last executing test programs:

22m6.313281544s ago: executing program 32 (id=384):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xffff, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0xe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setgroups(0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000580)='smaps_rollup\x00')
preadv(r4, &(0x7f0000000140)=[{&(0x7f0000000040)=""/7, 0x7}], 0x1, 0xe7, 0xf)

21m14.875796756s ago: executing program 33 (id=455):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000240)=0xc)
timer_create(0x6, &(0x7f0000000300)={0x0, 0x10, 0x4, @tid=r1}, &(0x7f0000000340))
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000001c0)='./mnt\x00', 0x2080810, &(0x7f0000000400), 0x1, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="080000000400000004000000040000", @ANYRES32=0x0, @ANYRESOCT, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = dup(r4)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
recvmmsg(r7, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080098880874bf5f53f10000850000002400000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000800)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340), 0x4, 0x241, &(0x7f00000009c0)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x7f510100, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xff33}, 0x1, 0x0, 0x0, 0x20008894}, 0x2008004)

18m2.402104595s ago: executing program 34 (id=759):
keyctl$session_to_parent(0x12)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1200000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="0094479b280cd3a99500edff000000000000fff1", @ANYRES32=0x0, @ANYRES32], 0x48)
syz_mount_image$ext4(&(0x7f0000000380)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000100)={0x0, 0x2844, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r6, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100280000000000000004000000200001800d0001007564703a73797a32"], 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2, 0x81)
ioctl$KVM_SET_TSC_KHZ_vm(r7, 0xaea2, 0x38)

16m18.871881691s ago: executing program 35 (id=998):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x20000004)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x44000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000180)={[{@nolazytime}, {@abort}, {@lazytime}, {@mblk_io_submit}, {@noauto_da_alloc}]}, 0xde, 0x53b, &(0x7f0000000e00)="$eJzs3c1vI2cZAPBnJnbIdlOSAodSqR+ii3YrWHvT0Dbi0BaBuFUClfsSJd4oWme9ip12E1WQFX8AEkJQiRMnLkjcuCCh/RMQUiX2jgCBEGzhwAEYNOPxNmvG2cD6Y5X8ftJrv/OOPc/zOvb4nY94AjizXoiINyNiLiJeioilsj0tSxz2S/64D++9t5GXvPntvySRlG0RRfW+8+XTFvp3lbr7B9fX2+3Wbjnd7O3cbHb3Dy5v76xvtbZaN1ZXV15de23tlbUrY+ln3q/Xv/KHH3z3J199/Zeff/e3V/906Vt50l8u5w/6NT7Fqxd3i9t6/lrcV4uI3fEGm5m5sj/1WScCAMCJ5KPUT0TEZ4rx/1LMFaO5wvCQbmH62QEAAADjkL2xGP9MIjIAAADg1HojIhYjSRvluQCLkaaNRv8c3k/FE2m70+197lpn78ZmPi9iOerpte1260p5Tu1y1JN8eqWofzT98tD0akQ8FRHfXzpXTDc2Ou3NWe/8AAAAgDPi/ND2/9+X+tv/AAAAwCmzPOsEAAAAgIkbtf2fTDkPAAAAYHIc/wcAAIBT7WtvvZWXbHD968139veud965vNnqXm/s7G00Njq7Nxtbnc5W8Zt9O8ctqx4R7U7n5hci9m41e61ur9ndP7i609m70bu67fqBAAAAMCtPPX/nbhIRh188V5TcfH4zN+IJzhWAUyMd0V75Mf/9ZHMBpmvU1/wJzI8zD2D6arNOAJidw1knAMzaAz/1UTEoOHryzgP7DH41uZwAAIDxuvjpO3e/XXH8v1aezw+cXqOO/wOn3yMc/89l48oDmD7H/+HsqsdctnTiR9+eaC7AbDzsUh8jf7yj6vh/5ZnBWfbQZQEAABO1WJTn00Z5LHAx0rTRiHiy+B/genJtu926EhEfj4jfLNU/lk+vFM9MXB4QAAAAAAAAAAAAAAAAAAAAAAAAAE4oy5LIAAAAgFMtIv1jUl7/6+LShcXh/QPzyT+KywPOR8S7P3r7h7fWe73dlbz9r/fbe++X7S/PYg8GAAAAnEW1Y+cOttMH2/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME4f3ntvY1CmGffPX4qI5ar4tVgo7heiHhFP/C2J2pHnJRExN4b4h7cj4umq+EmeViyXWQzHTyPi3HTiP5tlWWX882OID2fZnXz982bV5y+NF4r76s9/rSyP6oH13/zPj8xJ76//5kas/548YYxnPvhZc2T82xHP1KrXP4P4yYj4L1YtsOJF+eY3Dg7+q7G/8Mh+HHGx8vsneSBWs7dzs9ndP7i8vbO+1dpq3VhdXXl17bW1V9auNK9tt1vlbVWI+N6zv/j3UPR/ZX1F/6MfP6rWv8f1/0JeqR9pzIbDlME+uHXvk/1qfWgRRfxLL1a//54+Jn7+nvhs+T2Qz784qB/260c999NfP1eZWBl/c8Tr/7C//6VRCx3y0te/87sTPhQAmILBKGu3u39wfb3dbk2s8n6WZRMO8X9UIj3pg4vhYkTMPufJVGqTficsPC49nXLlwuORxv9SGceeLQAA4HHz0aB/1pkAAAAAAAAAAAAAAAAAAADA2dXdj3TSPyc2HPNwNl0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjWfwIAAP//nJjX8w==")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001740)=@newtfilter={0x884, 0x2c, 0xd27, 0x70bd2c, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0x84c, 0x2, [@TCA_BASIC_POLICE={0x848, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0xfff, 0x2, 0x1d, 0x1, 0x7e1, 0x0, 0x13, 0x5, 0x2, 0x5, 0xfffffff7, 0xffffff81, 0x8, 0x2, 0x4, 0x7, 0xffff, 0x7ff, 0x1ff, 0x3, 0x40, 0x92ef, 0x2e8, 0x8, 0xffff, 0x7, 0x6, 0x10000, 0x7, 0xfffffff8, 0x7, 0x6, 0xb, 0x1000, 0x4, 0x2, 0xe2e6, 0x7, 0x8, 0x5, 0x2, 0xffffff5f, 0x8, 0x6, 0x4, 0x5, 0x0, 0x0, 0x7, 0x9, 0xe9ee, 0x5, 0x3, 0x5, 0xbc4, 0x4c, 0x4, 0x2, 0x80000000, 0x6, 0xfffffffb, 0x3655b20, 0xe7, 0x400, 0x7, 0x6, 0x0, 0x36acaece, 0xe9, 0x7, 0xa, 0x9, 0x4, 0xf357, 0xa50, 0x6, 0x4, 0x1, 0x1800, 0x3, 0x3, 0xd7, 0x7ff, 0x56, 0x39f, 0x16bb46f8, 0x2, 0x10000, 0x4, 0xfff, 0x0, 0x800000, 0xfff, 0x2400, 0xde4, 0x100, 0x2, 0xe1, 0x3, 0x3, 0xcf09, 0x7, 0x8, 0xd, 0x7, 0x7, 0xd5, 0x7, 0x5, 0x9, 0x7ff, 0x6, 0x0, 0x40, 0x6, 0xfffffffd, 0x1, 0x5, 0x0, 0x9, 0x9, 0x80000000, 0x2f, 0xf486, 0x7, 0x9, 0x1, 0xd, 0x200, 0x7, 0x6, 0x6, 0x54e, 0x3, 0x80, 0x401, 0x27, 0x7, 0x0, 0x9, 0x0, 0x6, 0x7f, 0x1ff, 0xf8000000, 0xa242, 0x3, 0x5, 0x3, 0x9, 0x43e, 0x7, 0x5, 0x4, 0xb20, 0x10001, 0x7, 0xfffffff4, 0x9, 0x8, 0x1, 0xb, 0xa, 0x1, 0x80000000, 0x4, 0x7, 0x7fffffff, 0x9, 0xa8, 0x9, 0x2, 0x0, 0x8, 0x9, 0x1ff, 0xffff, 0x7, 0x7, 0xffff, 0x80000000, 0x8, 0x3, 0xff, 0x4, 0x1, 0x5, 0x7, 0x3, 0x6, 0x5, 0x40, 0x8000, 0x7, 0x1, 0x3, 0x3ab58aef, 0x8001, 0xc1d, 0x5, 0x5, 0x6, 0x1, 0x5, 0x0, 0x0, 0x27ae800, 0x1, 0x12a7, 0x3ff, 0xb, 0x2, 0x1000, 0x2, 0xbf72, 0x6, 0x3, 0x7fff, 0xedd, 0x1fd, 0x9, 0x1, 0x4, 0x4, 0x9, 0x1, 0x1, 0x2, 0x18, 0x6, 0x5, 0x10001, 0x0, 0x7, 0x80000000, 0x400, 0x3, 0x9d0e, 0x81, 0x5, 0xfffffffc, 0x17d0, 0xfffffffb, 0x6, 0x9, 0x8, 0x5, 0x0, 0x4, 0x5, 0x265, 0x6, 0x3, 0x7, 0xe, 0x1]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x2, 0x0, 0xffff, 0xc, 0x8, 0x3, 0x70910bcc, 0x2, 0xdf, 0x4, 0x9, 0x9, 0x22, 0x2, 0xd6, 0x4, 0x10001, 0x6, 0x2, 0x3, 0x2, 0x562, 0x4, 0x2, 0xfffffffe, 0x0, 0x0, 0x8000, 0x4, 0xb7, 0x7, 0x0, 0x6, 0x7, 0xe3, 0xbf, 0x2, 0x0, 0x5, 0x0, 0x0, 0xfff, 0x6, 0x2, 0xa, 0x10, 0x48000000, 0x0, 0x7, 0x5, 0x33, 0xffffffff, 0x2, 0x9, 0xfffffffd, 0xc9ad, 0x5, 0x9, 0x40, 0x5, 0xdf, 0x7, 0x7fffffff, 0x5, 0xe, 0x4, 0xfffffffb, 0x4b46, 0x1, 0x0, 0x4, 0x4d, 0x8, 0x3, 0x7f, 0x3, 0x1332ec45, 0x2000, 0x2, 0xc, 0x0, 0x1, 0x7, 0x7, 0x800, 0x2, 0xff, 0xfffffffa, 0x2, 0x8, 0xc, 0x68289988, 0x18000, 0x7, 0x7ff, 0x8, 0x8, 0xe, 0xf1, 0x4, 0x7, 0xe, 0x9, 0x4, 0x0, 0x0, 0x0, 0x6, 0x1, 0x4, 0x9, 0x1, 0x40004, 0x1d, 0x0, 0x4c9ef933, 0x4, 0x800, 0x7, 0x4, 0x3, 0x1000, 0x5, 0x3ff, 0xc1b, 0x81, 0x9, 0x6, 0x8, 0xc32c, 0x8, 0xd67, 0x9, 0x3, 0x6, 0xff, 0x0, 0x80000000, 0x9, 0x5, 0x8, 0xaf, 0xffffff9e, 0x6, 0x8, 0x9c1, 0xffffffc0, 0x3, 0xce99, 0x7fffffff, 0xf2ae, 0xfffffffa, 0x5, 0x2, 0x7, 0x2, 0x5, 0x4, 0x2, 0x0, 0x3, 0x0, 0x4b, 0xfffffff6, 0xf2c, 0xd, 0x81, 0x8, 0x3, 0xfff, 0x5, 0x8001, 0x2, 0x5, 0x0, 0x37eda383, 0x9, 0x80000000, 0x67a, 0x4, 0x1, 0x9c, 0x8000, 0x5, 0x61f9, 0x7f, 0x9, 0x200, 0xeb2, 0x8001, 0x3, 0xfffffffc, 0x617, 0x4, 0x9c3f, 0x2, 0xcd6, 0x8, 0xe, 0x8, 0x1, 0x0, 0x7fff, 0xffff, 0x80000000, 0x8, 0x10, 0x1, 0x400, 0x7, 0x30, 0x6, 0x8000, 0xc, 0x9, 0x7, 0xda0, 0xb3, 0x2, 0x8, 0x5, 0x4, 0x95, 0x4, 0x400, 0x3, 0x5, 0x5, 0x9, 0x7, 0x6, 0x5, 0xd, 0x5, 0x8, 0x8, 0x0, 0x92, 0x4, 0x80000000, 0x6, 0xfffffffe, 0x2, 0x7, 0x0, 0x6, 0x7f, 0x2, 0x2, 0x7, 0x2, 0xea38, 0xfbf, 0x5, 0x5]}, @TCA_POLICE_TBF={0x3c, 0x1, {0xa97, 0x3, 0x1d, 0x1, 0x959, {0xf, 0x2, 0xfff9, 0x2, 0xfff7, 0x58}, {0x2, 0x1, 0x6, 0x7330, 0xee8d, 0x80000000}, 0x180, 0x0, 0x7}}]}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0x44}}]}, 0x884}, 0x1, 0x0, 0x0, 0x10}, 0x0)

