS-fs (loop2): invalid crc value
[  231.063223][ T4334] F2FS-fs (loop2): Found nat_bits in checkpoint
[  231.077535][    T6] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  231.086586][    T6] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.102349][    T6] usb 2-1: Product: syz
[  231.111853][    T6] usb 2-1: Manufacturer: syz
[  231.116615][    T6] usb 2-1: SerialNumber: syz
[  231.116767][ T4338] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  231.131909][ T4334] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  231.137634][ T4338] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038 (0x7fffffff)
[  231.139005][ T4334] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  231.163971][ T4338] fscrypt: loop6: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  231.177885][ T4338] fscrypt: loop6: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  231.178490][    T6] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  231.215378][    T6] cdc_ncm 2-1:1.0: bind() failure
[  231.347494][ T4352] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1142'.
[  231.393405][  T522] usb 4-1: device descriptor read/64, error -71
[  231.453088][ T4355] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1143'.
[  231.517530][  T522] usb usb4-port1: attempt power cycle
[  231.536407][    T6] usb 2-1: USB disconnect, device number 11
[  232.242899][  T522] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  232.251954][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  232.272950][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  232.272965][   T30] audit: type=1400 audit(2134217826.340:2370): avc:  denied  { read } for  pid=4367 comm="syz.4.1146" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  232.304501][   T10] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  232.309383][ T4368] binder: BINDER_SET_CONTEXT_MGR already set
[  232.327480][ T4368] binder: 4367:4368 ioctl 4018620d 20000100 returned -16
[  232.332539][   T30] audit: type=1400 audit(2134217826.340:2371): avc:  denied  { open } for  pid=4367 comm="syz.4.1146" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  232.338080][ T4368] binder: 4367:4368 ioctl c018620c 20000040 returned -1
[  232.375718][   T30] audit: type=1400 audit(2134217826.380:2372): avc:  denied  { ioctl } for  pid=4367 comm="syz.4.1146" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  232.408190][   T30] audit: type=1400 audit(2134217826.380:2373): avc:  denied  { set_context_mgr } for  pid=4367 comm="syz.4.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  232.458862][  T466] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  232.653239][ T4390] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1154'.
[  232.692652][ T4392] loop4: detected capacity change from 0 to 1024
[  232.747997][  T522] usb 4-1: device not accepting address 11, error -71
[  232.765541][ T4392] EXT4-fs (loop4): Ignoring removed bh option
[  232.771837][ T4392] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  232.835559][ T4392] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  232.867471][  T466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.868227][   T30] audit: type=1326 audit(2134217826.930:2374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  232.882968][  T466] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.901632][  T312] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  232.947862][  T466] usb 2-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  232.957466][  T466] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.967168][  T466] usb 2-1: config 0 descriptor??
[  232.974560][   T30] audit: type=1326 audit(2134217826.930:2375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  232.998272][   T30] audit: type=1326 audit(2134217826.950:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  232.999363][ T4399] loop2: detected capacity change from 0 to 128
[  233.022747][   T30] audit: type=1326 audit(2134217826.950:2377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  233.051153][   T30] audit: type=1326 audit(2134217826.950:2378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  233.074678][   T30] audit: type=1326 audit(2134217826.990:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4393 comm="syz.2.1156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  233.156558][ T4399] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  233.199789][ T4399] attempt to access beyond end of device
[  233.199789][ T4399] loop2: rw=3, want=6952, limit=128
[  233.210623][ T4399] attempt to access beyond end of device
[  233.210623][ T4399] loop2: rw=2051, want=7894, limit=128
[  233.378657][  T312] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.389694][  T312] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.399447][  T312] usb 7-1: New USB device found, idVendor=056a, idProduct=0093, bcdDevice= 0.00
[  233.408387][  T312] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.439963][  T312] usb 7-1: config 0 descriptor??
