last executing test programs:

3m25.406397217s ago: executing program 4 (id=602):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x24000420)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000001c0)=@newtaction={0x260, 0x30, 0x12f, 0x800000, 0x0, {}, [{0x24c, 0x1, [@m_police={0xec, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0xbf, 0x6, "005e3cc3bd3a94bba77e8110324bd60200000000000000e20d00e2618323d721ea60418d92a217a3cd339a3649ecb80a8226ddf9d619dd99cb06be46926a2f275304fb74ed2610c845ff01000000000000d5f5ad0400000000000000bcdcc9b361edf37a79a3aa0c4c71f39633dcbb33ed81c9ecf713b3a0502673578a168c6e19c1b28ce54c8c23ccb4fa1def27ff190847b70f8bdb2b3bd30fa166d1cd22882fe95528960d0b2b1d31bbb9c6bd2e2f779232f9c60c2d17d458d3"}, {0xc, 0xb}, {0xc, 0xa}}}, @m_gact={0x15c, 0xc, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0xe, 0x1, 0x494, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x2e3}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x2520, 0xfffffffff7fffffe}}]}, {0xfe, 0x6, "08233878749f727b3df75684cec5456d8d72edf9961b68baa6e22ef4b130e2cd7afbfcbcc4fb9d586ddbd9ff0683f74a4fa7b44aab1f3c3c6afe3952c8cd19be86eeed5ae5d487a009c4a4becd891ff2ad60ec8d8873c47a68aee04ef4fbe401e0b2b7aff98cab0d1a4cf4010b7ebe56d3b70c3c7d6288ea383076e36d4decbda325ca63420878b01c1255d79b250b9e52f9dce34df5b25076b3bb40832d91f4584b8d827ba937840a289626dcbdad7c6562e2249f478954cee47897dd833df6bbd81e093e7191cdf344ce43fd901f8947f94f89764888104fd6b31a09e04b0cf9d664c3007f4e89bde7229449185ba323d98c5811683680e113"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x260}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecffffff940200000000000040000000000000000000000000000000000000002c8f380003"], 0xe6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x401, 0xfffffffc, 0x0, {}, [@IFLA_LINKMODE={0x5, 0x11, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

3m24.117362574s ago: executing program 4 (id=608):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r6, &(0x7f0000000040)={'#! ', '', [{0x20, ']\t'}]}, 0x7)
getpeername(r6, &(0x7f0000000500)=@l2={0x1f, 0x0, @fixed}, &(0x7f0000000300)=0x80)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000005c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_LEAVE_OCB(r6, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf3f82f6", @ANYRES32=r7, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20040000)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000001540)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x1114, r4, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @val={0xc, 0x99, {0x3a8f02d2, 0x1e}}}}, [@NL80211_ATTR_FRAME_MATCH={0xe8, 0x5b, "81fbc2cc9380cc7190e33245241f55e82d884733da49c2110258c11829d31544935974397361b99c9a2364adc922fbcc7d62d6b7ad539f47d7b8daa33a08157514f1193620162e34e1e2467be527e1c9a9727bab17652584c560fd806b8e51fa3ad263e31db2493a688ddd7288c25459e86b3989b8c9bc1dacff3a0f2165177070367b3444b7f8b2903257050cee40ef8f21887006a91d21be65957b6bcde0ebeb7016a037ba9e04a6236394115b5c9b05586ebafc9ecf038edd38b8092e39cfbbe5f449e00f91d9405c98f7ebfa4c8699f604173f9384fce58264206f9e4bbddb3d2ed1"}, @NL80211_ATTR_FRAME_MATCH={0x1004, 0x5b, "dc5907eec1961f16ad82f1e662ce501377fff8a35a3c110943e66b1248f542502b774c59ce16b9a7d83cc17834204c7f675b90641c294fec07b4705cb5dcac90044d6628037dac7039b1a2708975ce7f047bea5112adf741670114e5d56010a396e1a5c3e43309ef6e3387a4330aa0c38cc76c58a34fe14644dd83e2b43f4f9bab19f0a9e94a9e066ec56540ee53a2b8629deb710f3de6b8d004338cf23af9e1f6c5f4fb0ee57948c0f3fe28af940ce05d7fd85de350d10945b30ef698bff43cd6b8d6abd1a61b956524d49d016a1f2802006c5c073ad1545157ad1980dfc516310d4ba4c00d427f4cfef895b16e0f6b9dbb70216e71dbda6c7738087d8819ff195b4692276a64979f7b53a5bc61cdb291cfdb7567cfe4849c26dc6e6dfacaf3568114ec46ec9105ebffdce35e42a8c9f22c7f28f6edc519dc0a0bb8143784b309b23ee53ba3eb52967979a95e1eb8fed25e1626cf03bfb08f2715a0cfeabd0e935142167c045720e028e71611681156f5595f4ba7662ecbbb01b45415c4edd209b0e7c240d1d829791f2746f3b69710b3d4ed05ed7ca41340e2271edd897606662cc0e63d8da0bd707d58d3d4c9f2d38530ce097022d7937fe00a2c5c9077525b42a6b9268cc34db45d18337a5d20f2bc424628a60b797e7882d71ed869f7fd9a8ac3c0b6efa50bdd0a206a362ddeff26527262153043beb390b5f14842a16670a9a9b111fd92634b722155293beeae7a8429277e12db7a37d736f1aa63843046a32b37116c28523f98c5ac71fbd803ac60af4dbc01d2854ecc0e6ebc9f9e41c1dd26cbae90e3ca311c9d90b5fabae9d4795189a217e11a23fe86da98f1c79458d94dd8bcee196d33800e786e20fd350d8bf49c528d0e9b064c3a2f0c53b93cce41b32d62610d06087d7ae8756243552e9a1503ec90bedfdde97bdd229f469c5d1afdf1839aedddc5e252b093ac087a82507dd29335cf07bf84632d33e46d89b52bf3b33d791145c707853e36fc54031ac89a4a0908d2082a383fcd73c9f8cb0badeb30724411e844ddc3c5717b225a9a85fbd3fe9ca77510119712a52f0fd4c51b4d81478f7904b1b1b964855422fee649078d02e207d8175969b9151e78c467502fface99a7409f0c74375cc98b8731b2003271e3c079aaecb1458b36120911f704705afe801f834762c0dccb0b3bfc32fe943d896b504169241a19cef9d3441b0c78f406ae809577a4423c65a35964334fb4a7a173b69310ef7b72391353b622783a89e493f99be32f9971b41dab684d69aa1a277bea1113368f20f9164d086d7f51a7d8e355595793dafcda9e18fb7440ccf4424b7c05da83229b51bb9cccc467f9d7eb55b02fa69b7496443b62e314779b196b44cd477b5b9b0224cf5eb4018bdb1be2324c27527e33830bdaac9ff9b2d8ad165852ca6bfca14fe88188865b6b39609e5a17f368e46bdc970395049324bea41f22f8e5bbdd15f5fca77e418c022d19c52fbc36308de31736103407ad78d50647181fc3762b4ca153c62511f473b72217ee9e84ca57e8736a36385b84591aa09ebc34af3938aa027d327ce5a6e30f92d0edb6c363bf4e56077d73576e428a8ad081e657cc694ea5c196e9fd8f6b6021cff3b24e58bc61774a3cc0b4666f343c5c6ae1c6aa51ec3810f5de888f19173afef1ac06aea4eb89dae2eac659f7226988f20753df322bcbc36ff6f2484cfdbb0eaf7ffd1352f2429887c828c061ba87e5875cfc6ad6a7c850810aa49641d9fd26714c4bc263d1fd4679fdf8c904786cdac10f36a32fa0d3caa738c69deb35739af41e351d1c904e576204d8032eff6e2fa6199c569617504a21b9c0f8466137b664e9006af914124a00c147dcd60c36ecce5af476fd00ad10011ce1f2deeb1a18305dfd863c9cc8c3ad61aa0dc77253c98cfeaf1bddfc17823ffb54a905a1a919a36ee6689ebdfe257c18c5ec33e5f299a904102c1dd56ccecbe4c487691124321120f3cc03c5173048c79cfec2dc44e2499d9f009e48988a534db7b8d6ca32bc7bed29286b2eb8434cf211872457a1a64e33152ac9bdba83ad2706d3d1ec291809887ef8216e906e1dd32942fcf49e2fc4438fec8fc52c56ec3deba0fbeb9e1bdf223f2c03475be5fbea580e405c0078118360815184cb1393816b781bac504f2f1b67c97d2b7b71e2a3ac076ae078be17f9f8b83fb7e209f32ec840fd05ebc3dfd5bf37cb2c5c8bac04cd379460cd7c84ab645c05fc38e1a8b4c2d3b7f2ef6838f5ac72aa800b87bca11594cb8b01736afbc8f9288b844a4c34bc16462810aee180679387ba941b17448f7867aac0cb12882ac37e94baa5a3bea5c81a4dab2255df349d10350b7c03d3913d5d6f583c51d4971e19a518dd565abc0fb5e4f33280ce68f6e811b2cec3afd111d37769eff12b2761d26daceac03198f497b7278e5d1197d57820c437f70596495d5cbcabfe6054e746c72f27581b6394a31ec492e1139c4b4d070f6916a0a35bd4374708fda5cd91193c5851c4847a72267b5af2241731056ddb5eaefe5ada629b8434435783fb9af448efea67d5ebf90525ee283d140d4bab825069d21cef2afa85ea7220dc4096df937cde96519a0f1191873fc9cf6ec82d0242b2dfa07ec74b24ccb1786e98dc137d4ab3bf833e01ca3f26f5919f18e58a76e3e74e2537ea16b558b6c77dd7fdabd804b5d4d83cd6da9e6125b512f224d890debb67eb9a7cd55039797d4a56319ebd450d98e5c57028778789994f5bd3bbe169c63f0067848109ad80312fe946f20094f2ca1758d7b27c900c5dd794c51fd1932903851eccda8950d0926d3eb4abe5ef901bbc8dff5a818ececbf22c58ac5ef778eef4192571e7000d3080143b94e59163b7ce597a2507f4c3f626cd38c0d180a444d50b9ec9c722a8253a42fbc3275f0cd5042dac4fc49c3dcbd67b1d0985b70cbe9117e8eea455b36bcc019d11d8d93ca6bdbceb1598a0c995600943dd3b7978c8ee5fdb6b120a98c22a51c04cf816d5334a1999739c74fccce03716088fef2d566c8ba9e142fd3eef8a58589d6c7fd616176535f00179378c87b5a2290864b1b9a20fd136a81be5d01a6ff8201072877029be526ec4b9716f29bc00b2aa4402aeae7a91fc2aebf2846248835f3f2bb5fafb17aeac92b78e0198c37100861bab365a90bf827348a394879b125ada7737e7a84d381985aba6b0c70b4eeab661f363adf9ea6fb3bee0a2631045fdc53c4dd2ab04cf0a651a80db9976fc4c47b4551289df2cf18ff6e6ee1d879fa66dbb40d6ddcaa255f0567fbabc10bb1b885f56126c4e8b080c6f9b9e20bdc2e439ac0f282126ba06b23636c708184ea42041f0dc4a1890235da19d6e63f12280368d3efd42608657c6042faff42fbf9baba614300eadb41ea8dfcb7fc87a2c5ef7795603426690ced06a3b53fdd504dbedd552f306415fbadb749914cc1d9436a6e7fa0254b12163bde7e4b53ee29cfa63c35227eef109763b7531e00706d07efc5e0486edaf44d023207c919d47d2fa422779da32e62d6304497f0cd8956f49053cf08373306b5ee398fdb687ac73a33895de228125228952ff28f007f9aa0b30c3fad8291d2262f63c572ffe37cb26678c7b4e392f85d8b8e64bb0c5df69fce1397e6c6b6192a8829c54bd83e3a7703996bfc5f4a9a52ca6c1e8ecf871bba00b197a139f6ca80d96da3b8dca786a21dbb19b03414798a207bf67b6db43ad333684f8be36c43e98182197c33c9bb2f300dbd11309e12a4d796e2a69f2eff3e7fbb77c195dbafc79bae5aba1fbe583b2160437e81a2a54342483d608549ae6dcb5297c0faff157f85aa40af91d10fbcfaf1fb0e862301d336d56a90e07ff2f951139f69c418864a6ea384212181e0e5f6d2ab47011969186ce610f06eaf6e53f7a193d903f67d62fdc3cd506c17bbf77adb6f5929344671379c96918257fcd8416bf0507e0d394e642c46e52ad08ab54503372a953bb1a4d4de8c0ba7882960b521c877766e8dc188f47e7e47337e0f0188c6fd8fc2be305f12531dc58953d81e8707d68122dc22bd74d72b0f8475b7201fe7c280c8adb5bcb777d9f9d1076305d298346081051fdbc879b002dd790f4e88b97819e62b6cd8efe0fb54bdb421faf40b1aedeac371aa3f829e779ad0b7b4652c9e967e9c309e95584cb5fbdc9bd5f252c590fd531066b5a4bde20a23e071da506c6274014b499f8136deb3f91315ced1cf249e987e3389d059e3ec69ada3c2669054af5a70c85b6b70a8c457c05d9c42df6d7a26561f109b40cdceed1d214cc0c43d29f21b1a37651a22456b1665ea7b94a44b4a824fa5e7ea8fbc27a304768e7f4f8ea4acf5c74a576587e86a8b254b96058978c3d6dca7a5e024a7cd833ccf6b95d934ce0610f53c07ae280e52c090fe2096789c79eefdcb888cc397617c693ff8d35b6152a003e79a9a2528b36fcd7a6452fecd29723a67bd66937ddbdd978bd768de909e4083860e097d4712d66f802e2300b3869e2bc9299f34c7cb56e05a65783d8dddc8ce52258354d1694c165695510f65ae324e24e44cadea56efa296ea0a77738c6d3112622cdd6758c16643c8b66d82dd631bc4f099e33910d2e0125d4733600526306f88d31ad9692b940c7c0476f61f23058b2ef10f7930a10ad48212bd689e5c71108a7c3ca86fb91dbbb3529977c56ad706eb31f2561860e901b7a61e8167aa46d85a72a588b693e05287d5d9035079e86bd9467def4d367c5cbf6ea1e5a9e7dd16454e78af7f1705d362034c3291d3715153c3a5a2e9b229ca327707b039007070138555150361cce73d2211cf8d99853ec8255f7a3bea8a52a62607c3abb58de1efe6c7589fa4450dea552a57850cbecac98c087edfd9d3ff42dc636fd5e9abe1428d77534ed33d718d31aaeb02b4f3ddd69b4a74f1511e972f3316bc2d160c3805fbbfa3ccff141317ef2a533c061d33ffeb2c2be012398029f4133672be5e7072b4bbde2d1bfdcdfd20b8edaf97b4a80a599adf4e85ca2a7b0835058b776fcb770b9cd57b8376abc1d523142e430a632abe5cbe72c025803fb4ade31746a1b5bae4451824ea201da04014521b38043ac4c420594b2d344501e246a16ebbfa81303116db7b9005e9c6d5c4b0f645389ad5226b99ec3feb42fd541e6669f6ed9396beda0b9d6546ce058cf9576620eaf02c4b28598b81d11c75e1df1786d7f0fac6a09fda9f77809fec1ee9de90535b7e0697b44a855f0fdae72f2320787a48c678f18a5b4f70d7f485cb78dd4ec3a5347e1624d8cfb8032644e8a2fd9b069c8e780bb40dd4becb82fa1e00303e577dc99ea9698b81647afb7bf67fb893cf8c2b4d6d324ef25f9257b33ab7a9d4ae77880fb78c77351d7653463aae96b67df9ea3b6f2af42b54dc5f8b8a7dd347d9ac541824e5f3c51e1a50a64958af815f556c800825b57fe903fe369d477b46230ba24f9e1d55eb050c8d64d3b029884ba78d0def9d8984ef29a04978d865c4744729823fba477c867497fc844e630d7755c30711dadb5309fb9e9596dbe3d140fdd8d59914f26c76670e74240e5101bcf94562d1c3eefd7be468e24ee52f916f33ca31348fdd111bd4300e8e0493c66d69a0bc7f3723619b3271de3351b503e9db9c8a1e94640d693b1a7b9d8ba1ddbf33c8b9c32b283a8c9f405866a83097204554a3c775eff86f0161a8f1e1bbe5bc396db065f2093fc6725550965e04c5528a45a745ec1228c65ee534169a8d83709fca15770acb5a628f0394f"}]}, 0x1114}}, 0x4000040)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)

3m20.911895298s ago: executing program 2 (id=611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x5, "2569e7"}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r9, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

3m20.909305858s ago: executing program 4 (id=612):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000000)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x800}}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0x0, 0x0, &(0x7f00000007c0))
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)

3m17.501657035s ago: executing program 4 (id=615):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f00000006c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x442, &(0x7f0000000780)={[{@resuid}, {@nomblk_io_submit}, {@jqfmt_vfsold}, {@noblock_validity}, {}]}, 0x3f, 0x540, &(0x7f0000000100)="$eJzs3d9rZFcdAPDvvclks7upk6pILViLrewW3ZlNY9sgovVFnwpqfV9jMhvCzmSWzKRuQrEp/Q9EUPDJJ18E/wBB+uAfIIWCvogPoqKIbhURqr3l3rlDt/MjCd3JTDf5fODunHN/fc+5Q86ce+/ZewM4tx6PiOcjYi4inoqIajk/Lacbeeawt95bd1/eyKcksuzFfySRlPP6+8rz8xFxubdJLEbEt74e8d1kOG5n/+DWerPZ2C3z9W7rdr2zf3Btu7W+1dhq7Kyurjy79tzaM2vXs9J91XO5n/jZ1778q89/7483/nb1+3mxvvSJqMRAPSapV/VKcSz68mO0exrBZmCurE9l1gUBAOBE8j7+RyPiM0X/vxpzRW9uwNwsSgYAAABMSvaVpfhfEpEBAAAAZ1YaEUuRpLVyLMBSpOlCeW3g43EpbbY73c/dbO/tbObLIpajkt7cbjaul2OFl6OS5PmVcoxtP//0QH41Ih6OiB9WLxb52ka7uTnjax8AAABwXlweOP//dzUt0scr/p9AetrlAwAAACZkeWwGAAAAOCuc8gMAAMDZN3j+73n/AAAAcKZ844UX8inrv/9686X9vVvtl65tNjq3aq29jdpGe/d2bavd3iqe2dc6bn/Ndvv2F2Jn70692+h06539gxut9t5O98b2+16BDQAAAEzRw59+/XdJRBx+8WIxhYf6AaP8edYFACbpPof66SrAA2x+1gUAZqYy6wIAM5ccs9zgHQAAePBd+eTw/f/++/9dG4CzzQ08ADh/3P+H86syOALwP7MqCTBt8+U1gI/0shfGrTf2/v9vThopyyLeqN47x/VFAACYrqViStJaeR6wFGlaq0U8FJEuRyW5ud1sXC/PD35brVzI8yvFlsmxY4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAAzrSI9K/J21E8y/9K9cmlwesDC8l/q/GXMvOTF390Z73b3V3J5/+zeJfXQkR0f1zOf3rs68MAAACASUsOxy7qnaeXnytTLRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA58Bbd1/e6E/TjPv3r0bE8qj487FYfC5GJSIu/SuJ+Xu2SyJibgLxD1+NiEdGxU/inSx7JcpSjIp/8ZTjLxeHZnT8NCIuTyA+nGev5+3P86P+/tJ4vPgc/fc3X073a3z7l5aRH4nqmPbnoaG9tUbGePTNX9R7qcpw/FcjHp0f3f70299kTPwnhvb2dpZlw/G/8+2Dg3H1z34acWXk70/yvlj1but2vbN/cG27tb7V2GrsrK6uPLv23Noza9frN7ebjfLfkTF+8KlfvjMufl7/SyPi/+H3vfb3qPo/OXKPw79K/3/zzt2P9ZJDX0Ae/+oTI39/F2NM/LSM8tkynS+/0k8f9tL3euznbzx2VP03xxz/477/q+N2OuCpb772pxOuCgBMQWf/4NZ6s9nYPSKxeIJ1jkjk/Yj72Px0EpVo7P56cebF+ACJ7JXeN/dhKc8HTeS91ffm9Gv1ISjYPYlsKrEuFP35k261MNnoAy3Aa2W7sN48SeuxcFrNEgAAcAre6/3PuiQAAAAAAAAAAAAAAAAAAABwfk3jUWqDMQ9nU1UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCO9GwAA///rlNhr")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004"], 0x48)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[], 0xfe44, 0x0)
r2 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f0000000880)={@desc={0x1, 0x0, @desc3}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0xd9)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @adiantum, 0x4, @desc3})
openat$cgroup_ro(r3, &(0x7f00000006c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
syz_open_dev$evdev(&(0x7f00000010c0), 0x1, 0x22000)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
unshare(0x26000400)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x18, 0x0, @val=@netkit={@void, @value}}, 0x1c)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r4}})
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
mknod$loop(&(0x7f0000000780)='./file0\x00', 0x0, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x20)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()

3m17.336879687s ago: executing program 2 (id=617):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
r2 = gettid()
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
timer_create(0x7, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r2}, &(0x7f0000044000)=<r3=>0x0)
timer_settime(r3, 0xffffffffffffffff, &(0x7f0000000400)={{}, {0x0, 0x989680}}, 0x0)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newsa={0x138, 0x1a, 0x713, 0x0, 0x40000, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0x4e23, 0x8, 0xa, 0x0, 0x0, 0x5e}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d4, 0x3c}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {0x0, 0x0, 0x589, 0x0, 0x4, 0x9, 0x0, 0x2}, {0x0, 0x4000000000000000}, {}, 0x70bd2a, 0x0, 0xa, 0x2, 0x10, 0x60}, [@algo_crypt={0x48, 0x2, {{'ctr-aes-aesni\x00'}}}]}, 0x138}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r5, 0x0, 0x0, 0x1000f4)
read$FUSE(r5, &(0x7f0000003080)={0x2020}, 0x2020)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00'}, 0x10)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sync_file_range(0xffffffffffffffff, 0x1, 0x5a, 0x1)
r7 = syz_open_procfs(0x0, &(0x7f0000000140)='net/tcp\x00')
lseek(r7, 0x96, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r6}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sys_enter\x00', r8}, 0x10)
llistxattr(0x0, 0x0, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x8cfa, 0x2, 0x3, 0x10100}, 0x0, 0x0)

3m16.39086922s ago: executing program 4 (id=620):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x24000420)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000001c0)=@newtaction={0x260, 0x30, 0x12f, 0x800000, 0x0, {}, [{0x24c, 0x1, [@m_police={0xec, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0xbf, 0x6, "005e3cc3bd3a94bba77e8110324bd60200000000000000e20d00e2618323d721ea60418d92a217a3cd339a3649ecb80a8226ddf9d619dd99cb06be46926a2f275304fb74ed2610c845ff01000000000000d5f5ad0400000000000000bcdcc9b361edf37a79a3aa0c4c71f39633dcbb33ed81c9ecf713b3a0502673578a168c6e19c1b28ce54c8c23ccb4fa1def27ff190847b70f8bdb2b3bd30fa166d1cd22882fe95528960d0b2b1d31bbb9c6bd2e2f779232f9c60c2d17d458d3"}, {0xc, 0xb}, {0xc, 0xa}}}, @m_gact={0x15c, 0xc, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0xe, 0x1, 0x494, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x2e3}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x2520, 0xfffffffff7fffffe}}]}, {0xfe, 0x6, "08233878749f727b3df75684cec5456d8d72edf9961b68baa6e22ef4b130e2cd7afbfcbcc4fb9d586ddbd9ff0683f74a4fa7b44aab1f3c3c6afe3952c8cd19be86eeed5ae5d487a009c4a4becd891ff2ad60ec8d8873c47a68aee04ef4fbe401e0b2b7aff98cab0d1a4cf4010b7ebe56d3b70c3c7d6288ea383076e36d4decbda325ca63420878b01c1255d79b250b9e52f9dce34df5b25076b3bb40832d91f4584b8d827ba937840a289626dcbdad7c6562e2249f478954cee47897dd833df6bbd81e093e7191cdf344ce43fd901f8947f94f89764888104fd6b31a09e04b0cf9d664c3007f4e89bde7229449185ba323d98c5811683680e113"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x260}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecffffff940200000000000040000000000000000000000000000000000000002c8f380003"], 0xe6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x401, 0xfffffffc, 0x0, {}, [@IFLA_LINKMODE={0x5, 0x11, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

3m16.254221622s ago: executing program 4 (id=623):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x2}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)

3m15.278084305s ago: executing program 32 (id=623):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x2}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b70300000000000085000000720000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)

3m14.692007393s ago: executing program 2 (id=628):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100)=0x8, 0x4)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0xffffffff}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f0000000400), 0x12)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r9, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)

3m13.48354933s ago: executing program 2 (id=633):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_mount_image$ext4(&(0x7f00000006c0)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x442, &(0x7f0000000780)={[{@resuid}, {@nomblk_io_submit}, {@jqfmt_vfsold}, {@noblock_validity}, {}]}, 0x3f, 0x540, &(0x7f0000000100)="$eJzs3d9rZFcdAPDvvclks7upk6pILViLrewW3ZlNY9sgovVFnwpqfV9jMhvCzmSWzKRuQrEp/Q9EUPDJJ18E/wBB+uAfIIWCvogPoqKIbhURqr3l3rlDt/MjCd3JTDf5fODunHN/fc+5Q86ce+/ZewM4tx6PiOcjYi4inoqIajk/Lacbeeawt95bd1/eyKcksuzFfySRlPP6+8rz8xFxubdJLEbEt74e8d1kOG5n/+DWerPZ2C3z9W7rdr2zf3Btu7W+1dhq7Kyurjy79tzaM2vXs9J91XO5n/jZ1778q89/7483/nb1+3mxvvSJqMRAPSapV/VKcSz68mO0exrBZmCurE9l1gUBAOBE8j7+RyPiM0X/vxpzRW9uwNwsSgYAAABMSvaVpfhfEpEBAAAAZ1YaEUuRpLVyLMBSpOlCeW3g43EpbbY73c/dbO/tbObLIpajkt7cbjaul2OFl6OS5PmVcoxtP//0QH41Ih6OiB9WLxb52ka7uTnjax8AAABwXlweOP//dzUt0scr/p9AetrlAwAAACZkeWwGAAAAOCuc8gMAAMDZN3j+73n/AAAAcKZ844UX8inrv/9686X9vVvtl65tNjq3aq29jdpGe/d2bavd3iqe2dc6bn/Ndvv2F2Jn70692+h06539gxut9t5O98b2+16BDQAAAEzRw59+/XdJRBx+8WIxhYf6AaP8edYFACbpPof66SrAA2x+1gUAZqYy6wIAM5ccs9zgHQAAePBd+eTw/f/++/9dG4CzzQ08ADh/3P+H86syOALwP7MqCTBt8+U1gI/0shfGrTf2/v9vThopyyLeqN47x/VFAACYrqViStJaeR6wFGlaq0U8FJEuRyW5ud1sXC/PD35brVzI8yvFlsmxY4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAAzrSI9K/J21E8y/9K9cmlwesDC8l/q/GXMvOTF390Z73b3V3J5/+zeJfXQkR0f1zOf3rs68MAAACASUsOxy7qnaeXnytTLRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA58Bbd1/e6E/TjPv3r0bE8qj487FYfC5GJSIu/SuJ+Xu2SyJibgLxD1+NiEdGxU/inSx7JcpSjIp/8ZTjLxeHZnT8NCIuTyA+nGev5+3P86P+/tJ4vPgc/fc3X073a3z7l5aRH4nqmPbnoaG9tUbGePTNX9R7qcpw/FcjHp0f3f70299kTPwnhvb2dpZlw/G/8+2Dg3H1z34acWXk70/yvlj1but2vbN/cG27tb7V2GrsrK6uPLv23Noza9frN7ebjfLfkTF+8KlfvjMufl7/SyPi/+H3vfb3qPo/OXKPw79K/3/zzt2P9ZJDX0Ae/+oTI39/F2NM/LSM8tkynS+/0k8f9tL3euznbzx2VP03xxz/477/q+N2OuCpb772pxOuCgBMQWf/4NZ6s9nYPSKxeIJ1jkjk/Yj72Px0EpVo7P56cebF+ACJ7JXeN/dhKc8HTeS91ffm9Gv1ISjYPYlsKrEuFP35k261MNnoAy3Aa2W7sN48SeuxcFrNEgAAcAre6/3PuiQAAAAAAAAAAAAAAAAAAABwfk3jUWqDMQ9nU1UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCO9GwAA///rlNhr")
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000001000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10)
r1 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0200000004"], 0x48)
fsetxattr$system_posix_acl(r1, &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f00000002c0)=ANY=[], 0xfe44, 0x0)
r2 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r2, 0xc0506617, &(0x7f0000000880)={@desc={0x1, 0x0, @desc3}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0xd9)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r3, 0x800c6613, &(0x7f0000000040)=@v1={0x0, @adiantum, 0x4, @desc3})
openat$cgroup_ro(r3, &(0x7f00000006c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
syz_open_dev$evdev(&(0x7f00000010c0), 0x1, 0x22000)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
unshare(0x26000400)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x18, 0x0, @val=@netkit={@void, @value}}, 0x1c)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r4}})
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
mknod$loop(&(0x7f0000000780)='./file0\x00', 0x0, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x20)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()

3m13.042988195s ago: executing program 2 (id=636):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x5, "2569e7"}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69e"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r9, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