16m15.243686563s ago: executing program 36 (id=1009):
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f00000001c0)={0x0, 0x4c})

14m49.388625617s ago: executing program 37 (id=1176):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB, @ANYRES32], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@private1, @in6=@dev={0xfe, 0x80, '\x00', 0x36}, 0x4e22, 0x0, 0x4e24, 0x0, 0xa}, {0x0, 0x401, 0x5, 0x40000000, 0x8000000002, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x2}, 0x4000000, 0x4000000, 0x0, 0x0, 0x1}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x8}}]}, 0xc4}}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000045, 0x0, 0x0)

14m19.407466641s ago: executing program 38 (id=1248):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r1, @ANYBLOB="0000000000000000240012800b0001006d616373656300001400028005000a000000000005000b"], 0x44}}, 0x0)

14m17.503910154s ago: executing program 39 (id=1253):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00'}, 0x10)
setresuid(0xee00, 0x0, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0500000007000000090000000500000080000000", @ANYRES32, @ANYBLOB='\x00'/10], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r0}, &(0x7f0000000600), &(0x7f00000006c0)=r1}, 0x20)
socket(0x9, 0x4, 0xfffffffe)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r6, 0x13)
tkill(r6, 0x12)
waitid(0x1, r6, 0x0, 0x8, &(0x7f0000000340))

14m14.45452017s ago: executing program 40 (id=1260):
r0 = socket$inet(0x2, 0x2, 0x1)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000440)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000080)='\b', 0x1}, {&(0x7f0000000180)="96bc1480bb35", 0x6}], 0x2, &(0x7f00000003c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x91}}], 0x18}, 0x24008004)

14m8.528337657s ago: executing program 41 (id=1267):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x2, &(0x7f0000000040)=0x3, 0x4)
getsockopt$inet6_buf(r4, 0x29, 0x6, 0x0, &(0x7f0000000080))

13m48.701331984s ago: executing program 42 (id=1277):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
syz_mount_image$fuse(0x0, &(0x7f0000000900)='./file0\x00', 0x1a5000, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