[  233.457426][   T60] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  233.597477][  T466] hid (null): report_id 0 is invalid
[  234.291215][  T466] lenovo 0003:04B3:3108.002D: report_id 0 is invalid
[  234.353000][  T466] lenovo 0003:04B3:3108.002D: item 0 0 1 8 parsing failed
[  234.377627][  T466] lenovo 0003:04B3:3108.002D: hid_parse failed
[  234.383641][  T466] lenovo: probe of 0003:04B3:3108.002D failed with error -22
[  234.399149][  T466] usb 2-1: USB disconnect, device number 12
[  234.423561][   T60] usb 5-1: device descriptor read/64, error -71
[  234.576563][ T4388] loop6: detected capacity change from 0 to 40427
[  234.629031][ T4388] F2FS-fs (loop6): Invalid SB checksum offset: 0
[  234.635367][ T4388] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  234.698353][ T4388] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  234.758282][ T4388] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[  234.765200][ T4388] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  234.817414][   T60] usb 5-1: device descriptor read/64, error -71
[  234.905039][ T4388] attempt to access beyond end of device
[  234.905039][ T4388] loop6: rw=2049, want=53256, limit=40427
[  234.931832][ T4429] loop2: detected capacity change from 0 to 40427
[  234.940070][ T4388] attempt to access beyond end of device
[  234.940070][ T4388] loop6: rw=2049, want=53264, limit=40427
[  234.953032][ T4388] attempt to access beyond end of device
[  234.953032][ T4388] loop6: rw=2049, want=53392, limit=40427
[  234.971393][ T4429] F2FS-fs (loop2): Invalid segment/section count (31 != 24 * 1)
[  235.012939][ T4429] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  235.217663][ T4429] F2FS-fs (loop2): invalid crc value
[  235.237539][   T60] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  235.248167][ T4441] loop1: detected capacity change from 0 to 512
[  235.256796][  T312] usbhid 7-1:0.0: can't add hid device: -71
[  235.269422][ T4447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1170'.
[  235.271661][  T312] usbhid: probe of 7-1:0.0 failed with error -71
[  235.287300][ T4429] F2FS-fs (loop2): Found nat_bits in checkpoint
[  235.295328][  T312] usb 7-1: USB disconnect, device number 16
[  235.329524][ T4441] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #16: comm syz.1.1168: iget: bad extended attribute block 128
[  235.330250][ T4429] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  235.349002][ T4429] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  235.349018][ T4441] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.1168: couldn't read orphan inode 16 (err -117)
[  235.368935][ T4441] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  235.380015][ T4441] ext4 filesystem being mounted at /74/file1 supports timestamps until 2038 (0x7fffffff)
[  235.554231][ T4455] attempt to access beyond end of device
[  235.554231][ T4455] loop2: rw=2049, want=53256, limit=40427
[  235.579557][   T60] usb 5-1: device descriptor read/64, error -71
[  235.597460][  T522] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  235.741285][  T292] attempt to access beyond end of device
[  235.741285][  T292] loop2: rw=2049, want=45104, limit=40427
[  235.753581][ T3779] attempt to access beyond end of device
[  235.753581][ T3779] loop6: rw=2049, want=45104, limit=40427
[  236.203518][ T4459] loop1: detected capacity change from 0 to 2048
[  236.238051][ T4459] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  236.293623][ T4459] EXT4-fs (loop1): can't mount with journal_async_commit, fs mounted w/o journal
[  236.378113][ T4475] FAULT_INJECTION: forcing a failure.