3m12.936335207s ago: executing program 2 (id=639):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x446000, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x89)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0x58}, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="2100000007000000ff0f0000070000004b860200", @ANYRES32, @ANYBLOB="00000000000000000000ddf44d451e82b090b8b200000000000000000000318f6bf25c013599ec014da60d24963284484e82b338a97a995744c8e6e81fea522b9ea6b0ec55a9709cf520552f4559f65074e3c236fc1cf7c9f616d6f0d69de523bb1ca8155e3e1517de56321ff4faedebc35e1295bd094089d2bee440bd69c6dc0786df88157be3e1ea51284d78e4acb7d9decab064faa8b8ad7bdc57724a00"/170, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x6, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES16], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r3, &(0x7f0000000400)=[{{&(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001940)=[{&(0x7f0000000640)="d2e112ae34ee620894b62a92af3237018cfc2f0a5b2cecdc01d30d7efde3300a51b81fd75c94b1e56addcb1a135eb5a4ef878ac6a950356dec06ecf668b1135d2d915b048fa71f04bf14bee8", 0x4c}, {&(0x7f00000006c0)="1fdd0f6fc9d5236cb24b1f2bdd1896db76f03703e399e8ac4a5bcd668d784a4fbb2b402eed01af4e9b2ad6cd9700d3a148f3cebd1e577569b6661993b305895288f507423a4352dc33a5f4c42c0216f10a459f9a61ceffccb4e357c41e4ca659583e55e1099ef8230cb2ffc9410a78bb4d9c7f17905a6e594923ab3e3c8289ed40a56975f1b2b43c3f60759e7847b104a3caed08a358ebfce293ac1e56de37c013d9ebd7681622788334fde9c1c135aad4494f36ad88b01849eed924fac9397602dbe1da795607e62a8a22f185c90977247fe5c9b8718485966c9a813c97b46295e26226dd70114bad9053281b812718085a0d4a25fd2dc3a0a41cd2540027e711061b8def112d00b6950c905423f8c9547fd13500dffa64d2efa76e2f708e31d07fd719794c90d226a0226bd4b86eeda90d0fdff676f48f4f25275042f8d647c99419ab268d868a1849c36cbf5947e71dfd0ec8affa3e08ba5699d9656876147869e1b676c3ec8fa33126efb6abbb3bac6053e2b7aef2f99551d063296fc93d235cc8d88f2b5850ab089999615cf2f4cc24990dc253764d8b32652c9ea86ddfc4ae951fe0361d79b0ed757e2b6a555990a5120ac2ea3a78be7b58f6f669bbb703228a052501987733247f3d3e626532a90872a0f5925a0bf1207e3e63d81ffa25b6352838cb53ef0b1cba5d2caf1f9e00a6cb7c351c0e47d67e27613d162379b9c7a7dae7d7ddebd081a5ec20faa574baf319c9c1de7436946cc09f40865af95650aedb902ccbd766a5fc266b12a19982899fae750dfd763c036b3d7e326e13dd3097d58947ac617b56121db9f30c34745bf01d3acdad8b492d07abba667066c42c6cd89ed266f054d98276f1fb44ed05af6dc54f5e6f36eb7197b46801fa7766ec8e40e467fc8e236c1e6763fd101230f21ae63005950fb6c49c4d9eeaae7bead467d351142fa9f37ff6912fb59a77246449f6eedf03d15d08b293cad1c3ad97e6871ca9bb0e472abe4599016f250954823a1b5f935ae19ade62bcbfc750a6d8137e6453aacf9a6c66bff78514dcc3c513bfd88124c83583b83a103b63703278ec7e33925795927cd468e92372c0f8c208fd546297f026d9a9a5a0b55971a74f9cce9220c8c49ec0b75e456849fe7f793b1a674c15b26243012639bd2075377ce5b07d1e8759aa068f2c87bea54a776deb7bbdd2b60a4c069828661ee0db1e3a8fe8df2f68ce642055bd5bcfb330c4e596616cb7983739dffc47b2e7802d156cdcc8e612e03096d70ddc6b6cd7efa48576cc84b7d8f64cb34abc61603944daa64a9e4074b68fad587a315ba7e5d2cb78f89d16cd8f1deaff8c585bfaa5ca12e1061abfbada6fa70283f7683e860d6f0eeac93eca9cb4a398fb216f09cbac49651d5bca47b8e406ea3477c418b2bc1cca712140b7c9f75accd1935d9ff2f3a1715a329f0e9e9e7822f836657a91bc01d88bf7411ecdd0530dd4cb5f52df2ac31a4d0e2356fa0f234b59e6e4031b8c1ab0c23cc4257ad4b5bf3ff5c11e88442335ae645233a005be7efe5e53e9dcbf76de4761e59a2dcf2f292ef1699de21f043e14c56294afa1dacdac844861c45495115459aabda39e62d1e0f5fde229ad87159372f299826f9ddedc22b3c48919af9e0c8b3ef40f566d99424a5b9ddaeaccd41d4c55cb633a71a3c56875556d6eb9359767d90e2241d9da6026ebc2174c97f7e4d03be9347f72c482034a573f92cfc24ecb691e2a115a189a375f6939fe745c9c2bada6c72ad710b763846c19dddd3b80048bcfddc79acb868116aec62da6f132457255e772ead9c363c2133a6a1806bb51217e1270fb81d58b00373e3f54e75fa7a0fc2c15fa12526dccce77e87f4655686db7b1dcaa02ad15a6ac53c1652e2e268f6ef414411b7f367bd5fa4c0936f586e577fbd58876b80e99b6590f37635d7bf43d2fbf4b04921714dc5edae10c3c6928fa84d67b84734d3aa2d36ba431dfe7797382425f1930265d47e0a826c22ffabf084be4b39f0515dfd43ac195944e8aaac64dba5cfdc6ca0901e85257b74fda1e0cd6b0400acb2c8656308ba8491d769741dc87622f98bcf59ef3dc312d595088d4206d5f6e0b34ebca8454ffac8a35dd4a4fc0e868f405a43758de83ea2921e3859c13dd21cc18c4beb1f48427d9c078425f8b2015fce229fc8191a59f8e49130172d17277321e5d68dd4c4b1e207b0bfbedb9737e783dca8745ae4d3eb09e713cb0d0adf633c276977bc04e9ca21fb0269bb8c6de79722e5869708cd64f6fdd58664fe112afddd66ec99cbe64699495841574f880ac1e892b735ae7c25a9e99c10e83cd1fcff169f30722f52e1a5fc02309a822d56b5850562fed1c666da40cf44737029e0ff244e68c04ded427822d5f0d0963b1fd58ffbc93b19fddf63424d7957de48aee3067ec20ec906c7db26fceaeb07eed8f148e4baac59cfda3c7343ae03f594324969f1f4c7af2c59f4ce90b44be4c3c90bff974e434f30c37c929eda0bd592bb350a37f2125b2a0367fed47bf0eb6a38a426d312c6b291b8fb2cf9b843966813be8a5414818898a70ca324881e495f47b7c769dfbac0e9ae98a9a350d48d10db6d8a70485b90bea6a5e44386687e06459b82e907458fccea02dee8dee36844d609020f4860f62be1cc1c4c4ca5128a47672f010d8e1a279b58a13a7f511f5cd0cad56c76ac7424769fa9ac5d60895208d9cc0e1dc86684a97881771ffb4aad0eb1105a417941c4b8cfc120109895381d58bc73f32963bd45b0df92934967f1cc0970f58cbca14fc58ea725397e18177a1030cc5c602f9cdd5a6acf3a52a35f23ac9b661b74ef77ce41d3ab77d3f59896982dd7fc8723c21c05e5434eff75d5252709333367ac94296e18f77a8fcba20f5bd518cd178dd027b558cc3f7001882cf11999dbcd5b4479226f4ab23e668fe3d3187981d7a46e3daf89e52b6e153a1286647faf1fb5999cfc7d4e9f5f6b0c6135a0f00e209a4350b4ee4e14c44a9ad7d1d77e085f980d68e196f4e180e4c81308a8ca2862caff0082fc337963dc95ac3d4dacd5d2400c3f4c0860061698f6e0bd7349c76b706f3e6db374b9584fec9e204333ba22a220a6947aeb22ac6922342196a6e15a46b6bba6a557950eb9b025eacf991dcf0faa468f0920f9d2c172b3a4ac283b3b38d6f9bf2ab80d6640151690bf713e7bb31142c96c9b69bc7ffa04a8b20e64ed3b56520f01182ee7fde697bae686984a74764a4eebd613e53a95aab512c27e5d557c076bbb925f48d87a8505ca9727962e55bb5ea243a7375eea7965d5c446359d2570fc661d4eb7c298d95dc50d3121040e52fc403e210021de36122db2c2fe5079062f9b574a74f216316b7d9312695aadbb4f895a4ef03e733efea4ea44bae140f885db5f4877e908769d5cbd5ba0fb61fba3a78451b2c3144d73971d6796bbee94d8ef6944832774646b2dbba5681a171512b139dd376e858821195a8939ff8c33858d49de9ae14f3b4630df17e7763872d7e2e20ca798f12744ebcd2737e69b02f7b98872092fa23d991122c4af5fbf66a36b782896c848eee29edd39a5006c89c4407c96a4597eab1502f377b6b1e416233f11b0b4100b3f443ed9a00bf7ba2719d18f2f8bd6f6af2bbaaf8f2fad2b0aae80f5006760429ab5d226f74722fba0161ddca64a96729714dbe13935bd5b6754a7dde144406930f725c19464f31014483f9f3da6e556f53f45511a6f9279e72f1705d71616f17206843aaa90398253141bb8ca50785b74489880a7a00f6a6367d09d8daef7ccdb9f16de84f01f39118598d2e266ecd5aaa1e3462d1d2048eb12278eb8af9f98aa156b3bdc4fab6adbf350c60e27c236675f9f11aa1147587dda8a6ecab352f447d4005931d2e676bb7f0b5c55d93d453e64f1b19f673425e70b67cf9f1b00005fa0e2d88e451e8e1d2a1814d0688356693216490fdbd5b6f0f4bf63290fd69da041cbf45dce6d6d9abb7ac4206a7445e5feed5c98afa64e39303acb51e0fe9aab4b43e5dac7f696ea25669e6b407c86e34a2710a2ba5865c51ca1779926449b2b491340de648c0f6a786cc6c5ef2ad814277dce1c08db3d5ef02e5374683c801c1801c3be7feb99d5a2b1765ebf809c073cadabc0d8f5e4d0f557b2f0293af1c14a0cdec634c58056d9751f454047c12aa0ac57ff890e622551b3b9e3144522f7c854a6448d963678866971f3bac5d0f427a88d9536ed66ba554dafb63c9b01351c39d3dc8b623fee5929c2d6b3cbd99194815c0a3d34d22a63035d1f18fd7ab8c57259585b55d8fec674ac52c68f647b8d6c9840986c23a0ce53f54c3efe0b77828caf82ff68093c7e4e8e0e0a4f01d3d120d3dbc3f6e0358dad777bb96b9b9ac1cc04848f4aa935f2b8bcd481932c23bc6e18953a876d4a45ad9f2523996b69722760b5a316e23a0589381bf2a4ffb02e4c9af780589232a99a2d8ae5ea5a2c52f12dca03b30247307f4ddf4b5edbbbc6b790e35b9af6386697b1ddcef21b51d963a4f2f3c4a5faeed1fe0d869bc216ad3b460483903cd4feb7665395b988c8407230bce2a912ba64e0f150c86b4a623d297f15d6f78d559f9c40880aac37e78852532ddeb9307ac61e17f03e881f59cdace173ebf5c5a7bef6b771de80a768b873165c19664657b335e5c40bfe982cac1baf7678a430eb26552d4be26f3979e6b948d7ec0338270194521d1e75655b169426c0da47e5e3b6dd1941610e96e5e42a62a6c24aa26f40e9f350a8fe9a008c836b7bb8a521b4adb257c7d481e2dd1694ec6da3c89487525a8df7b88a029d8fcb274c8b5a17e6f978b247e29045317c22aa5954fde35dbd7dba87ff2bd05909af99dd7051fc32720bd13ecde5fa270fbc9268d9f2851baef4f3025a45e56588ea066f5b5989b2ac567b244211c71b29ee19aa80930ab541c57d458e7dcda0361e8e3998100802d8b865599d58875273f0d7ef0170dd200705eaf018a6a3748524232c13b38a35c2891e312b305969669c6326497c4c9f1cde4bf7c9afab48050062af5a8b9ba81b7d18fa092ee6608152502d0cbf1cb7549848d811b3635122645e7fb552bd9d64a14a9eb81faa7194fa70b2230a364f0d89b3cd0d3aa02b7740249feb94751562adf91c4e23b76f72e5dbc6c191a3f8294a152e47390d6049aed584c9c76962eb57a6ccf5b401851a2f5e16a4949686257776bc86f4741652500e6e50453360fb24e973e39ac6a2250e3429181987eefb2ed052c1fa19b6851841dce0473ccac93e2a26abb5bf578ce99fa9763d938f4be4726dc931d1e567c4d5aa0312c5b45f6f40533fd89a20a153e891ec9a6748821697b0b869044e1a04e43389f7a933b7c8d3b9f234088cd82a2716e0b9be6907c08694dcfd46f694ac90e6b686513b468331d1a14267fbca35bd55586d35f0990ccdd16553912389f07837148a04bc43a5105384499aebb375822d28e5cd73ab8c918926c769781e867e6ca7e8b1f535b4fb824db49358ae9dac4e0631fc284b4862050ad650637b225c546af28cca4d5696078d80b2f4298276c18801fe7b074d74b5325b1f182940f0286e9a784d633ec8d7cb2dea6840b506c0a902a4744afe8592728d9b53258089fcde49de25a152f6b4e4a4d7205b7175e59584de9f254735d2a0ae433f22a4262b039e148cf7fe2c650e0e735e18022e3a97e670732219f74f8f0031a3d04b3168e3d8cce95463556596a28003faac6dce360f135838badb2e0fd7998166de8972707a6", 0x1000}, {&(0x7f00000016c0)="2e4d8b6941870d4be571179c14b9300c3d8b05f7ef29e0a487f457560701eb8fe566b29eca6052461ef79a7f1ba1bb23ea5390a37be201fd6a195d0a32b9ffcc9bdccb97020c00471acc7d8f487dec371bcb521e90ca859113d06c991da07a564427b33f146d1b5db4f690387b9d162963ea7bae0d1d55878022c24459f531c41dc2cd4ecccb412a9f31332a4e985d716fbd6126b5951a87554f2552e181722441ac3c639ed1e38f1474b8e7231f77fc6714dfdf21510cf31064fbd0ee7b9f6cc142b96b2235d6e70cadabf9a144a047ebab3597224c5ae16707e7fdb577ba81b8ddaea55b256b2047449727bc7c81824c6176fb069152c4", 0xf8}, {&(0x7f00000017c0)="572c9dc8662d176e3bf3f266af6880fb003f9a84f31e0ae1a88898035ba585a344f759b0241270898f9af93f1f2ea6bdfdca9022540bf1ec43e3ac00a08a56961512571d495e8a76d02b4864a36fd924f9f0c2350835e8ac9f066c56ca568634e2a3fde51f5536e0789d4c6ee16669573ff9263047345b7cec524c0d22e0263f30833fd8672e9c2e155dc855aea952b11e1c94aefbddaf2f43e54eb3a8106aafbe49a1f3ad2a9498aa5b3f7ef54b36b244146636f845925aa169d68308545b23e0b4c7f5e05ce0ecea0e64ea346029e41ab79ef076b814686a5da5c9e5ea9396", 0xe0}, {&(0x7f00000018c0)="778dd5675d133da658ab4d72971245fa27a2dae006875a8d7d73bf1428350a1791b0ee9aacc36d0b496a2221ec2d411ff23bc45721526fe51da91218b9dc490f1966ba6febc8dd6919263e4f040b4b2a7a4f980b618ca9d7fef235bce34acb60d758aa655c15432357c77c6db7874a96e2cafc3e87ef6841", 0x78}], 0x5, &(0x7f0000001d00)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @dev={0xac, 0x14, 0x14, 0x26}, @dev={0xac, 0x14, 0x14, 0x34}, @private=0xa010101, @private=0x5f]}, @rr={0x7, 0x1f, 0xdc, [@remote, @multicast2, @multicast1, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0x13}, @broadcast]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x40}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_retopts={{0x78, 0x0, 0x7, {[@rr={0x7, 0xf, 0x59, [@loopback, @multicast2, @local]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x14, 0x55, 0x0, 0x9, [0x8, 0xcd0, 0xe, 0x2]}, @generic={0x7, 0x6, "3abd385e"}, @ssrr={0x89, 0xb, 0x5a, [@loopback, @private=0xa010102]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0xc, [{@rand_addr=0x64010101, 0x3a}, {@broadcast, 0x3655}]}, @timestamp_addr={0x44, 0x1c, 0x1d, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x204}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@empty, 0x3}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}], 0x170}}], 0x1, 0xc180)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(r2, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r5, 0x402c542d, &(0x7f0000000080)={0x3, 0x7, 0x7, 0x7fff, 0x8, "0982aa400000000000e6ffffab5b00", 0x5, 0x2})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0xff)
accept4$unix(r2, 0x0, 0x0, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0xe, &(0x7f0000000540)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x1, 0xbb, &(0x7f00000019c0)=""/187, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)="f8", 0x1}], 0x1)

3m11.624376235s ago: executing program 33 (id=639):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x446000, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x89)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0x58}, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="2100000007000000ff0f0000070000004b860200", @ANYRES32, @ANYBLOB="00000000000000000000ddf44d451e82b090b8b200000000000000000000318f6bf25c013599ec014da60d24963284484e82b338a97a995744c8e6e81fea522b9ea6b0ec55a9709cf520552f4559f65074e3c236fc1cf7c9f616d6f0d69de523bb1ca8155e3e1517de56321ff4faedebc35e1295bd094089d2bee440bd69c6dc0786df88157be3e1ea51284d78e4acb7d9decab064faa8b8ad7bdc57724a00"/170, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x6, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES16], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r3, &(0x7f0000000400)=[{{&(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001940)=[{&(0x7f0000000640)="d2e112ae34ee620894b62a92af3237018cfc2f0a5b2cecdc01d30d7efde3300a51b81fd75c94b1e56addcb1a135eb5a4ef878ac6a950356dec06ecf668b1135d2d915b048fa71f04bf14bee8", 0x4c}, {&(0x7f00000006c0)="1fdd0f6fc9d5236cb24b1f2bdd1896db76f03703e399e8ac4a5bcd668d784a4fbb2b402eed01af4e9b2ad6cd9700d3a148f3cebd1e577569b6661993b305895288f507423a4352dc33a5f4c42c0216f10a459f9a61ceffccb4e357c41e4ca659583e55e1099ef8230cb2ffc9410a78bb4d9c7f17905a6e594923ab3e3c8289ed40a56975f1b2b43c3f60759e7847b104a3caed08a358ebfce293ac1e56de37c013d9ebd7681622788334fde9c1c135aad4494f36ad88b01849eed924fac9397602dbe1da795607e62a8a22f185c90977247fe5c9b8718485966c9a813c97b46295e26226dd70114bad9053281b812718085a0d4a25fd2dc3a0a41cd2540027e711061b8def112d00b6950c905423f8c9547fd13500dffa64d2efa76e2f708e31d07fd719794c90d226a0226bd4b86eeda90d0fdff676f48f4f25275042f8d647c99419ab268d868a1849c36cbf5947e71dfd0ec8affa3e08ba5699d9656876147869e1b676c3ec8fa33126efb6abbb3bac6053e2b7aef2f99551d063296fc93d235cc8d88f2b5850ab089999615cf2f4cc24990dc253764d8b32652c9ea86ddfc4ae951fe0361d79b0ed757e2b6a555990a5120ac2ea3a78be7b58f6f669bbb703228a052501987733247f3d3e626532a90872a0f5925a0bf1207e3e63d81ffa25b6352838cb53ef0b1cba5d2caf1f9e00a6cb7c351c0e47d67e27613d162379b9c7a7dae7d7ddebd081a5ec20faa574baf319c9c1de7436946cc09f40865af95650aedb902ccbd766a5fc266b12a19982899fae750dfd763c036b3d7e326e13dd3097d58947ac617b56121db9f30c34745bf01d3acdad8b492d07abba667066c42c6cd89ed266f054d98276f1fb44ed05af6dc54f5e6f36eb7197b46801fa7766ec8e40e467fc8e236c1e6763fd101230f21ae63005950fb6c49c4d9eeaae7bead467d351142fa9f37ff6912fb59a77246449f6eedf03d15d08b293cad1c3ad97e6871ca9bb0e472abe4599016f250954823a1b5f935ae19ade62bcbfc750a6d8137e6453aacf9a6c66bff78514dcc3c513bfd88124c83583b83a103b63703278ec7e33925795927cd468e92372c0f8c208fd546297f026d9a9a5a0b55971a74f9cce9220c8c49ec0b75e456849fe7f793b1a674c15b26243012639bd2075377ce5b07d1e8759aa068f2c87bea54a776deb7bbdd2b60a4c069828661ee0db1e3a8fe8df2f68ce642055bd5bcfb330c4e596616cb7983739dffc47b2e7802d156cdcc8e612e03096d70ddc6b6cd7efa48576cc84b7d8f64cb34abc61603944daa64a9e4074b68fad587a315ba7e5d2cb78f89d16cd8f1deaff8c585bfaa5ca12e1061abfbada6fa70283f7683e860d6f0eeac93eca9cb4a398fb216f09cbac49651d5bca47b8e406ea3477c418b2bc1cca712140b7c9f75accd1935d9ff2f3a1715a329f0e9e9e7822f836657a91bc01d88bf7411ecdd0530dd4cb5f52df2ac31a4d0e2356fa0f234b59e6e4031b8c1ab0c23cc4257ad4b5bf3ff5c11e88442335ae645233a005be7efe5e53e9dcbf76de4761e59a2dcf2f292ef1699de21f043e14c56294afa1dacdac844861c45495115459aabda39e62d1e0f5fde229ad87159372f299826f9ddedc22b3c48919af9e0c8b3ef40f566d99424a5b9ddaeaccd41d4c55cb633a71a3c56875556d6eb9359767d90e2241d9da6026ebc2174c97f7e4d03be9347f72c482034a573f92cfc24ecb691e2a115a189a375f6939fe745c9c2bada6c72ad710b763846c19dddd3b80048bcfddc79acb868116aec62da6f132457255e772ead9c363c2133a6a1806bb51217e1270fb81d58b00373e3f54e75fa7a0fc2c15fa12526dccce77e87f4655686db7b1dcaa02ad15a6ac53c1652e2e268f6ef414411b7f367bd5fa4c0936f586e577fbd58876b80e99b6590f37635d7bf43d2fbf4b04921714dc5edae10c3c6928fa84d67b84734d3aa2d36ba431dfe7797382425f1930265d47e0a826c22ffabf084be4b39f0515dfd43ac195944e8aaac64dba5cfdc6ca0901e85257b74fda1e0cd6b0400acb2c8656308ba8491d769741dc87622f98bcf59ef3dc312d595088d4206d5f6e0b34ebca8454ffac8a35dd4a4fc0e868f405a43758de83ea2921e3859c13dd21cc18c4beb1f48427d9c078425f8b2015fce229fc8191a59f8e49130172d17277321e5d68dd4c4b1e207b0bfbedb9737e783dca8745ae4d3eb09e713cb0d0adf633c276977bc04e9ca21fb0269bb8c6de79722e5869708cd64f6fdd58664fe112afddd66ec99cbe64699495841574f880ac1e892b735ae7c25a9e99c10e83cd1fcff169f30722f52e1a5fc02309a822d56b5850562fed1c666da40cf44737029e0ff244e68c04ded427822d5f0d0963b1fd58ffbc93b19fddf63424d7957de48aee3067ec20ec906c7db26fceaeb07eed8f148e4baac59cfda3c7343ae03f594324969f1f4c7af2c59f4ce90b44be4c3c90bff974e434f30c37c929eda0bd592bb350a37f2125b2a0367fed47bf0eb6a38a426d312c6b291b8fb2cf9b843966813be8a5414818898a70ca324881e495f47b7c769dfbac0e9ae98a9a350d48d10db6d8a70485b90bea6a5e44386687e06459b82e907458fccea02dee8dee36844d609020f4860f62be1cc1c4c4ca5128a47672f010d8e1a279b58a13a7f511f5cd0cad56c76ac7424769fa9ac5d60895208d9cc0e1dc86684a97881771ffb4aad0eb1105a417941c4b8cfc120109895381d58bc73f32963bd45b0df92934967f1cc0970f58cbca14fc58ea725397e18177a1030cc5c602f9cdd5a6acf3a52a35f23ac9b661b74ef77ce41d3ab77d3f59896982dd7fc8723c21c05e5434eff75d5252709333367ac94296e18f77a8fcba20f5bd518cd178dd027b558cc3f7001882cf11999dbcd5b4479226f4ab23e668fe3d3187981d7a46e3daf89e52b6e153a1286647faf1fb5999cfc7d4e9f5f6b0c6135a0f00e209a4350b4ee4e14c44a9ad7d1d77e085f980d68e196f4e180e4c81308a8ca2862caff0082fc337963dc95ac3d4dacd5d2400c3f4c0860061698f6e0bd7349c76b706f3e6db374b9584fec9e204333ba22a220a6947aeb22ac6922342196a6e15a46b6bba6a557950eb9b025eacf991dcf0faa468f0920f9d2c172b3a4ac283b3b38d6f9bf2ab80d6640151690bf713e7bb31142c96c9b69bc7ffa04a8b20e64ed3b56520f01182ee7fde697bae686984a74764a4eebd613e53a95aab512c27e5d557c076bbb925f48d87a8505ca9727962e55bb5ea243a7375eea7965d5c446359d2570fc661d4eb7c298d95dc50d3121040e52fc403e210021de36122db2c2fe5079062f9b574a74f216316b7d9312695aadbb4f895a4ef03e733efea4ea44bae140f885db5f4877e908769d5cbd5ba0fb61fba3a78451b2c3144d73971d6796bbee94d8ef6944832774646b2dbba5681a171512b139dd376e858821195a8939ff8c33858d49de9ae14f3b4630df17e7763872d7e2e20ca798f12744ebcd2737e69b02f7b98872092fa23d991122c4af5fbf66a36b782896c848eee29edd39a5006c89c4407c96a4597eab1502f377b6b1e416233f11b0b4100b3f443ed9a00bf7ba2719d18f2f8bd6f6af2bbaaf8f2fad2b0aae80f5006760429ab5d226f74722fba0161ddca64a96729714dbe13935bd5b6754a7dde144406930f725c19464f31014483f9f3da6e556f53f45511a6f9279e72f1705d71616f17206843aaa90398253141bb8ca50785b74489880a7a00f6a6367d09d8daef7ccdb9f16de84f01f39118598d2e266ecd5aaa1e3462d1d2048eb12278eb8af9f98aa156b3bdc4fab6adbf350c60e27c236675f9f11aa1147587dda8a6ecab352f447d4005931d2e676bb7f0b5c55d93d453e64f1b19f673425e70b67cf9f1b00005fa0e2d88e451e8e1d2a1814d0688356693216490fdbd5b6f0f4bf63290fd69da041cbf45dce6d6d9abb7ac4206a7445e5feed5c98afa64e39303acb51e0fe9aab4b43e5dac7f696ea25669e6b407c86e34a2710a2ba5865c51ca1779926449b2b491340de648c0f6a786cc6c5ef2ad814277dce1c08db3d5ef02e5374683c801c1801c3be7feb99d5a2b1765ebf809c073cadabc0d8f5e4d0f557b2f0293af1c14a0cdec634c58056d9751f454047c12aa0ac57ff890e622551b3b9e3144522f7c854a6448d963678866971f3bac5d0f427a88d9536ed66ba554dafb63c9b01351c39d3dc8b623fee5929c2d6b3cbd99194815c0a3d34d22a63035d1f18fd7ab8c57259585b55d8fec674ac52c68f647b8d6c9840986c23a0ce53f54c3efe0b77828caf82ff68093c7e4e8e0e0a4f01d3d120d3dbc3f6e0358dad777bb96b9b9ac1cc04848f4aa935f2b8bcd481932c23bc6e18953a876d4a45ad9f2523996b69722760b5a316e23a0589381bf2a4ffb02e4c9af780589232a99a2d8ae5ea5a2c52f12dca03b30247307f4ddf4b5edbbbc6b790e35b9af6386697b1ddcef21b51d963a4f2f3c4a5faeed1fe0d869bc216ad3b460483903cd4feb7665395b988c8407230bce2a912ba64e0f150c86b4a623d297f15d6f78d559f9c40880aac37e78852532ddeb9307ac61e17f03e881f59cdace173ebf5c5a7bef6b771de80a768b873165c19664657b335e5c40bfe982cac1baf7678a430eb26552d4be26f3979e6b948d7ec0338270194521d1e75655b169426c0da47e5e3b6dd1941610e96e5e42a62a6c24aa26f40e9f350a8fe9a008c836b7bb8a521b4adb257c7d481e2dd1694ec6da3c89487525a8df7b88a029d8fcb274c8b5a17e6f978b247e29045317c22aa5954fde35dbd7dba87ff2bd05909af99dd7051fc32720bd13ecde5fa270fbc9268d9f2851baef4f3025a45e56588ea066f5b5989b2ac567b244211c71b29ee19aa80930ab541c57d458e7dcda0361e8e3998100802d8b865599d58875273f0d7ef0170dd200705eaf018a6a3748524232c13b38a35c2891e312b305969669c6326497c4c9f1cde4bf7c9afab48050062af5a8b9ba81b7d18fa092ee6608152502d0cbf1cb7549848d811b3635122645e7fb552bd9d64a14a9eb81faa7194fa70b2230a364f0d89b3cd0d3aa02b7740249feb94751562adf91c4e23b76f72e5dbc6c191a3f8294a152e47390d6049aed584c9c76962eb57a6ccf5b401851a2f5e16a4949686257776bc86f4741652500e6e50453360fb24e973e39ac6a2250e3429181987eefb2ed052c1fa19b6851841dce0473ccac93e2a26abb5bf578ce99fa9763d938f4be4726dc931d1e567c4d5aa0312c5b45f6f40533fd89a20a153e891ec9a6748821697b0b869044e1a04e43389f7a933b7c8d3b9f234088cd82a2716e0b9be6907c08694dcfd46f694ac90e6b686513b468331d1a14267fbca35bd55586d35f0990ccdd16553912389f07837148a04bc43a5105384499aebb375822d28e5cd73ab8c918926c769781e867e6ca7e8b1f535b4fb824db49358ae9dac4e0631fc284b4862050ad650637b225c546af28cca4d5696078d80b2f4298276c18801fe7b074d74b5325b1f182940f0286e9a784d633ec8d7cb2dea6840b506c0a902a4744afe8592728d9b53258089fcde49de25a152f6b4e4a4d7205b7175e59584de9f254735d2a0ae433f22a4262b039e148cf7fe2c650e0e735e18022e3a97e670732219f74f8f0031a3d04b3168e3d8cce95463556596a28003faac6dce360f135838badb2e0fd7998166de8972707a6", 0x1000}, {&(0x7f00000016c0)="2e4d8b6941870d4be571179c14b9300c3d8b05f7ef29e0a487f457560701eb8fe566b29eca6052461ef79a7f1ba1bb23ea5390a37be201fd6a195d0a32b9ffcc9bdccb97020c00471acc7d8f487dec371bcb521e90ca859113d06c991da07a564427b33f146d1b5db4f690387b9d162963ea7bae0d1d55878022c24459f531c41dc2cd4ecccb412a9f31332a4e985d716fbd6126b5951a87554f2552e181722441ac3c639ed1e38f1474b8e7231f77fc6714dfdf21510cf31064fbd0ee7b9f6cc142b96b2235d6e70cadabf9a144a047ebab3597224c5ae16707e7fdb577ba81b8ddaea55b256b2047449727bc7c81824c6176fb069152c4", 0xf8}, {&(0x7f00000017c0)="572c9dc8662d176e3bf3f266af6880fb003f9a84f31e0ae1a88898035ba585a344f759b0241270898f9af93f1f2ea6bdfdca9022540bf1ec43e3ac00a08a56961512571d495e8a76d02b4864a36fd924f9f0c2350835e8ac9f066c56ca568634e2a3fde51f5536e0789d4c6ee16669573ff9263047345b7cec524c0d22e0263f30833fd8672e9c2e155dc855aea952b11e1c94aefbddaf2f43e54eb3a8106aafbe49a1f3ad2a9498aa5b3f7ef54b36b244146636f845925aa169d68308545b23e0b4c7f5e05ce0ecea0e64ea346029e41ab79ef076b814686a5da5c9e5ea9396", 0xe0}, {&(0x7f00000018c0)="778dd5675d133da658ab4d72971245fa27a2dae006875a8d7d73bf1428350a1791b0ee9aacc36d0b496a2221ec2d411ff23bc45721526fe51da91218b9dc490f1966ba6febc8dd6919263e4f040b4b2a7a4f980b618ca9d7fef235bce34acb60d758aa655c15432357c77c6db7874a96e2cafc3e87ef6841", 0x78}], 0x5, &(0x7f0000001d00)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @dev={0xac, 0x14, 0x14, 0x26}, @dev={0xac, 0x14, 0x14, 0x34}, @private=0xa010101, @private=0x5f]}, @rr={0x7, 0x1f, 0xdc, [@remote, @multicast2, @multicast1, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0x13}, @broadcast]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x40}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_retopts={{0x78, 0x0, 0x7, {[@rr={0x7, 0xf, 0x59, [@loopback, @multicast2, @local]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x14, 0x55, 0x0, 0x9, [0x8, 0xcd0, 0xe, 0x2]}, @generic={0x7, 0x6, "3abd385e"}, @ssrr={0x89, 0xb, 0x5a, [@loopback, @private=0xa010102]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0xc, [{@rand_addr=0x64010101, 0x3a}, {@broadcast, 0x3655}]}, @timestamp_addr={0x44, 0x1c, 0x1d, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x204}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@empty, 0x3}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}], 0x170}}], 0x1, 0xc180)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(r2, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r5, 0x402c542d, &(0x7f0000000080)={0x3, 0x7, 0x7, 0x7fff, 0x8, "0982aa400000000000e6ffffab5b00", 0x5, 0x2})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0xff)
accept4$unix(r2, 0x0, 0x0, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0xe, &(0x7f0000000540)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x1, 0xbb, &(0x7f00000019c0)=""/187, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$vsock_stream(r6, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)="f8", 0x1}], 0x1)