12m42.152262363s ago: executing program 43 (id=1342):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
sched_setaffinity(0x0, 0xfffffffffffffed6, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000580), 0x1, 0x153d, &(0x7f00000005c0)="$eJzs3AuYT9XaAPD3XWvtMST+TXIZ1lrv5p9clkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqzvmfA4nTrf6XynL9/zzft7nv3Mev9rr7Xfvd//Ze89M/9vuw6t1aR29UZEBP8RvPAjCQBiAWAgAOQFgAAAyseVj8vqzykx6T/bCPtzPZh6pTNgVxLXP3vj+mdvXP/sjeufvXH9szeuf/bG9c/euP6MZWebphW6hpfsu/D9/+yMP///H8ksM/bLNWWu6wYQ80eHcP2zN67//1vBH1mJ65+9cf2zq9grnQD7P4Bf/9lBjn/aw/XP3rj+jGVnV/r+81+wIPw3/RD5K44BAsAfXPdIzguF+YuOz5V+/jHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYyx5O+8sUAFxqX+m8GGOMMcYYY4wx9ufxOa50BowxxhhjjDHGGPvfhyBAgoIAYiAHxEJOyAUCAK6GPJAXInANxMG1kA+ug/xQAApCIYiHwlAENBiwQBBCUSgGUbgeisMNUAJKQikoDQ7KQALcCGXhJigHN0N5uAUqwK1QESpBZagCt0FVuB2qwR1QHe6EGlATakFtuAvqwN1QF+6BenAv1If7oAHcDw3hAWgED0JjeAiawMPQFB6BZtAcWkBLaPU/Gv889IQXoBf0hiToA33hRegH/WEAvAQD4WUYBK/AYHgVkmEIDIXXYBi8DsPhDRgBI2EUvAmj4S0YA2NhHIyHFJgAE+FtmATvwGR4F6bAVEiFaTAd3oMZMBNmwfswGz6AOTAX5sF8SIMPYQEshHT4CBbBx5ABi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAJ7ATPoVdsBv2wGewFz7/N8ef+ofx3RAQUKBAhQpjMAZjMRZzYS7MjbkxD+bBCEYwDuMwH+bD/JgfC2JBjMd4LIJF0KBBQsKiWBSjGMXiWBxLYAkshaXQocMETMCyeBOWw3JYHstjBayAFbESVsIqWAWrYlWshtWwOlbHGlgDa2EtvAvvwj5YF+tiPayH9bH+pdtT2AgbYWNsjE2wCTbFptgMm2ELbIGtsBW2xtbYBttgO2yH7bE9dsAOmIiJ2BE7YifshJ2xM3bBLtgVu2I37I7dM5/PAfgCvoC9sYbog32xL/bD5BwD8CV8CV/GQfgKvoKvYjIOwaH4Gr6Gr+NwPIkjcCSOwlFYVbyFY3AskhiPKZiCE3EiTsJJmJXouzgVU3EaTsfpOANn4kx8H2fjB/gBzsW5OB/TMA0X4EJMx3RchKcwAxfjElyKy3A5LsOVuApX4hpci2twPa7HjbgRN+Nm3IpbcTtux09QAeCnuBt3YzLuxb24D/fhftyPB/AAZmImHsSDeAgP4WE8jEfwCB7FY3gcj+EJPIEn8RSextN4Fs/iOXw2/uvGn5RcnQwiixJKxIgYEStiRS6RS+QWuUUekUdERETEiTiRT+QT+UV+UVAUFPEiXhQRRYQRRpAIYwBAREVUFBfFRQlRQpQSpYQTTiSIBFFWlBXlRDlRXtwiKohbRUVRSbR1VUQVUVW0c9XEHaK6qC5qiJqilqgtaos6oo6oK+qKeqKeqC/qiwbiftFQ9MEB+KDIqkwTMQSbiqHYTDQX8uI7WGsxHNuItqKdeFyMxBHYQbR2ieIp0VGMwU7ib2IsPiO6iPHYVTwnuonuood4XvQUbVwv0VtMxj6ir5iK/UR/MUC8JGZgTfE+zs5ZS7wqksUQMVS8Jubj62K4eEOMECPFKPGmGC3eEmPEWDFOjBcpYoKYKN4Wk8Q7YrJ4V0wRU0WqmCami/fEDDFTzBLvi9niAzFHzBXzxHyRJj4UC8RCkS4+EovExyJDLBZLxFKxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvEJ2Kn+FTsErvFHvGZ2Cs+F/vEF2K/+FIcEF+JTPG1OCi+EYfEt+Kw+E4cEd+Lo+KYOC5+ECfEj+KkOCVOizPirPhJnBM/i/PCC5AohZRSyUDGyBwyVuaUueRVMrcMLh7da2ScvFbmk9fJ/LKALCgLyXhZWBaRWhppJclQFpXFZFReL4vLG2QJWVKWkqWlk2VkgrxRlpU3yXLyZlle3iIryFtlRVlJVpZV5G2yqrxdQuTCNmrImrKWrC3vkklwt6wr75H15L2yvrxPNpD3y4byAdlIPigby4dkE/mwbCofkc1kc9lCtpSt5KOytXxMtpFtZTv5uGwvn5Ad5JMyUT4lO0p/8SnyjOwin5Vd5XOym+wue8if5XnpZS/ZW0IfkH3li7Kf7C8HxAKAfFkOkq/IwfJVmSyHyKHyNTlMvi6HyzfkCDlSjpJvytHyLTlGjpXj5HiZIifIifJtOUm+IyfLd+UUOVWmymlygBz4y0yzpPyX49/+nfGDf9n6RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzFYwAKlVBSKRWoGJVDxaqcKpe6SuVWV6s8Kq+KqGtUnLpW5VPXqfyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXY8XnzCqlCqtnCqjEtSN/854VVzdoEqokr8afym/pH+SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC4WPRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ328G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di56U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc7KKd1+ZBfZj22GDWCJXWqX2eV2hV15KVef1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzhr/w7b7+wR+709ao/Z4/YHe8L+qC6Nztr3H+zP9rz1FggJSJKigGIoB8VSTspFV1FuupryUF6K0DUUR9dSPrqO8lMBKkiFKJ4KUxHSZMgSUUhFqRhF6Xq6lF4pKk2OylAC3Uhl6SYqRzdTebqFKtCtVJEqUWWqQrdRVbqdqtEdVJ3upBpUk2pRbbqL6tDdVJfuoXp0L9Wn+6gB3U8N6QFqRA9SY3qImtDD1JQeoWbUnFpQS2pFj1JreozaUFtqR49Te3qCOtCTlEhPUUd6mjrR36gzPUNd6FnqSs9RN+pOPeh56kkvUC/qTUnUh/rSi9SP+tMAeokG0ss0iF6hwfQqJdMQGkqv0TB6nYbTGzSCRtIoepNG01s0hsbSOBpPKTSBJtLbNIneocn0Lk2hqZRK02g6vUczaCbNovdpNn1Ac2guzaP5lEYf0gJaSOn0ES2ijymDFtMSWkrLaDmtoJW0ilbTGlpL62g9baCNtIk20xbaSttoO+2gT2gnfUq7aDftoc9oL31O++gL2k9f0gH6ijLpazpI39Ah+pYO03e+N31PR+kYHacf6AT9SCfpFJ2mM3SWfqJz9DOdJ08QYihCGaowCGPCHGFsmDPMFV4V5g6vDvOEecNIeE0YF14b5guvC/OHBcKCYaEwPiwcFgl1aEIbUhiGRcNiYTS8Piwe3hCWCEuGpcLSoQvLhAnhjWHZ8KawXHhzWD68JawQ3hpWDCuFD99bJbwtrBreHlYL7wirh3eGNcKaYa2wdnhXWCe8O6wb3hPWC+8Ny4X3hQ3C+8OG4QNho/DBsHH4UNgkfDhsGj4SNgubhy3ClmGr8NGwdfhY2CZsG7YLHw/bh0+EHcInw8TwqbBj+PQv/fct/Of9SWGfsG/4Yvhi6P09cl50fjQt+mF0QXRhND36UXRR9ONoRnRxdEl0aXRZdHl0RXRldFV0dXRNdG10XXR9dEN0Y9T72jnAoRNOOuUCF+NyuFiX0+VyV7nc7mqXx+V1EXeNi3PXunzuOpffFXAFXSEX7wq7Ik4746wjF7qirpiLuutdcXeDK+FKulKutHOujEtwLV0r18q1do+5Nq6ta+ced4+7J9wT7kn3pHvKdXRPu07ub66ze8Z1cc+6Z91zrpvr7nq4511PNyHPhddkkuvr+rp+rp8b4Aa4gW6gG+QGucFusEt2yW6oG+qGuWFuuBvuRrgRbpQb5Ua70W6MG+PGuXEuxaW4iW6im+QmucluspviprhUl+qmu+luhpvhqs68sJU5bo6b5+a5NJfmFrisc8Z0t8gtchkuwy1xS9wyt8ytcCvcKrfKrXFr3Dq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3yeS9M6va6fW6f2+/2uwPuK5fpvnYH3TfukPvWHXbfuSPue3fUHXPH3Q/uhPvRnXSn3Gl3xp11P7lz7md33nmXEpkQmRh5OzIp8k5kcuTdyJTI1EhqZFpkeuS9yIzIzMisyPuR2ZEPInMicyPzIvMjaZEPIwsiCyPpkY8iiyIfRzIiiyNLIksjyyLLI94X3hL6or6Yj/rrfXF/gy/hS/pSvrR3voxP8Df6sv4mX87f7Mv7W3wFf6uv6Cv5yv4R38w39y18S9/KP+pb+8d8G9/Wt/OP+/b+Cd/BP+kT/VO+o3/ad/J/8539M76Lf9Z39c/5br677+Gf9z39C76X7+2TfB/f17/o+/n+foB/yQ/0L/tB/hU/2L/qk/0QP9S/5of51/1w/4Yf4Uf6UTFv+tGXLpFhvE/xE/xE/7af5N/xk/27foqf6lP9ND/dv+dn+Jl+ln/fz/Yf+Dl+rp/n5/s0/6Ff4Bf6dP+RX+Q/9hl+8aWbyn6FX+lX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//E7/Sf+l1+t9/jP/N7/ed+n//C7/df+gP+K5/pv/YH/Tf+kP/WH/bf+SP+e3/UH/PH/Q/+hP/Rn/Sn/Gl/xp/1P/lz/md/nv9njTHGGGPsD5lwuSl+3XPhdn6f3xkj/m7lvgBw9dZCmX/fn3VGuS7/hXZ/Ed8+AgBP9e764KWlRo2kpKSL62ZICIrNBbj0m6AsMXA5Xgzt4AlIhLZQ9nfz7y+6n6V/MX/0FoBcfzcmFi7Hl+f/AgCTfmf+Rx8ftaBCeDruv5l/LkCJYpfH5ITL8WJo98v9lbZQ7p/kX6D1v8g/55cpAG3+bkxuuBxfzj8BHoOnIfFiz1W/uzXGGGOMMcYYY9lVf1G586Xrz0t/8fl71+fx6vKYHHA5/lfX54wxxhhjjDHGGLvynune48lHExPbdv73G9X+R6P+cKMp/G/NzI3fbXgPcOkRBQD/4YQAWQ35V+7F5r9kW8kXXzr/2LXsjA/g/0Yp/4zGFX5jYowxxhhjjP3pLp/0//pxdaUSYowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGsqH/7KvCAoA/8C19V3ofGWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsSvtvwIAAP//w4D6Ww==")
open(0x0, 0x0, 0xc6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r4, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r6)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})

12m35.704608992s ago: executing program 44 (id=1358):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0xc)
write(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000040000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_GET_VRING_BASE(r6, 0x4008af24, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
setrlimit(0x4, 0x0)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x0, 0x0, 0x0, 0x4}, 0x48)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x0, 0x989680}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000008c0)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x4c0c5)
sendmsg$IPVS_CMD_NEW_SERVICE(r7, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