[  236.378113][ T4475] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  236.391394][ T4475] CPU: 0 PID: 4475 Comm: syz.6.1176 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  236.401368][ T4475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  236.411261][ T4475] Call Trace:
[  236.414389][ T4475]  <TASK>
[  236.417164][ T4475]  dump_stack_lvl+0x151/0x1c0
[  236.421679][ T4475]  ? io_uring_drop_tctx_refs+0x190/0x190
[  236.427143][ T4475]  ? debug_smp_processor_id+0x17/0x20
[  236.432355][ T4475]  dump_stack+0x15/0x20
[  236.436345][ T4475]  should_fail+0x3c6/0x510
[  236.440598][ T4475]  should_fail_usercopy+0x1a/0x20
[  236.445455][ T4475]  _copy_to_user+0x20/0x90
[  236.449713][ T4475]  simple_read_from_buffer+0xc7/0x150
[  236.454918][ T4475]  proc_fail_nth_read+0x1a3/0x210
[  236.459781][ T4475]  ? proc_fault_inject_write+0x390/0x390
[  236.465247][ T4475]  ? fsnotify_perm+0x269/0x5b0
[  236.469850][ T4475]  ? security_file_permission+0x86/0xb0
[  236.475226][ T4475]  ? proc_fault_inject_write+0x390/0x390
[  236.480694][ T4475]  vfs_read+0x27d/0xd40
[  236.484688][ T4475]  ? kernel_read+0x1f0/0x1f0
[  236.489112][ T4475]  ? __kasan_check_write+0x14/0x20
[  236.494062][ T4475]  ? mutex_lock+0xb6/0x1e0
[  236.498318][ T4475]  ? wait_for_completion_killable_timeout+0x10/0x10
[  236.504737][ T4475]  ? __fdget_pos+0x2e7/0x3a0
[  236.509168][ T4475]  ? ksys_read+0x77/0x2c0
[  236.513329][ T4475]  ksys_read+0x199/0x2c0
[  236.517411][ T4475]  ? vfs_write+0x1110/0x1110
[  236.521842][ T4475]  ? __kasan_check_write+0x14/0x20
[  236.526783][ T4475]  ? switch_fpu_return+0x15f/0x2e0
[  236.531743][ T4475]  __x64_sys_read+0x7b/0x90
[  236.536071][ T4475]  x64_sys_call+0x28/0x9a0
[  236.540322][ T4475]  do_syscall_64+0x3b/0xb0
[  236.544573][ T4475]  ? clear_bhb_loop+0x35/0x90
[  236.549089][ T4475]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  236.554819][ T4475] RIP: 0033:0x7f704e40115c
[  236.559071][ T4475] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  236.578509][ T4475] RSP: 002b:00007f704d05a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  236.586758][ T4475] RAX: ffffffffffffffda RBX: 00007f704e5ba058 RCX: 00007f704e40115c
[  236.594569][ T4475] RDX: 000000000000000f RSI: 00007f704d05a0a0 RDI: 0000000000000005
[  236.602380][ T4475] RBP: 00007f704d05a090 R08: 0000000000000000 R09: 0000000000000000
[  236.610193][ T4475] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000002
[  236.618001][ T4475] R13: 0000000000000000 R14: 00007f704e5ba058 R15: 00007ffc8a94ac38
[  236.625819][ T4475]  </TASK>
[  236.648525][  T522] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.665710][  T522] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.684611][  T522] usb 4-1: New USB device found, idVendor=056a, idProduct=037e, bcdDevice=6c.75
[  236.701833][  T522] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.718264][  T522] usb 4-1: config 0 descriptor??
[  236.787472][  T863] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  236.800579][ T4482] syz.1.1180[4482] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  236.800661][ T4482] syz.1.1180[4482] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  236.922957][ T4480] loop6: detected capacity change from 0 to 40427
[  237.017756][ T4480] F2FS-fs (loop6): Invalid segment/section count (31 != 24 * 1)
[  237.025336][ T4480] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  237.034694][ T4480] F2FS-fs (loop6): invalid crc value
[  237.041329][ T4480] F2FS-fs (loop6): Found nat_bits in checkpoint
[  237.073517][ T4480] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  237.080511][ T4480] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  237.177472][  T863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.188291][  T863] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.198161][  T863] usb 3-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  237.207115][  T863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.399358][ T4449] UDC core: couldn't find an available UDC or it's busy: -16
[  237.445476][ T4449] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  237.483849][  T863] usb 3-1: config 0 descriptor??