29.703212745s ago: executing program 3 (id=1260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x5, "2569e7"}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69eb6c1"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r9, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

24.627215934s ago: executing program 3 (id=1264):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x446000, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x89)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="2100000007000000ff0f0000070000004b860200", @ANYRES32, @ANYBLOB="00000000000000000000ddf44d451e82b090b8b200000000000000000000318f6bf25c013599ec014da60d24963284484e82b338a97a995744c8e6e81fea522b9ea6b0ec55a9709cf520552f4559f65074e3c236fc1cf7c9f616d6f0d69de523bb1ca8155e3e1517de56321ff4faedebc35e1295bd094089d2bee440bd69c6dc0786df88157be3e1ea51284d78e4acb7d9decab064faa8b8ad7bdc57724a00"/170, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x6, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES16], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(r2, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000080)={0x3, 0x7, 0x7, 0x7fff, 0x8, "0982aa400000000000e6ffffab5b00", 0x5, 0x2})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xff)
accept4$unix(r2, 0x0, 0x0, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0xe, &(0x7f0000000540)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x1, 0xbb, &(0x7f00000019c0)=""/187, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="f8", 0x1}], 0x1)

24.004750502s ago: executing program 3 (id=1267):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x7, "2569e74886"}, @rr={0x7, 0x7, 0x4, [@remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69eb6c1"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)=r6}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r5, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r7, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

21.626589725s ago: executing program 3 (id=1270):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000002540)=ANY=[@ANYBLOB='iocharset=macturkish,uid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=continue,fmask=00000000000000000000004,iocharset=maccyrillic,keep_last_dots,keep_last_dots,namecase=1,keep_last_dots,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c0055ed24175864be2f95700a31c105797fed1e19598ee6077fa1ff90e6363061685aa002a33af4ee649c7a4d54885f20b6f83dfc65e3131d5c5843563a385720eab5ed037f314ebad1d108eae47aa8eb20dd49ab7cf0dd7dbf010a35d3507718ea5da12324f79f3b1bd14d74306adbbb01275f36664775fd1bbc33191394204dbdfe7a620405f2eb0c3ba16c4da2b59b42ea9b7f87c4d2843a2e78f71df235b7114eccbee4428d8888fb9cce0e1fc235085fe01b4b"], 0x1, 0x151e, &(0x7f0000007640)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJLkmSJEluCUmTHElIDLklDUlILkNyGUJymZg07ve7JCRJkyQhuSXr/5ni73TqvOec9/Qe7+ed5/v57I/1zN7P2s/+PbNnXzDfdh1Wq0nt6o2ICP4t+OsfyQAQCwCDAOAaAAgAoHx8+fjs9bklJv97O2F/rofSrnQF7Eri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxsy4xC1/KScxd+/5+T8fX//4aLJx98ua7M9d0AYv7ZPO5/zsb9/z8r+Gc24v7nbNz/nCr2ShfA/hfg8z8nyPV313D/czbuP2M52ZV+/3ylF4jk7M/gSn//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGc74yxQAXBpf6boYY4wxxhhjjDH25/G5rnQFjDHGGGOMMcYY+5+HIECCggBiIBfEQm6IAwEAV0NeuAYicC3Ew3WQD66H/FAACkIhSIDCUAQ0GIgBghCKQjGIwg1QHG6EElASSkFpcFAGEuEmKAs3Qzm4BcrDrVABboOKUAkqQxW4HarCHVAN7oTqcBfUgJpQC2rD3VAH7oG6cC/Ug/ugPtwPDeABaAgPQiN4CBrDw9AEHoGm8Cg0g+bQAlpCq/9W/gvQE16EXtAbkqEP9IWXoB/0hwEwEAbByzAYXoEh8CqkwFAYBq/BcHgdRsAbMBJGwWh4E8bAWzAWxsF4mACpMBEmwdswGd6BKTAVpsF0SIMZMBPehVkwG+bAezAX3od5MB8WwEJIhw9gESyGDPgQlsBHkAlLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHHfAx7IRPYBd8CrthD+yFz2AffP4v5p/+m/xuCAgoUKBChTEYg7EYi3EYh3kwD+bFvBjBCMZjPObDfJgf82NBLIgJmIBFsAgaNEhIWBSLYhSjWByLYwksgaWwFDp0mIiJWBZvxnJYDstjeayAFbAiVsJKWAWrYFWsitWwGlbH6lgDa2AtrIV3493YB+tiXayH9bA+1r/0egobYSNsjI2xCTbBptgUm2EzbIEtsBW2wtbYGttgG2yH7bA9tscO2AGTMAk7YkfshJ2wM3bGLtgFu2JX7IbdsXvWC7kAX8QXsTfWEH2wL/bFfpiSawAOxIH4Mg7GV/AVfBVTcCgOw9fwNXwdR+ApHImjcDSOxqriLRyL45DEBEzFVJyEk3AyTsYpOBWn4nRMwxk4E2fiLJyNs/E9nIvv4/s4H+fjQkzHdFyEizEDM3AJnsZMXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342bciltxO27Hj/Fj/AQVAH6Ke3APpuA+3If7cT8ewAN4EA9iFmbhITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8Byex+cSvm78Scm1KSCyKaFEjIgRsSJWxIk4kUfkEXlFXhEREREv4kU+kU/kF/lFQVFQJIgEUUQUEUYYQSKMAQARFVFRXBQXJUQJUUqUEk44kSgSRVlRVpQT5UR5cauoIG4TFUUl0dZVEVVEVdHOVRN3iuqiuqghaopaoraoLeqIOqKuqCvqiXqivqgvGogHREPRBwfgQyK7M03EUGwqhmEz0VzIiz/BWosR2Ea0Fe3EE2IUjsQOorVLEk+LjmIsdhJ/EePwWdFFTMCu4nnRTXQXPcQLoqdo43qJ3mIK9hF9xXTsJ/qLAWKgmIU1xXs4N3ct8apIEUPFMPGaWIivixHiDTFSjBKjxZtijHhLjBXjxHgxQaSKiWKSeFtMFu+IKWKqmCamizQxQ8wU74pZYraYI94Tc8X7Yp6YLxaIhSJdfCAWicUiQ3woloiPRKZYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hY7BSfiF3iU7Fb7BF7xWdin/hc7BdfiAPiS3FQfCWyxNfikPhGHBbfiiPiO3FUfC+OiePihPhBnBQ/ilPitDgjzopz4idxXvwsLggvQKIUUkolAxkjc8lYmVvGyatkHhlc/HSvlfHyOplPXi/zywKyoCwkE2RhWURqaaSVJENZVBaTUXmDLC5vlCVkSVlKlpZOlpGJ8iZZVt4sy8lbZHl5q6wgb5MVZSVZWVaRt8uq8g4JkV/3UUPWlLVkbXm3TIZ7ZF15r6wn75P15f2ygXxANpQPykbyIdlYPiybyEdkU/mobCabyxaypWwlH5Ot5eOyjWwr28knZHv5pOwgn5JJ8mnZUfqL3yLPyi7yOdlVPi+7ye6yh/xZXpBe9pK9JfQB2Ve+JPvJ/nKAHCgHyZflYPmKHCJflSlyqBwmX5PD5etyhHxDjpSj5Gj5phwj35Jj5Tg5Xk6QqXKinCTflpPlO3KKnCqnyekyTc6QAy7ONEfKf5j/9h/kD/ll75vlFrlVbsOLrZCfyF1yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoMySWfKQPCQPy8PyiDwij8qj8pg8Ls/KH+RJ+aM8JU/L0/KsPCfPyfMXPwNQqISSSqlAxahcKlblVnHqKpVHXa3yqmtURF2r4tV1Kp+6XuVXBVRBVUglqMKqiNLKKKtIhaqoKqai6oZLVapSqrRyqoxKVDf9K/mquLpRlVAlf5N/qb7kv1NfK9VKtVatVRvVRrVT7VR71V51UB1UkkpSHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WsklVf9ZLqp/qrAWqgGqReVoPVYDVEDVEpKkUNU8PUcDVcjVAj1Eg1Uo1Wo9UYNUaNVWPVeDVepapUNUlNUpPVZDVFTVHT1DSVptLUTDVTzVKz1Bw1R81Vc9U8NU8tUAtUukpXi9QilaEy1BK1RGWqpWqpWq6Wq5VqpVqtVqu1aq1ar9arjWqjylRb1Ba1TW1TO9QOtVPtVLvULrVb7VZ71V61T+1T+9V+dUAdUAfVQZWlstQhdUgdVofVEXVEHVVH1TF1TJ1QJ9RJdVKdUqfUGXVGnVPn1Hl1Xl1QF7Jv+wIRiEAF2VfamCA2iA3igrggT5AnyBvkDSJBJIgP4oN8wfVB/qBAUDAoFCQEhYMigQ5MYANxsenR4IageHBjUCIoGZQKSgcuKBMkBjcFZYObg3LBLUH54NagQnBbUDGoFFQOqgS3B1WDO4JqwZ1B9eCuoEZQM6gV1A7uDuoE9wR1g3uDesF9Qf3g/qBB8EDQMHgwaBQ8FDQOHg6aBI8ETYNHg2ZB86BF0DJo9afO7/2pAo+7zbq3TtZ9dF/9ku6n++sBeqAepF/Wg/Ureoh+VafooXqYfk0P16/rEfoNPVKP0qP1m3qMfkuP1eP0eD1Bp+qJepJ+W0/W7+gpeqqepqfrND1Dz9Tv6ll6tp6j39Nz9ft6np6vF+iFOl1/oBfpxTpDf6iX6I90pl6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH/ljv1J/oXfpTvVvv0Xv1Z3qf/lzv11/oA/pLfVB/pbP01/qQ/kYf1t/qI/o7fVR/r4/p4/qE/kGf1D/qU/q0PqPP6nP6J31e/6wvaJ99c599eTfKKBNjYkysiTVxJs7kMXlMXpPXREzExJt4k8/kM/lNflPQFDQJJsEUMUVMNjJkipqiJmqiprgpbkqYEqaUKWWccSbRJJqypqwpZ8qZ8qa8qWAqmIqmoqlsKpvbze3mDnOHudPcae4yd5mapqapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlqmppmpplpYVqYVqaVaW1amzamjWln2pn2pr3pYDqYJJNkOpqOppPpZDqbzqaL6WK6mq6mm+lmepgepqfpaXqZXibZJJu+pq/pZ/qZAWaAGWQGmcFmsBlihpgUk2KGmWFmuBluRpgRZqQZZUZnnz7mLTPWjDPjzQSTalLNJDPJTDaTzRQzxUwz00yaSTMzzUwzy8wyc8wcM9fMNfPMPLPALDDpJt0sMotMhskwS8wSk2kyzTKzzKwwK8wqs8qsMWvMOrPObIANZpPZZLaYLWab2WZ2mB1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJstkmUPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5ZwpcvF56E2tz2zh7lc1jr7Z57TX2b+OCtpBNsIVtEattflvgN7Gx1pawJW0pW9o6W8Ym2pt+F1e0lWxlW8XebqvaO2y138V17D22rr3X1rP32dr27t/E9e39toF9xDZEBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2ySfdp2tM/8Ll5kF9s1dq1dZ9fb3XaPPWPP2sP2W3vO/mR72d52kH3ZDrav2CH2VZtih/4uHm3ftGPsW3asHWfH2wm/i6fZ6TbNzrAz7bt2lp39uzjdfmDn2gw7z863C+zCX+LsmjLsh3aJ/chm2gCW2eV2hV1pV9nV/7/W5Xaj3WQ32132U7vNbrc77Md256UbYbvH7rWf2X32c3vIfmMP2C/tQXvEZtmvf4mzj++I/c4etd/bY/a4PWF/sCftj+pSdvax/2B/thest0BIQJIUBRRDuSiWclMcXUV56GrKS9dQhK6leLqO8tH1lJ8KUEEqRAlUmIqQJkOWiEIqSsUoSjfQpfJKUWlyVIYS6SYqSzdTObqFytOtVIFuo4pUiSpTFbqdqtIdVI3upOp0F9WgmlSLatPdVIfuobp0L9WD+6g+3U8N6AFqSA9SI3qIGtPD1IQeoab0KDWj5tSCWlIreoxa0+PUhtpSO3qC2tOT1IGeoiR6mjrSM9SJ/kKd6VnqQs9RV3qeulF36kEvUE96kXpRb0qmPtSXXqJ+1J8G0EAaRC/TYHqFhtCrlEJDaRi9RsPpdRpBb9BIGkWj6U0aQ2/RWBpH42kCpdJEmkRv02R6h6bQVJpG0ymNZtBMepdm0WyaQ+/RXHqf5tF8WkALKZ0+oEW0mDLoQ1pCH1EmLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQx7STPqFd9Cntpj20lz6jffQ57acv6AB9SQfpK8qir+kQfUOH6Vs6Qt/53vQ9HaPjdIJ+oJP0I52i03SGztI5+onO0890gTxBiKEIZajCIIwJc4WxYe4wLrwqzBNeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdHwhrB4eGNYIiwZlgpLhy4sEyaGN4Vlw5vDcuEtYfnw1rBCeFtYMawUPnJflfD2sGp4R1gtvDOsHt4V1ghrhrXC2uHdYZ3wnrBueG9YL7wvLBfeHzYIHwgbhg+GjcKHwsbhw2GT8JGwafho2CxsHrYIW4atwsfC1uHjYZuwbdgufCJsHz4ZdgifCpPCp8OO4TO/rL9/8d9fnxz2CfuGL4Uvhd7fKxdEF0bTox9EF0UXRzOiH0aXRD+KZkaXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e9r50LHDrhpFMucDEul4t1uV2cu8rlcVe7vO4aF3HXunh3ncvnrnf5XQFX0BVyCa6wK+K0M846cqEr6oq5qLvBFXc3uhKupCvlSjvnyrhE19K1cq1ca/e4a+PaunbuCfeEe9I96Z5yT7mnXUf3jOvk/uI6u2ddF/ece84977q57q6He8H1dBPz/npOJru+rq/r5/q5AW6AG+QGucFusBvihrgUl+KGuWFuuBvuRrgRbqQb6Ua70W6MG+PGurFuvBvvUl2qm+QmucluspviprhpbppLc2luppvpZrlZrursX/cyz81zC9wCl+7S3SKXfc+Y4Za4JS7TZbplbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vldrnd/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MjEyKvB2ZHHknMiUyNTItMj2SFpkRmRl5NzIrMjsyJ/JeZG7k/ci8yPzIgsjCSHrkg8iiyOJIRuTDyJLIR5HMyNLIssjyyIrIyoj3hbeFvqgv5qP+Bl/c3+hL+JK+lC/tnS/jE/1Nvqy/2Zfzt/jy/lZfwd/mK/pKvrJ/1DfzzX0L39K38o/51v5x38a39e38E769f9J38E/5JP+07+if8Z38X3xn/6zv4p/zXf3zvpvv7nv4F3xP/6Lv5Xv7ZN/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hXfYof6of51/xw/7of4d/wI/0oPzrmTT/m0iMyTPCpfqKf5N/2k/07cKef6qf56T7Nz/Az/bt+lp/t5/j3/Fz/vp/n5/sFfqFP9x/4RX6xz/Af+iX+I5/pl156qexX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F3+U7/b7/F7/Wd+n//c7/df+AP+S3/Qf+Wz/Nf+kP/GH/bf+iP+O3/Uf++P+eP+hP/Bn/Q/+lP+tD/jz/pz/id/3v/sL/D/WWOMMcYY+6dMvDwUv13z6+v8Pn+QI/5q474AcPX2Qll/vT77jnJD/l/H/UVC+wgAPN2760OXlho1kpOTL26bKSEoNh/g0t8EZYuBy/FSaAdPQhK0hbJ/WH9/0f0c/YP5o7cCxP1VTixcji/P/wUAJv/B/I89MXpRhfBM/H8x/3yAEsUu5+SGy/FSaPfL+5W2UO7v1F+g9T+oP/eXqQBt/ionD1yOL9efCI/DM5D0my0ZY4wxxhhjjLFf9ReVO196/rz0Lz7/6Pk8QV3OyQWX43/0fM4YY4wxxhhjjLEr79nuPZ56LCmpbed/fVDtv5X1Tw+awv/UzDz4w4H3AJe+ogDg35wQIHsg/5NHsfU/sq+Ui6fO365acdYH8L+jlX/G4Ar/YGKMMcYYY4z96S7f9P/26+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVA/4lfJ3alj5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//85evzE")
mkdir(&(0x7f00000003c0)='./file0\x00', 0x12c)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000840)='./file0\x00', &(0x7f0000000080), 0x18)
utimensat(r0, 0x0, &(0x7f0000000880)={{0x0, 0xea60}, {0x0, 0x3ffffffe}}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20800, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
time(&(0x7f0000000300))
rmdir(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r6}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300)={<r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r7, 0x1, 0x1d, &(0x7f00000001c0), 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8401, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x33, 0x4, @thr={&(0x7f0000000000)="c49d2289b8be8b5f2f508ec4e914f819286a94908a40bcfa5c771218e1273bf78a106e1601b62bad15fb347daa8e0115d93f08", &(0x7f0000000d80)="b0539e49b4185a5bac4787e76f9dd6a4d30ad7410351f42fb6687d35d7e86b2694d95b62b4ba926d2d48e27aff5683497177124ba3e3bd874e95c5824a3f41ec23bdf0e200dd5680764baf8162a10136f068ef0f68fe1082d9881f3be5e8a139dbfa8e97dd11e6a0b70153a45db2b3a714e9ba42618037a91b0b74ce34afbea05723dbd9e2080bf03feefdb94e45e390ecfeb4a05d2a46e6b9dca1acc1f451979c382a134f6dbd43c932105c84dbf278dff0e5c1d403b5ecfe1c6d71880a790fe19a386a74e4fe7b27a56fe94133e58fb8ca7009ba91e37aacf8affc1f03576f5c2ca3e9615039fce10a48077d2c6a625ca081000e39a7f13d7550d079b922a5732b33602f355f8b730ee9b0e4d01608e6a9c19a51d4d911f6d64eed286819441a0f7deb4c0ddc284530694351167b4a69211d7d242c92e9765efd2d79e67427c35c7963cff44a8ec4956ebe5318ee3cbf0e34bbfa55a17058861b4191b795bb28c601c9563ea087d3d23abe755591f7fbae9482c5f6dd08c4b787969e70d39d29623bc4b85d154b4c55bf6ab22ad684c393283aa7086762814e2ccbe2a18fd079e357b06022f8bd0fc9a5e3257af7155676e61584f8896be08261d58c0e182e0a3e11f825f645ba23d5dd87d9f8b44551b09798b2ba3bd7681e8ddd38afc46b9884fbeecb0439394f27e80465e47c69987fca44de412bdb901d73db332086c882c19fd87887dd5b08eb3424b64f084830db7999257d84e106ceef7b9600fdfc177d4944194d2c1f45bb737177e026a5a4495f0caf3621d5426d9afdd3db563845c69930960554cde0006e6b447b9da0d5d858ade07a834ca49dd477eca7c39e905e57e9d355b14db8df6e8bdf685c68c60008041b4b6d57f0510812a6e07b26d15611493d58630b50a63187ec22ba44143caddfa876e564e012d809aaf417f941b4752817fe88ddae31cf8f6de3d87f3969f3bfae71a4d2452f048acbc6b4d30fe40ec4276a99416d3326bf873fb52c17c48073795ca061c697a4113798990b682d8a79a1beaa7bc665d7db231c3fb0694c25591911ebf315f1d4aaf9b77c19a1c29219b29b85f50da079f8b7259965b9688274dc2e73db77755dbd2e305eeae36946ed7e24f9ac8675b731af7b90b5c6878604d5fdc8d918f4b79375ce5083d24732c15ce93202df8a75182a3e3db2d8c6c6a7693ef7914330d1e825662010cc093987e33f05f75a8d4eb84702b0aa4851f8a9bdac67a82407cd96f3f9ac767844eb5412f873b28759945928222be547eed43575cf41da694ed4ab6e614a7ea08d9f7dd4f305a9f94fd02b229831d707756f6f7eb86fe164ca736146029f00453a324afd4ff978a580ed79e05dbeaf81a467d3ba04735df8f4c9c5305bddde8f538939d18ea8ecb78502573c0d1c5d9e9167318208212cc9f231b97db3edb894c0fc867b12cefbbcbbd4f924f0cdd29088d717123b0765776f760606cf53a3a3ca60a76a22e897b055fd36b5e276b09b7a01f8a8bafc61ca1453efe073e62839c27651090f36180101f91d77f137e8029c8b100388c4c3205366a839b006c073789f3f2e4699ff7d775488382dae51ec46a25f0567200cc54908e4b944ffc727919612f7eaccac63977844771a9f50bfd8509b8a33cdb520215768347f5a70abe01e6a3bc99d21dbd8b918260b022057f83b7ff8573fa947cec6bdd2e637c1355f5e43c52f0627c1d25553c9a26b65004d3f4e956ba6e9c9ad92945a5b838f0693eda42c1e10c404297bb6e8eba0f11a3d3331b0b6f289fe8f8fac4b53075d1214b97e2f0ae5cf5e99819f9c55322621877fabf71fe5142ac146a0c0d8c3ddb79e4dff81ab7c74989e2efe46bcfc6a68243ed9040b84ae2e556734cf4feedfdd25f4a2b75335c2c6a1ef770c1f2450745f1b9063f5034c09d5abf2d5f30ad9ab95b53dac887dd1649a4b1dcdd216bf28f6ed7c6da2221175da3483b8961792ba32342183fe13a7817c7bb76049f9c64fad966b0fc0c3e4a11b2aed12c79d7198f299ac84bd36ad40953a81a672323337728788a9325be052acc1df7e471cce2991801ebffd4e9a3695860ebf82907f132e091bef2dd82a2e8e69494c7618e3a9eca25146091e2d435d07bbb78540cb7edac863746df87912d8d5e9173269417fbabb0724b560ecd8cfbab2457d2a0fd3818338379fec4999d1fac8a13b56786154d17dfbf0978a94173b26fd7f8845811e710703f509746962645e59239b8bbef15e0f68acf73b3431aca342ebac8d70445676aad87fffb5f85a6c2af9d8b91171e596a231f0bf07ddcfd0e3a2c69a6282acc779b3edf540daa152ed2176b98a889e589e553ad3667211ea662f47b20cbb2bdcdb7f5fddbbd56c5b2b47713388c6ffa07b46d8c4e69b38a2de4ab09f0e23039c3448805701a63e7331ac32a6acd6b2b6ce4232d858a735f90c2d980815ccf08685e00a13e43f7a4052be4ab711a9400106bcd93bc2a6d2e163ebc7d8bbf9872c8514be3f4f9ac63c3b11f6ecab9c45042d118ed451ccf0fbf51a52c13aba3ab35e635ea8ba9f8d8d997c3f606e32c449683ec6ad1cef24c46b0ca157c6a1a267e9a2da613827ac9581810e8ed86fc39e2513b90d9ee4184c49f915b5c9f1230ec55b35f6cbc4ddf7f74949bea12ac3868190a8de983797f7c25d20f941911dddb687461a814d7d8fa9a77f7d38af812e73f52886936fd8e70ee98cdedec862a26322046828cea7e039550e24d8015ee32f1042267faa4d787a4f97e692a35662957e92e19a918e0d96e9235b34c461af25b21ae4f24dc40c46476c5a9c99531f59f154a7b28c2aee9024bf523b49ed738599878b905ff6da894b859a65a71550c1c9a17b56ed94e5a8005d5fca55a60beabcc1ffd4891c6cae6d452d5f3324ee3788f1e08013ab6f4211e97c52bad8f9b1adfd953d41ad4c0f2afb528e784db4764069f53b8638713b83f04b4368f3e97008cf1dbf3fe3631bc24c8c69a1d2370b1e8dcce673ce307fb33b947084f847c326470ec68577227421581c402562fb256eda41b093ff393319d5814e120f18ce4d12da32bc737b0e31ec009caab685237c6a91e8f7ce320ba9754ad03cd7cb4f5a5e3899d471e9cce6e37e692e7809bbaf0ff81fda1777725309a958783af894853e9abf696171af5c8485dee18cda6312a75bbf939fb12dbc01f6e33bf1f17594c4bb1ac477911dd7d7cc0e6625c9f3e4764261fcba2221fb7e0d60644790979a8e87168f90722f58a06c83cdf2db546a13c3a513fc4e19e113f20411eaf33169604a87b60cb89ddb1afe4942415dd9bbc1e1d4b881ff0b5ae20cfccf7a5370507b2c9c0d679b5d025bab44ca9578fd2f471fb8857b1e7511aff829aea6ff489af2df99d76fc44ad274754eaa3757ab22ce01ad5312109fb382c74e056fca3aec1bf630d5576a45d4709b22f07af9baa8af4b02de52f5fc1dc0c56f5f48dc99dd8908760044182c205f3f3bf34a9d26845129fd77cc693215a585a92db5fa99638da82fb7d1dad5924c4a3b7555f080daa0bfe83df80a182fdabd355f0fffd08b983bca977bae9bb99bdfbf45dd541479fced89c1a5b0e72bfcafce6d4955da360bf6edae743572b9e211b1b7c7dc0f297c2818a49d265c52b3d530e57c178d6e4f06106a1f4296853bb08c573044e5851013d6b2a49ddd5d2d554737b6c6f760475140cb930b4b90f547b411203c1d11cbd21930f2109bba622601ebd67f34bf2e1ca8d4f12a8cbb3e0e2c4e9ddd873a7b73f24546b2d5344fc72f26a3e904a9b70c435ba0223a9a0610409cbae50aa3e1567d684693ee351fb30416d9eb018ac66e8ae6416db848aa2967429754fb27aa6f7c4431c3cb67b4cfc3343b0dc36d9217af749a408a8b32e5ab0b29db6874a53d3b2ff004f3aa149a5d4a8d243e93b5d27c5cb8073c052f7667ece5327b3a1d803298c9865810036b1c96102daf72b296c1fbab7297caaa66de46760504e92e2bd00526e7887b633a8aecb05b624dc43b917a164d83e0d891b6bcc0e02a35c90e99b01b4dff987c1feb7d48a6d8aa402bd74d44c175b42a3cbc6d00aaab6da3a84dfbedb507ca9e56acfca2b7d6ac98e161a9a322683c27e6f3f3c62aea4882d42fa5230b0b9fad421f1642cf46e7840329fffde48df032980970847da4c58b8cc4c55bab7d1ca702e0baf02a3686cf7d64e404a3954ae1647e998ed71a48a97ff30604b77e6740d3d70d41e0eeee064346eb097c9540dc027afb8be630916f406bc28439f40c5281eb1ad663c7836ad512929a35d96346378bd74348cdeedeb7b1ce51b524fccb9fd6b0c87f100543938177b0f6a6b74f3f5f663337b1009baf0e8e64dd883c5053949341106892925ee2a1dffb79d5c59eafe0dd3035020dac788a842e7c5d9e0df1c5bc906cc27093a6155eb6069a783b64c9d25c1fd597caec7dfe2bed7264f8a906c3dae0b6649057c230606ee9dc500d73d9b1e152d4b186ffcfff741c1157cb700b54983a4e923e4fe7b9904750399a505b275457fa5bb5cd9cda41bb457acfc0377bdeeb16cc5758d0a63c72645c1300f60e3c0158e9ad57f49f5ef870e24f5419c39648655253e5319172bd766d2175eac91b6961f9888d9ddfb0e4080c291de48f8fe89eb39c0be4bfd3fb1d921da500e106a9dae73e5926896bf8174a4d65c245d3935c699df33c09fdce2532e16e04c4a7ba75bfd8b23a7c5d5a8713739a74f7a544184a23a8ceef68ba22fb5fbd6ea9840ed0cd8dd2a6d3a68e7022e83d041bc4ead58a083191c034abd406fad7f838cb8943a32c709bb6c70a0594d275f682cfd26c59c597ef95f598d8423f1f0bc8c40fe234967da9b8dbd223663cbdce3bffa58d662b9c4c52e04daec7148c5035896249e8425a9ce6510d663cb7e3f634d19582d2a9fa8f118f6cf801e8cf6ae2e9819464c7450dd771dac81058b6b7ccbad5e3ba9251795ddb85df63d6167f040c181d94f777f03c311f009683644430b0a06d8bf886722bcfe37d127dad9b89551b746278f7b762dc7bfdfe4c0ed03667d6263fcc42fcbbd34d5d95e4dc3cdd8d7c125070a2aabb713ea1fd3f234ef3b2adfebcabe12ed0bd395d020fff80a4891485840ca8e1c3fcbb3c0e163520362defe3e36028087f37ecc5fbfa2c85d109a2a286585ae6b6bcff4baab6c257083e0e1cc51add66416e164a64fa05aca8836a817ae72a7577d245ec6cd68030745a566dc4d57679238ea170d24619ee033e0d5106f1b0cbc8b07e5ba08cd11cbcf8faf5effda111a381c949cb058a3f160a695f6f4fa7257d83f364a108abaa4b994d12eb26f8a57cc14d2ad6843268981f8f8769b96250ee7aedddabd4e16b173f5aab5be4de30818481599ae6df8b9988abfb23599460b3e7145e4cd2b42979746ce7cbba489ef3d440d711fe431c0d38c0bfd497c1e25bb44430adeafe9fd226f3ce6635a1331c78e7abc3722aec695d13a6864a48c0dfb5c646861ff48e108c27c8218ff167b5be1a4d5ab3161727df08d7223c86b174774e371361bc715965660b40799463e484e2312c19bb87fec3b3cef578555ac39cf62abefe6ffd51ec9cb5a522b619de32f4414b2a452ab4822b23fb977c491fb1fec359104a35b2ee14975a378371ff74848455788509e8463c9d225f9857d8ae875e1b40fc0c0ee876c225073f3d1b155c35a4c114736e5a7b81a869d0b1804ee4b36793526d673eacf6b20606b5313c29b4f1372417f4798842eeb680c5828eeabd10"}}, &(0x7f0000000180))