11m21.615771108s ago: executing program 45 (id=1451):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000280)='./bus\x00', 0x1000010, &(0x7f0000000500)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x3, 0x554b, &(0x7f0000000a40)="$eJzs3EtvG9UXAPA7dtP++/xHiAW7jlQhJVJt1elDsAvQiodIFfFYsALHdiy3tieKHSdkhQRLxIJvgkBixZLPwII1O8QCxA4J5LljSmiBVnbjpP39pPGZOTM+c+/ISnRmLAfgqbWY/vpzEi6E0yGEcgjhXBLy9aRYcqsxPBdCuBhCKP1lSYr8n4mTIYQzIYQL4+KxZlLs+vzy6NL1n9745ZvvTp04+8XX389v1sC8PR9C6G3F9d1ejFk7xjtFvj7q5LF3bVTEuKN3t9jOYtxtbeQVduuT4+p5vNqOx2dbO4Nx3OzWG+PY7mzm+a1+POFg1J7Uyd9wp76dbzdbG3nsDLI8tvfjuPb249+2/cEw1mkW9T7My4fhcBJjvrXXivPZupvHRn9Y5GPdrNnaG8dREYvThUbWbebj2JjmSh9tb3b6O3vpqLU96GT99Hq19kK1dqNS286arWHrWqXea964li61u+PDKsNWvbfazrJ2t1VtZL3ldKndaFRqtXTpZmujU++ntVr1avVK5fpysXY5ffX2u2m3mS6N48ud/s7JTneQbmbbaXzHcrpSvfricnqplr69tp6uv3Xr1tr6O+/ffO/2S2uvv1IcdN+w0qWVKysrldqVykpt+QjMf/x/9yHnP5xm/p8Ug36E+SfTXR74dz5gAI/svv4/6P+Bx++49/9hlv3/uKXS//93/1uavv+fqv89qv3/MZ4/TEX/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw1Pph4cvX8pXFuH22yJ8vUs8U20kIoRRC+P0ByuHkgZrlos7CPxy/8LcxfJuEvML4HKeK5UwIYbVYfvv/474KAAAA8OT66qOLn8VuPb4szntAHKZ406Z07oMZ1UtCCAuLP86oWmn88uyMiuWf7xNhb0bV8htY/5tRsXjL7cSsqj2U8iR8fP5eMp9QEkPpUIcDAAAcivKBcLhdCAAAAIfp03kPgPlIwuRR5uRZcP7N+3uPNk8f2AcAAAAcQ8m8BwAAAADMTvnB6bz/9/t/AAAA8GSLv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MHO/eSkD8RxAP22UOD3x0iMe6/iDo7hEVy6FA7gJTgCXsELcAbceQQDhnYSU1MSkxZB8l7SlpmSz8wQNjPTFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADum1WE6fH2+e2uZstu10MxoAAACgybpYTssP46r8L9VfpKqrVM4iIo+Iprl7Lwa1zF7KKfZ8v/jSh5eIMmHXxjAdfyPiNh3vl4f+FQAAAOB8reaLSTVbr07jY3eIn1Qt2uT/7zrKyyKiGL91lJbvTtcdhZX/7348dJRWLmCNOgqrltz6zfcGTZVZ6yZ7tUsayWhWZpelvHUTAADAyanPBPbMQgAAADgD98fuAMeRxedeYtpnHFaXtCH4p1YCAAAAfqH2jxEDAAAAp66c/3v/HwAAAJy36v1/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHNK6WE5X88Vk3/3ZN3M223a6GxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+zPOwqEQBiEwd71ncnc/7DSoKGxSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXPHvm1UYQDAP599blpAmIAyBFCRGGChiVtaOsIAihj4E5Ci1CkBl0KbgVYRKAtMKHMXBCNCSKCw9X/o3EhdytYhQ5CYGEB3vnMvbaFWFe7c5veT3r3v7NN737taVr+8SwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoLT7TryUFHE7O/RGcfnazb2NlazfuafPXN+6NZ+1LG49bKJv3j745Kfby9WT43OVk6/qTwYAAIDDoV3W9xFxO91eyvqkl9f/aXlNVvN//8woLuv5e+v+nb2NmeKt+bL+/+3XOy+MJ+qN5skGXV0bDhbvT6XzPy1x6j370Cs6+Z3Pf/bSzv9Bkvc3n99N8/vZ+vbGjXe7eXikjmwBgEdxouyLoPz/UNb3m0wMgEOjUym8y/q/3Ws2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zt04s7O3sfKg/vrWrfmynbl2bas6ZjZEGhGra8NBWuNapt3lK1c/WR4OB5fqD45HRHOzF8GHE1wT8d/X5B/PXkRzq/j3oDUdaTQaJMVnfVryOcig+GqMgx95NO7KXw19MQEA8MRJi5bV9bfT7aXstdZsxN8/7K//X6vEMWH9f+ejMzerc1Xr/35tK5x+C+sXPlu4fOXqG2sXls8Pzg8+ffNk/63+qbOnT59dyO7V4sJqJIPFptMEAADgMdYtWrX+T2bv3/8/Voljwvr/8+/6X1bnaqv/H+jupl/TmQAAABxG3XH03Ct//tHa/+ZMdmh1u/HF8vr6pf7oOD4/OTrWnvIjOFK0av3fnm06KwAAAKAOu5utffv/5ypxTLj///SPL/5cHbMdEUcjLkbE4MTKxeG5+pYz1er4ReV8om7TKwUAAKApR4tW3f9P8+f/k/EjD0lEvP7qKC7/1tUk9X/7va9/qs5Vff7/VH1LnErJ3Oh+5P1cRGeu6YwAAAB4ks0ULSv2f0+3lz7+5dgHXc//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//5QI3fQ==")
syz_mount_image$fuse(0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./bus\x00', 0x20000, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x64)
setsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, &(0x7f0000000000)=0x1, 0x4)

11m15.75540493s ago: executing program 46 (id=1458):
pivot_root(0x0, 0x0)
umount2(0x0, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket(0x1, 0x1, 0x1)
getsockopt$SO_COOKIE(r3, 0x1, 0x47, &(0x7f0000000080), &(0x7f0000000180)=0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)}, 0x20)
unshare(0x22020600)
readahead(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
unshare(0x64000600)

10m50.132193643s ago: executing program 47 (id=1467):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
io_setup(0x197, &(0x7f0000000440)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000001c0)='/sys/power/resume', 0x8402, 0x20)
io_submit(r0, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r1, 0x0}])

10m49.645526802s ago: executing program 4 (id=1473):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002cc0)={0x401, 0x101, 0x4, 0x7, 0x990}, 0x14)
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r6}, 0x18)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCADDRT(r8, 0x890b, &(0x7f0000002180)={@loopback={0xfec0ffff00000000}, @empty, @mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2020013})
setsockopt$IPT_SO_SET_REPLACE(r7, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x498, 0x320, 0xa, 0x148, 0x368, 0x60, 0x400, 0x2a8, 0x2a8, 0x400, 0x2a8, 0x7fffffe, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'bridge0\x00', 'rose0\x00'}, 0x0, 0x2f8, 0x368, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'veth1_to_team\x00', {0x0, 0x0, 0x2, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x8601, 0x6, './file0\x00'}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b9f28413d9d8ad470ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc2d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4f8)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000))
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_open_procfs(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000140), 0x8083, 0x0)
ioctl$TCSETS2(r9, 0x402c542b, &(0x7f0000000000)={0x6, 0x7, 0x10021da0, 0x0, 0xff, "42f42749a2ed195a14c84953dc7e8e5aec7776", 0xfffffffe, 0x7})
socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000000080)={0x0, 'bridge0\x00', {0x1}, 0x3aa})

10m47.892743943s ago: executing program 4 (id=1475):
socket$inet6(0xa, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000004c0)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0x10000a}, 0x1c)
sendmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{&(0x7f0000000000)=@qipcrtr={0x2a, 0x2, 0x4000}, 0x80, 0x0}}], 0x1, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = dup(0xffffffffffffffff)
fremovexattr(r0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140))
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff85000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580), 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x12)
write(r3, &(0x7f0000004200)='t', 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(0xffffffffffffffff, 0x18, 0x0, 0x1)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendfile(r3, r2, 0x0, 0x3ffff)

10m45.364608486s ago: executing program 4 (id=1481):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000004c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x2, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresgid(&(0x7f0000000980), &(0x7f0000000a00), &(0x7f0000000a40))

10m45.07503109s ago: executing program 48 (id=1480):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000938500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000140)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x3}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2}, 0x50)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

10m43.050631773s ago: executing program 4 (id=1484):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
socket(0x28, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

10m42.441367552s ago: executing program 4 (id=1485):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

10m37.184613125s ago: executing program 4 (id=1490):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000004c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x2, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresgid(&(0x7f0000000980), &(0x7f0000000a00), &(0x7f0000000a40))

10m36.700050784s ago: executing program 49 (id=1490):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000004c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x2, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x5c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getresgid(&(0x7f0000000980), &(0x7f0000000a00), &(0x7f0000000a40))

10m4.663411864s ago: executing program 8 (id=1532):
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000740)={0x0, r2}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xf, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x4}, @map_fd={0x18, 0x4, 0x1, 0x0, r4}]}, &(0x7f0000000700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_genetlink_get_family_id$gtp(&(0x7f0000000180), r0)
socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r8}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r9}, 0x18)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r10}, 0x18)
r11 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r11, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r6, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r7, 0x1, 0x70bd26, 0x25dfdbfb, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x2400c041}, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x94, 0x0, &(0x7f00000009c0)="3b8d10f18903442dad61fda80e2585dea321f5dc3e3aad1e0d6aaa1222fe665bffc214d4b30a8aa67631bac9118722d6405b0de20907824ce23f9924af15fce491e6435ca8dbb292ef85cb011a3d3e549ad44dab9a4d12e5594a2f10293474fdc12e6d54031cbc70282729709ec661cace1840929299bb439cf8d409bbd781804e87994e8e20e369468079c85f3607545d6c7aa2"})

10m0.179511195s ago: executing program 8 (id=1542):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000180)={[{@test_dummy_encryption_v1}, {@nolazytime}]}, 0x1, 0x241, &(0x7f00000020c0)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x4000000, 0x1000f4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)