[  237.497892][ T4449] UDC core: couldn't find an available UDC or it's busy: -16
[  237.505260][ T4449] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  237.521442][ T4449] loop3: detected capacity change from 0 to 512
[  237.651221][ T4495] loop1: detected capacity change from 0 to 512
[  237.716447][ T4495] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  237.728031][ T4495] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038 (0x7fffffff)
[  238.117785][  T863] hid (null): report_id 0 is invalid
[  238.126389][  T863] lenovo 0003:04B3:3108.002E: report_id 0 is invalid
[  238.133368][  T863] lenovo 0003:04B3:3108.002E: item 0 0 1 8 parsing failed
[  238.140737][  T863] lenovo 0003:04B3:3108.002E: hid_parse failed
[  238.146810][  T863] lenovo: probe of 0003:04B3:3108.002E failed with error -22
[  238.323809][  T466] usb 3-1: USB disconnect, device number 26
[  238.598906][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  238.598925][   T30] audit: type=1400 audit(2134217832.670:2409): avc:  denied  { getopt } for  pid=4522 comm="syz.6.1190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  238.627431][  T863] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  238.664682][ T4515] loop4: detected capacity change from 0 to 40427
[  238.759627][ T4515] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  238.767302][ T4515] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  238.780973][ T4515] F2FS-fs (loop4): Found nat_bits in checkpoint
[  238.814319][ T4515] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  238.821434][ T4515] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  238.832369][ T4515] fscrypt (loop4, inode 3): Error -61 getting encryption context
[  238.859284][ T4531] loop2: detected capacity change from 0 to 256
[  238.887414][  T466] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  238.917509][  T863] usb 2-1: no configurations
[  238.922012][  T863] usb 2-1: can't read configurations, error -22
[  238.939926][ T4531] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1191'.
[  238.951534][   T30] audit: type=1326 audit(2134217833.020:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  238.975283][   T30] audit: type=1326 audit(2134217833.020:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.005373][   T30] audit: type=1326 audit(2134217833.020:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.028851][   T30] audit: type=1326 audit(2134217833.020:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.052467][   T30] audit: type=1326 audit(2134217833.020:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.075732][   T30] audit: type=1326 audit(2134217833.040:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.103985][  T863] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  239.111898][   T30] audit: type=1326 audit(2134217833.040:2416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.172984][   T30] audit: type=1326 audit(2134217833.040:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f284a216719 code=0x7ffc0000
[  239.216823][   T30] audit: type=1326 audit(2134217833.040:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4530 comm="syz.2.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f284a2150b0 code=0x7ffc0000
[  239.237510][  T522] usbhid 4-1:0.0: can't add hid device: -71
[  239.245980][  T522] usbhid: probe of 4-1:0.0 failed with error -71
[  239.253427][  T522] usb 4-1: USB disconnect, device number 13
[  239.337652][  T466] usb 7-1: config index 0 descriptor too short (expected 3133, got 61)
[  240.154614][  T466] usb 7-1: config 0 has an invalid interface number: 156 but max is 1
[  240.163590][  T466] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  240.173605][  T466] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[  240.182296][  T466] usb 7-1: config 0 has no interface number 0
[  240.188669][  T466] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  240.198516][  T466] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  240.209359][  T466] usb 7-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  240.219084][  T466] usb 7-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  240.232195][  T466] usb 7-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  240.241109][  T466] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.288588][  T466] usb 7-1: config 0 descriptor??
[  240.414062][  T357] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  240.468750][  T466] usb 7-1: MIDIStreaming interface descriptor not found
[  240.507975][ T4551] loop3: detected capacity change from 0 to 128
[  240.528148][ T4551] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  240.537511][  T863] usb 2-1: no configurations
[  240.541942][  T863] usb 2-1: can't read configurations, error -22
[  240.555016][  T863] usb usb2-port1: attempt power cycle
[  240.561623][ T4551] attempt to access beyond end of device
[  240.561623][ T4551] loop3: rw=3, want=6952, limit=128
[  240.573292][ T4551] attempt to access beyond end of device
[  240.573292][ T4551] loop3: rw=2051, want=7894, limit=128
[  240.622658][ T4557] incfs: Can't find or create .index dir in ./file0
[  240.637659][ T4557] incfs: mount failed -14
[  240.667617][  T357] usb 5-1: Using ep0 maxpacket: 8
[  240.685267][  T312] usb 7-1: USB disconnect, device number 17
[  240.738534][ T4561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1203'.
[  240.824264][  T357] usb 5-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  240.833252][  T357] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.842519][  T357] usb 5-1: config 0 descriptor??