21.368208489s ago: executing program 3 (id=1274):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
open(&(0x7f0000000300)='.\x02\x00', 0x14927e, 0x44)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000940)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@abort}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")

20.854117786s ago: executing program 3 (id=1276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)

20.837754716s ago: executing program 34 (id=1276):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)

8.607319813s ago: executing program 1 (id=1310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x2}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69eb6c1"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)=r6}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r5, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r7, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

6.353911724s ago: executing program 6 (id=1316):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x2}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69eb6c1"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r5}, &(0x7f0000000540), &(0x7f0000000580)=r6}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r5, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r7, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

6.353305243s ago: executing program 7 (id=1317):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0x9, 0x4, 0x1, 0x9, 0x24, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x5, "2569e7"}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000440)={0xb, 0x20000006, 0x4000008, 0x0, 0x1e, "04000000000000000000004000"})
dup(r4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000980)=ANY=[@ANYBLOB="180500000000000000000000ffffffffb7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7043b3d7bd305de3f23000095000000cc81d81c7be2ad24d633ffcde3659035c40000000000001211385485af6d53a8b2dcf7174ae69eb6c1"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r8}, 0x10)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r9, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

4.39897238s ago: executing program 1 (id=1319):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
timerfd_gettime(0xffffffffffffffff, 0x0)

4.341173091s ago: executing program 1 (id=1321):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

4.181203173s ago: executing program 6 (id=1322):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
userfaultfd(0x801)
r3 = syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[], 0xfd, 0x1bf, &(0x7f0000000300)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r3, 0x89f2, &(0x7f0000000080)={'tunl0\x00', &(0x7f0000000700)={'syztnl0\x00', 0x0, 0x8000, 0x8, 0x1, 0x1000, {{0xa, 0x4, 0x1, 0x9, 0x28, 0x66, 0x0, 0x1f, 0x29, 0x0, @multicast1, @broadcast, {[@generic={0x7, 0x7, "2569e74886"}, @rr={0x7, 0xb, 0x4, [@empty, @remote]}]}}}}})
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000008500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9, 0x0, 0x0, 0x3}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r6}, &(0x7f0000000540), &(0x7f0000000580)=r7}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r6, &(0x7f0000000780)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}}, &(0x7f00000002c0))
write$binfmt_misc(r8, &(0x7f0000000040), 0xfe46)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x25040, 0x0)

4.075834465s ago: executing program 5 (id=1323):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='cpuset\x00')
preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/152, 0x98}], 0x1, 0xd, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001500)={0x0}, 0x1, 0x0, 0x0, 0x4090}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x1000000, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r4, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, 0x0, 0x0)
close(r5)
ioctl$PPPIOCUNBRIDGECHAN(r0, 0x7434)

4.054559565s ago: executing program 5 (id=1324):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3a66505}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
timer_create(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[])
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

3.442425223s ago: executing program 7 (id=1325):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0x24000420)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000001c0)=@newtaction={0x14, 0x30, 0x12f, 0x800000}, 0x14}}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r2, 0x0, 0xe6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r6}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@newlink={0x28, 0x10, 0x401, 0xfffffffc, 0x0, {}, [@IFLA_LINKMODE={0x5, 0x11, 0x6}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4004000)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

2.885800151s ago: executing program 1 (id=1326):
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000040)='.\x00', 0x24000420)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f00000001c0)=@newtaction={0x260, 0x30, 0x12f, 0x800000, 0x0, {}, [{0x24c, 0x1, [@m_police={0xec, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0xbf, 0x6, "005e3cc3bd3a94bba77e8110324bd60200000000000000e20d00e2618323d721ea60418d92a217a3cd339a3649ecb80a8226ddf9d619dd99cb06be46926a2f275304fb74ed2610c845ff01000000000000d5f5ad0400000000000000bcdcc9b361edf37a79a3aa0c4c71f39633dcbb33ed81c9ecf713b3a0502673578a168c6e19c1b28ce54c8c23ccb4fa1def27ff190847b70f8bdb2b3bd30fa166d1cd22882fe95528960d0b2b1d31bbb9c6bd2e2f779232f9c60c2d17d458d3"}, {0xc, 0xb}, {0xc, 0xa}}}, @m_gact={0x15c, 0xc, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0xe, 0x1, 0x494, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x2e3}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x2520, 0xfffffffff7fffffe}}]}, {0xfe, 0x6, "08233878749f727b3df75684cec5456d8d72edf9961b68baa6e22ef4b130e2cd7afbfcbcc4fb9d586ddbd9ff0683f74a4fa7b44aab1f3c3c6afe3952c8cd19be86eeed5ae5d487a009c4a4becd891ff2ad60ec8d8873c47a68aee04ef4fbe401e0b2b7aff98cab0d1a4cf4010b7ebe56d3b70c3c7d6288ea383076e36d4decbda325ca63420878b01c1255d79b250b9e52f9dce34df5b25076b3bb40832d91f4584b8d827ba937840a289626dcbdad7c6562e2249f478954cee47897dd833df6bbd81e093e7191cdf344ce43fd901f8947f94f89764888104fd6b31a09e04b0cf9d664c3007f4e89bde7229449185ba323d98c5811683680e113"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x260}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4600040000ff7f00000000000003003e00ecffffff940200000000000040000000000000000000000000000000000000002c8f380003"], 0xe6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r5}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
dup(0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

2.817959142s ago: executing program 5 (id=1327):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x58d})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
close_range(r4, 0xffffffffffffffff, 0x0)

2.721325723s ago: executing program 6 (id=1328):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x446000, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x89)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x58}, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="2100000007000000ff0f0000070000004b860200", @ANYRES32, @ANYBLOB="00000000000000000000ddf44d451e82b090b8b200000000000000000000318f6bf25c013599ec014da60d24963284484e82b338a97a995744c8e6e81fea522b9ea6b0ec55a9709cf520552f4559f65074e3c236fc1cf7c9f616d6f0d69de523bb1ca8155e3e1517de56321ff4faedebc35e1295bd094089d2bee440bd69c6dc0786df88157be3e1ea51284d78e4acb7d9decab064faa8b8ad7bdc57724a00"/170, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x6, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES16], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(r2, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000080)={0x3, 0x7, 0x7, 0x7fff, 0x8, "0982aa400000000000e6ffffab5b00", 0x5, 0x2})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xff)
accept4$unix(r2, 0x0, 0x0, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0xe, &(0x7f0000000540)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0x1, 0xbb, &(0x7f00000019c0)=""/187, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x267e, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
connect$vsock_stream(r5, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
writev(r5, &(0x7f0000000000)=[{&(0x7f00000000c0)="f8", 0x1}], 0x1)

1.793093596s ago: executing program 0 (id=1330):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000008c0)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x9, &(0x7f0000000540)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x26, &(0x7f0000000600)=[{}], 0x8, 0x10, &(0x7f0000000640), &(0x7f0000000680), 0x8, 0xb3, 0x8, 0x8, &(0x7f0000000780)}}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x17, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x5d, 0x39cc191a, 0x5, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x24, 0x9, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x7fff, 0xb, 0x9, 0x7fff, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x92a0, 0x4, 0x1, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000004, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x6c9, 0x1000, 0xfffffffc, 0x3, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0x6, 0x1, 0xff, 0x5, 0x5, 0x5f31, 0x4, 0x0, 0x9, 0x2, 0xffffffd9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x7, 0x8000, 0x1, 0xfe000000, 0x9, 0x2, 0x7f, 0x1, 0x3, 0x3, 0x9, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x42, 0x2], [0x7, 0x6, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x3, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x1, 0x40008, 0x86, 0x101, 0xa, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x6, 0x8, 0x4, 0x8001, 0x5, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x1, 0x6c, 0x1000, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0xac8, 0xbf, 0x10002, 0x5, 0x7ff, 0xfffffff9, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0x25], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x3d9, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x2, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x8, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0x81, 0x0, 0xffff, 0x10003, 0xfffffff9, 0x100, 0x9602, 0xb, 0x2, 0x7, 0x6, 0x2, 0x10080, 0x5, 0x3, 0x30b1d693, 0xa1f, 0x4, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1.783737666s ago: executing program 6 (id=1331):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, 0x0, 0x0)
connect$inet(r7, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000100)=0x8, 0x4)
sendto$inet(r7, 0x0, 0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r7, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0xffffffff}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000400), 0x12)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_procs(r10, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)

1.767937686s ago: executing program 0 (id=1332):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
timerfd_create(0x7, 0x0)

1.695905497s ago: executing program 0 (id=1333):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
timerfd_gettime(0xffffffffffffffff, 0x0)

1.695752417s ago: executing program 0 (id=1334):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r0}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffbffa003e458, 0x700000000000000)

1.689291367s ago: executing program 0 (id=1335):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = userfaultfd(0x1)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x58d})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
close_range(r4, 0xffffffffffffffff, 0x0)

1.620433548s ago: executing program 1 (id=1336):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = socket$inet6(0xa, 0x3, 0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x446000, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x89)
ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[], 0x58}, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, r1)
bpf$MAP_CREATE(0x0, &(0x7f0000001c00)=ANY=[@ANYBLOB="2100000007000000ff0f0000070000004b860200", @ANYRES32, @ANYBLOB="00000000000000000000ddf44d451e82b090b8b200000000000000000000318f6bf25c013599ec014da60d24963284484e82b338a97a995744c8e6e81fea522b9ea6b0ec55a9709cf520552f4559f65074e3c236fc1cf7c9f616d6f0d69de523bb1ca8155e3e1517de56321ff4faedebc35e1295bd094089d2bee440bd69c6dc0786df88157be3e1ea51284d78e4acb7d9decab064faa8b8ad7bdc57724a0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x6, 0xc, &(0x7f0000001b00)=ANY=[@ANYBLOB, @ANYRES16=r0, @ANYRES16], 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00'}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r3, &(0x7f0000000400)=[{{&(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001940)=[{&(0x7f0000000640)="d2e112ae34ee620894b62a92af3237018cfc2f0a5b2cecdc01d30d7efde3300a51b81fd75c94b1e56addcb1a135eb5a4ef878ac6a950356dec06ecf668b1135d2d915b048fa71f04bf14bee8", 0x4c}, {&(0x7f00000006c0)="1fdd0f6fc9d5236cb24b1f2bdd1896db76f03703e399e8ac4a5bcd668d784a4fbb2b402eed01af4e9b2ad6cd9700d3a148f3cebd1e577569b6661993b305895288f507423a4352dc33a5f4c42c0216f10a459f9a61ceffccb4e357c41e4ca659583e55e1099ef8230cb2ffc9410a78bb4d9c7f17905a6e594923ab3e3c8289ed40a56975f1b2b43c3f60759e7847b104a3caed08a358ebfce293ac1e56de37c013d9ebd7681622788334fde9c1c135aad4494f36ad88b01849eed924fac9397602dbe1da795607e62a8a22f185c90977247fe5c9b8718485966c9a813c97b46295e26226dd70114bad9053281b812718085a0d4a25fd2dc3a0a41cd2540027e711061b8def112d00b6950c905423f8c9547fd13500dffa64d2efa76e2f708e31d07fd719794c90d226a0226bd4b86eeda90d0fdff676f48f4f25275042f8d647c99419ab268d868a1849c36cbf5947e71dfd0ec8affa3e08ba5699d9656876147869e1b676c3ec8fa33126efb6abbb3bac6053e2b7aef2f99551d063296fc93d235cc8d88f2b5850ab089999615cf2f4cc24990dc253764d8b32652c9ea86ddfc4ae951fe0361d79b0ed757e2b6a555990a5120ac2ea3a78be7b58f6f669bbb703228a052501987733247f3d3e626532a90872a0f5925a0bf1207e3e63d81ffa25b6352838cb53ef0b1cba5d2caf1f9e00a6cb7c351c0e47d67e27613d162379b9c7a7dae7d7ddebd081a5ec20faa574baf319c9c1de7436946cc09f40865af95650aedb902ccbd766a5fc266b12a19982899fae750dfd763c036b3d7e326e13dd3097d58947ac617b56121db9f30c34745bf01d3acdad8b492d07abba667066c42c6cd89ed266f054d98276f1fb44ed05af6dc54f5e6f36eb7197b46801fa7766ec8e40e467fc8e236c1e6763fd101230f21ae63005950fb6c49c4d9eeaae7bead467d351142fa9f37ff6912fb59a77246449f6eedf03d15d08b293cad1c3ad97e6871ca9bb0e472abe4599016f250954823a1b5f935ae19ade62bcbfc750a6d8137e6453aacf9a6c66bff78514dcc3c513bfd88124c83583b83a103b63703278ec7e33925795927cd468e92372c0f8c208fd546297f026d9a9a5a0b55971a74f9cce9220c8c49ec0b75e456849fe7f793b1a674c15b26243012639bd2075377ce5b07d1e8759aa068f2c87bea54a776deb7bbdd2b60a4c069828661ee0db1e3a8fe8df2f68ce642055bd5bcfb330c4e596616cb7983739dffc47b2e7802d156cdcc8e612e03096d70ddc6b6cd7efa48576cc84b7d8f64cb34abc61603944daa64a9e4074b68fad587a315ba7e5d2cb78f89d16cd8f1deaff8c585bfaa5ca12e1061abfbada6fa70283f7683e860d6f0eeac93eca9cb4a398fb216f09cbac49651d5bca47b8e406ea3477c418b2bc1cca712140b7c9f75accd1935d9ff2f3a1715a329f0e9e9e7822f836657a91bc01d88bf7411ecdd0530dd4cb5f52df2ac31a4d0e2356fa0f234b59e6e4031b8c1ab0c23cc4257ad4b5bf3ff5c11e88442335ae645233a005be7efe5e53e9dcbf76de4761e59a2dcf2f292ef1699de21f043e14c56294afa1dacdac844861c45495115459aabda39e62d1e0f5fde229ad87159372f299826f9ddedc22b3c48919af9e0c8b3ef40f566d99424a5b9ddaeaccd41d4c55cb633a71a3c56875556d6eb9359767d90e2241d9da6026ebc2174c97f7e4d03be9347f72c482034a573f92cfc24ecb691e2a115a189a375f6939fe745c9c2bada6c72ad710b763846c19dddd3b80048bcfddc79acb868116aec62da6f132457255e772ead9c363c2133a6a1806bb51217e1270fb81d58b00373e3f54e75fa7a0fc2c15fa12526dccce77e87f4655686db7b1dcaa02ad15a6ac53c1652e2e268f6ef414411b7f367bd5fa4c0936f586e577fbd58876b80e99b6590f37635d7bf43d2fbf4b04921714dc5edae10c3c6928fa84d67b84734d3aa2d36ba431dfe7797382425f1930265d47e0a826c22ffabf084be4b39f0515dfd43ac195944e8aaac64dba5cfdc6ca0901e85257b74fda1e0cd6b0400acb2c8656308ba8491d769741dc87622f98bcf59ef3dc312d595088d4206d5f6e0b34ebca8454ffac8a35dd4a4fc0e868f405a43758de83ea2921e3859c13dd21cc18c4beb1f48427d9c078425f8b2015fce229fc8191a59f8e49130172d17277321e5d68dd4c4b1e207b0bfbedb9737e783dca8745ae4d3eb09e713cb0d0adf633c276977bc04e9ca21fb0269bb8c6de79722e5869708cd64f6fdd58664fe112afddd66ec99cbe64699495841574f880ac1e892b735ae7c25a9e99c10e83cd1fcff169f30722f52e1a5fc02309a822d56b5850562fed1c666da40cf44737029e0ff244e68c04ded427822d5f0d0963b1fd58ffbc93b19fddf63424d7957de48aee3067ec20ec906c7db26fceaeb07eed8f148e4baac59cfda3c7343ae03f594324969f1f4c7af2c59f4ce90b44be4c3c90bff974e434f30c37c929eda0bd592bb350a37f2125b2a0367fed47bf0eb6a38a426d312c6b291b8fb2cf9b843966813be8a5414818898a70ca324881e495f47b7c769dfbac0e9ae98a9a350d48d10db6d8a70485b90bea6a5e44386687e06459b82e907458fccea02dee8dee36844d609020f4860f62be1cc1c4c4ca5128a47672f010d8e1a279b58a13a7f511f5cd0cad56c76ac7424769fa9ac5d60895208d9cc0e1dc86684a97881771ffb4aad0eb1105a417941c4b8cfc120109895381d58bc73f32963bd45b0df92934967f1cc0970f58cbca14fc58ea725397e18177a1030cc5c602f9cdd5a6acf3a52a35f23ac9b661b74ef77ce41d3ab77d3f59896982dd7fc8723c21c05e5434eff75d5252709333367ac94296e18f77a8fcba20f5bd518cd178dd027b558cc3f7001882cf11999dbcd5b4479226f4ab23e668fe3d3187981d7a46e3daf89e52b6e153a1286647faf1fb5999cfc7d4e9f5f6b0c6135a0f00e209a4350b4ee4e14c44a9ad7d1d77e085f980d68e196f4e180e4c81308a8ca2862caff0082fc337963dc95ac3d4dacd5d2400c3f4c0860061698f6e0bd7349c76b706f3e6db374b9584fec9e204333ba22a220a6947aeb22ac6922342196a6e15a46b6bba6a557950eb9b025eacf991dcf0faa468f0920f9d2c172b3a4ac283b3b38d6f9bf2ab80d6640151690bf713e7bb31142c96c9b69bc7ffa04a8b20e64ed3b56520f01182ee7fde697bae686984a74764a4eebd613e53a95aab512c27e5d557c076bbb925f48d87a8505ca9727962e55bb5ea243a7375eea7965d5c446359d2570fc661d4eb7c298d95dc50d3121040e52fc403e210021de36122db2c2fe5079062f9b574a74f216316b7d9312695aadbb4f895a4ef03e733efea4ea44bae140f885db5f4877e908769d5cbd5ba0fb61fba3a78451b2c3144d73971d6796bbee94d8ef6944832774646b2dbba5681a171512b139dd376e858821195a8939ff8c33858d49de9ae14f3b4630df17e7763872d7e2e20ca798f12744ebcd2737e69b02f7b98872092fa23d991122c4af5fbf66a36b782896c848eee29edd39a5006c89c4407c96a4597eab1502f377b6b1e416233f11b0b4100b3f443ed9a00bf7ba2719d18f2f8bd6f6af2bbaaf8f2fad2b0aae80f5006760429ab5d226f74722fba0161ddca64a96729714dbe13935bd5b6754a7dde144406930f725c19464f31014483f9f3da6e556f53f45511a6f9279e72f1705d71616f17206843aaa90398253141bb8ca50785b74489880a7a00f6a6367d09d8daef7ccdb9f16de84f01f39118598d2e266ecd5aaa1e3462d1d2048eb12278eb8af9f98aa156b3bdc4fab6adbf350c60e27c236675f9f11aa1147587dda8a6ecab352f447d4005931d2e676bb7f0b5c55d93d453e64f1b19f673425e70b67cf9f1b00005fa0e2d88e451e8e1d2a1814d0688356693216490fdbd5b6f0f4bf63290fd69da041cbf45dce6d6d9abb7ac4206a7445e5feed5c98afa64e39303acb51e0fe9aab4b43e5dac7f696ea25669e6b407c86e34a2710a2ba5865c51ca1779926449b2b491340de648c0f6a786cc6c5ef2ad814277dce1c08db3d5ef02e5374683c801c1801c3be7feb99d5a2b1765ebf809c073cadabc0d8f5e4d0f557b2f0293af1c14a0cdec634c58056d9751f454047c12aa0ac57ff890e622551b3b9e3144522f7c854a6448d963678866971f3bac5d0f427a88d9536ed66ba554dafb63c9b01351c39d3dc8b623fee5929c2d6b3cbd99194815c0a3d34d22a63035d1f18fd7ab8c57259585b55d8fec674ac52c68f647b8d6c9840986c23a0ce53f54c3efe0b77828caf82ff68093c7e4e8e0e0a4f01d3d120d3dbc3f6e0358dad777bb96b9b9ac1cc04848f4aa935f2b8bcd481932c23bc6e18953a876d4a45ad9f2523996b69722760b5a316e23a0589381bf2a4ffb02e4c9af780589232a99a2d8ae5ea5a2c52f12dca03b30247307f4ddf4b5edbbbc6b790e35b9af6386697b1ddcef21b51d963a4f2f3c4a5faeed1fe0d869bc216ad3b460483903cd4feb7665395b988c8407230bce2a912ba64e0f150c86b4a623d297f15d6f78d559f9c40880aac37e78852532ddeb9307ac61e17f03e881f59cdace173ebf5c5a7bef6b771de80a768b873165c19664657b335e5c40bfe982cac1baf7678a430eb26552d4be26f3979e6b948d7ec0338270194521d1e75655b169426c0da47e5e3b6dd1941610e96e5e42a62a6c24aa26f40e9f350a8fe9a008c836b7bb8a521b4adb257c7d481e2dd1694ec6da3c89487525a8df7b88a029d8fcb274c8b5a17e6f978b247e29045317c22aa5954fde35dbd7dba87ff2bd05909af99dd7051fc32720bd13ecde5fa270fbc9268d9f2851baef4f3025a45e56588ea066f5b5989b2ac567b244211c71b29ee19aa80930ab541c57d458e7dcda0361e8e3998100802d8b865599d58875273f0d7ef0170dd200705eaf018a6a3748524232c13b38a35c2891e312b305969669c6326497c4c9f1cde4bf7c9afab48050062af5a8b9ba81b7d18fa092ee6608152502d0cbf1cb7549848d811b3635122645e7fb552bd9d64a14a9eb81faa7194fa70b2230a364f0d89b3cd0d3aa02b7740249feb94751562adf91c4e23b76f72e5dbc6c191a3f8294a152e47390d6049aed584c9c76962eb57a6ccf5b401851a2f5e16a4949686257776bc86f4741652500e6e50453360fb24e973e39ac6a2250e3429181987eefb2ed052c1fa19b6851841dce0473ccac93e2a26abb5bf578ce99fa9763d938f4be4726dc931d1e567c4d5aa0312c5b45f6f40533fd89a20a153e891ec9a6748821697b0b869044e1a04e43389f7a933b7c8d3b9f234088cd82a2716e0b9be6907c08694dcfd46f694ac90e6b686513b468331d1a14267fbca35bd55586d35f0990ccdd16553912389f07837148a04bc43a5105384499aebb375822d28e5cd73ab8c918926c769781e867e6ca7e8b1f535b4fb824db49358ae9dac4e0631fc284b4862050ad650637b225c546af28cca4d5696078d80b2f4298276c18801fe7b074d74b5325b1f182940f0286e9a784d633ec8d7cb2dea6840b506c0a902a4744afe8592728d9b53258089fcde49de25a152f6b4e4a4d7205b7175e59584de9f254735d2a0ae433f22a4262b039e148cf7fe2c650e0e735e18022e3a97e670732219f74f8f0031a3d04b3168e3d8cce95463556596a28003faac6dce360f135838badb2e0fd7998166de8972707a6", 0x1000}, {&(0x7f00000016c0)="2e4d8b6941870d4be571179c14b9300c3d8b05f7ef29e0a487f457560701eb8fe566b29eca6052461ef79a7f1ba1bb23ea5390a37be201fd6a195d0a32b9ffcc9bdccb97020c00471acc7d8f487dec371bcb521e90ca859113d06c991da07a564427b33f146d1b5db4f690387b9d162963ea7bae0d1d55878022c24459f531c41dc2cd4ecccb412a9f31332a4e985d716fbd6126b5951a87554f2552e181722441ac3c639ed1e38f1474b8e7231f77fc6714dfdf21510cf31064fbd0ee7b9f6cc142b96b2235d6e70cadabf9a144a047ebab3597224c5ae16707e7fdb577ba81b8ddaea55b256b2047449727bc7c81824c6176fb069152c4", 0xf8}, {&(0x7f00000017c0)="572c9dc8662d176e3bf3f266af6880fb003f9a84f31e0ae1a88898035ba585a344f759b0241270898f9af93f1f2ea6bdfdca9022540bf1ec43e3ac00a08a56961512571d495e8a76d02b4864a36fd924f9f0c2350835e8ac9f066c56ca568634e2a3fde51f5536e0789d4c6ee16669573ff9263047345b7cec524c0d22e0263f30833fd8672e9c2e155dc855aea952b11e1c94aefbddaf2f43e54eb3a8106aafbe49a1f3ad2a9498aa5b3f7ef54b36b244146636f845925aa169d68308545b23e0b4c7f5e05ce0ecea0e64ea346029e41ab79ef076b814686a5da5c9e5ea9396", 0xe0}, {&(0x7f00000018c0)="778dd5675d133da658ab4d72971245fa27a2dae006875a8d7d73bf1428350a1791b0ee9aacc36d0b496a2221ec2d411ff23bc45721526fe51da91218b9dc490f1966ba6febc8dd6919263e4f040b4b2a7a4f980b618ca9d7fef235bce34acb60d758aa655c15432357c77c6db7874a96e2cafc3e87ef6841", 0x78}], 0x5, &(0x7f0000001d00)=[@ip_ttl={{0x14, 0x0, 0x2, 0x2}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x12, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @dev={0xac, 0x14, 0x14, 0x26}, @dev={0xac, 0x14, 0x14, 0x34}, @private=0xa010101, @private=0x5f]}, @rr={0x7, 0x1f, 0xdc, [@remote, @multicast2, @multicast1, @broadcast, @broadcast, @dev={0xac, 0x14, 0x14, 0x13}, @broadcast]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8000}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x40}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}, @ip_retopts={{0x78, 0x0, 0x7, {[@rr={0x7, 0xf, 0x59, [@loopback, @multicast2, @local]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x14, 0x55, 0x0, 0x9, [0x8, 0xcd0, 0xe, 0x2]}, @generic={0x7, 0x6, "3abd385e"}, @ssrr={0x89, 0xb, 0x5a, [@loopback, @private=0xa010102]}, @timestamp_addr={0x44, 0x14, 0xfb, 0x1, 0xc, [{@rand_addr=0x64010101, 0x3a}, {@broadcast, 0x3655}]}, @timestamp_addr={0x44, 0x1c, 0x1d, 0x1, 0x5, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x204}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@empty, 0x3}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}, @ip_ttl={{0x14, 0x0, 0x2, 0x80000001}}], 0x170}}], 0x1, 0xc180)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
listen(r2, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSF2(r5, 0x402c542d, &(0x7f0000000080)={0x3, 0x7, 0x7, 0x7fff, 0x8, "0982aa400000000000e6ffffab5b00", 0x5, 0x2})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000000000)=0xff)
accept4$unix(r2, 0x0, 0x0, 0x0)