9m59.167512177s ago: executing program 8 (id=1546):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f00000001c0)={0x59, 0xffffffff, 0x1, 0x0, 0x0, [{{r0}, 0x200}]})
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000300)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0x12)

9m58.450519414s ago: executing program 8 (id=1548):
socket(0x28, 0x5, 0x0)
socket(0x28, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

9m57.490796622s ago: executing program 8 (id=1550):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4ea3, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
readv(r0, &(0x7f0000000340)=[{&(0x7f0000000040)=""/142, 0x8e}], 0x1)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0xd4, &(0x7f0000000780)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x9e, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x9e, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e79dc1db6ecbf24b32e08c54a7cbee5809d8b542e7458ef7cbac933d79068a1492f809caa178afcd5c30f429764c3840100e00117dd6712781ba0385c1846e6c001eac6c71939e1d33a4b120e44584225740f0421a5ee1ae4cfc8d7acf721d5c8ee35323d6a880e43b9ac00499eee5afa3d65886ff58ccb7a62defb784e566bbf8c2320c1e4650bd339"}}}}}}}, 0x0)

9m57.186440496s ago: executing program 5 (id=1552):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48)
sendmsg$tipc(r5, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

9m56.027411499s ago: executing program 5 (id=1554):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@sb={'sb', 0x3d, 0x9e2}}, {@debug}, {@norecovery}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0x1, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==")
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket(0x1e, 0x4, 0x0)
r5 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r6 = dup3(r5, r4, 0x0)
recvmmsg(r6, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)}, 0x9}], 0x1, 0x40000001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x2f75bbf8f0b21c6d, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$inet6(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)

9m55.437894757s ago: executing program 8 (id=1555):
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x200000000000000, 0x0, 0x1)

9m54.910634059s ago: executing program 50 (id=1555):
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x200000000000000, 0x0, 0x1)

9m54.90283792s ago: executing program 5 (id=1557):
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
ioprio_get$pid(0x0, r1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r4}, &(0x7f00000001c0), &(0x7f0000000240)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x2}, 0x10)
write(r0, &(0x7f0000000300)="240000001a005f0214f9f4070d0903ff80000000fe050000000200000800040001000000", 0x24)

9m53.699511877s ago: executing program 5 (id=1559):
socket(0x28, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

9m52.062188389s ago: executing program 5 (id=1568):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r3, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x0, 0x0, 0x0, 0xce0f, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x3, 0x10, 0x3, 0x8}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
unshare(0x26020480)
socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r7=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x40}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)

9m51.55562294s ago: executing program 5 (id=1562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x115)
pwrite64(r7, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
r8 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r8, 0x0, 0x0, 0x1001f0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

9m51.092006627s ago: executing program 51 (id=1562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000004d00000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/17], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x18e)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x115)
pwrite64(r7, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
r8 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r8, 0x0, 0x0, 0x1001f0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

8m25.168850166s ago: executing program 1 (id=1709):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(r4, 0x0, 0x20, &(0x7f0000000040)={@multicast1, @local}, &(0x7f0000000340)=0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb01001800000000000000fa000000fa000000080000000800000000000001000000005e0069080100000000000002030000000600000006000084020000000900000005000000000005000200000005000000030000000200000005000000020000001000000001000000410000000e000000000000007cbe00000f00000003000000060000000000000000000003000000000500000003000000070000000b00000002000004c20000000000000000000000ff030052e8642c00040000000000000010000000000000010000000035004f06050000000000000901000000090000000200000f0200000002000000ff00000002002200010000000100010006000000c17f1000000000000002020000000000005f5f002e5f6100"], &(0x7f0000000400)=""/50, 0x11c, 0x32, 0x0, 0xcac, 0x10000}, 0x28)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000004c0)=ANY=[@ANYBLOB="0100000000e0ffff8b"])
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_io_uring_setup(0x4b6, 0x0, &(0x7f0000ff0000), &(0x7f0000000000))

8m16.219414246s ago: executing program 1 (id=1724):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6gre0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x45, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x10, 0x7, 0x2, 0x8}})
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x50)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x3c1, 0x3, 0x3a0, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x320, 0x2e8, 0x2e8, 0x320, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [], [], 'erspan0\x00', 'geneve1\x00'}, 0x0, 0x190, 0x1c0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67262c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1}}, @common=@inet=@socket3={{0x28}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)

8m13.662936622s ago: executing program 1 (id=1725):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012f00000000009500000000dd0000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

8m13.409039043s ago: executing program 1 (id=1726):
socket(0x28, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000046, &(0x7f0000000280)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@errors_remount}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x400000]})
chdir(&(0x7f0000000140)='./file0\x00')
r1 = open(0x0, 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)

8m12.461676059s ago: executing program 1 (id=1729):
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r3 = creat(0x0, 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x58, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x58}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0xd, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x401, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbe, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0x3, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x401, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0x8, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

8m9.299596023s ago: executing program 1 (id=1734):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012f00000000009500000000dd0000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

8m8.296416074s ago: executing program 52 (id=1734):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000063012f00000000009500000000dd0000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

7m15.691636544s ago: executing program 0 (id=1839):
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x42000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x2, 0x0, 0x0)

7m13.507480028s ago: executing program 0 (id=1833):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
capset(&(0x7f0000000540)={0x20080522}, &(0x7f0000000140)={0x3, 0x3, 0x7, 0x0, 0x40, 0x8b})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0xc)
write(r0, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file1\x00', 0x4042, 0xf8)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

7m13.295886255s ago: executing program 0 (id=1834):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='map_files\x00')
lseek(r0, 0x3, 0x0)

7m13.047017255s ago: executing program 0 (id=1838):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x31, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)

7m12.782112457s ago: executing program 0 (id=1840):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000008c50000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f00000002c0)='./file0/file0\x00', 0x0)

7m12.511504349s ago: executing program 0 (id=1843):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x7}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'wg0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000300)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'})

6m55.529263974s ago: executing program 53 (id=1843):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x7}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'wg0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000300)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'})

5m34.114163941s ago: executing program 6 (id=2050):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r0}, 0x10)
mkdir(&(0x7f0000000180)='./file0\x00', 0xe0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
umount2(&(0x7f0000000100)='./file0\x00', 0x3)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
socket$pppl2tp(0x18, 0x1, 0x1)
epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

5m33.189027235s ago: executing program 6 (id=2052):
ioctl$FS_IOC_GETFLAGS(0xffffffffffffffff, 0x80086601, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x9031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
rename(&(0x7f0000000400)='./bus\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r3 = creat(0x0, 0xd931d3864d39dcca)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000040)={'syztnl2\x00', 0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}, @IFLA_XFRM_LINK={0x8, 0x1, 0x4}]}}}]}, 0x44}}, 0x4048010)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)='./file1\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz0\x00', {0x9, 0x2, 0x4, 0x8}, 0x52, [0x9, 0x5, 0x6a5, 0xb, 0x9, 0x1000, 0x4, 0x4, 0x7, 0x2, 0xfffffffd, 0x9, 0x6, 0x8, 0x10000, 0x401, 0x800, 0x88000000, 0xefd5, 0x0, 0x1, 0x922, 0x7, 0xd5a, 0x8, 0x5, 0x1, 0xd, 0x7, 0x9, 0x9, 0xfffffff7, 0x6, 0x9, 0xfffffc00, 0x0, 0x7585, 0x4, 0x2, 0x7, 0x3, 0x1, 0x6, 0xd, 0xe, 0x5eb2, 0xc, 0x7, 0x9, 0xffff, 0x1, 0x7, 0x8000, 0x1, 0x6, 0x7f, 0x1, 0x0, 0x9, 0x9, 0x6, 0x9, 0xb, 0x3], [0x2, 0x1, 0x9d5d, 0x58, 0x94, 0x0, 0x1, 0x8001, 0x7f, 0x5, 0xffffffc0, 0xfd0, 0x5, 0x401, 0x0, 0x2, 0x332, 0xfffff87a, 0x4, 0x9, 0x5, 0x76fd, 0x8, 0x1, 0xe2, 0x9, 0x7, 0x9, 0x4, 0x62e, 0x2, 0x4, 0x7fffffff, 0xdd09, 0xfffff1d7, 0xa0c, 0x5b1f, 0x4, 0x7, 0x7, 0xe79, 0x6, 0x2, 0x7, 0x81, 0xad3, 0x6, 0xbe, 0x9, 0x9, 0x5, 0x7, 0x4, 0x9, 0x3, 0x5, 0x4, 0x5, 0xf3f, 0x9, 0x800, 0x1b8b, 0x40, 0x6], [0x3, 0x6, 0xa, 0x7, 0x8, 0x4, 0x2, 0xd, 0x0, 0x6, 0x3, 0xf7f, 0x8, 0x4, 0x7f, 0x4, 0x9, 0x0, 0x3, 0x0, 0x7fff, 0x1, 0x4, 0xb, 0x319, 0xffff, 0x4, 0x0, 0xa8, 0x8, 0x200, 0x3, 0x8, 0xb3, 0x9, 0x200, 0x401, 0x0, 0xa800, 0x2, 0xfffffff9, 0x0, 0x6, 0x2, 0x5, 0x2, 0x4f05, 0x2, 0xfffffffe, 0x401, 0x5, 0x6, 0x1, 0x7, 0x2, 0x0, 0xcd86, 0x6, 0x7fff, 0x7, 0x8, 0x1, 0xe, 0xff], [0x8, 0x7, 0x4, 0x3, 0x0, 0x3, 0x81, 0x6, 0x0, 0xb, 0x0, 0xfff, 0x1, 0x10, 0x8, 0x6, 0x3, 0x0, 0x3723, 0x81, 0xffffffff, 0xfff, 0xa9f, 0xc, 0x4, 0x2, 0x2, 0x7, 0x1, 0x8, 0x3, 0x0, 0x2, 0x4, 0x0, 0x8, 0xe2, 0x3, 0x3, 0x7, 0xffffffff, 0x4169, 0x0, 0x5, 0x80000000, 0x1, 0x9, 0xfffffffe, 0x3, 0x5, 0xfffffbff, 0x93b267d2, 0x400, 0x7, 0x800, 0xfffffff9, 0xfffffff9, 0x8, 0x1, 0x80000000, 0x4, 0x4, 0x7, 0x6]}, 0x45c)