[  240.850946][ T4567] loop3: detected capacity change from 0 to 512
[  241.000975][ T4569] loop2: detected capacity change from 0 to 1024
[  241.040985][ T4567] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  241.053740][ T4567] EXT4-fs warning (device loop3): ext4_multi_mount_protect:326: fsck is running on the filesystem
[  241.066244][ T4567] EXT4-fs warning (device loop3): ext4_multi_mount_protect:326: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  241.137450][  T357] usb 5-1: string descriptor 0 read error: -71
[  241.143576][  T357] usb 5-1: Found UVC 0.00 device <unnamed> (2833:0201)
[  241.151422][ T4569] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,bsdgroups,resuid=0x0000000000000000,noblock_validity,minixdf,errors=remount-ro,journal_ioprio=0x0000000000000006,data_err=abort,. Quota mode: writeback.
[  241.174035][  T357] usb 5-1: No valid video chain found.
[  241.181333][  T357] usb 5-1: USB disconnect, device number 21
[  241.197406][  T863] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  241.327893][  T863] usb 2-1: no configurations
[  241.332413][  T863] usb 2-1: can't read configurations, error -22
[  242.535920][ T4592] netlink: 'syz.4.1208': attribute type 22 has an invalid length.
[  242.601313][ T4596] loop4: detected capacity change from 0 to 128
[  242.611401][ T4596] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  242.631871][ T4596] attempt to access beyond end of device
[  242.631871][ T4596] loop4: rw=3, want=6952, limit=128
[  242.642695][ T4596] attempt to access beyond end of device
[  242.642695][ T4596] loop4: rw=2051, want=7894, limit=128
[  242.875345][ T4607] loop3: detected capacity change from 0 to 1024
[  242.886033][ T4607] EXT4-fs (loop3): Ignoring removed bh option
[  242.892493][ T4607] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  242.985486][ T4607] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,noblock_validity,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,max_batch_time=0x0000000000000002,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  243.326533][ T4591] loop6: detected capacity change from 0 to 40427
[  244.313329][ T4632] loop3: detected capacity change from 0 to 128
[  244.327412][  T357] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  244.341072][ T4632] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  244.425263][ T4632] attempt to access beyond end of device
[  244.425263][ T4632] loop3: rw=3, want=6952, limit=128
[  244.435888][ T4632] attempt to access beyond end of device
[  244.435888][ T4632] loop3: rw=2051, want=7894, limit=128
[  244.557545][  T466] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  244.727944][  T357] usb 2-1: config 0 has no interfaces?
[  244.907480][  T357] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  244.916454][  T357] usb 2-1: New USB device strings: Mfr=210, Product=154, SerialNumber=3
[  244.924731][  T357] usb 2-1: Product: syz
[  244.929084][  T357] usb 2-1: Manufacturer: syz
[  244.933555][  T357] usb 2-1: SerialNumber: syz
[  244.938281][  T466] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  244.949396][  T294] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  244.961292][  T357] usb 2-1: config 0 descriptor??
[  244.966323][  T466] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.976414][  T466] usb 5-1: New USB device found, idVendor=04b3, idProduct=3108, bcdDevice= 0.00
[  245.107759][  T466] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.121776][  T466] usb 5-1: config 0 descriptor??
[  245.243076][ T4647] loop2: detected capacity change from 0 to 2048
[  245.274802][ T4647] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  245.297422][  T294] usb 4-1: Using ep0 maxpacket: 16
[  245.315549][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  245.315564][   T30] audit: type=1400 audit(2134217839.380:2436): avc:  denied  { read write } for  pid=4646 comm="syz.2.1228" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  245.344045][   T30] audit: type=1400 audit(2134217839.380:2437): avc:  denied  { open } for  pid=4646 comm="syz.2.1228" path="/199/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  245.344747][ T4648] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  245.367128][   T30] audit: type=1400 audit(2134217839.400:2438): avc:  denied  { map } for  pid=4646 comm="syz.2.1228" path="/199/file1/file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  245.385303][ T4647] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1228'.