1.619632788s ago: executing program 5 (id=1337):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3a66505}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
timer_create(0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB])
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)

798.75618ms ago: executing program 6 (id=1338):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

757.69537ms ago: executing program 1 (id=1339):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
timer_gettime(r4, &(0x7f0000000000))
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)

694.016761ms ago: executing program 5 (id=1340):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x7, 0x0, &(0x7f00000004c0)="630b008646dc3f", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000000)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x800}}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0x0, 0x0, &(0x7f00000007c0))
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
socket$key(0xf, 0x3, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x7d, &(0x7f00000000c0)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$FUSE_BMAP(r3, &(0x7f0000000380)={0x18, 0x0, 0x0, {0x2}}, 0x18)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x1d, r2}, 0x10, &(0x7f0000000000)={&(0x7f00000001c0)=@can={{0x0, 0x0, 0x1, 0x1}, 0x3, 0x1, 0x0, 0x0, "f6e52d5b033dc442"}, 0x10}, 0x1, 0x0, 0x0, 0x4008001}, 0x1)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2100)
r4 = openat(0xffffffffffffff9c, 0x0, 0x103a42, 0x32)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, 0x0, 0x2000775)
ftruncate(r4, 0x6000000)
copy_file_range(r4, 0x0, r4, &(0x7f00000004c0)=0x100, 0x9, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0xfffffffffffffd19, &(0x7f0000000540)={&(0x7f0000000100)={0x8b, 0x0, 0x10ada85e65c25349, 0x0, 0x0, {{0x67}, {@val={0x8}, @void}}}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

671.416541ms ago: executing program 6 (id=1341):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0x7, 0x0, &(0x7f00000004c0)="630b008646dc3f", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8, &(0x7f0000000000)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x800}}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0x0, 0x0, &(0x7f00000007c0))
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
socket$key(0xf, 0x3, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x7d, &(0x7f00000000c0)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r2=>0x0})
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
write$FUSE_BMAP(r3, &(0x7f0000000380)={0x18, 0x0, 0x0, {0x2}}, 0x18)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x1d, r2}, 0x10, &(0x7f0000000000)={&(0x7f00000001c0)=@can={{0x0, 0x0, 0x1, 0x1}, 0x3, 0x1, 0x0, 0x0, "f6e52d5b033dc442"}, 0x10}, 0x1, 0x0, 0x0, 0x4008001}, 0x1)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0}, 0x2100)
r4 = openat(0xffffffffffffff9c, 0x0, 0x103a42, 0x32)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000000)='.\x00', 0x2000775)
ftruncate(r4, 0x6000000)
copy_file_range(r4, 0x0, r4, &(0x7f00000004c0)=0x100, 0x9, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0xfffffffffffffd19, &(0x7f0000000540)={&(0x7f0000000100)={0x8b, 0x0, 0x10ada85e65c25349, 0x0, 0x0, {{0x67}, {@val={0x8}, @void}}}, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

657.492361ms ago: executing program 0 (id=1342):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x40000, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18028a1ca4e68276ad65"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xb, 0x0, 0x0, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100})
timer_gettime(r4, &(0x7f0000000000))
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
r9 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)

479.471654ms ago: executing program 7 (id=1343):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
timerfd_create(0x7, 0x0)

120.916098ms ago: executing program 5 (id=1344):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffffa6) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid() (async)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x800010, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f696e6c696e655f78617474722c6e6f696e6c696e655f64656e7472792c70726a6a71756f74613d6163746976655f6c6f67733d342c6a71666d743d76667376312c6e6f696e6c696e655f646174612c6e6f5f686561702c636865636b706f696e743d64697361626c652c66617374626f6f742c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c00ac19de274efe59cc5334a78992c33160f2bb29d00ec19e86b62e10e9d54427a6838f1aff0ce27327b707feafcce74234d4abe846a4a55fd26c5918e2ac7a6aa2fd027fd0b881927cefce65dd3d73b0b9185466a67b", @ANYRES32], 0x21, 0x552d, &(0x7f0000000a00)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==") (async)
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
syz_genetlink_get_family_id$tipc(&(0x7f0000000680), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000002500000000002020067b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080003000000000004000000850000000600000085000000500000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r3 = socket$inet6(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r4}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r6}, 0x10)
sendto$inet6(r3, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0) (async)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x921}, 0xc, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x5)
syz_emit_ethernet(0x46, &(0x7f0000000800)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0088a8260600000000b9903f00000000003000000000000690780a010102ac1414aa07080441b613a31e00", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c00000090780000"], 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x1}, 0x0) (async)
sched_setscheduler(r1, 0x0, &(0x7f0000000080)=0x400007) (async)
sched_setaffinity(0x0, 0xffffffffffffffa8, &(0x7f0000000000)=0x1002) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ec0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1600028}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="640000004900020026bd7000fddbdf2505000000", @ANYRES32=0x0, @ANYBLOB="050000000800020005000000080002000c00000008000200070000001400010000000000000000000000000000000001080002000700000014000100fc000000000000000000000000000001"], 0x64}, 0x1, 0x0, 0x0, 0x20008010}, 0x1) (async)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs, 0x6e) (async)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)

104.167839ms ago: executing program 7 (id=1345):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
timerfd_gettime(0xffffffffffffffff, 0x0)

326.82µs ago: executing program 7 (id=1346):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r0}, 0x10)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffffbffa003e458, 0x700000000000000)

0s ago: executing program 7 (id=1347):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000011000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x6, 0x3800, 0x80007, 0x11, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x200000, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f000020d000/0x4000)=nil, 0x4000, 0x0, 0x11, r2, 0x8e44b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000300)={0x9, &(0x7f00000001c0)=[{0x7, 0x8000}, {0x1000, 0x81}, {0x4, 0x9}, {0x9, 0x2}, {0xfff7, 0x4}, {0x0, 0x5}, {0xbca, 0x8}, {0xfff, 0x5}, {0x5, 0x6}]})
ioctl$TIOCSSOFTCAR(r6, 0x5453, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)

kernel console output (not intermixed with test programs):