5m29.790349959s ago: executing program 6 (id=2057):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000e97000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000280)="0f20e035000010000f22e0650f01c566b8a6008ec88fc94094170fc738e4623508c9c58cc58c0fe10a80a119a56f4c810f8f00000100c4a31d185479280b", 0x3e}], 0x1, 0x4, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m29.272829501s ago: executing program 6 (id=2058):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYBLOB="1c00000002"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000000), 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x20050800)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
r3 = socket$inet(0x2, 0x1, 0x3)
getsockopt$inet_mreqsrc(r3, 0x0, 0x28, &(0x7f0000000080)={@dev, @private, @multicast2}, &(0x7f00000002c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="02000000040000000800000001000000"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x400)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./file1\x00', 0x0, 0x5000, 0x0)
r5 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x110)
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r6 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r6, 0xc0185879, &(0x7f00000003c0)={@desc={0x1, 0x0, @desc2}})
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)

5m27.759482382s ago: executing program 6 (id=2063):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101801, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
ioctl$TUNSETDEBUG(r1, 0x400454c9, 0xffffffffffffffff)
r2 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000800)=ANY=[@ANYRES8], 0x29)
pipe2$9p(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000074"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000001c0)='tick_stop\x00', r7, 0x0, 0x6}, 0x18)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

5m24.990199765s ago: executing program 6 (id=2065):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()

5m23.838306137s ago: executing program 54 (id=2065):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()

13.003518474s ago: executing program 2 (id=2668):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000181200009a4c4b4c16d7704e905c0e91a7449a4705f22b2656190b23673a72720d15a969b803e55c0fa03712b3994050c60cbce1eca25ecc233788e5203b7ff0ebe9d419bd8a9e855e50142491c573a9be81357daa483b148616ac010181ee59b475e42888c40b5cdaa39cd1aeabc1d4165c563f9b8eda2824a727ed8455880a0f851c7b314dae0b80c73487", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x324)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r5, 0x0, 0x11)

12.297367611s ago: executing program 3 (id=2671):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000000)=ANY=[], 0x1, 0x203, &(0x7f0000001040)="$eJzs3c9qE10UAPCTfGmafLjoThCEERe6KuoTVKSCGBAqWeiuoCuzajaJm/YxfAXfyweQrrKRK+lMmpim41DJDNbfb5Mzc+6de86E/NnkJkXu290v0eu1on0QBzFrxV60Y+EsAIDbZJZSfE+5pmsBAOpR4fP/R80lAQBb9vbd+9fPB4PDoyzrRZyfTYaTYf6Y51++Ghw+yS7sLWedTybD/y7zT7P17w7z/E78X+Sf5fOzy3Q3IobdePwwz89zL94Msl/n78aHLfcOAAAAAAAAAAAAAAAAAAAAAABNuR/Zwsb9ffb31/P9Ip8frewPtLZ/TyfudYrD5fZA6bSOpgAAAAAAAAAAAAAAAAAAAOAvM55+/nQ8Gn08WQa7EbF6pjOe9uenVsdcH7SKC1caXHadTsQfTK8atKv2tRb0izZvsGiruEVb7eu4v/nJrRJEZ5uF1RFkNazVL729Kc2Dza+CxbYY107vRkT56o+Oblr8LKU0+vrgZDyNVDr4osRu/e9IAAAAAAAAAAAAAAAAAADw71r51fcVvSYKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAGLP//fx5cPVManEbEnfjt4MVaO9FrtFcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABur58BAAD//w3eHsI=")
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x2}, 0x94)
openat(0xffffffffffffff9c, 0x0, 0x1c1002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
process_vm_writev(r0, &(0x7f00000008c0), 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000bc0)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)

11.083355329s ago: executing program 7 (id=2673):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
setrlimit(0x3, &(0x7f0000000340)={0x5, 0x81})
r0 = getpid()
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents(r1, 0xffffffffffffffff, 0x5a)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240))

9.255870775s ago: executing program 7 (id=2675):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

8.596290248s ago: executing program 3 (id=2676):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000001100)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
capset(&(0x7f0000000100)={0x20080522}, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000280)='io\x00')
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x5, 0x6b)

8.593600469s ago: executing program 2 (id=2677):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8f70000000000ff000044850000000e000000650000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000700), 0xffffffffffffffff)
r2 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="011f00000000000000000d0000000c000180080001"], 0x20}}, 0x0)

8.135469876s ago: executing program 2 (id=2678):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

8.057309782s ago: executing program 3 (id=2679):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f00000001c0)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[], 0x5, 0x559a, &(0x7f000000cf00)="$eJzs3M2LG/UbAPBnst2+//or4sFbB4qwC01oti/oyaotarGl+HLwpNkkDWmTzLJJ07WnHjyKB/8TUfDk0b/Bgx71IIgHRfAgVDIzW5q2ttomu+76+cDkmXnmm2e+32lZeGYgAfxnHU1/+yWJI3EgIhYi4nAS+X5SbhG3I84VY5+LiGMRUblnS8r83cTeiDgYEUcmxYuaSXnq0xPj42d+vvjrV9/s23Posy+/3daFA9vq+YjorxX7N/tFzDp5uLNQ5hvjbh77p8dlXJuq0c+K/M32al7hZmNzXCOPpzrF+GztxnASr/YazUnsdK/m+bVBccHhuLNZZ/KF9FpjPT9utVfz2B1meezcKq67cav423ZrOCrqtMp6H+blYzTajEW+vdEu1rN2PY/NwajMF3WzVntjEsdlLC8XzazXyuex+qR3+d/vze7gxkY6bq8Pu9kgPVOrv1Crn63W17NWe9Q+XW30W2dPp0ud3mRYddRu9M91sqzTa9eaWX85Xeo0m9V6PV06317tNgZpvV47VTtZPbNc7p1IX7v8btprpUuT+Ep3cGPU7VXiaraeFt9YTldqp15cTo/X07cvXUmvvHXhwqUr77x//r3LL19649Vy0APTSpdWTq6sVOsnqyv15R23/mH6pOv/qJz0P1h/UsaL0+nvv3u62waFZLsnALDzPND/x/39f+j/gZl7RP8f1x7T//evl8fz6f/jof1/Zbr/j1n2/5OWSv//+P63sg3972Lo/+e4fngqT9b/7535PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2HI/LH7+er5ztDg+VOb/V6aeKY+TiKhExJ2HWIi9UzUXyjqLfzF+8b45fJ1EXmFyjX3ldjAizpXbH/+f910AAACA3euL28c+Kbr14qN8BHBfN88uVfwzVw5/MKN6SUQsHv1pRtUqk49nZ1Qs//+9JzZmVC1/gLV/RsWKR257ZlXtb1mYCvvvCUkRKls6HQAAYEtMdwKP6kJub8l8AAAAmJePH3n2pS2bB3P0+48P5pLYfJV595X/viKULwQPTJ0DAAAAdqBkuycAAAAAzF3e//v9PwAAANjdit//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3buJjdxGAoA8EsgMMyPBo3mQLODY8wRZjlbuApH4AaVegHOQKUueoS2VCQuUlqQkHCgRd8nxWAHnm3I5tmSAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Vy2no9PD3DxtTpNjLgAAAMB+62o5rd+Mm/q31P4jNf1K9SIiyojYl7v3YtCK2UtxqgOfr96M4TaijrBtH6bra0T8Sdfjz65/BQAAALheq/li0mTrTZGWAO6P+e6w05FxBs2iTfn9b6Z4RURU44dM0cpt8TtTsPr57sf/TNHqBawvmYI1S279/fcGuTpp67VeXmcyq//EulZ20y8AAHBJ7UzgQBYCAADAFfh36QFwDu9T+2JX7PYZ065+2hActWoAAADAJ1RcegAAAABA5+r8/yOd/1c4/w8AAACya87/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEvrajldzReTQ/dnR8Z53pwm34wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCF/XlFghAGgzA4u7wdlfsflhoRicZ0q49/ChEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB485vxnx9L406y9trYeh5J9k6No1Pj7Ny4+sP48iUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzbT08cZRgA8Gd32GmpGhENiaipSQ96sXRbW3s1RkM8+BFMCF0qurVKOdiGWLl4M5x7MXo0xkSDN75DzyXppd564ICJJw+YmZ2hs7BaUu0Mld8vefd9dnZ4/zEhPPPOAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJS23o6X20WcZC8Tg7g8dmd7ZT6rN/fUmY21u9NZyeJWzeN+ArxSfXNyqrmBAAAAcHQkZX4fEfc667NZ3Z7I8/9OeU6W83/3zCAu8/m9ef/m9srx4qPpMv//9Zf7L+x2NJHk/WSNLiz2e2f2D2XsMU3x0Hv2oWeM5Suf33tJ8l9I+/3V57c6+Xq2vrl9+900D4/VMVoA4FGcLusiKP8fyupukwMD4MgYqyTeZf6fTDQ7JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6bK3GU2XciojpsQdxZnN7ZX5U/dXa3emNoly4dWut2mbWRCciFhb7vTM1zuXwKlfzxidz/X5v6dr1uoOTETHio5sH+/GkGP7fnpNGxNCRUy+OaOfDA/S1p519QXF5Rr1rOJ7N76Ent4aOtPYt+Ds7A01cAP3eUlrH0rWLTpqY4OMOymvvv2+5xj9FAAAcCZ2iZJnovc76bHasNRmx8/1w/v9aJY6hvH/n5uDI4P1GJf+//9GFO9W+qvl/t6b5PQlmlq98NnPt+o03Fq/MXe5d7n365tnuW91zF8+fvziT3yuZWYi2OyYAAAD8C2lRqvl/e3L//v+JShz/sP9fzf8//7b7ZbWvRP4/0oNNv6ZHAgAAcBSlu9Fzr/7xe2vEGa00jS/mlpeXuoPX3fdnB6+1DvcRHStKNf9PJpseFQAAAFCHrdXW0P7/pUocB9z/f/qHl36qtplExHjE1YjonZ6/2r9U33QOtTq+qJx3lDY9UwAAAJoyXpTq/n8nf/6/vfvIQzsiXj8V8WfxHf44YP6fvPf1j9W+qs//n6t1lodPe2qwHnk9FTE21fSIAAAA+D87XpQs2f+tsz778c8nPkg9/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQt78CAAD//wXGL2s=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000280)={0x3, 0x1, 0x4, 0x3})