[  245.461410][  T377] ------------[ cut here ]------------
[  245.466992][  T377] kernel BUG at fs/ext4/inode.c:2746!
[  245.472305][  T377] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  245.478270][  T377] CPU: 1 PID: 377 Comm: kworker/u4:4 Not tainted 5.15.167-syzkaller-android13-5.15.167_r00 #0
[  245.488337][  T377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  245.498845][  T377] Workqueue: writeback wb_workfn (flush-7:2)
[  245.504661][  T377] RIP: 0010:ext4_writepages+0x3fe6/0x4000
[  245.510218][  T377] Code: 89 de e8 0d 6f 87 ff 45 84 f6 75 2c e8 73 6c 87 ff 49 be 00 00 00 00 00 fc ff df 4c 8b 64 24 50 e9 e4 c5 ff ff e8 5a 6c 87 ff <0f> 0b e8 53 6c 87 ff e8 aa 9c 17 ff eb 9b e8 47 6c 87 ff e8 9e 9c
[  245.529660][  T377] RSP: 0018:ffffc90000b97000 EFLAGS: 00010293
[  245.535557][  T377] RAX: ffffffff81e8eb26 RBX: 0000008000000000 RCX: ffff88811158bb40
[  245.543512][  T377] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[  245.551322][  T377] RBP: ffffc90000b97410 R08: ffffffff81e8e296 R09: ffffed102578469e
[  245.559131][  T377] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000b977d0
[  245.566943][  T377] R13: 0000000000000000 R14: 0000008410000000 R15: 0000000000000001
[  245.575232][  T377] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  245.583986][  T377] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  245.590414][  T377] CR2: 0000000000000002 CR3: 000000012392a000 CR4: 00000000003506a0
[  245.598221][  T377] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  245.606034][  T377] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  245.613841][  T377] Call Trace:
[  245.616967][  T377]  <TASK>
[  245.619744][  T377]  ? __die_body+0x62/0xb0
[  245.623914][  T377]  ? die+0x88/0xb0
[  245.627478][  T377]  ? do_trap+0x103/0x330
[  245.631547][  T377]  ? ext4_writepages+0x3fe6/0x4000
[  245.636496][  T377]  ? handle_invalid_op+0x95/0xc0
[  245.641267][  T377]  ? ext4_writepages+0x3fe6/0x4000
[  245.646228][  T377]  ? exc_invalid_op+0x32/0x50
[  245.650727][  T377]  ? asm_exc_invalid_op+0x1b/0x20
[  245.655589][  T377]  ? ext4_writepages+0x3756/0x4000
[  245.660535][  T377]  ? ext4_writepages+0x3fe6/0x4000
[  245.665483][  T377]  ? ext4_writepages+0x3fe6/0x4000
[  245.670431][  T377]  ? unwind_next_frame+0x3cb/0x700
[  245.675380][  T377]  ? xas_start+0x32c/0x3f0
[  245.679642][  T377]  ? __kasan_check_read+0x11/0x20
[  245.684490][  T377]  ? mark_page_accessed+0x56b/0xbf0
[  245.689523][  T377]  ? __activate_page+0x1110/0x1110
[  245.694477][  T377]  ? __switch_to+0x62a/0x1190
[  245.698990][  T377]  ? array_map_lookup_elem+0x68/0x140
[  245.704202][  T377]  ? ext4_readpage+0x230/0x230
[  245.708796][  T377]  ? __kasan_check_read+0x11/0x20
[  245.713835][  T377]  ? shmem_getpage_gfp+0x21cd/0x23c0
[  245.718942][  T377]  ? copy_page_from_iter_atomic+0x7fd/0x10e0
[  245.724760][  T377]  ? update_curr+0x31a/0x5d0
[  245.729213][  T377]  ? ext4_readpage+0x230/0x230
[  245.733782][  T377]  do_writepages+0x40e/0x670
[  245.738210][  T377]  ? __writepage+0x130/0x130
[  245.742638][  T377]  ? sched_group_set_idle+0x640/0x640