s ignored when QUOTA feature is enabled
[  289.636660][ T2827] EXT4-fs (loop1): orphan cleanup on readonly fs
[  289.643533][ T2827] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  289.653255][ T2827] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  289.662900][ T2827] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.653: Failed to acquire dquot type 1
[  289.674765][ T2827] EXT4-fs (loop1): 1 truncate cleaned up
[  289.680629][ T2827] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  289.709811][  T285] EXT4-fs (loop0): unmounting filesystem.
[  290.371287][  T283] EXT4-fs (loop1): unmounting filesystem.
[  290.418736][ T2850] loop1: detected capacity change from 0 to 512
[  290.448430][ T2850] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  290.459569][ T2850] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  290.475037][ T2850] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.661: Attempting to read directory block (0) that is past i_size (3)
[  290.572955][ T2853] xt_hashlimit: max too large, truncated to 1048576
[  291.896026][   T28] audit: type=1400 audit(1748971244.418:199): avc:  denied  { wake_alarm } for  pid=2845 comm="syz.3.660" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  291.950993][  T283] EXT4-fs (loop1): unmounting filesystem.
[  291.978646][ T2858] loop0: detected capacity change from 0 to 1024
[  291.985414][   T28] audit: type=1400 audit(1748971245.784:200): avc:  denied  { listen } for  pid=2857 comm="syz.0.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  292.052918][ T2863] loop1: detected capacity change from 0 to 512
[  292.057346][ T2867] loop3: detected capacity change from 0 to 512
[  292.102920][ T2858] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  292.103004][ T2867] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  292.126138][ T2867] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.174970][ T2863] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  292.206896][ T2863] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.230062][ T2876] device pim6reg1 entered promiscuous mode
[  292.237617][ T2867] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.662: Attempting to read directory block (0) that is past i_size (3)
[  292.283833][ T2863] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.665: Attempting to read directory block (0) that is past i_size (3)
[  292.312608][   T28] audit: type=1400 audit(1748971246.134:201): avc:  denied  { connect } for  pid=2857 comm="syz.0.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  292.333431][  T282] EXT4-fs (loop3): unmounting filesystem.
[  292.373643][  T283] EXT4-fs (loop1): unmounting filesystem.
[  292.509801][ T2886] FAULT_INJECTION: forcing a failure.
[  292.509801][ T2886] name failslab, interval 1, probability 0, space 0, times 0
[  292.526201][ T2886] CPU: 1 PID: 2886 Comm: syz.3.669 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  292.535960][ T2886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  292.546037][ T2886] Call Trace:
[  292.549327][ T2886]  <TASK>
[  292.552281][ T2886]  __dump_stack+0x21/0x24
[  292.556640][ T2886]  dump_stack_lvl+0xee/0x150
[  292.561255][ T2886]  ? __cfi_dump_stack_lvl+0x8/0x8
[  292.566303][ T2886]  ? __bitmap_weight+0xb3/0x100
[  292.571185][ T2886]  dump_stack+0x15/0x24
[  292.575372][ T2886]  should_fail_ex+0x3d4/0x520
[  292.580071][ T2886]  __should_failslab+0xac/0xf0
[  292.584887][ T2886]  ? alloc_mnt_ns+0xb6/0x420
[  292.589501][ T2886]  should_failslab+0x9/0x20
[  292.594023][ T2886]  __kmem_cache_alloc_node+0x3d/0x2c0
[  292.599417][ T2886]  ? alloc_mnt_ns+0xb6/0x420
[  292.604032][ T2886]  kmalloc_trace+0x29/0xb0
[  292.608474][ T2886]  alloc_mnt_ns+0xb6/0x420
[  292.612917][ T2886]  ? vfs_clean_context+0x16f/0x210
[  292.618051][ T2886]  __se_sys_fsmount+0x51f/0x940
[  292.622931][ T2886]  ? fput+0x154/0x1a0
[  292.626935][ T2886]  ? __x64_sys_fsmount+0x90/0x90
[  292.631905][ T2886]  ? __bpf_trace_sys_enter+0x62/0x70
[  292.637220][ T2886]  __x64_sys_fsmount+0x7b/0x90
[  292.642016][ T2886]  x64_sys_call+0x561/0x9a0
[  292.646544][ T2886]  do_syscall_64+0x4c/0xa0
[  292.650986][ T2886]  ? clear_bhb_loop+0x15/0x70
[  292.655684][ T2886]  ? clear_bhb_loop+0x15/0x70
[  292.660380][ T2886]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  292.666309][ T2886] RIP: 0033:0x7fed4d98e969
[  292.670738][ T2886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.690364][ T2886] RSP: 002b:00007fed4e80a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b0
[  292.698801][ T2886] RAX: ffffffffffffffda RBX: 00007fed4dbb5fa0 RCX: 00007fed4d98e969
[  292.706795][ T2886] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  292.714781][ T2886] RBP: 00007fed4e80a090 R08: 0000000000000000 R09: 0000000000000000
[  292.722769][ T2886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  292.730754][ T2886] R13: 0000000000000000 R14: 00007fed4dbb5fa0 R15: 00007ffcabace248
[  292.738746][ T2886]  </TASK>
[  292.844603][ T2897] loop6: detected capacity change from 0 to 256
[  292.953518][   T10] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  292.955281][ T2899] loop5: detected capacity change from 0 to 256
[  292.969232][   T10] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  292.991713][   T28] audit: type=1400 audit(1748971246.814:202): avc:  denied  { setopt } for  pid=2896 comm="syz.6.672" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  293.088265][   T10] EXT4-fs (loop0): This should not happen!! Data will be lost
[  293.088265][   T10] 
[  293.098063][   T10] EXT4-fs (loop0): Total free blocks count 0
[  293.104119][   T10] EXT4-fs (loop0): Free/Dirty block details
[  293.110152][   T10] EXT4-fs (loop0): free_blocks=68451041280
[  293.116249][   T10] EXT4-fs (loop0): dirty_blocks=16384
[  293.121690][   T10] EXT4-fs (loop0): Block reservation details
[  293.127726][   T10] EXT4-fs (loop0): i_reserved_data_blocks=1024
[  293.135191][ T2900] FAULT_INJECTION: forcing a failure.
[  293.135191][ T2900] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  293.148916][   T10] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2052 with max blocks 2048 with error 28
[  293.166025][ T2900] CPU: 1 PID: 2900 Comm: syz.5.673 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  293.175772][ T2900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  293.185844][ T2900] Call Trace:
[  293.189133][ T2900]  <TASK>
[  293.192067][ T2900]  __dump_stack+0x21/0x24
[  293.196423][ T2900]  dump_stack_lvl+0xee/0x150
[  293.201027][ T2900]  ? __cfi_dump_stack_lvl+0x8/0x8
[  293.206072][ T2900]  ? __kmalloc_node+0xb2/0x1e0
[  293.210856][ T2900]  dump_stack+0x15/0x24
[  293.215025][ T2900]  should_fail_ex+0x3d4/0x520
[  293.219717][ T2900]  should_fail+0xb/0x10
[  293.223888][ T2900]  should_fail_usercopy+0x1a/0x20
[  293.228935][ T2900]  _copy_from_user+0x1e/0xc0
[  293.233549][ T2900]  btf_new_fd+0x349/0x7d0
[  293.237900][ T2900]  bpf_btf_load+0x6f/0x90
[  293.242247][ T2900]  __sys_bpf+0x556/0x780
[  293.246510][ T2900]  ? bpf_link_show_fdinfo+0x320/0x320
[  293.251906][ T2900]  ? __cfi_ksys_write+0x10/0x10
[  293.256781][ T2900]  ? debug_smp_processor_id+0x17/0x20
[  293.262185][ T2900]  __x64_sys_bpf+0x7c/0x90
[  293.266669][ T2900]  x64_sys_call+0x488/0x9a0
[  293.271275][ T2900]  do_syscall_64+0x4c/0xa0
[  293.275708][ T2900]  ? clear_bhb_loop+0x15/0x70
[  293.280481][ T2900]  ? clear_bhb_loop+0x15/0x70
[  293.285176][ T2900]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  293.291179][ T2900] RIP: 0033:0x7f174478e969
[  293.295608][ T2900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  293.315221][ T2900] RSP: 002b:00007f174552d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  293.323649][ T2900] RAX: ffffffffffffffda RBX: 00007f17449b6080 RCX: 00007f174478e969
[  293.331620][ T2900] RDX: 0000000000000028 RSI: 0000200000000200 RDI: 0000000000000012
[  293.339599][ T2900] RBP: 00007f174552d090 R08: 0000000000000000 R09: 0000000000000000
[  293.347576][ T2900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  293.355544][ T2900] R13: 0000000000000000 R14: 00007f17449b6080 R15: 00007ffe20ce6df8
[  293.363516][ T2900]  </TASK>
[  293.430298][ T2909] netlink: 'syz.6.677': attribute type 27 has an invalid length.
[  293.465020][ T2909] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.472317][ T2909] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.517645][ T2911] netlink: 'syz.1.678': attribute type 27 has an invalid length.
[  293.554437][ T2919] loop6: detected capacity change from 0 to 512
[  293.604054][ T2919] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  293.614146][ T2919] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.640398][ T2919] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.679: Attempting to read directory block (0) that is past i_size (3)
[  293.683115][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  293.712232][   T28] audit: type=1400 audit(1748971247.534:203): avc:  denied  { bind } for  pid=2925 comm="syz.1.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  295.240274][ T2946] loop3: detected capacity change from 0 to 256
[  296.268637][ T2957] netlink: 4 bytes leftover after parsing attributes in process `syz.5.690'.
[  296.319428][ T2959] netlink: 'syz.1.691': attribute type 27 has an invalid length.
[  296.381006][ T2967] loop1: detected capacity change from 0 to 512
[  296.405804][ T2967] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  296.415102][ T2967] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.435924][ T2967] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.694: Attempting to read directory block (0) that is past i_size (3)
[  296.474155][  T283] EXT4-fs (loop1): unmounting filesystem.
[  296.510086][ T2977] loop1: detected capacity change from 0 to 512
[  296.521938][ T2977] EXT4-fs (loop1): orphan cleanup on readonly fs
[  296.530397][ T2977] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.696: bg 0: block 248: padding at end of block bitmap is not set
[  296.545466][ T2977] Quota error (device loop1): write_blk: dquota write failed
[  296.553246][ T2977] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  296.563428][ T2977] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.696: Failed to acquire dquot type 1
[  296.575642][ T2977] EXT4-fs (loop1): 1 truncate cleaned up
[  296.581690][ T2977] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  296.614020][  T283] EXT4-fs (loop1): unmounting filesystem.
[  296.654778][ T2980] hub 8-0:1.0: USB hub found
[  296.659853][ T2980] hub 8-0:1.0: 1 port detected
[  296.669141][ T2980] netlink: 68 bytes leftover after parsing attributes in process `syz.5.698'.
[  297.120163][ T2992] loop3: detected capacity change from 0 to 512
[  297.131009][ T2992] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  297.141758][ T2992] EXT4-fs (loop3): orphan cleanup on readonly fs
[  297.148828][ T2992] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  297.158469][ T2992] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  297.168629][ T2992] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.702: Failed to acquire dquot type 1
[  297.180776][ T2992] EXT4-fs (loop3): 1 truncate cleaned up
[  297.186834][ T2992] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  297.198156][ T2991] hub 8-0:1.0: USB hub found
[  297.202903][ T2991] hub 8-0:1.0: 1 port detected
[  297.212851][ T2991] netlink: 68 bytes leftover after parsing attributes in process `syz.0.700'.
[  297.421611][ T2995] loop5: detected capacity change from 0 to 512
[  297.437759][ T2995] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  297.446806][ T2995] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.464527][ T2995] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.703: Attempting to read directory block (0) that is past i_size (3)
[  297.493389][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  297.534523][ T3003] FAULT_INJECTION: forcing a failure.
[  297.534523][ T3003] name failslab, interval 1, probability 0, space 0, times 0
[  297.545136][ T3005] loop5: detected capacity change from 0 to 512
[  297.550363][ T3003] CPU: 0 PID: 3003 Comm: syz.6.706 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  297.566317][ T3003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  297.576380][ T3003] Call Trace:
[  297.579683][ T3003]  <TASK>
[  297.582614][ T3003]  __dump_stack+0x21/0x24
[  297.586958][ T3003]  dump_stack_lvl+0xee/0x150
[  297.591552][ T3003]  ? __cfi_dump_stack_lvl+0x8/0x8
[  297.596583][ T3003]  dump_stack+0x15/0x24
[  297.600762][ T3003]  should_fail_ex+0x3d4/0x520
[  297.605444][ T3003]  ? prepare_creds+0x2f/0x640
[  297.610113][ T3003]  __should_failslab+0xac/0xf0
[  297.614880][ T3003]  should_failslab+0x9/0x20
[  297.619390][ T3003]  kmem_cache_alloc+0x3b/0x330
[  297.624160][ T3003]  ? __cfi_make_kgid+0x10/0x10
[  297.628922][ T3003]  prepare_creds+0x2f/0x640
[  297.633421][ T3003]  __sys_setresgid+0x619/0x990
[  297.638187][ T3003]  __x64_sys_setresgid+0x7a/0x90
[  297.643123][ T3003]  x64_sys_call+0x808/0x9a0
[  297.647622][ T3003]  do_syscall_64+0x4c/0xa0
[  297.652042][ T3003]  ? clear_bhb_loop+0x15/0x70
[  297.656716][ T3003]  ? clear_bhb_loop+0x15/0x70
[  297.661387][ T3003]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  297.667281][ T3003] RIP: 0033:0x7fbc9338e969
[  297.671688][ T3003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.691392][ T3003] RSP: 002b:00007fbc9418c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000077
[  297.699813][ T3003] RAX: ffffffffffffffda RBX: 00007fbc935b5fa0 RCX: 00007fbc9338e969
[  297.707792][ T3003] RDX: 00000000ffffff00 RSI: 0000000000000000 RDI: 00000000ffffff00
[  297.715773][ T3003] RBP: 00007fbc9418c090 R08: 0000000000000000 R09: 0000000000000000
[  297.723756][ T3003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.731725][ T3003] R13: 0000000000000000 R14: 00007fbc935b5fa0 R15: 00007ffcc33d6c88
[  297.739705][ T3003]  </TASK>
[  297.748787][ T3006] loop1: detected capacity change from 0 to 512
[  297.761980][ T3006] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  297.773954][ T3006] EXT4-fs (loop1): orphan cleanup on readonly fs
[  297.781445][ T3006] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  297.787475][ T3005] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  297.791225][ T3006] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  297.800249][ T3005] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.809262][ T3006] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.705: Failed to acquire dquot type 1
[  297.831932][ T3006] EXT4-fs (loop1): 1 truncate cleaned up
[  297.839818][ T3006] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  297.857430][   T28] audit: type=1400 audit(1748971251.684:204): avc:  denied  { write } for  pid=3012 comm="syz.6.709" name="kvm" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  297.882528][ T3005] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.707: Attempting to read directory block (0) that is past i_size (3)
[  297.902134][ T3015] loop6: detected capacity change from 0 to 512
[  297.905302][   T28] audit: type=1400 audit(1748971251.724:205): avc:  denied  { unmount } for  pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  297.931661][  T282] EXT4-fs (loop3): unmounting filesystem.
[  297.941939][ T3015] EXT4-fs (loop6): Test dummy encryption mode enabled
[  297.979124][ T3015] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  297.990679][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  298.009599][ T3015] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  298.017906][   T28] audit: type=1400 audit(1748971251.834:206): avc:  denied  { read write } for  pid=3018 comm="syz.3.710" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  298.043347][ T3015] System zones: 1-12
[  298.048252][ T3015] EXT4-fs (loop6): 1 truncate cleaned up
[  298.054296][ T3015] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  298.064504][   T28] audit: type=1400 audit(1748971251.834:207): avc:  denied  { open } for  pid=3018 comm="syz.3.710" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  298.146451][   T28] audit: type=1400 audit(1748971251.934:208): avc:  denied  { mount } for  pid=3012 comm="syz.6.709" name="/" dev="loop6" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  298.284613][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  298.323923][ T3031] loop6: detected capacity change from 0 to 512
[  298.347812][ T3031] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  298.363700][ T3031] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.364482][  T283] EXT4-fs (loop1): unmounting filesystem.
[  298.387777][ T3031] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.713: Attempting to read directory block (0) that is past i_size (3)
[  298.444749][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  298.507627][ T3045] loop6: detected capacity change from 0 to 256
[  299.074812][ T3048] hub 8-0:1.0: USB hub found
[  299.133379][ T3048] hub 8-0:1.0: 1 port detected
[  299.153447][ T3048] netlink: 68 bytes leftover after parsing attributes in process `syz.1.714'.
[  299.170893][ T3057] loop5: detected capacity change from 0 to 512
[  299.219097][ T3057] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  299.228301][ T3057] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.258867][ T3057] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.721: Attempting to read directory block (0) that is past i_size (3)
[  299.279727][ T3063] loop3: detected capacity change from 0 to 512
[  299.288443][ T3063] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  299.304821][ T3063] EXT4-fs (loop3): orphan cleanup on readonly fs
[  299.313384][ T3063] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  299.322919][ T3063] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  299.332378][ T3063] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.722: Failed to acquire dquot type 1
[  299.361563][ T3063] EXT4-fs (loop3): 1 truncate cleaned up
[  299.370436][ T3063] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  299.418284][ T3071] loop6: detected capacity change from 0 to 512
[  299.433865][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  299.434823][ T3073] loop0: detected capacity change from 0 to 256
[  299.449721][ T3071] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  299.460575][ T3071] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.546843][ T3079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.568028][ T3082] loop5: detected capacity change from 0 to 512
[  299.579358][ T3079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.613934][ T3082] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  299.624011][ T3082] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.639656][ T3082] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.727: Attempting to read directory block (0) that is past i_size (3)
[  299.661812][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  299.737788][   T28] audit: type=1400 audit(1748971253.564:209): avc:  denied  { create } for  pid=3090 comm="syz.1.730" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  299.992498][ T3096] loop1: detected capacity change from 0 to 256
[  300.235266][  T282] EXT4-fs (loop3): unmounting filesystem.
[  300.290876][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  301.154361][ T3115] loop3: detected capacity change from 0 to 512
[  301.177686][ T3115] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  301.187743][ T3115] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.317209][ T3115] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.738: Attempting to read directory block (0) that is past i_size (3)
[  301.517474][  T282] EXT4-fs (loop3): unmounting filesystem.
[  301.575527][ T3124] loop3: detected capacity change from 0 to 512
[  301.620581][ T3124] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  301.632327][ T3124] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.716358][ T3124] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.739: Attempting to read directory block (0) that is past i_size (3)
[  301.774696][  T282] EXT4-fs (loop3): unmounting filesystem.
[  301.907675][ T3136] hub 8-0:1.0: USB hub found
[  301.915646][ T3136] hub 8-0:1.0: 1 port detected
[  301.929169][ T3136] netlink: 68 bytes leftover after parsing attributes in process `syz.3.740'.
[  302.228803][ T3142] loop1: detected capacity change from 0 to 256
[  303.281202][  T645] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  303.628573][   T28] kauditd_printk_skb: 3 callbacks suppressed
[  303.628589][   T28] audit: type=1400 audit(1748971257.454:213): avc:  denied  { unlink } for  pid=3152 comm="syz.5.747" name="#5" dev="tmpfs" ino=161 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  303.663855][ T3153] netlink: 8 bytes leftover after parsing attributes in process `syz.5.747'.
[  303.942557][ T3165] loop3: detected capacity change from 0 to 512
[  303.994391][ T3165] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  304.003654][ T3165] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.019825][ T3161] kvm: pic: non byte write
[  304.035569][ T3165] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.751: Attempting to read directory block (0) that is past i_size (3)
[  304.062010][  T282] EXT4-fs (loop3): unmounting filesystem.
[  304.796447][ T3188] loop5: detected capacity change from 0 to 512
[  304.804849][ T3188] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  304.826780][ T3188] EXT4-fs (loop5): orphan cleanup on readonly fs
[  304.833771][ T3188] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  304.843266][ T3188] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  304.852685][ T3188] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.756: Failed to acquire dquot type 1
[  304.866692][ T3188] EXT4-fs (loop5): 1 truncate cleaned up
[  304.872498][ T3188] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  304.885291][ T3193] loop1: detected capacity change from 0 to 256
[  304.892760][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  305.054295][  T645] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  305.397830][   T28] audit: type=1400 audit(1748971259.154:214): avc:  denied  { read } for  pid=3201 comm="syz.3.761" name="msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  305.587547][   T28] audit: type=1400 audit(1748971259.154:215): avc:  denied  { open } for  pid=3201 comm="syz.3.761" path="/dev/cpu/0/msr" dev="devtmpfs" ino=86 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  305.849192][ T3213] loop6: detected capacity change from 0 to 512
[  305.937159][ T3213] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  305.954466][ T3213] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.031908][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  306.148798][ T3220] hub 8-0:1.0: USB hub found
[  306.156949][ T3220] hub 8-0:1.0: 1 port detected
[  306.187932][ T3220] netlink: 68 bytes leftover after parsing attributes in process `syz.0.762'.
[  306.592189][   T28] audit: type=1400 audit(1748971260.414:216): avc:  denied  { unmount } for  pid=282 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  306.767316][ T3232] Illegal XDP return value 4294967294 on prog  (id 540) dev N/A, expect packet loss!
[  306.891638][ T3234] loop1: detected capacity change from 0 to 512
[  306.906720][ T3234] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  307.001125][ T3234] EXT4-fs (loop1): orphan cleanup on readonly fs
[  307.008012][ T3234] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  307.017476][ T3234] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  307.026887][ T3234] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.770: Failed to acquire dquot type 1
[  307.038685][ T3234] EXT4-fs (loop1): 1 truncate cleaned up
[  307.046050][ T3234] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  307.063964][  T283] EXT4-fs (loop1): unmounting filesystem.
[  307.116866][ T3243] capability: warning: `syz.1.773' uses deprecated v2 capabilities in a way that may be insecure
[  307.282217][   T28] audit: type=1326 audit(1748971261.104:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3242 comm="syz.1.773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6cdb58e969 code=0x0
[  307.362021][ T3252] FAULT_INJECTION: forcing a failure.
[  307.362021][ T3252] name failslab, interval 1, probability 0, space 0, times 0
[  307.374716][ T3252] CPU: 1 PID: 3252 Comm: syz.5.775 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  307.384451][ T3252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  307.394513][ T3252] Call Trace:
[  307.397803][ T3252]  <TASK>
[  307.400743][ T3252]  __dump_stack+0x21/0x24
[  307.405086][ T3252]  dump_stack_lvl+0xee/0x150
[  307.409694][ T3252]  ? __cfi_dump_stack_lvl+0x8/0x8
[  307.414781][ T3252]  dump_stack+0x15/0x24
[  307.418963][ T3252]  should_fail_ex+0x3d4/0x520
[  307.423656][ T3252]  __should_failslab+0xac/0xf0
[  307.428434][ T3252]  ? bpf_test_init+0xce/0x160
[  307.433126][ T3252]  should_failslab+0x9/0x20
[  307.437650][ T3252]  __kmem_cache_alloc_node+0x3d/0x2c0
[  307.443048][ T3252]  ? bpf_test_init+0xce/0x160
[  307.447746][ T3252]  __kmalloc+0xa1/0x1e0
[  307.451916][ T3252]  bpf_test_init+0xce/0x160
[  307.456438][ T3252]  bpf_prog_test_run_xdp+0x359/0xe50
[  307.461737][ T3252]  ? sysvec_reschedule_ipi+0x78/0x80
[  307.467032][ T3252]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  307.472673][ T3252]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  307.478500][ T3252]  ? __sanitizer_cov_trace_pc+0x5c/0x60
[  307.482945][ T3241] loop3: detected capacity change from 0 to 40427
[  307.484070][ T3252]  ? __kasan_check_write+0x14/0x20
[  307.494380][ T3241] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  307.495566][ T3252]  ? __cfi_bpf_prog_test_run_xdp+0x10/0x10
[  307.503482][ T3241] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  307.509109][ T3252]  bpf_prog_test_run+0x3e3/0x630
[  307.509134][ T3252]  ? __kasan_check_write+0x14/0x20
[  307.527308][ T3252]  ? bpf_prog_query+0x270/0x270
[  307.532181][ T3252]  ? selinux_bpf+0xce/0xf0
[  307.536623][ T3252]  ? security_bpf+0x93/0xb0
[  307.541148][ T3252]  __sys_bpf+0x56d/0x780
[  307.545420][ T3252]  ? bpf_link_show_fdinfo+0x320/0x320
[  307.550828][ T3252]  ? fpregs_restore_userregs+0x128/0x260
[  307.556492][ T3252]  __x64_sys_bpf+0x7c/0x90
[  307.560946][ T3252]  x64_sys_call+0x488/0x9a0
[  307.565487][ T3252]  do_syscall_64+0x4c/0xa0
[  307.569935][ T3252]  ? clear_bhb_loop+0x15/0x70
[  307.574628][ T3252]  ? clear_bhb_loop+0x15/0x70
[  307.579336][ T3252]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  307.585255][ T3252] RIP: 0033:0x7f174478e969
[  307.589690][ T3252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.609318][ T3252] RSP: 002b:00007f17445ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  307.615713][ T3247] netlink: 'syz.1.773': attribute type 7 has an invalid length.
[  307.617745][ T3252] RAX: ffffffffffffffda RBX: 00007f17449b6160 RCX: 00007f174478e969
[  307.617763][ T3252] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 000000000000000a
[  307.617777][ T3252] RBP: 00007f17445ff090 R08: 0000000000000000 R09: 0000000000000000
[  307.617789][ T3252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  307.631544][ T3241] F2FS-fs (loop3): Found nat_bits in checkpoint
[  307.633376][ T3252] R13: 0000000000000000 R14: 00007f17449b6160 R15: 00007ffe20ce6df8
[  307.633401][ T3252]  </TASK>
[  307.757981][ T3241] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  307.770670][ T3241] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  307.823515][ T3263] loop0: detected capacity change from 0 to 512
[  307.844335][ T3263] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  307.853589][ T3263] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.880393][  T285] EXT4-fs (loop0): unmounting filesystem.
[  308.099376][ T3277] loop6: detected capacity change from 0 to 256
[  308.326806][ T3279] loop5: detected capacity change from 0 to 1024
[  308.399906][ T3279] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  308.495397][   T28] audit: type=1400 audit(1748971262.314:218): avc:  denied  { mounton } for  pid=3278 comm="syz.5.782" path="/31/file1/bus" dev="loop5" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  308.540553][ T3279] overlayfs: conflicting lowerdir path
[  309.921018][ T3286] FAULT_INJECTION: forcing a failure.
[  309.921018][ T3286] name failslab, interval 1, probability 0, space 0, times 0
[  309.949240][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  309.972732][ T3286] CPU: 1 PID: 3286 Comm: syz.0.783 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  309.982537][ T3286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.992599][ T3286] Call Trace:
[  309.995873][ T3286]  <TASK>
[  309.998798][ T3286]  __dump_stack+0x21/0x24
[  310.003158][ T3286]  dump_stack_lvl+0xee/0x150
[  310.007750][ T3286]  ? __cfi_dump_stack_lvl+0x8/0x8
[  310.012785][ T3286]  dump_stack+0x15/0x24
[  310.016939][ T3286]  should_fail_ex+0x3d4/0x520
[  310.021620][ T3286]  __should_failslab+0xac/0xf0
[  310.026387][ T3286]  ? key_alloc+0x314/0xf40
[  310.030800][ T3286]  should_failslab+0x9/0x20
[  310.035391][ T3286]  __kmem_cache_alloc_node+0x3d/0x2c0
[  310.040789][ T3286]  ? slab_post_alloc_hook+0x6d/0x2d0
[  310.046070][ T3286]  ? key_alloc+0x2d0/0xf40
[  310.050498][ T3286]  ? key_alloc+0x314/0xf40
[  310.054907][ T3286]  __kmalloc_node_track_caller+0xa0/0x1e0
[  310.060633][ T3286]  kmemdup+0x2b/0x60
[  310.064528][ T3286]  key_alloc+0x314/0xf40
[  310.068768][ T3286]  keyring_alloc+0x47/0xb0
[  310.073181][ T3286]  join_session_keyring+0x135/0x450
[  310.078373][ T3286]  __se_sys_keyctl+0x938/0xc20
[  310.083143][ T3286]  ? slab_free_freelist_hook+0xc2/0x190
[  310.088708][ T3286]  ? __x64_sys_keyctl+0xd0/0xd0
[  310.093570][ T3286]  ? __cfi_vfs_write+0x10/0x10
[  310.098336][ T3286]  ? __kasan_check_write+0x14/0x20
[  310.103451][ T3286]  ? mutex_unlock+0x89/0x220
[  310.108049][ T3286]  ? __cfi_mutex_unlock+0x10/0x10
[  310.113078][ T3286]  ? __kasan_check_write+0x14/0x20
[  310.118193][ T3286]  ? fput+0x154/0x1a0
[  310.122184][ T3286]  ? ksys_write+0x1eb/0x240
[  310.126689][ T3286]  ? __cfi_ksys_write+0x10/0x10
[  310.131539][ T3286]  ? do_user_addr_fault+0x9ac/0x1050
[  310.136826][ T3286]  __x64_sys_keyctl+0xbf/0xd0
[  310.141505][ T3286]  x64_sys_call+0x71a/0x9a0
[  310.146007][ T3286]  do_syscall_64+0x4c/0xa0
[  310.150458][ T3286]  ? clear_bhb_loop+0x15/0x70
[  310.155134][ T3286]  ? clear_bhb_loop+0x15/0x70
[  310.159804][ T3286]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.165728][ T3286] RIP: 0033:0x7f67d7f8e969
[  310.170136][ T3286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.189735][ T3286] RSP: 002b:00007f67d8e4f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  310.198143][ T3286] RAX: ffffffffffffffda RBX: 00007f67d81b5fa0 RCX: 00007f67d7f8e969
[  310.206107][ T3286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  310.214074][ T3286] RBP: 00007f67d8e4f090 R08: 0000000000000000 R09: 0000000000000000
[  310.222055][ T3286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.230033][ T3286] R13: 0000000000000001 R14: 00007f67d81b5fa0 R15: 00007fff56913af8
[  310.238014][ T3286]  </TASK>
[  310.246812][ T3290] loop3: detected capacity change from 0 to 512
[  310.253909][ T3290] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  310.267895][ T3290] EXT4-fs (loop3): orphan cleanup on readonly fs
[  310.274726][ T3290] __quota_error: 7 callbacks suppressed
[  310.274741][ T3290] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  310.289933][ T3290] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  310.299382][ T3290] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.784: Failed to acquire dquot type 1
[  310.311155][ T3290] EXT4-fs (loop3): 1 truncate cleaned up
[  310.316971][ T3290] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  310.329493][ T3291] hub 8-0:1.0: USB hub found
[  310.334882][  T282] EXT4-fs (loop3): unmounting filesystem.
[  310.346779][ T3291] hub 8-0:1.0: 1 port detected
[  310.355388][ T3291] netlink: 68 bytes leftover after parsing attributes in process `syz.1.779'.
[  310.383462][ T3301] loop3: detected capacity change from 0 to 512
[  310.415769][ T3301] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.518379][   T28] audit: type=1400 audit(1748971264.344:226): avc:  denied  { setopt } for  pid=3309 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  310.552267][ T3307] hub 8-0:1.0: USB hub found
[  310.552288][   T28] audit: type=1400 audit(1748971264.374:227): avc:  denied  { mounton } for  pid=3311 comm="syz.1.792" path="/166/file0" dev="tmpfs" ino=985 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  310.561185][ T3307] hub 8-0:1.0: 1 port detected
[  310.598662][ T3310] device syzkaller0 entered promiscuous mode
[  310.614627][   T28] audit: type=1400 audit(1748971264.434:228): avc:  denied  { read } for  pid=3311 comm="syz.1.792" dev="nsfs" ino=4026532296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  310.679349][   T28] audit: type=1400 audit(1748971264.434:229): avc:  denied  { open } for  pid=3311 comm="syz.1.792" path="net:[4026532296]" dev="nsfs" ino=4026532296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  310.710814][   T28] audit: type=1400 audit(1748971264.434:230): avc:  denied  { mount } for  pid=3311 comm="syz.1.792" name="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  310.759661][   T28] audit: type=1400 audit(1748971264.434:231): avc:  denied  { search } for  pid=3311 comm="syz.1.792" name="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  310.794318][   T28] audit: type=1400 audit(1748971264.434:232): avc:  denied  { read } for  pid=3311 comm="syz.1.792" name="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  310.818171][ T3318] netlink: 68 bytes leftover after parsing attributes in process `syz.6.786'.
[  310.841692][   T28] audit: type=1400 audit(1748971264.434:233): avc:  denied  { open } for  pid=3311 comm="syz.1.792" path="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  311.417042][ T3331] loop6: detected capacity change from 0 to 256
[  312.763097][ T3340] loop3: detected capacity change from 0 to 512
[  312.783808][ T3340] EXT4-fs: Ignoring removed oldalloc option
[  312.796006][ T3340] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  312.815604][ T3340] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  312.830248][ T3340] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=b842c01c, mo2=0102]
[  312.844981][ T3340] System zones: 0-2, 18-18, 34-34
[  312.855830][ T3340] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.800: bad orphan inode 15
[  312.873663][ T3340] ext4_test_bit(bit=14, block=18) = 1
[  312.883547][ T3340] is_bad_inode(inode)=0
[  312.891067][ T3340] NEXT_ORPHAN(inode)=2264924160
[  312.899285][ T3340] max_ino=32
[  312.904745][ T3340] i_nlink=0
[  312.920330][ T3340] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1087: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  312.945999][ T3340] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.800: bg 0: block 80: padding at end of block bitmap is not set
[  312.970593][ T3340] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  313.151470][ T3343] loop6: detected capacity change from 0 to 512
[  313.177791][ T3343] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.268872][ T3349] loop6: detected capacity change from 0 to 512
[  313.310560][ T3349] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.434326][ T3349] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.803: Attempting to read directory block (0) that is past i_size (3)
[  314.229933][ T3365] netlink: 'syz.5.806': attribute type 27 has an invalid length.
[  314.308271][ T3365] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.315570][ T3365] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.386831][ T3375] netlink: 'syz.5.810': attribute type 27 has an invalid length.
[  314.493314][ T3385] loop0: detected capacity change from 0 to 512
[  314.539258][ T3385] EXT4-fs mount: 8 callbacks suppressed
[  314.539277][ T3385] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  314.556620][ T3385] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.633824][ T3389] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=3389 comm=syz.5.811
[  314.849352][  T285] EXT4-fs (loop0): unmounting filesystem.
[  315.460550][ T3398] loop1: detected capacity change from 0 to 512
[  315.468678][ T3398] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  315.488306][ T3398] EXT4-fs (loop1): orphan cleanup on readonly fs
[  315.495214][ T3398] __quota_error: 7 callbacks suppressed
[  315.495230][ T3398] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  315.510312][ T3398] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  315.519728][ T3398] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.815: Failed to acquire dquot type 1
[  315.537180][ T3398] EXT4-fs (loop1): 1 truncate cleaned up
[  315.560418][ T3398] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  315.581155][  T283] EXT4-fs (loop1): unmounting filesystem.
[  315.589082][ T3405] loop3: detected capacity change from 0 to 256
[  316.699624][   T28] audit: type=1400 audit(1748971269.714:241): avc:  denied  { create } for  pid=3402 comm="syz.5.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  316.835656][ T3411] netlink: 'syz.0.820': attribute type 13 has an invalid length.
[  316.896464][ T3411] gretap0: refused to change device tx_queue_len
[  316.902913][   T28] audit: type=1400 audit(1748971269.734:242): avc:  denied  { ioctl } for  pid=3402 comm="syz.5.818" path="socket:[29919]" dev="sockfs" ino=29919 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  316.939963][ T3411] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  316.991033][ T3414] netlink: 'syz.6.821': attribute type 27 has an invalid length.
[  317.140311][ T3422] FAULT_INJECTION: forcing a failure.
[  317.140311][ T3422] name failslab, interval 1, probability 0, space 0, times 0
[  317.152946][ T3422] CPU: 1 PID: 3422 Comm: syz.1.819 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  317.162679][ T3422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  317.172738][ T3422] Call Trace:
[  317.176023][ T3422]  <TASK>
[  317.178954][ T3422]  __dump_stack+0x21/0x24
[  317.183303][ T3422]  dump_stack_lvl+0xee/0x150
[  317.187905][ T3422]  ? __cfi_dump_stack_lvl+0x8/0x8
[  317.192943][ T3422]  ? avc_has_perm_noaudit+0x2f4/0x460
[  317.198325][ T3422]  dump_stack+0x15/0x24
[  317.202493][ T3422]  should_fail_ex+0x3d4/0x520
[  317.207180][ T3422]  ? __sigqueue_alloc+0x13f/0x210
[  317.212219][ T3422]  __should_failslab+0xac/0xf0
[  317.216990][ T3422]  should_failslab+0x9/0x20
[  317.221505][ T3422]  kmem_cache_alloc+0x3b/0x330
[  317.226277][ T3422]  __sigqueue_alloc+0x13f/0x210
[  317.231139][ T3422]  __send_signal_locked+0x19d/0xb70
[  317.236336][ T3422]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  317.241792][ T3422]  ? vfs_write+0x9d6/0xca0
[  317.246214][ T3422]  send_signal_locked+0x422/0x580
[  317.251235][ T3422]  ? __kasan_check_write+0x14/0x20
[  317.256344][ T3422]  do_send_sig_info+0xd6/0x210
[  317.261106][ T3422]  send_sig_info+0x4b/0x60
[  317.265527][ T3422]  ptrace_attach+0x36b/0x5a0
[  317.270112][ T3422]  __se_sys_ptrace+0x1bb/0x3c0
[  317.274936][ T3422]  ? __x64_sys_ptrace+0xb0/0xb0
[  317.279781][ T3422]  __x64_sys_ptrace+0x9b/0xb0
[  317.284448][ T3422]  x64_sys_call+0xa6/0x9a0