7.977907178s ago: executing program 7 (id=2680):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
io_setup(0x5, &(0x7f0000000500)=<r1=>0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000600)={0x33, 0xffffffff, 0x2})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_timeval(r3, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(r1, 0x2, &(0x7f0000000340)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x0, r3, &(0x7f0000000200)='\x00', 0x1, 0x0, 0x0, 0x2}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x7, 0x800, r2, 0x0}])
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000010180)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xa, 0x4, 0x2, 0x2da, 0x4, {0x3, 0x0, 0x101, 0x9, 0x5, 0x2}, {0x3, 0x1, 0x3ff, 0xffff, 0x5}, 0x2, 0x3, 0xeea4}}, @TCA_POLICE_RATE={0x404, 0x2, [0x100000, 0x2, 0x0, 0x5, 0x7, 0x6, 0x6, 0x5, 0x4, 0x10000, 0xfffffff1, 0x800, 0x1, 0x1, 0x1, 0x4, 0xffffffda, 0x8, 0x2, 0x76ccfa5f, 0x5, 0x8, 0x80, 0x451, 0x2, 0x1, 0x8001, 0x8, 0xfff, 0x100, 0x8, 0x1, 0x9, 0x2, 0xc, 0x1, 0x8, 0x7, 0x5, 0x8, 0x6, 0xfff, 0x9, 0x9, 0x4, 0x200, 0x8000, 0xffffff01, 0x1, 0x80, 0xa8, 0x7f, 0x84, 0x6, 0x637, 0x8, 0xfb, 0x9, 0x97, 0xffff8fe2, 0x791a, 0x9, 0x3, 0x7, 0xab5, 0x0, 0x66ab6d08, 0xd, 0x8, 0x8, 0x2, 0xfffffff7, 0x9, 0x1eb, 0x7, 0xd47, 0x9, 0x6, 0x7, 0x7, 0x4, 0x4, 0x5a8b, 0x6f, 0x3f, 0x6, 0x9, 0x4, 0x15, 0x7f, 0xfff, 0xb, 0x2, 0x10001, 0xffffffff, 0x3, 0xaa2, 0x400, 0x40, 0x1, 0x0, 0x80, 0x44f0, 0x1, 0xffff, 0x2, 0x3f0f, 0x9, 0x7, 0x33f6, 0x6, 0x200, 0x100, 0x10001ea, 0x1, 0x7ff, 0x7ff, 0x4, 0x49, 0x80000001, 0x7, 0x81, 0x5, 0x1, 0x10000000, 0x8, 0x1, 0x800, 0x7, 0x6, 0x3ff, 0x2, 0xfff, 0xb4, 0x3, 0x9, 0x3, 0x6, 0x1ff, 0x1ff, 0x8, 0x2, 0x5, 0xffffffff, 0x9, 0x6, 0x5, 0x7ff, 0x8, 0x2, 0x9, 0xfffffffd, 0x4, 0x6, 0x1, 0x3, 0x9, 0x7fff, 0x1, 0x5, 0x2, 0x10001, 0x2, 0x8, 0x5, 0x4, 0x2, 0x2, 0x1, 0x8001, 0x1, 0xfffffff4, 0x4, 0x8, 0xfffefffc, 0x1, 0x0, 0x1, 0x1, 0xd0c0, 0xfffff33c, 0xc974, 0x3, 0xff, 0x3, 0x1b4, 0x24f, 0x20000003, 0x10001, 0x6, 0x7, 0x5, 0x9, 0xede9, 0x2, 0x5, 0x5, 0x7, 0x800, 0x2, 0x5, 0x7fff, 0x5, 0x8, 0xffff, 0x7, 0x0, 0x9, 0xfffffff7, 0x2, 0x6, 0x7, 0xd9f, 0x6, 0x9, 0x1, 0x10000, 0x0, 0x8, 0x10, 0x720b, 0xfffffff7, 0x7106075a, 0xffff, 0x401, 0x3, 0x8, 0x6, 0x3, 0xf, 0x6, 0x9, 0x9, 0xffffffff, 0x802, 0x10, 0x2, 0x8, 0x4, 0xa27d, 0x9, 0x9, 0x0, 0x81, 0x4, 0x7f8000, 0x9, 0x0, 0x1, 0x0, 0x40000005, 0xc1, 0x2, 0x401, 0x40, 0x2]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa, {0x1}}}}]}]}, 0x488}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f0000000380)={[{@usrjquota}, {@nojournal_checksum}]}, 0x4, 0x5fd, &(0x7f0000001200)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ppoll(&(0x7f0000000180)=[{r4, 0x8280}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080))
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, &(0x7f0000000300), &(0x7f0000000280)}, 0x20)
fsetxattr(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="732f39797374656d2e657874ef575a3ba727fc26d5bdd5e18ab2f77cf487d34aae471cc3be18da0441303db769c3631dbbd41256660ab62f5096c167d3e54af4f93de662d0d4d9be9c77b95166f105dbb743"], &(0x7f00000003c0)='ext4\x00', 0x5, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r1], 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
sendmsg$FOU_CMD_ADD(r7, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000540)={&(0x7f0000000680)=ANY=[@ANYRES16=0x0, @ANYBLOB="000427bd7000ff000900fc0200000000000000006ec6039b0000000000de9d6d2c956d080492f55efb0a3d634775e25486aeba29b4c7bf17e73585e2b7c2eb7da92ade768e1bb69fe0"], 0x30}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000000000400000000000000008500000030000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002a0000009500"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r8, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe160, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
close(0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000008b71a923cbb7fe3600"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x80)
getpid()

7.891331435s ago: executing program 9 (id=2681):
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
chdir(&(0x7f00000001c0)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket(0xb, 0x4, 0x40)
socket$unix(0x1, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x50a32, 0x23}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6}, @IFLA_BR_GROUP_ADDR={0xa, 0x14, @random="15714bc789a3"}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4008000)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x82400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1b1c)
ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

7.871257497s ago: executing program 2 (id=2682):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
creat(0x0, 0x182)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0)
ioctl$TIOCSWINSZ(r5, 0x5414, &(0x7f0000000140)={0xffff, 0x7, 0x2, 0x5})

6.820801251s ago: executing program 2 (id=2683):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
socket(0x1, 0x803, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a00000000000000080001000200000004000b"], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0)

6.492279828s ago: executing program 9 (id=2684):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
setrlimit(0x3, &(0x7f0000000340)={0x5, 0x81})
r0 = getpid()
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents(r1, 0xffffffffffffffff, 0x5a)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240))

4.523198386s ago: executing program 2 (id=2685):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000181200009a4c4b4c16d7704e905c0e91a7449a4705f22b2656190b23673a72720d15a969b803e55c0fa03712b3994050c60cbce1eca25ecc233788e5203b7ff0ebe9d419bd8a9e855e50142491c573a9be81357daa483b148616ac010181ee59b475e42888c40b5cdaa39cd1aeabc1d4165c563f9b8eda2824a727ed8455880a0f851c7b314dae0b80c73487", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x1, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000280)='./file0\x00', 0x324)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='devtmpfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r5, 0x0, 0x11)