[  245.747847][  T377]  ? sched_clock_cpu+0x18/0x3b0
[  245.752531][  T377]  ? __kasan_check_write+0x14/0x20
[  245.757564][  T377]  ? _raw_spin_lock+0xa4/0x1b0
[  245.762195][  T377]  __writeback_single_inode+0xdf/0xa70
[  245.767458][  T377]  writeback_sb_inodes+0xb2a/0x1920
[  245.772511][  T377]  ? _raw_spin_lock+0xa4/0x1b0
[  245.777098][  T377]  ? queue_io+0x520/0x520
[  245.781259][  T377]  ? __writeback_inodes_wb+0x3f0/0x3f0
[  245.786552][  T377]  ? queue_io+0x3d0/0x520
[  245.790721][  T377]  wb_writeback+0x3b9/0x9e0
[  245.795059][  T377]  ? inode_cgwb_move_to_attached+0x3c0/0x3c0
[  245.800871][  T377]  ? set_worker_desc+0x158/0x1c0
[  245.805647][  T377]  ? __update_load_avg_cfs_rq+0xb1/0x2f0
[  245.811116][  T377]  ? __kasan_check_write+0x14/0x20
[  245.816063][  T377]  wb_workfn+0x3d9/0x1110
[  245.820234][  T377]  ? inode_wait_for_writeback+0x280/0x280
[  245.825784][  T377]  ? finish_task_switch+0x16f/0x7b0
[  245.830820][  T377]  ? __kasan_check_read+0x11/0x20
[  245.835678][  T377]  ? read_word_at_a_time+0x12/0x20
[  245.840719][  T377]  ? strscpy+0x9c/0x260
[  245.844714][  T377]  process_one_work+0x6bb/0xc10
[  245.849405][  T377]  worker_thread+0xad5/0x12a0
[  245.853917][  T377]  ? _raw_spin_lock+0x1b0/0x1b0
[  245.858611][  T377]  kthread+0x421/0x510
[  245.862513][  T377]  ? worker_clr_flags+0x180/0x180
[  245.867369][  T377]  ? kthread_blkcg+0xd0/0xd0
[  245.871803][  T377]  ret_from_fork+0x1f/0x30
[  245.876159][  T377]  </TASK>
[  245.879008][  T377] Modules linked in:
[  245.901790][  T377] ---[ end trace e9bdb6c3f0bf43c0 ]---
[  245.907324][  T377] RIP: 0010:ext4_writepages+0x3fe6/0x4000
[  245.913418][  T377] Code: 89 de e8 0d 6f 87 ff 45 84 f6 75 2c e8 73 6c 87 ff 49 be 00 00 00 00 00 fc ff df 4c 8b 64 24 50 e9 e4 c5 ff ff e8 5a 6c 87 ff <0f> 0b e8 53 6c 87 ff e8 aa 9c 17 ff eb 9b e8 47 6c 87 ff e8 9e 9c
[  245.933292][  T377] RSP: 0018:ffffc90000b97000 EFLAGS: 00010293
[  245.939413][  T377] RAX: ffffffff81e8eb26 RBX: 0000008000000000 RCX: ffff88811158bb40
[  245.940140][  T466] hid (null): report_id 0 is invalid
[  245.950610][  T377] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000
[  245.959448][  T466] lenovo 0003:04B3:3108.002F: report_id 0 is invalid
[  245.965873][  T377] RBP: ffffc90000b97410 R08: ffffffff81e8e296 R09: ffffed102578469e
[  245.966701][  T466] lenovo 0003:04B3:3108.002F: item 0 0 1 8 parsing failed
[  245.974873][  T377] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000b977d0
[  245.974892][  T377] R13: 0000000000000000 R14: 0000008410000000 R15: 0000000000000001
[  245.974907][  T377] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  245.974927][  T377] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  245.974943][  T377] CR2: 00007f704e58d178 CR3: 000000010cffb000 CR4: 00000000003506b0
[  245.974963][  T377] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  245.974977][  T377] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  245.975002][  T377] Kernel panic - not syncing: Fatal exception
[  245.975299][  T377] Kernel Offset: disabled
[  246.046741][  T377] Rebooting in 86400 seconds..