[  317.288864][ T3422]  do_syscall_64+0x4c/0xa0
[  317.293277][ T3422]  ? clear_bhb_loop+0x15/0x70
[  317.297945][ T3422]  ? clear_bhb_loop+0x15/0x70
[  317.302614][ T3422]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  317.308507][ T3422] RIP: 0033:0x7f6cdb58e969
[  317.312917][ T3422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.332516][ T3422] RSP: 002b:00007f6cdb3de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  317.340925][ T3422] RAX: ffffffffffffffda RBX: 00007f6cdb7b6160 RCX: 00007f6cdb58e969
[  317.348892][ T3422] RDX: 0000000000000000 RSI: 0000000000000237 RDI: 0000000000000010
[  317.356853][ T3422] RBP: 00007f6cdb3de090 R08: 0000000000000000 R09: 0000000000000000
[  317.364813][ T3422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.372777][ T3422] R13: 0000000000000000 R14: 00007f6cdb7b6160 R15: 00007ffd99497118
[  317.380746][ T3422]  </TASK>
[  317.497415][ T3418] SELinux: failed to load policy
[  317.505001][ T3428] loop5: detected capacity change from 0 to 512
[  317.509507][   T28] audit: type=1400 audit(1748971271.254:243): avc:  denied  { load_policy } for  pid=3417 comm="syz.5.822" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  317.537793][ T3428] EXT4-fs: Ignoring removed orlov option
[  317.543831][ T3428] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  317.553469][ T3428] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  317.576866][ T3428] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.822: corrupted in-inode xattr
[  317.595080][ T3428] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.822: couldn't read orphan inode 15 (err -117)
[  317.612915][ T3428] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  318.323200][ T3442] loop6: detected capacity change from 0 to 512
[  318.355536][ T3442] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  318.371197][ T3442] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.396706][ T3442] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.829: Attempting to read directory block (0) that is past i_size (3)
[  318.429501][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  319.116040][  T323] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  319.312595][  T323] usb 4-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[  319.338302][  T754] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  319.580316][  T323] usb 4-1: config 253 interface 0 altsetting 0 has an invalid endpoint with address 0x65, skipping
[  319.615953][  T323] usb 4-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  319.633183][  T323] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  319.643080][  T323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  319.651791][  T323] usb 4-1: SerialNumber: syz
[  320.413701][ T3467] loop6: detected capacity change from 0 to 256
[  320.583677][  T754] usb 2-1: Using ep0 maxpacket: 32
[  320.941148][  T754] usb 2-1: config 3 has an invalid interface number: 135 but max is 0
[  320.941493][ T3448] cgroup: Unknown subsys name 'measure'
[  320.949672][  T754] usb 2-1: config 3 has no interface number 0
[  320.965958][  T754] usb 2-1: config 3 interface 135 altsetting 8 has a duplicate endpoint with address 0x1, skipping
[  320.977599][  T754] usb 2-1: config 3 interface 135 altsetting 8 has an invalid endpoint with address 0x1A, skipping
[  320.989859][  T754] usb 2-1: config 3 interface 135 altsetting 8 has a duplicate endpoint with address 0xF, skipping
[  321.115772][  T754] usb 2-1: config 3 interface 135 altsetting 8 endpoint 0x3 has invalid maxpacket 26451, setting to 1024
[  321.279819][  T754] usb 2-1: config 3 interface 135 altsetting 8 has an invalid endpoint with address 0x0, skipping
[  321.298513][  T323] usb 4-1: USB disconnect, device number 7
[  321.319188][  T754] usb 2-1: config 3 interface 135 altsetting 8 has a duplicate endpoint with address 0x3, skipping
[  321.344190][  T754] usb 2-1: config 3 interface 135 has no altsetting 0
[  321.390497][  T754] usb 2-1: New USB device found, idVendor=413c, idProduct=81b6, bcdDevice=ab.92
[  321.469304][  T754] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.527959][  T754] usb 2-1: Product: syz
[  321.906759][ T3471] netlink: 'syz.1.836': attribute type 27 has an invalid length.
[  321.960059][ T3469] loop0: detected capacity change from 0 to 1024
[  322.033805][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  322.037945][  T754] usb 2-1: Manufacturer: syz
[  322.044286][  T754] usb 2-1: SerialNumber: syz
[  322.050861][ T3474] loop1: detected capacity change from 0 to 256
[  322.059980][ T3474] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  322.063126][  T754] usb 2-1: can't set config #3, error -71
[  322.093066][  T754] usb 2-1: USB disconnect, device number 6
[  322.233044][ T3485] FAULT_INJECTION: forcing a failure.
[  322.233044][ T3485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.313463][ T3485] CPU: 0 PID: 3485 Comm: syz.5.838 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  322.317637][ T3469] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  322.323240][ T3485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.341696][ T3485] Call Trace:
[  322.344984][ T3485]  <TASK>
[  322.347922][ T3485]  __dump_stack+0x21/0x24
[  322.352278][ T3485]  dump_stack_lvl+0xee/0x150
[  322.355637][ T3469] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.356885][ T3485]  ? __cfi_dump_stack_lvl+0x8/0x8
[  322.356915][ T3485]  ? show_map_pad_vma+0x9b/0xf0
[  322.377168][ T3485]  ? show_smap+0x52f/0x590
[  322.381604][ T3485]  dump_stack+0x15/0x24
[  322.385791][ T3485]  should_fail_ex+0x3d4/0x520
[  322.390497][ T3485]  should_fail+0xb/0x10
[  322.394675][ T3485]  should_fail_usercopy+0x1a/0x20
[  322.399726][ T3485]  copyout+0x20/0xa0
[  322.403639][ T3485]  _copy_to_iter+0x3f0/0xe50
[  322.408247][ T3485]  ? __cfi__copy_to_iter+0x10/0x10
[  322.413356][ T3485]  ? traverse+0x53a/0x560
[  322.417691][ T3485]  ? check_stack_object+0x81/0x140
[  322.422807][ T3485]  ? __check_object_size+0x45a/0x600
[  322.428092][ T3485]  seq_read_iter+0x2d6/0xdd0
[  322.432683][ T3485]  ? __stack_depot_save+0x36/0x480
[  322.437800][ T3485]  seq_read+0x159/0x1f0
[  322.441958][ T3485]  ? __cfi_seq_read+0x10/0x10
[  322.446634][ T3485]  ? __kasan_check_read+0x11/0x20
[  322.451657][ T3485]  ? fsnotify_perm+0x269/0x5b0
[  322.456419][ T3485]  ? security_file_permission+0x94/0xb0
[  322.461961][ T3485]  do_iter_read+0x4b0/0xb30
[  322.466475][ T3485]  ? _copy_from_user+0x8f/0xc0
[  322.471249][ T3485]  ? vfs_iter_read+0xa0/0xa0
[  322.475843][ T3485]  ? import_iovec+0x7c/0xb0
[  322.480341][ T3485]  do_preadv+0x1f6/0x330
[  322.484574][ T3485]  ? vfs_writev+0x590/0x590
[  322.489070][ T3485]  ? __kasan_check_write+0x14/0x20
[  322.494189][ T3485]  ? fput+0x154/0x1a0
[  322.498187][ T3485]  __x64_sys_preadv+0x9e/0xb0
[  322.502867][ T3485]  x64_sys_call+0x370/0x9a0
[  322.507369][ T3485]  do_syscall_64+0x4c/0xa0
[  322.511787][ T3485]  ? clear_bhb_loop+0x15/0x70
[  322.516477][ T3485]  ? clear_bhb_loop+0x15/0x70
[  322.521160][ T3485]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  322.527059][ T3485] RIP: 0033:0x7f174478e969
[  322.531472][ T3485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.551156][ T3485] RSP: 002b:00007f174552d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  322.559568][ T3485] RAX: ffffffffffffffda RBX: 00007f17449b6080 RCX: 00007f174478e969
[  322.567533][ T3485] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: 000000000000000a
[  322.575589][ T3485] RBP: 00007f174552d090 R08: 0000000000000000 R09: 0000000000000000
[  322.583564][ T3485] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000001
[  322.591541][ T3485] R13: 0000000000000000 R14: 00007f17449b6080 R15: 00007ffe20ce6df8
[  322.599521][ T3485]  </TASK>
[  322.654833][   T28] audit: type=1400 audit(1748971276.434:244): avc:  denied  { append } for  pid=3468 comm="syz.0.835" name="file1" dev="loop0" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  323.039017][  T285] EXT4-fs (loop0): unmounting filesystem.
[  323.062401][ T3500] loop0: detected capacity change from 0 to 512
[  323.099176][ T3500] EXT4-fs (loop0): Test dummy encryption mode enabled
[  323.106210][ T3500] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  323.118010][ T3500] EXT4-fs (loop0): 1 truncate cleaned up
[  323.123784][ T3500] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  323.146569][ T3500] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  323.158245][ T3500] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  323.572355][  T754] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  323.704680][ T3522] netlink: 'syz.5.847': attribute type 27 has an invalid length.
[  323.795349][ T3524] loop3: detected capacity change from 0 to 1024
[  323.802480][ T3524] EXT4-fs: Ignoring removed nobh option
[  323.808277][ T3524] EXT4-fs: Ignoring removed bh option
[  323.816310][ T3524] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  323.857721][  T754] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  323.868385][  T754] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  323.889185][  T754] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  324.248147][ T3524] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  324.309035][  T285] EXT4-fs (loop0): unmounting filesystem.
[  324.340273][  T754] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.431990][  T754] usb 7-1: Product: syz
[  324.466712][  T754] usb 7-1: Manufacturer: syz
[  324.491609][  T754] usb 7-1: SerialNumber: syz
[  324.838443][ T3502] netlink: 20 bytes leftover after parsing attributes in process `syz.6.845'.
[  324.849910][  T754] usb 7-1: 0:2 : does not exist
[  324.857298][  T282] EXT4-fs (loop3): unmounting filesystem.
[  324.878323][  T754] usb 7-1: 5:0: failed to get current value for ch 0 (-22)
[  324.901135][  T754] usb 7-1: USB disconnect, device number 3
[  324.979755][ T3539] loop0: detected capacity change from 0 to 256
[  325.790574][ T3542] syz.5.854[3542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  325.790660][ T3542] syz.5.854[3542] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  326.023218][   T28] audit: type=1400 audit(1748971279.844:245): avc:  denied  { write } for  pid=3550 comm="syz.0.856" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  326.027633][ T3553] loop6: detected capacity change from 0 to 512
[  326.041334][ T3552] FAULT_INJECTION: forcing a failure.
[  326.041334][ T3552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  326.077262][ T3552] CPU: 1 PID: 3552 Comm: syz.0.856 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  326.082784][ T3553] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  326.087022][ T3552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.087038][ T3552] Call Trace:
[  326.087045][ T3552]  <TASK>
[  326.087052][ T3552]  __dump_stack+0x21/0x24
[  326.087084][ T3552]  dump_stack_lvl+0xee/0x150
[  326.087109][ T3552]  ? __cfi_dump_stack_lvl+0x8/0x8
[  326.087140][ T3552]  dump_stack+0x15/0x24
[  326.087165][ T3552]  should_fail_ex+0x3d4/0x520
[  326.134908][ T3552]  should_fail+0xb/0x10
[  326.139069][ T3552]  should_fail_usercopy+0x1a/0x20
[  326.144102][ T3552]  _copy_to_user+0x1e/0x90
[  326.148608][ T3552]  binder_ioctl_write_read+0x9e25/0xaeb0
[  326.154239][ T3552]  ? is_bpf_text_address+0x177/0x190
[  326.159525][ T3552]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  326.165681][ T3552]  ? __stack_depot_save+0x36/0x480
[  326.170809][ T3552]  ? binder_has_work_ilocked+0x3c0/0x3c0
[  326.176437][ T3552]  ? kasan_set_track+0x60/0x70
[  326.181196][ T3552]  ? kasan_set_track+0x4b/0x70
[  326.186040][ T3552]  ? kasan_save_alloc_info+0x25/0x30
[  326.191503][ T3552]  ? __kasan_kmalloc+0x95/0xb0
[  326.196263][ T3552]  ? kmalloc_trace+0x40/0xb0
[  326.200851][ T3552]  ? binder_get_thread+0x1ec/0x850
[  326.205953][ T3552]  ? binder_ioctl+0x220/0x19a0
[  326.210714][ T3552]  ? __se_sys_ioctl+0x12f/0x1b0
[  326.215652][ T3552]  ? __x64_sys_ioctl+0x7b/0x90
[  326.220415][ T3552]  ? x64_sys_call+0x58b/0x9a0
[  326.225087][ T3552]  ? do_syscall_64+0x4c/0xa0
[  326.229679][ T3552]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  326.235761][ T3552]  ? _binder_inner_proc_unlock+0x40/0x40
[  326.241390][ T3552]  ? __kasan_check_write+0x14/0x20
[  326.246500][ T3552]  ? _raw_spin_lock+0x8e/0xe0
[  326.251175][ T3552]  ? __cfi__raw_spin_lock+0x10/0x10
[  326.256377][ T3552]  ? kasan_save_alloc_info+0x25/0x30
[  326.261665][ T3552]  ? __kasan_kmalloc+0x95/0xb0
[  326.266425][ T3552]  ? _raw_spin_unlock+0x4c/0x70
[  326.271279][ T3552]  binder_ioctl+0x355/0x19a0
[  326.275867][ T3552]  ? __cfi_binder_ioctl+0x10/0x10
[  326.280886][ T3552]  ? has_cap_mac_admin+0x330/0x330
[  326.285993][ T3552]  ? security_file_permission+0x94/0xb0
[  326.291536][ T3552]  ? vfs_write+0x9d6/0xca0
[  326.295953][ T3552]  ? slab_free_freelist_hook+0xc2/0x190
[  326.301503][ T3552]  ? selinux_file_ioctl+0x377/0x480
[  326.306702][ T3552]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  326.312240][ T3552]  ? mutex_unlock+0x89/0x220
[  326.316832][ T3552]  ? __cfi_mutex_unlock+0x10/0x10
[  326.321891][ T3552]  ? __fget_files+0x2d5/0x330
[  326.326570][ T3552]  ? security_file_ioctl+0x95/0xc0
[  326.331678][ T3552]  ? __cfi_binder_ioctl+0x10/0x10
[  326.336701][ T3552]  __se_sys_ioctl+0x12f/0x1b0
[  326.341383][ T3552]  __x64_sys_ioctl+0x7b/0x90
[  326.345972][ T3552]  x64_sys_call+0x58b/0x9a0
[  326.350473][ T3552]  do_syscall_64+0x4c/0xa0
[  326.354895][ T3552]  ? clear_bhb_loop+0x15/0x70
[  326.359582][ T3552]  ? clear_bhb_loop+0x15/0x70
[  326.364267][ T3552]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  326.370166][ T3552] RIP: 0033:0x7f67d7f8e969
[  326.374575][ T3552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.394176][ T3552] RSP: 002b:00007f67d8e4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  326.402590][ T3552] RAX: ffffffffffffffda RBX: 00007f67d81b5fa0 RCX: 00007f67d7f8e969
[  326.410556][ T3552] RDX: 0000200000000340 RSI: 00000000c0306201 RDI: 0000000000000003
[  326.418525][ T3552] RBP: 00007f67d8e4f090 R08: 0000000000000000 R09: 0000000000000000
[  326.426493][ T3552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.434455][ T3552] R13: 0000000000000000 R14: 00007f67d81b5fa0 R15: 00007fff56913af8
[  326.442427][ T3552]  </TASK>
[  326.445990][ T3552] binder: 3550:3552 ioctl c0306201 200000000340 returned -14
[  326.456539][ T3553] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.528489][ T3553] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.857: Attempting to read directory block (0) that is past i_size (3)
[  326.533597][ T3565] loop0: detected capacity change from 0 to 512
[  326.560951][ T3565] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  326.570006][ T3565] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.570972][ T2784] EXT4-fs (loop6): unmounting filesystem.
[  326.598059][ T3565] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.860: Attempting to read directory block (0) that is past i_size (3)
[  326.628506][  T285] EXT4-fs (loop0): unmounting filesystem.
[  326.640505][ T3571] netlink: 'syz.6.864': attribute type 27 has an invalid length.
[  326.829022][ T3582] loop6: detected capacity change from 0 to 256
[  328.969391][   T28] audit: type=1400 audit(1748971282.784:246): avc:  denied  { write } for  pid=3590 comm="syz.3.869" name="file0" dev="tmpfs" ino=1096 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  328.992158][   T28] audit: type=1400 audit(1748971282.784:247): avc:  denied  { open } for  pid=3590 comm="syz.3.869" path="/187/file0" dev="tmpfs" ino=1096 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  329.059101][   T28] audit: type=1400 audit(1748971282.784:248): avc:  denied  { ioctl } for  pid=3590 comm="syz.3.869" path="/187/file0" dev="tmpfs" ino=1096 ioctlcmd=0x1275 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  330.200580][ T3628] netlink: 'syz.1.877': attribute type 27 has an invalid length.
[  330.525984][  T323] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  330.715960][  T323] usb 7-1: Using ep0 maxpacket: 8
[  330.731315][  T323] usb 7-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  330.750167][ T3643] loop0: detected capacity change from 0 to 256
[  330.762054][  T323] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  330.774546][  T323] usb 7-1: New USB device found, idVendor=05a9, idProduct=2640, bcdDevice=55.12
[  330.785296][  T323] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.876524][  T323] usb 7-1: config 0 descriptor??
[  331.017612][  T323] usb 7-1: Found UVC 0.00 device <unnamed> (05a9:2640)
[  331.123176][  T323] usb 7-1: No valid video chain found.
[  331.852081][ T3647] loop5: detected capacity change from 0 to 256
[  332.913130][ T3658] syz.5.887[3658] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  332.913201][ T3658] syz.5.887[3658] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  332.926584][ T3658] 9pnet_fd: Insufficient options for proto=fd
[  333.061466][ T3659] loop3: detected capacity change from 0 to 512
[  334.286678][ T3659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  334.295701][ T3659] ext4 filesystem being mounted at /190/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.493898][ T3652] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.885: corrupted inode contents
[  334.507334][ T3652] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.885: mark_inode_dirty error
[  334.520486][ T3652] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.885: corrupted inode contents
[  334.533618][ T3652] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.885: mark_inode_dirty error
[  334.559290][ T3659] netlink: 20 bytes leftover after parsing attributes in process `syz.3.885'.
[  334.568273][ T3659] netlink: 20 bytes leftover after parsing attributes in process `syz.3.885'.
[  334.790691][  T282] EXT4-fs (loop3): unmounting filesystem.
[  335.378886][  T323] usb 7-1: USB disconnect, device number 4
[  335.502516][ T3683] netlink: 'syz.5.890': attribute type 27 has an invalid length.
[  335.639961][ T3693] loop1: detected capacity change from 0 to 512
[  335.694769][ T3693] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  335.703958][ T3693] ext4 filesystem being mounted at /186/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  335.836415][ T3699] loop5: detected capacity change from 0 to 256
[  335.924011][ T3685] FAULT_INJECTION: forcing a failure.
[  335.924011][ T3685] name failslab, interval 1, probability 0, space 0, times 0
[  336.019525][ T3685] CPU: 0 PID: 3685 Comm: syz.1.892 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  336.029289][ T3685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  336.039359][ T3685] Call Trace:
[  336.042644][ T3685]  <TASK>
[  336.045579][ T3685]  __dump_stack+0x21/0x24
[  336.049923][ T3685]  dump_stack_lvl+0xee/0x150
[  336.054524][ T3685]  ? __cfi_dump_stack_lvl+0x8/0x8
[  336.059565][ T3685]  ? dump_stack+0x9/0x24
[  336.063822][ T3685]  dump_stack+0x15/0x24
[  336.067991][ T3685]  should_fail_ex+0x3d4/0x520
[  336.072681][ T3685]  __should_failslab+0xac/0xf0
[  336.077456][ T3685]  ? ext4_find_extent+0x36b/0xe20
[  336.082500][ T3685]  should_failslab+0x9/0x20
[  336.087027][ T3685]  __kmem_cache_alloc_node+0x3d/0x2c0
[  336.092414][ T3685]  ? ext4_find_extent+0x36b/0xe20
[  336.097467][ T3685]  __kmalloc+0xa1/0x1e0
[  336.101640][ T3685]  ? __cfi___switch_to+0x10/0x10
[  336.106596][ T3685]  ext4_find_extent+0x36b/0xe20
[  336.111467][ T3685]  ext4_ext_map_blocks+0x1dc/0x6060
[  336.116684][ T3685]  ? __schedule+0xb8f/0x14e0
[  336.121293][ T3685]  ? release_firmware_map_entry+0x194/0x194
[  336.127201][ T3685]  ? __schedule+0xb8f/0x14e0
[  336.131810][ T3685]  ? strncpy_from_kernel_nofault+0x160/0x1c0
[  336.137812][ T3685]  ? __cfi_preempt_schedule_irq+0x10/0x10
[  336.143546][ T3685]  ? rwsem_read_trylock+0x29a/0x620
[  336.148758][ T3685]  ? __cfi_ext4_ext_map_blocks+0x10/0x10
[  336.154412][ T3685]  ? raw_irqentry_exit_cond_resched+0x29/0x30
[  336.160488][ T3685]  ? sysvec_reschedule_ipi+0x78/0x80
[  336.165789][ T3685]  ? ext4_map_blocks+0x384/0x1b60
[  336.170821][ T3685]  ext4_map_blocks+0x398/0x1b60
[  336.175685][ T3685]  ? __cfi_ext4_map_blocks+0x10/0x10
[  336.180980][ T3685]  ? unwind_get_return_address+0x4d/0x90
[  336.186628][ T3685]  ext4_getblk+0x1c1/0x6d0
[  336.191052][ T3685]  ? __cfi_ext4_getblk+0x10/0x10
[  336.195998][ T3685]  ? irqentry_exit+0x37/0x40
[  336.200596][ T3685]  ? sysvec_reschedule_ipi+0x78/0x80
[  336.205890][ T3685]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[  336.211529][ T3685]  ext4_bread_batch+0x66/0x490
[  336.216302][ T3685]  __ext4_find_entry+0xf83/0x1a70
[  336.221335][ T3685]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.227427][ T3685]  ? ext4_ci_compare+0x3d0/0x3d0
[  336.232376][ T3685]  ? ext4_fname_prepare_lookup+0x2d3/0x3a0
[  336.238194][ T3685]  ? generic_set_encrypted_ci_d_ops+0xce/0x100
[  336.244362][ T3685]  ext4_lookup+0x144/0x6d0
[  336.248790][ T3685]  ? slab_pre_alloc_hook+0x30/0x1e0
[  336.254005][ T3685]  ? __cfi_ext4_lookup+0x10/0x10
[  336.258955][ T3685]  ? __d_alloc+0x4c4/0x6c0
[  336.263382][ T3685]  ? _raw_spin_unlock+0x4c/0x70
[  336.268252][ T3685]  ? d_alloc+0x199/0x1d0
[  336.272508][ T3685]  lookup_one_qstr_excl+0x125/0x270
[  336.277725][ T3685]  do_unlinkat+0x189/0x6b0
[  336.282151][ T3685]  ? __cfi_do_unlinkat+0x10/0x10
[  336.287095][ T3685]  ? getname_flags+0x206/0x500
[  336.291876][ T3685]  __x64_sys_unlink+0x49/0x50
[  336.296562][ T3685]  x64_sys_call+0x958/0x9a0
[  336.301076][ T3685]  do_syscall_64+0x4c/0xa0
[  336.305504][ T3685]  ? clear_bhb_loop+0x15/0x70
[  336.310186][ T3685]  ? clear_bhb_loop+0x15/0x70
[  336.314873][ T3685]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  336.320780][ T3685] RIP: 0033:0x7f6cdb58e969
[  336.325198][ T3685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.344818][ T3685] RSP: 002b:00007f6cdc327038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  336.353333][ T3685] RAX: ffffffffffffffda RBX: 00007f6cdb7b5fa0 RCX: 00007f6cdb58e969
[  336.361313][ T3685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380
[  336.369326][ T3685] RBP: 00007f6cdc327090 R08: 0000000000000000 R09: 0000000000000000
[  336.377313][ T3685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.385302][ T3685] R13: 0000000000000000 R14: 00007f6cdb7b5fa0 R15: 00007ffd99497118
[  336.393290][ T3685]  </TASK>
[  336.808222][   T28] audit: type=1400 audit(1748971290.634:249): avc:  denied  { read write } for  pid=3708 comm="syz.0.898" name="vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  336.885692][ T3711] loop5: detected capacity change from 0 to 256
[  337.009147][   T28] audit: type=1400 audit(1748971290.814:250): avc:  denied  { open } for  pid=3708 comm="syz.0.898" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  337.014945][ T3709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.898'.
[  337.086200][   T28] audit: type=1400 audit(1748971290.834:251): avc:  denied  { ioctl } for  pid=3708 comm="syz.0.898" path="/dev/vhost-vsock" dev="devtmpfs" ino=268 ioctlcmd=0xaf07 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  338.870871][  T283] EXT4-fs (loop1): unmounting filesystem.
[  338.889770][ T3709] loop0: detected capacity change from 0 to 1024
[  338.915580][   T28] audit: type=1400 audit(1748971292.704:252): avc:  denied  { create } for  pid=3708 comm="syz.0.898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  338.940808][ T3709] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  338.949738][ T3709] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.401763][  T285] EXT4-fs (loop0): unmounting filesystem.
[  340.728840][ T3738] loop5: detected capacity change from 0 to 512
[  340.831238][ T3738] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  340.866531][ T3738] EXT4-fs (loop5): orphan cleanup on readonly fs
[  340.912705][ T3738] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  340.920579][   T28] audit: type=1400 audit(1748971294.734:253): avc:  denied  { remount } for  pid=3750 comm="syz.0.910" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  341.151710][ T3738] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  341.176044][ T3738] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.905: Failed to acquire dquot type 1
[  342.061412][ T3738] EXT4-fs (loop5): 1 truncate cleaned up
[  342.067741][ T3738] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  342.235895][  T754] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  342.444364][ T3777] loop3: detected capacity change from 0 to 512
[  342.456968][  T754] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.472571][  T754] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.482589][ T3777] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  342.487938][  T754] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  342.597513][ T3777] EXT4-fs (loop3): orphan cleanup on readonly fs
[  342.632513][ T3777] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  342.691834][ T3777] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  342.708669][  T754] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.720189][ T3777] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.918: Failed to acquire dquot type 1
[  342.942373][  T754] usb 1-1: config 0 descriptor??
[  342.976422][ T3777] EXT4-fs (loop3): 1 truncate cleaned up
[  342.982362][ T3777] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  343.205693][  T282] EXT4-fs (loop3): unmounting filesystem.
[  343.533606][ T3788] loop3: detected capacity change from 0 to 256
[  343.868635][  T754] cp2112 0003:10C4:EA90.0001: item fetching failed at offset 5/7
[  343.991115][  T754] cp2112 0003:10C4:EA90.0001: parse failed
[  344.043117][ T3790] loop1: detected capacity change from 0 to 512
[  344.051437][ T3790] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  344.092277][ T3790] EXT4-fs (loop1): orphan cleanup on readonly fs
[  344.100692][ T3790] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  344.110164][ T3790] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  344.119579][ T3790] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.921: Failed to acquire dquot type 1
[  344.144128][  T754] cp2112: probe of 0003:10C4:EA90.0001 failed with error -22
[  344.272553][  T754] usb 1-1: USB disconnect, device number 7
[  344.743697][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  344.805305][ T3790] EXT4-fs (loop1): 1 truncate cleaned up
[  344.811972][ T3790] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  344.829973][  T283] EXT4-fs (loop1): unmounting filesystem.
[  345.603129][ T3808] hub 8-0:1.0: USB hub found
[  345.608040][ T3808] hub 8-0:1.0: 1 port detected
[  345.619100][ T3808] netlink: 68 bytes leftover after parsing attributes in process `syz.1.926'.
[  346.137449][ T3827] loop1: detected capacity change from 0 to 256
[  346.285213][ T3829] loop5: detected capacity change from 0 to 512
[  347.226534][ T3829] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  347.235568][ T3829] ext4 filesystem being mounted at /59/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.299309][ T3828] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.932: corrupted inode contents
[  347.311445][ T3828] EXT4-fs error (device loop5): ext4_dirty_inode:6120: inode #2: comm syz.5.932: mark_inode_dirty error
[  347.323102][ T3828] EXT4-fs error (device loop5): ext4_do_update_inode:5255: inode #2: comm syz.5.932: corrupted inode contents
[  347.335104][ T3828] EXT4-fs error (device loop5): __ext4_ext_dirty:202: inode #2: comm syz.5.932: mark_inode_dirty error
[  347.347671][ T3829] netlink: 20 bytes leftover after parsing attributes in process `syz.5.932'.
[  347.356572][ T3829] netlink: 20 bytes leftover after parsing attributes in process `syz.5.932'.
[  347.455944][   T28] audit: type=1400 audit(1748971301.274:254): avc:  denied  { setopt } for  pid=3822 comm="syz.6.931" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  347.737523][ T3837] loop0: detected capacity change from 0 to 256
[  347.840012][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  349.016972][ T3848] netlink: 'syz.6.938': attribute type 27 has an invalid length.
[  351.647351][ T3886] loop3: detected capacity change from 0 to 512
[  351.684295][ T3887] loop5: detected capacity change from 0 to 16
[  351.736680][ T3887] erofs: (device loop5): EXPERIMENTAL compressed inline data feature in use. Use at your own risk!
[  351.786609][ T3887] erofs: (device loop5): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 26000)
[  351.802612][ T3886] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  351.812460][ T3886] ext4 filesystem being mounted at /206/file0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.829968][ T3886] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.947: corrupted inode contents
[  351.842051][ T3886] EXT4-fs error (device loop3): ext4_dirty_inode:6120: inode #2: comm syz.3.947: mark_inode_dirty error
[  351.853707][ T3886] EXT4-fs error (device loop3): ext4_do_update_inode:5255: inode #2: comm syz.3.947: corrupted inode contents
[  351.865655][ T3886] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.947: mark_inode_dirty error
[  352.010550][ T3893] hub 8-0:1.0: USB hub found
[  352.021689][ T3893] hub 8-0:1.0: 1 port detected
[  352.148560][ T3893] netlink: 68 bytes leftover after parsing attributes in process `syz.6.946'.
[  352.347670][  T282] EXT4-fs (loop3): unmounting filesystem.
[  352.682938][ T3918] loop0: detected capacity change from 0 to 256
[  354.242715][ T3933] loop1: detected capacity change from 0 to 256
[  355.484070][ T3943] loop5: detected capacity change from 0 to 512
[  355.583625][ T3943] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  355.606992][ T3943] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.737905][ T3958] loop1: detected capacity change from 0 to 512
[  355.850617][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  355.858706][ T3958] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  355.868491][ T3958] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.139890][  T283] EXT4-fs (loop1): unmounting filesystem.
[  356.251665][ T3977] loop5: detected capacity change from 0 to 512
[  356.308667][ T3977] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  356.319319][ T3977] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  356.346071][ T3977] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.975: Attempting to read directory block (0) that is past i_size (3)
[  356.403539][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  356.692880][ T3991] loop5: detected capacity change from 0 to 256
[  358.245187][   T28] audit: type=1400 audit(1748971312.064:255): avc:  denied  { watch_reads } for  pid=4002 comm="syz.6.981" path="/69" dev="tmpfs" ino=399 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  359.554980][ T4034] loop0: detected capacity change from 0 to 512
[  359.610870][ T4034] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  359.624333][ T4034] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.640947][ T4034] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.988: Attempting to read directory block (0) that is past i_size (3)
[  359.673574][  T285] EXT4-fs (loop0): unmounting filesystem.
[  359.694500][ T4040] hub 8-0:1.0: USB hub found
[  359.703910][ T4040] hub 8-0:1.0: 1 port detected
[  359.731879][ T4040] netlink: 68 bytes leftover after parsing attributes in process `syz.1.987'.
[  360.851956][ T4082] loop3: detected capacity change from 0 to 512
[  360.904673][ T4082] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  360.921985][ T4082] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.974772][ T4082] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.1002: Attempting to read directory block (0) that is past i_size (3)
[  361.008313][  T282] EXT4-fs (loop3): unmounting filesystem.
[  362.218274][ T4104] loop3: detected capacity change from 0 to 256
[  362.966339][ T4105] loop0: detected capacity change from 0 to 256
[  365.595323][ T4118] loop5: detected capacity change from 0 to 512
[  365.658706][ T4118] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  365.818234][ T4118] EXT4-fs (loop5): orphan cleanup on readonly fs
[  365.867701][ T4118] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  365.896198][ T4118] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  365.907237][ T4118] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.1008: Failed to acquire dquot type 1
[  365.935470][ T4118] EXT4-fs (loop5): 1 truncate cleaned up
[  365.947557][ T4118] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  367.497989][ T4137] loop0: detected capacity change from 0 to 512
[  367.597994][ T4137] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  367.623538][ T4137] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.722425][ T4137] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.1014: Attempting to read directory block (0) that is past i_size (3)
[  367.755303][  T285] EXT4-fs (loop0): unmounting filesystem.
[  367.877486][ T4153] loop3: detected capacity change from 0 to 256
[  368.038834][ T1490] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  369.643964][ T4165] syz.0.1020[4165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.644042][ T4165] syz.0.1020[4165] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  369.662813][ T4165] 9pnet_fd: Insufficient options for proto=fd
[  369.915452][ T4170] loop3: detected capacity change from 0 to 256
[  371.364957][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  371.527042][ T4175] loop1: detected capacity change from 0 to 256
[  373.664824][ T4183] syz.1.1026[4183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  373.665227][ T4183] syz.1.1026[4183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  373.918797][ T4183] 9pnet_fd: Insufficient options for proto=fd
[  374.343086][ T4196] netlink: 'syz.5.1028': attribute type 13 has an invalid length.
[  374.358250][ T4196] gretap0: refused to change device tx_queue_len
[  374.367929][ T4196] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  375.783005][ T4224] loop1: detected capacity change from 0 to 256
[  377.017622][ T4228] loop3: detected capacity change from 0 to 256
[  378.788412][ T4242] loop0: detected capacity change from 0 to 256
[  378.986828][ T4243] loop3: detected capacity change from 0 to 256
[  378.987265][ T4244] loop5: detected capacity change from 0 to 256
[  383.832294][  T342] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  383.961505][ T4264] loop1: detected capacity change from 0 to 256
[  384.288343][  T287] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  384.821749][ T4267] loop0: detected capacity change from 0 to 512
[  385.006493][ T4267] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  385.018406][ T4276] hub 8-0:1.0: USB hub found
[  385.023200][ T4276] hub 8-0:1.0: 1 port detected
[  385.032540][ T4276] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1045'.
[  385.043524][  T287] usb 6-1: device descriptor read/64, error -71
[  385.239978][ T4267] EXT4-fs (loop0): orphan cleanup on readonly fs
[  385.246879][ T4267] Quota error (device loop0): do_check_range: Getting block 196613 out of range 1-5
[  385.256413][ T4267] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  385.265879][ T4267] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1040: Failed to acquire dquot type 1
[  385.277754][ T4267] EXT4-fs (loop0): 1 truncate cleaned up
[  385.285645][ T4267] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  385.623660][ T4286] loop1: detected capacity change from 0 to 512
[  385.675828][  T287] usb 6-1: device descriptor read/64, error -71
[  386.285537][   T28] audit: type=1400 audit(1748971340.104:256): avc:  denied  { read write } for  pid=4289 comm="syz.3.1049" name="uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  386.324213][ T4290] fuse: Unknown parameter ''
[  386.324493][   T28] audit: type=1400 audit(1748971340.134:257): avc:  denied  { open } for  pid=4289 comm="syz.3.1049" path="/dev/uhid" dev="devtmpfs" ino=267 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  386.362259][   T28] audit: type=1400 audit(1748971340.184:258): avc:  denied  { setopt } for  pid=4289 comm="syz.3.1049" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  386.488673][  T287] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  386.646055][  T287] usb 6-1: device descriptor read/64, error -71
[  386.668738][ T4298] loop3: detected capacity change from 0 to 256
[  386.996001][  T287] usb 6-1: device descriptor read/64, error -71
[  387.156471][  T287] usb usb6-port1: attempt power cycle
[  387.695441][ T4307] loop5: detected capacity change from 0 to 512
[  387.704088][ T4307] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  387.786864][ T4307] EXT4-fs (loop5): orphan cleanup on readonly fs
[  387.794134][ T4307] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  387.803793][ T4307] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  387.813208][ T4307] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.1053: Failed to acquire dquot type 1
[  387.826525][ T4307] EXT4-fs (loop5): 1 truncate cleaned up
[  387.832522][ T4307] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  388.794110][ T4322] hub 8-0:1.0: USB hub found
[  388.799130][ T4322] hub 8-0:1.0: 1 port detected
[  388.809772][ T4322] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1056'.
[  388.913715][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  389.085229][ T4331] loop5: detected capacity change from 0 to 256
[  389.098572][ T4330] hub 8-0:1.0: USB hub found
[  389.103307][ T4330] hub 8-0:1.0: 1 port detected
[  389.112082][ T4330] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1059'.
[  390.692934][ T4343] netlink: 'syz.6.1063': attribute type 13 has an invalid length.
[  390.723742][ T4343] gretap0: refused to change device tx_queue_len
[  390.737125][ T4343] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  390.781073][  T285] EXT4-fs (loop0): unmounting filesystem.
[  390.789979][ T4347] syz.3.1066[4347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  390.790053][ T4347] syz.3.1066[4347] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  390.983092][ T4353] loop5: detected capacity change from 0 to 256
[  391.972359][ T4347] 9pnet_fd: Insufficient options for proto=fd
[  394.461182][ T4372] loop5: detected capacity change from 0 to 512
[  394.468755][ T4372] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  394.478960][ T4372] EXT4-fs (loop5): orphan cleanup on readonly fs
[  394.486812][ T4372] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  394.497068][ T4372] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  394.506930][ T4372] EXT4-fs error (device loop5): ext4_acquire_dquot:6789: comm syz.5.1073: Failed to acquire dquot type 1
[  394.519069][ T4372] EXT4-fs (loop5): 1 truncate cleaned up
[  394.525434][ T4372] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  394.577243][ T4379] loop0: detected capacity change from 0 to 256
[  394.600201][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  395.787370][ T4388] loop5: detected capacity change from 0 to 256
[  396.234614][ T4390] syz.0.1076[4390] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  396.234692][ T4390] syz.0.1076[4390] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  396.452752][ T4395] loop3: detected capacity change from 0 to 256
[  396.668837][ T4390] 9pnet_fd: Insufficient options for proto=fd
[  397.758088][ T4404] syz.0.1080[4404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  397.758162][ T4404] syz.0.1080[4404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  397.777755][ T4404] 9pnet_fd: Insufficient options for proto=fd
[  397.910372][ T4418] loop5: detected capacity change from 0 to 512
[  397.973661][ T4418] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  397.983873][ T4418] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.017424][ T4418] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.1084: Attempting to read directory block (0) that is past i_size (3)
[  398.076384][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  398.725835][  T287] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  398.785980][ T4439] loop0: detected capacity change from 0 to 256
[  398.967344][  T287] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  399.051558][  T287] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  399.151959][  T287] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  399.222298][  T287] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.305869][  T287] usb 2-1: config 0 descriptor??
[  400.005885][ T4446] loop0: detected capacity change from 0 to 256
[  402.055212][  T287] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input4
[  402.543321][ T4460] loop0: detected capacity change from 0 to 256
[  402.553750][   T28] audit: type=1400 audit(1748971356.384:259): avc:  denied  { read } for  pid=87 comm="acpid" name="event3" dev="devtmpfs" ino=1491 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  402.632087][ T4431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.764783][  T287] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:256C:006D.0002/input/input5
[  402.813976][ T4431] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.297874][  T287] uclogic 0003:256C:006D.0002: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.1-1/input0
[  403.313305][  T287] usb 2-1: USB disconnect, device number 8
[  403.447556][   T28] audit: type=1400 audit(1748971356.444:260): avc:  denied  { open } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1491 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  403.535103][   T28] audit: type=1400 audit(1748971356.524:261): avc:  denied  { ioctl } for  pid=87 comm="acpid" path="/dev/input/event3" dev="devtmpfs" ino=1491 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  403.588482][ T4469] syz.0.1096[4469] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.588560][ T4469] syz.0.1096[4469] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  403.629708][ T4463] fido_id[4463]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  403.729265][ T4469] 9pnet_fd: Insufficient options for proto=fd
[  404.489595][ T4487] loop3: detected capacity change from 0 to 256
[  406.769764][ T4520] loop1: detected capacity change from 0 to 512
[  406.783398][ T4520] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  406.809169][ T4520] EXT4-fs (loop1): orphan cleanup on readonly fs
[  406.816198][ T4520] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  406.825624][ T4520] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  406.835859][ T4520] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1108: Failed to acquire dquot type 1
[  406.848087][ T4520] EXT4-fs (loop1): 1 truncate cleaned up
[  406.853921][ T4520] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  406.871348][  T283] EXT4-fs (loop1): unmounting filesystem.
[  407.534762][ T4538] loop0: detected capacity change from 0 to 512
[  408.115863][ T4538] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  408.125353][ T4538] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.151947][ T4538] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.1113: Attempting to read directory block (0) that is past i_size (3)
[  408.182196][  T285] EXT4-fs (loop0): unmounting filesystem.
[  408.753380][ T4548] loop1: detected capacity change from 0 to 512
[  408.783275][ T4548] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  409.319191][ T4548] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.565659][ T4548] EXT4-fs error (device loop1): ext4_get_first_dir_block:3583: inode #12: comm syz.1.1117: Attempting to read directory block (0) that is past i_size (3)
[  409.669923][  T283] EXT4-fs (loop1): unmounting filesystem.
[  409.674143][ T4566] loop3: detected capacity change from 0 to 512
[  409.736253][ T4566] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  409.745947][ T4566] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.766224][ T4566] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.1121: Attempting to read directory block (0) that is past i_size (3)
[  409.792172][  T282] EXT4-fs (loop3): unmounting filesystem.
[  409.827138][ T4578] netlink: 'syz.3.1125': attribute type 13 has an invalid length.
[  409.837725][ T4578] gretap0: refused to change device tx_queue_len
[  409.844202][ T4578] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  409.913979][ T4576] hub 8-0:1.0: USB hub found
[  409.918773][ T4576] hub 8-0:1.0: 1 port detected
[  409.928878][ T4576] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1124'.
[  410.010988][ T4581] hub 8-0:1.0: USB hub found
[  410.015808][ T4581] hub 8-0:1.0: 1 port detected
[  410.025625][ T4581] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1126'.
[  410.351080][ T4583] loop0: detected capacity change from 0 to 512
[  410.367778][ T4583] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  410.377024][ T4583] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  410.395744][ T4583] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.1127: Attempting to read directory block (0) that is past i_size (3)
[  410.422607][  T285] EXT4-fs (loop0): unmounting filesystem.
[  411.464336][ T4606] loop5: detected capacity change from 0 to 512
[  411.527056][ T4609] netlink: 'syz.3.1136': attribute type 13 has an invalid length.
[  411.542957][ T4606] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  411.552094][ T4609] gretap0: refused to change device tx_queue_len
[  411.552944][ T4606] ext4 filesystem being mounted at /102/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.560189][ T4609] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  411.572280][ T4612] loop0: detected capacity change from 0 to 512
[  411.638813][ T4612] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  411.694844][ T4606] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.1133: Attempting to read directory block (0) that is past i_size (3)
[  411.708094][ T4612] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.915080][ T4612] EXT4-fs error (device loop0): ext4_get_first_dir_block:3583: inode #12: comm syz.0.1135: Attempting to read directory block (0) that is past i_size (3)
[  412.005287][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  412.015551][  T285] EXT4-fs (loop0): unmounting filesystem.
[  412.888885][   T28] audit: type=1400 audit(1748971366.714:262): avc:  denied  { bind } for  pid=4636 comm="syz.1.1146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  413.818313][ T4647] netlink: 'syz.6.1149': attribute type 13 has an invalid length.
[  413.829178][ T4647] gretap0: refused to change device tx_queue_len
[  413.832805][ T4649] loop3: detected capacity change from 0 to 512
[  413.836085][ T4647] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  413.861824][ T4650] loop0: detected capacity change from 0 to 512
[  413.871963][ T4650] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  413.894645][ T4650] EXT4-fs (loop0): orphan cleanup on readonly fs
[  413.901672][ T4650] Quota error (device loop0): do_check_range: Getting block 196613 out of range 1-5
[  413.911159][ T4650] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  413.920632][ T4650] EXT4-fs error (device loop0): ext4_acquire_dquot:6789: comm syz.0.1148: Failed to acquire dquot type 1
[  413.933220][ T4650] EXT4-fs (loop0): 1 truncate cleaned up
[  413.939958][ T4649] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  413.948985][ T4650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  413.949029][ T4649] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  413.978327][  T285] EXT4-fs (loop0): unmounting filesystem.
[  413.982842][ T4649] EXT4-fs error (device loop3): ext4_get_first_dir_block:3583: inode #12: comm syz.3.1150: Attempting to read directory block (0) that is past i_size (3)
[  414.045164][  T282] EXT4-fs (loop3): unmounting filesystem.
[  415.988269][ T4681] loop3: detected capacity change from 0 to 256
[  416.495268][ T4682] loop5: detected capacity change from 0 to 256
[  420.319434][ T4728] loop3: detected capacity change from 0 to 256
[  422.279783][ T4758] loop5: detected capacity change from 0 to 512
[  422.407103][ T4758] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  422.418306][ T4758] ext4 filesystem being mounted at /108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.446939][ T4758] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.1180: Attempting to read directory block (0) that is past i_size (3)
[  422.476432][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  422.606661][ T4773] loop0: detected capacity change from 0 to 256
[  423.131927][ T4769] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1183'.
[  423.710984][ T4792] loop3: detected capacity change from 0 to 256
[  427.973966][ T4836] loop3: detected capacity change from 0 to 256
[  429.290856][ T4860] loop5: detected capacity change from 0 to 256
[  429.308154][ T4861] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1204'.
[  431.992532][ T4884] loop0: detected capacity change from 0 to 256
[  432.814565][ T4893] FAULT_INJECTION: forcing a failure.
[  432.814565][ T4893] name failslab, interval 1, probability 0, space 0, times 0
[  432.827199][ T4893] CPU: 1 PID: 4893 Comm: syz.1.1212 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  432.837023][ T4893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  432.847176][ T4893] Call Trace:
[  432.850548][ T4893]  <TASK>
[  432.853493][ T4893]  __dump_stack+0x21/0x24
[  432.857980][ T4893]  dump_stack_lvl+0xee/0x150
[  432.862592][ T4893]  ? __cfi_dump_stack_lvl+0x8/0x8
[  432.867703][ T4893]  dump_stack+0x15/0x24
[  432.871883][ T4893]  should_fail_ex+0x3d4/0x520
[  432.876658][ T4893]  __should_failslab+0xac/0xf0
[  432.881481][ T4893]  ? request_threaded_irq+0x1d5/0x380
[  432.886868][ T4893]  should_failslab+0x9/0x20
[  432.891451][ T4893]  __kmem_cache_alloc_node+0x3d/0x2c0
[  432.896874][ T4893]  ? request_threaded_irq+0x1d5/0x380
[  432.902255][ T4893]  kmalloc_trace+0x29/0xb0
[  432.906687][ T4893]  ? __cfi_serial8250_interrupt+0x10/0x10
[  432.912470][ T4893]  request_threaded_irq+0x1d5/0x380
[  432.917680][ T4893]  ? __cfi_serial8250_interrupt+0x10/0x10
[  432.923411][ T4893]  univ8250_setup_irq+0x418/0x550
[  432.928443][ T4893]  serial8250_do_startup+0xf41/0x23d0
[  432.933828][ T4893]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  432.939369][ T4893]  serial8250_startup+0x62/0x70
[  432.944283][ T4893]  uart_startup+0x511/0xb90
[  432.948848][ T4893]  uart_ioctl+0xfc0/0x1230
[  432.953279][ T4893]  ? vfs_write+0x9d6/0xca0
[  432.957777][ T4893]  ? slab_free_freelist_hook+0xc2/0x190
[  432.963377][ T4893]  ? selinux_file_ioctl+0x377/0x480
[  432.968627][ T4893]  ? __cfi_selinux_file_ioctl+0x10/0x10
[  432.974186][ T4893]  ? mutex_unlock+0x89/0x220
[  432.978853][ T4893]  ? __cfi_uart_ioctl+0x10/0x10
[  432.983728][ T4893]  tty_ioctl+0x849/0xc60
[  432.988028][ T4893]  ? __cfi_tty_ioctl+0x10/0x10
[  432.992805][ T4893]  __se_sys_ioctl+0x12f/0x1b0
[  432.997561][ T4893]  __x64_sys_ioctl+0x7b/0x90
[  433.002167][ T4893]  x64_sys_call+0x58b/0x9a0
[  433.006684][ T4893]  do_syscall_64+0x4c/0xa0
[  433.011113][ T4893]  ? clear_bhb_loop+0x15/0x70
[  433.015859][ T4893]  ? clear_bhb_loop+0x15/0x70
[  433.020542][ T4893]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  433.026452][ T4893] RIP: 0033:0x7f6cdb58e969
[  433.031026][ T4893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.050650][ T4893] RSP: 002b:00007f6cdb3ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  433.058954][ T4894] loop5: detected capacity change from 0 to 256
[  433.059128][ T4893] RAX: ffffffffffffffda RBX: 00007f6cdb7b6080 RCX: 00007f6cdb58e969
[  433.073337][ T4893] RDX: 0000000000000000 RSI: 0000000000005453 RDI: 000000000000000b
[  433.081310][ T4893] RBP: 00007f6cdb3ff090 R08: 0000000000000000 R09: 0000000000000000
[  433.089294][ T4893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.097271][ T4893] R13: 0000000000000000 R14: 00007f6cdb7b6080 R15: 00007ffd99497118
[  433.105249][ T4893]  </TASK>
[  433.469817][ T4905] hub 8-0:1.0: USB hub found
[  433.474635][ T4905] hub 8-0:1.0: 1 port detected
[  433.485163][ T4905] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1219'.
[  436.449173][ T4919] tipc: Started in network mode
[  436.454148][ T4919] tipc: Node identity 2e50ffaaff49, cluster identity 4711
[  436.470088][ T4919] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  436.478211][ T4919] device syzkaller0 entered promiscuous mode
[  436.513334][ T4919] tipc: Resetting bearer <eth:syzkaller0>
[  436.720309][ T4924] loop0: detected capacity change from 0 to 256
[  437.994483][  T351] tipc: Node number set to 3508141994
[  438.000973][ T4918] tipc: Resetting bearer <eth:syzkaller0>
[  438.012867][ T4918] tipc: Disabling bearer <eth:syzkaller0>
[  440.693028][  T287] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  440.926293][  T287] usb 1-1: Using ep0 maxpacket: 16
[  440.932708][  T287] usb 1-1: config 1 interface 0 altsetting 93 bulk endpoint 0x82 has invalid maxpacket 96
[  442.175912][  T287] usb 1-1: config 1 interface 0 altsetting 93 bulk endpoint 0x3 has invalid maxpacket 8
[  442.185694][  T287] usb 1-1: config 1 interface 0 altsetting 93 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  442.198993][  T287] usb 1-1: config 1 interface 0 has no altsetting 0
[  442.208490][  T287] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  442.297941][  T287] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  442.321462][  T287] usb 1-1: SerialNumber: syz
[  442.330895][ T4945] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  442.339076][ T4945] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  443.059665][ T4982] loop1: detected capacity change from 0 to 256
[  443.900537][  T287] cdc_ether: probe of 1-1:1.0 failed with error -71
[  443.913942][  T287] usb 1-1: USB disconnect, device number 9
[  443.962342][ T4990] loop3: detected capacity change from 0 to 512
[  443.970919][ T4990] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  444.022685][ T4990] EXT4-fs (loop3): orphan cleanup on readonly fs
[  444.033358][ T4990] Quota error (device loop3): do_check_range: Getting block 196613 out of range 1-5
[  444.042862][ T4990] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  444.052279][ T4990] EXT4-fs error (device loop3): ext4_acquire_dquot:6789: comm syz.3.1241: Failed to acquire dquot type 1
[  444.064642][ T4990] EXT4-fs (loop3): 1 truncate cleaned up
[  444.070542][ T4990] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  444.101845][  T282] EXT4-fs (loop3): unmounting filesystem.
[  444.178754][ T4995] syz.5.1244[4995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.178841][ T4995] syz.5.1244[4995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  445.481853][   T28] audit: type=1400 audit(1748971397.308:263): avc:  denied  { getopt } for  pid=4988 comm="syz.0.1242" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  445.600858][ T4995] syz.5.1244[4995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  445.600932][ T4995] syz.5.1244[4995] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  445.823392][   T28] audit: type=1400 audit(1748971398.648:264): avc:  denied  { relabelfrom } for  pid=5000 comm="syz.0.1246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  445.855691][   T28] audit: type=1400 audit(1748971398.648:265): avc:  denied  { relabelto } for  pid=5000 comm="syz.0.1246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  446.440151][ T5025] loop0: detected capacity change from 0 to 256
[  447.537309][ T5032] loop5: detected capacity change from 0 to 256
[  448.729760][   T28] audit: type=1400 audit(1748971401.558:266): avc:  denied  { mount } for  pid=5033 comm="syz.6.1255" name="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  448.851707][   T28] audit: type=1400 audit(1748971401.578:267): avc:  denied  { setattr } for  pid=5033 comm="syz.6.1255" name="/" dev="configfs" ino=13287 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  448.932232][   T28] audit: type=1400 audit(1748971401.758:268): avc:  denied  { unmount } for  pid=2784 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  450.848294][ T5055] loop3: detected capacity change from 0 to 256
[  453.740943][ T5061] FAULT_INJECTION: forcing a failure.
[  453.740943][ T5061] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.754576][ T5061] CPU: 1 PID: 5061 Comm: syz.5.1261 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  453.764402][ T5061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  453.774473][ T5061] Call Trace:
[  453.777743][ T5061]  <TASK>
[  453.780664][ T5061]  __dump_stack+0x21/0x24
[  453.784989][ T5061]  dump_stack_lvl+0xee/0x150
[  453.789682][ T5061]  ? __cfi_dump_stack_lvl+0x8/0x8
[  453.794703][ T5061]  dump_stack+0x15/0x24
[  453.798871][ T5061]  should_fail_ex+0x3d4/0x520
[  453.803545][ T5061]  should_fail+0xb/0x10
[  453.807695][ T5061]  should_fail_usercopy+0x1a/0x20
[  453.812729][ T5061]  _copy_from_user+0x1e/0xc0
[  453.817433][ T5061]  iovec_from_user+0x1aa/0x2e0
[  453.822202][ T5061]  ? _parse_integer+0x2a/0x40
[  453.826882][ T5061]  __import_iovec+0x71/0x470
[  453.831476][ T5061]  import_iovec+0x7c/0xb0
[  453.835806][ T5061]  ___sys_sendmsg+0x1e4/0x290
[  453.840553][ T5061]  ? __sys_sendmsg+0x270/0x270
[  453.845325][ T5061]  ? __kasan_check_write+0x14/0x20
[  453.850443][ T5061]  ? proc_fail_nth_write+0x17a/0x1f0
[  453.855798][ T5061]  ? vfs_write+0x9d6/0xca0
[  453.860262][ T5061]  ? __fdget+0x19c/0x220
[  453.864554][ T5061]  __x64_sys_sendmsg+0x1f0/0x2c0
[  453.869498][ T5061]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[  453.874967][ T5061]  ? fpregs_assert_state_consistent+0xb1/0xe0
[  453.881044][ T5061]  x64_sys_call+0x171/0x9a0
[  453.885546][ T5061]  do_syscall_64+0x4c/0xa0
[  453.889965][ T5061]  ? clear_bhb_loop+0x15/0x70
[  453.894638][ T5061]  ? clear_bhb_loop+0x15/0x70
[  453.899308][ T5061]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  453.905203][ T5061] RIP: 0033:0x7f174478e969
[  453.909635][ T5061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.929240][ T5061] RSP: 002b:00007f174554e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  453.937667][ T5061] RAX: ffffffffffffffda RBX: 00007f17449b5fa0 RCX: 00007f174478e969
[  453.945632][ T5061] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  453.953594][ T5061] RBP: 00007f174554e090 R08: 0000000000000000 R09: 0000000000000000
[  453.961563][ T5061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.969529][ T5061] R13: 0000000000000000 R14: 00007f17449b5fa0 R15: 00007ffe20ce6df8
[  453.977504][ T5061]  </TASK>
[  454.578130][  T287] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  455.085056][ T5084] loop3: detected capacity change from 0 to 256
[  455.307747][  T287] usb 7-1: config 0 has an invalid descriptor of length 207, skipping remainder of the config
[  455.366663][  T287] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  456.305938][  T287] usb 7-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  456.315025][  T287] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.324064][  T287] usb 7-1: config 0 descriptor??
[  456.342191][ T5090] loop5: detected capacity change from 0 to 256
[  457.021477][  T287] usb 7-1: USB disconnect, device number 5
[  457.034040][ T5093] loop3: detected capacity change from 0 to 256
[  457.074276][ T5093] exfat: Deprecated parameter 'namecase'
[  457.095440][ T5093] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  457.131306][   T28] audit: type=1400 audit(1748971409.958:269): avc:  denied  { mounton } for  pid=5092 comm="syz.3.1270" path="/275/file0/file0" dev="loop3" ino=1048608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  457.175031][   T28] audit: type=1400 audit(1748971409.958:270): avc:  denied  { write } for  pid=5092 comm="syz.3.1270" name="/" dev="loop3" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  457.221892][   T28] audit: type=1400 audit(1748971409.958:271): avc:  denied  { add_name } for  pid=5092 comm="syz.3.1270" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  457.320294][   T28] audit: type=1400 audit(1748971409.958:272): avc:  denied  { associate } for  pid=5092 comm="syz.3.1270" name=131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D338 scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  457.434373][   T28] audit: type=1400 audit(1748971410.188:273): avc:  denied  { remove_name } for  pid=282 comm="syz-executor" name="file0" dev="loop3" ino=1048613 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  457.477376][   T28] audit: type=1400 audit(1748971410.188:274): avc:  denied  { unlink } for  pid=282 comm="syz-executor" name="file0" dev="loop3" ino=1048613 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  457.502399][   T28] audit: type=1400 audit(1748971410.188:275): avc:  denied  { rmdir } for  pid=282 comm="syz-executor" name="file0" dev="loop3" ino=1048608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  457.777497][  T770] tipc: Left network mode
[  457.945050][ T5111] netlink: 'syz.0.1275': attribute type 4 has an invalid length.
[  457.985850][   T28] audit: type=1400 audit(1748971410.798:276): avc:  denied  { mounton } for  pid=5114 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  458.154560][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.178588][ T5114] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.204979][ T5114] device bridge_slave_0 entered promiscuous mode
[  458.219665][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.227684][ T5114] bridge0: port 2(bridge_slave_1) entered disabled state
[  458.235304][ T5114] device bridge_slave_1 entered promiscuous mode
[  458.389208][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state
[  458.396301][ T5114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  458.403599][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.410664][ T5114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  458.473306][ T5129] loop0: detected capacity change from 0 to 256
[  458.531558][ T1450] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.858054][ T1450] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.887646][  T770] device bridge_slave_1 left promiscuous mode
[  459.893815][  T770] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.904549][  T770] device bridge_slave_0 left promiscuous mode
[  459.910801][  T770] bridge0: port 1(bridge_slave_0) entered disabled state
[  459.991939][ T5140] loop5: detected capacity change from 0 to 256
[  461.729901][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  461.738035][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  461.797693][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  461.837926][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  461.848424][ T4249] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.855478][ T4249] bridge0: port 1(bridge_slave_0) entered forwarding state
[  461.863241][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  461.873189][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  461.881661][ T4249] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.888760][ T4249] bridge0: port 2(bridge_slave_1) entered forwarding state
[  461.927145][ T5155] netlink: 'syz.1.1286': attribute type 10 has an invalid length.
[  461.935184][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  461.944028][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  461.953941][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  461.969636][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  462.260834][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  462.270834][ T4249] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  462.312734][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  462.324687][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  462.333723][ T5161] netlink: 'syz.0.1287': attribute type 10 has an invalid length.
[  462.347067][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  462.358304][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  462.366889][ T5114] device veth0_vlan entered promiscuous mode
[  462.392674][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  462.401554][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  462.411468][ T5114] device veth1_macvtap entered promiscuous mode
[  462.478263][ T5169] loop1: detected capacity change from 0 to 256
[  462.631381][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  462.722362][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  462.805164][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  462.878391][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  462.922979][   T43] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  463.878383][ T5182] loop7: detected capacity change from 0 to 256
[  463.888251][ T5183] loop0: detected capacity change from 0 to 256
[  465.827218][ T5208] netlink: 'syz.0.1297': attribute type 4 has an invalid length.
[  466.405069][ T5209] loop1: detected capacity change from 0 to 256
[  466.417983][ T5209] exfat: Unknown parameter 'GPL'
[  466.482401][   T28] audit: type=1400 audit(1748971418.221:277): avc:  denied  { write } for  pid=5199 comm="syz.1.1298" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  466.603106][ T5206] loop6: detected capacity change from 0 to 16
[  466.690628][ T5206] erofs: (device loop6): mounted with root inode @ nid 36.
[  466.816218][ T5216] loop5: detected capacity change from 0 to 256
[  466.852143][  T645] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  469.423361][ T5230] loop6: detected capacity change from 0 to 256
[  469.954137][ T5240] loop1: detected capacity change from 0 to 512
[  469.965203][ T5240] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  469.992606][ T5240] EXT4-fs (loop1): orphan cleanup on readonly fs
[  469.999727][ T5240] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  470.009229][ T5240] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  470.018660][ T5240] EXT4-fs error (device loop1): ext4_acquire_dquot:6789: comm syz.1.1309: Failed to acquire dquot type 1
[  470.030865][ T5240] EXT4-fs (loop1): 1 truncate cleaned up
[  470.036679][ T5240] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  470.057014][  T283] EXT4-fs (loop1): unmounting filesystem.
[  470.916226][ T5249] loop1: detected capacity change from 0 to 256
[  471.932333][ T5255] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1312'.
[  472.868166][ T5266] loop6: detected capacity change from 0 to 256
[  473.044747][ T5267] loop7: detected capacity change from 0 to 256
[  475.007246][ T5291] loop6: detected capacity change from 0 to 256
[  478.042163][ T5343] loop5: detected capacity change from 0 to 512
[  478.052666][ T5345] loop6: detected capacity change from 0 to 512
[  478.096525][ T5343] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  478.110847][ T5343] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.128814][ T5343] EXT4-fs error (device loop5): ext4_get_first_dir_block:3583: inode #12: comm syz.5.1340: Attempting to read directory block (0) that is past i_size (3)
[  478.209881][ T5345] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  478.226013][ T5345] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  478.577572][ T5345] EXT4-fs error (device loop6): ext4_get_first_dir_block:3583: inode #12: comm syz.6.1341: Attempting to read directory block (0) that is past i_size (3)
[  478.594568][ T2721] EXT4-fs (loop5): unmounting filesystem.
[  478.655396][   T28] audit: type=1400 audit(1748971430.471:278): avc:  denied  { getopt } for  pid=5366 comm="syz.5.1344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  578.725697][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  578.732730][    C0] 	(detected by 0, t=10002 jiffies, g=27397, q=204 ncpus=2)
[  578.740046][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10002 (4294995087-4294985085), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  578.753426][    C0] rcu: rcu_preempt kthread starved for 10002 jiffies! g27397 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  578.764640][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  578.774710][    C0] rcu: RCU grace-period kthread stack dump:
[  578.780613][    C0] task:rcu_preempt     state:R  running task     stack:28064 pid:14    ppid:2      flags:0x00004000
[  578.791491][    C0] Call Trace:
[  578.794792][    C0]  <TASK>
[  578.797740][    C0]  __schedule+0xb87/0x14e0
[  578.802197][    C0]  ? release_firmware_map_entry+0x194/0x194
[  578.808111][    C0]  ? __mod_timer+0x7ae/0xb30
[  578.812745][    C0]  schedule+0xbd/0x170
[  578.816851][    C0]  schedule_timeout+0x12c/0x2e0
[  578.821719][    C0]  ? __cfi_schedule_timeout+0x10/0x10
[  578.827113][    C0]  ? _raw_spin_lock_irqsave+0xb0/0x110
[  578.832594][    C0]  ? __cfi_process_timeout+0x10/0x10
[  578.837901][    C0]  ? prepare_to_swait_event+0x308/0x320
[  578.843474][    C0]  rcu_gp_fqs_loop+0x2d8/0x10a0
[  578.848352][    C0]  ? rcu_gp_init+0xf10/0xf10
[  578.852967][    C0]  rcu_gp_kthread+0x95/0x370
[  578.857583][    C0]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  578.862894][    C0]  ? __kasan_check_read+0x11/0x20
[  578.867945][    C0]  ? __kthread_parkme+0x142/0x180
[  578.872984][    C0]  kthread+0x281/0x320
[  578.877069][    C0]  ? __cfi_rcu_gp_kthread+0x10/0x10
[  578.882292][    C0]  ? __cfi_kthread+0x10/0x10
[  578.886896][    C0]  ret_from_fork+0x1f/0x30
[  578.891333][    C0]  </TASK>
[  578.894359][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  578.900688][    C0] Sending NMI from CPU 0 to CPUs 1:
[  578.905925][    C1] NMI backtrace for cpu 1
[  578.905937][    C1] CPU: 1 PID: 5348 Comm: syz.0.1342 Not tainted 6.1.138-syzkaller-00049-g5b87067cdd87 #0
[  578.905955][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  578.905964][    C1] RIP: 0010:unwind_next_frame+0xff/0x700
[  578.905990][    C1] Code: 8d 73 28 4c 89 f0 48 c1 e8 03 48 89 45 a0 80 3c 10 00 74 12 4c 89 f7 e8 6f 4b 7f 00 48 ba 00 00 00 00 00 fc ff df 4c 89 75 98 <49> 8b 06 48 89 45 a8 4c 8d 68 20 4c 89 e8 48 c1 e8 03 80 3c 10 00
[  578.906013][    C1] RSP: 0018:ffffc9000aa375c8 EFLAGS: 00000046
[  578.906028][    C1] RAX: 1ffff92001546ece RBX: ffffc9000aa37648 RCX: 000000000aa37600
[  578.906041][    C1] RDX: dffffc0000000000 RSI: ffffffff814454dc RDI: ffffc9000aa37648
[  578.906054][    C1] RBP: ffffc9000aa37638 R08: ffffc9000aa37710 R09: ffffc9000aa37708
[  578.906067][    C1] R10: 0000000000000007 R11: 1ffff92001546ec9 R12: 0000000000000000
[  578.906078][    C1] R13: 1ffff92001546ed4 R14: ffffc9000aa37670 R15: ffffc9000aa37b38
[  578.906091][    C1] FS:  00007f67d8e4f6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[  578.906107][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  578.906119][    C1] CR2: 000000110c29dabc CR3: 000000012cc1d000 CR4: 00000000003526a0
[  578.906134][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  578.906144][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  578.906154][    C1] Call Trace:
[  578.906159][    C1]  <TASK>
[  578.906165][    C1]  ? dequeue_signal+0xec/0x4d0
[  578.906186][    C1]  ? __kernel_text_address+0xd/0x30
[  578.906207][    C1]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[  578.906229][    C1]  arch_stack_walk+0x124/0x150
[  578.906255][    C1]  ? dequeue_signal+0xec/0x4d0
[  578.906275][    C1]  stack_trace_save+0x98/0xe0
[  578.906294][    C1]  ? __cfi_stack_trace_save+0x10/0x10
[  578.906315][    C1]  ? memset+0x35/0x40
[  578.906338][    C1]  kasan_set_track+0x4b/0x70
[  578.906353][    C1]  ? kasan_set_track+0x4b/0x70
[  578.906367][    C1]  ? kasan_save_free_info+0x31/0x50
[  578.906389][    C1]  ? ____kasan_slab_free+0x132/0x180
[  578.906405][    C1]  ? __kasan_slab_free+0x11/0x20
[  578.906421][    C1]  ? slab_free_freelist_hook+0xc2/0x190
[  578.906444][    C1]  ? kmem_cache_free+0x12d/0x300
[  578.906463][    C1]  ? __dequeue_signal+0x4cf/0x600
[  578.906482][    C1]  ? dequeue_signal+0xec/0x4d0
[  578.906510][    C1]  ? debug_smp_processor_id+0x17/0x20
[  578.906592][    C1]  ? kasan_quarantine_put+0x34/0x190
[  578.906617][    C1]  ? kmem_cache_free+0x12d/0x300
[  578.906635][    C1]  kasan_save_free_info+0x31/0x50
[  578.906658][    C1]  ____kasan_slab_free+0x132/0x180
[  578.906676][    C1]  __kasan_slab_free+0x11/0x20
[  578.906692][    C1]  slab_free_freelist_hook+0xc2/0x190
[  578.906716][    C1]  ? __dequeue_signal+0x4cf/0x600
[  578.906735][    C1]  kmem_cache_free+0x12d/0x300
[  578.906756][    C1]  __dequeue_signal+0x4cf/0x600
[  578.906778][    C1]  dequeue_signal+0xec/0x4d0
[  578.906798][    C1]  get_signal+0x522/0x1520
[  578.906825][    C1]  arch_do_signal_or_restart+0xb0/0x1030
[  578.906846][    C1]  ? __ia32_sys_rt_sigreturn+0x5e7/0x6c0
[  578.906868][    C1]  ? __cfi___x64_sys_rt_sigreturn+0x10/0x10
[  578.906890][    C1]  ? __cfi_arch_do_signal_or_restart+0x10/0x10
[  578.906917][    C1]  exit_to_user_mode_loop+0x7a/0xb0
[  578.906934][    C1]  exit_to_user_mode_prepare+0x5a/0xa0
[  578.906951][    C1]  syscall_exit_to_user_mode+0x1a/0x30
[  578.906969][    C1]  do_syscall_64+0x58/0xa0
[  578.906992][    C1]  ? clear_bhb_loop+0x15/0x70
[  578.907016][    C1]  ? clear_bhb_loop+0x15/0x70
[  578.907031][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  578.907057][    C1] RIP: 0033:0x7f67d7f8e969
[  578.907070][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.907084][    C1] RSP: 002b:00007f67d8e4f038 EFLAGS: 00000246
[  578.907098][    C1] RAX: 000000000000000b RBX: 00007f67d81b5fa0 RCX: 00007f67d7f8e969
[  578.907110][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000007
[  578.907120][    C1] RBP: 00007f67d8010ab1 R08: 0000000000000000 R09: 0000000000000000
[  578.907131][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  578.907140][    C1] R13: 0000000000000000 R14: 00007f67d81b5fa0 R15: 00007fff56913af8
[  578.907156][    C1]  </TASK>
[  715.535990][    C0] BUG: workqueue lockup - pool cpus=0-1 flags=0x4 nice=0 stuck for 236s!
[  715.544510][    C0] Showing busy workqueues and worker pools:
[  715.550417][    C0] workqueue events: flags=0x0
[  715.555100][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=2/256 refcnt=3
[  715.555145][    C0]     pending: psi_avgs_work, kfree_rcu_monitor
[  715.555211][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=5/256 refcnt=6
[  715.555249][    C0]     pending: destroy_super_work, vmstat_shepherd, jump_label_update_timeout, kfree_rcu_monitor, key_garbage_collector
[  715.555462][    C0] workqueue events_long: flags=0x0
[  715.594640][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.594692][    C0]     pending: br_fdb_cleanup
[  715.594773][    C0] workqueue events_unbound: flags=0x2
[  715.612470][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=4/512 refcnt=6
[  715.612511][    C0]     pending: fsnotify_connector_destroy_workfn, fsnotify_mark_destroy_workfn, toggle_allocation_gate, flush_memcg_stats_dwork
[  715.612682][    C0] workqueue events_power_efficient: flags=0x80
[  715.639295][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=3/256 refcnt=4
[  715.639346][    C0]     pending: wg_ratelimiter_gc_entries, neigh_managed_work, neigh_periodic_work
[  715.639546][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=4/256 refcnt=5
[  715.639586][    C0]     pending: neigh_periodic_work, neigh_managed_work, gc_worker, check_lifetime
[  715.639706][    C0] workqueue mm_percpu_wq: flags=0x8
[  715.678646][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.678701][    C0]     pending: vmstat_update
[  715.678733][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.678771][    C0]     pending: vmstat_update
[  715.678801][    C0] workqueue writeback: flags=0x4a
[  715.708262][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=5/256 refcnt=7
[  715.708304][    C0]     pending: wb_update_bandwidth_workfn, wb_workfn, wb_workfn, wb_workfn, wb_workfn
[  715.708460][    C0] workqueue kblockd: flags=0x18
[  715.730037][    C0]   pwq 3: cpus=1 node=0 flags=0x0 nice=-20 active=1/256 refcnt=2
[  715.730081][    C0]     pending: blk_mq_timeout_work
[  715.730153][    C0]   pwq 1: cpus=0 node=0 flags=0x0 nice=-20 active=3/256 refcnt=4
[  715.730191][    C0]     pending: blk_mq_timeout_work, blk_mq_timeout_work, blk_mq_timeout_work
[  715.730246][    C0] workqueue dm_bufio_cache: flags=0x8
[  715.765086][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.765135][    C0]     pending: work_fn
[  715.765248][    C0] workqueue ipv6_addrconf: flags=0x40008
[  715.782766][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/1 refcnt=3
[  715.782811][    C0]     pending: addrconf_verify_work
[  715.782895][    C0]     inactive: addrconf_verify_work
[  715.782924][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/1 refcnt=5
[  715.782962][    C0]     pending: addrconf_verify_work
[  715.782990][    C0]     inactive: addrconf_verify_work, addrconf_verify_work, addrconf_verify_work
[  715.783066][    C0] workqueue wg-crypt-wg0: flags=0x28
[  715.828191][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.828242][    C0]     pending: wg_packet_encrypt_worker
[  715.828348][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.828388][    C0]     pending: wg_packet_encrypt_worker
[  715.828425][    C0] workqueue wg-crypt-wg1: flags=0x28
[  715.860150][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.860197][    C0]     pending: wg_packet_encrypt_worker
[  715.860236][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.860275][    C0]     pending: wg_packet_encrypt_worker
[  715.860311][    C0] workqueue wg-crypt-wg2: flags=0x28
[  715.892038][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.892087][    C0]     pending: wg_packet_encrypt_worker
[  715.892125][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.892165][    C0]     pending: wg_packet_encrypt_worker
[  715.892212][    C0] workqueue wg-kex-wg0: flags=0x6
[  715.923579][    C0]   pwq 4: cpus=0-1 flags=0x4 nice=0 active=1/256 refcnt=3
[  715.923621][    C0]     pending: wg_packet_handshake_send_worker
[  715.923658][    C0] workqueue wg-crypt-wg0: flags=0x28
[  715.942342][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.942388][    C0]     pending: wg_packet_encrypt_worker
[  715.942427][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.942472][    C0]     pending: wg_packet_encrypt_worker
[  715.942507][    C0] workqueue wg-crypt-wg1: flags=0x28
[  715.974143][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.974192][    C0]     pending: wg_packet_encrypt_worker
[  715.974230][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  715.974270][    C0]     pending: wg_packet_encrypt_worker
[  715.974305][    C0] workqueue wg-crypt-wg2: flags=0x28
[  716.005954][    C0]   pwq 2: cpus=1 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  716.006003][    C0]     pending: wg_packet_encrypt_worker
[  716.006041][    C0]   pwq 0: cpus=0 node=0 flags=0x0 nice=0 active=1/256 refcnt=2
[  716.006080][    C0]     pending: wg_packet_encrypt_worker