4.058874623s ago: executing program 7 (id=2686):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x100c404, &(0x7f0000000000)=ANY=[], 0x1, 0x203, &(0x7f0000001040)="$eJzs3c9qE10UAPCTfGmafLjoThCEERe6KuoTVKSCGBAqWeiuoCuzajaJm/YxfAXfyweQrrKRK+lMmpim41DJDNbfb5Mzc+6de86E/NnkJkXu290v0eu1on0QBzFrxV60Y+EsAIDbZJZSfE+5pmsBAOpR4fP/R80lAQBb9vbd+9fPB4PDoyzrRZyfTYaTYf6Y51++Ghw+yS7sLWedTybD/y7zT7P17w7z/E78X+Sf5fOzy3Q3IobdePwwz89zL94Msl/n78aHLfcOAAAAAAAAAAAAAAAAAAAAAABNuR/Zwsb9ffb31/P9Ip8frewPtLZ/TyfudYrD5fZA6bSOpgAAAAAAAAAAAAAAAAAAAOAvM55+/nQ8Gn08WQa7EbF6pjOe9uenVsdcH7SKC1caXHadTsQfTK8atKv2tRb0izZvsGiruEVb7eu4v/nJrRJEZ5uF1RFkNazVL729Kc2Dza+CxbYY107vRkT56o+Oblr8LKU0+vrgZDyNVDr4osRu/e9IAAAAAAAAAAAAAAAAAADw71r51fcVvSYKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAGLP//fx5cPVManEbEnfjt4MVaO9FrtFcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABur58BAAD//w3eHsI=")
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x2}, 0x94)
openat(0xffffffffffffff9c, 0x0, 0x1c1002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
process_vm_writev(r0, &(0x7f00000008c0), 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000bc0)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)

3.97810025s ago: executing program 9 (id=2687):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000001100)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
capset(&(0x7f0000000100)={0x20080522}, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000280)='io\x00')
preadv(r2, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x5, 0x6b)

3.783411446s ago: executing program 3 (id=2688):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

1.309168665s ago: executing program 9 (id=2689):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
getsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x89, &(0x7f0000000240), &(0x7f0000000280)=0x4)

1.138476199s ago: executing program 7 (id=2690):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.138323539s ago: executing program 9 (id=2691):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
creat(0x0, 0x182)
r5 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x121400, 0x0)
ioctl$TIOCSWINSZ(r6, 0x5414, &(0x7f0000000140)={0xffff, 0x7, 0x2, 0x5})

458.069383ms ago: executing program 3 (id=2692):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, &(0x7f0000002cc0)=""/4104, 0x0, 0x1008, 0x1}, 0x28)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x248000, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x9, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x36, 0x200000000000, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0xd000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x1, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

335.429713ms ago: executing program 7 (id=2693):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="400000001000370400"/20, @ANYRES32=r3, @ANYBLOB="8b040400000000002000128008000100736974001400028008000100", @ANYRES16=r1], 0x40}}, 0x8800)
sendmmsg$inet(r0, &(0x7f0000002940)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @multicast2}}}], 0x20}}], 0x1, 0x0)

69.067324ms ago: executing program 9 (id=2694):
fdatasync(0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x4, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x18)
timer_create(0x0, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

0s ago: executing program 3 (id=2695):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000002a00)={[{@noblock_validity}, {@resgid={'resgid', 0x3d, 0xee00}}, {@acl}, {@noload}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLf6U8WloIFETFI2nSBz1wAYHEAQQSHIo4BSetSt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPRenfTxLVDHk6c4s9H2nZmd92Z786OPTtjN4CuNZT+kUTsjohfI2Iwyy4/YSj76+bCbOWvhdlKErXaa38m9fNuLMxW8n9i8XW7sh21Wp7f0aTc+TcjxqvVyct5fmTm4jsj01euPnX+4vi5yXOTl8ZOnz5x/HDfqbGTbYkzjevGwfenDh148Y1rL1fOXHvrx6/T+u7OjxdxtNNQdnWberTdhXXYniXppNzBirAmabulzdVb7/+D0RMDi8cG44WPOlo5YFPVarVas8/n3FwN+A9LotM1ADqj+KBPn3+LbYuGHtvCH89mD0Bp3DfzLTtSjlJ+Tm/D82079UfEmbm/v0i32KR5CACApb5Nxz9PNhv/leKeJef9L19D2RsR/4+IfRFxV0Tsj4i7I+rn3hsR962x/MYVktvHP6Xr6wpsldLx3zP52tby8V8x+ou9PXluTz3+3uTs+erksfyaHI3eHWl+dNlLlvvu+V8+a9z3aT7NPrRk/JduafnFWDCvx/VywwTdxPjMeFuCT+P/MOJguVn8SRTLOElEHIiIg+ss4/zjXx1qdezf419BG9aZal9GPJa1/1w0xF9IWq5Pjj59auzkSH9UJ4+NFHfF7X76ef7VVuVvKP42SNt/Z9P7P4s/fUZM+iOmr1y9UF+vnV57GfO/fVxJWhzbv877vy95vZ7uy/e9Nz4zc3k0oi95Kc0OLNs/duu1Rb44P43/6JHm/X9f9nhWvxL3R0R6Ex+OiAci4sG87R6KiIcj4sgK8f/w3CNvtzrWuv1XmJVvozT+iRXaP33LS1O32n/tiZ4L33/Tqvzaqtr/RD11NN+zmve/1VZwI9cOAAAA7hSl+nfgk9LwYrpUGh7OvsO/P3aWqlPTM0+cnXr30kT2Xfm90VsqZroGl8yHjuZzw0V+rCF/PJ83/rxnoJ4frkxVJzodPHS5XS36f+r3nk7XDth0fq8F3Uv/h+6l/0P30v+he+n/0KX6mu/+YKvrAXTE2j//+zelHsDWM/6H7qX/Q/fS/6ErtfxtfGlDP/m/UxPl7VGNpomB7VGNIhGlbVGN9iVe+STrEtulPkWivOr/zGKdiR1ND3X6nQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA9/gkAAP//Uo/mdg==")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
setrlimit(0x3, &(0x7f0000000340)={0x5, 0x81})
r0 = getpid()
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents(r1, 0xffffffffffffffff, 0x5a)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000070000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000100850000008200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240))

kernel console output (not intermixed with test programs):

1) is not up; please bring it up to get a fully working HSR network
[ 1132.542151][T16155] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1134.927902][T16155] veth0_vlan: entered promiscuous mode
[ 1135.753433][T16155] veth1_vlan: entered promiscuous mode
[ 1135.831182][T16155] veth0_macvtap: entered promiscuous mode
[ 1135.863763][T16155] veth1_macvtap: entered promiscuous mode
[ 1135.929367][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1135.987685][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1135.999884][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.010595][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.021335][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.031959][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.054417][T16155] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1136.083339][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1136.153287][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.183980][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1136.320116][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.635759][T16155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1136.646424][T16155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.712496][T16155] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1136.822129][T16155] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.843849][T16155] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.863125][T16155] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1136.871959][T16155] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.093000][ T5960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1137.120488][ T5960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1137.246899][T12937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1137.282372][T12937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1138.039689][T16342] loop6: detected capacity change from 0 to 512
[ 1138.120006][T16342] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1138.211030][T16342] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1138.358930][T16352] serio: Serial port ptm0
[ 1138.625128][T16357] syz.6.1811[16357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1138.625822][T16357] syz.6.1811[16357] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1140.265189][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1141.692636][T11945] usb 10-1: new low-speed USB device number 4 using dummy_hcd
[ 1142.157539][T11945] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1142.188973][T11945] usb 10-1: config 7 has an invalid interface number: 67 but max is 0
[ 1142.212730][T11945] usb 10-1: config 7 has no interface number 0
[ 1142.246192][T11945] usb 10-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[ 1142.278929][T11945] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1142.329088][T11945] usb 10-1: Product: 㯑
[ 1142.760336][T11945] usb 10-1: USB disconnect, device number 4
[ 1142.761431][T16399] loop6: detected capacity change from 0 to 2048
[ 1142.793640][T16399] EXT4-fs: Ignoring removed bh option
[ 1142.933681][T16399] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1143.207725][T16399] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1144.084375][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1144.294772][T16432] overlayfs: failed to resolve './file1': -2
[ 1144.379796][T16436] loop6: detected capacity change from 0 to 2048
[ 1144.931988][T16436] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1145.102973][T16436] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1147.382011][   T28] audit: type=1800 audit(1756377427.362:290): pid=16458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1827" name="file0" dev="loop6" ino=13 res=0 errno=0
[ 1147.795132][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1148.162888][ T6941] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1148.542868][ T6941] usb 3-1: Using ep0 maxpacket: 16
[ 1148.550103][ T6941] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 210, changing to 11
[ 1148.566355][ T6941] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[ 1148.578081][ T6941] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 64
[ 1148.612720][ T6941] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1148.652596][ T6941] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1148.837814][ T6941] usb 3-1: Product: syz
[ 1148.920951][ T6941] usb 3-1: Manufacturer: syz
[ 1149.050611][ T6941] usb 3-1: SerialNumber: syz
[ 1149.564639][ T6941] cdc_ncm 3-1:1.0: bind() failure
[ 1150.447972][ T6941] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 1150.482863][ T6941] cdc_ncm 3-1:1.1: bind() failure
[ 1150.513673][ T6941] usb 3-1: USB disconnect, device number 15
[ 1151.784529][T16525] loop6: detected capacity change from 0 to 2048
[ 1151.941830][T16525] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1151.991531][T16525] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1153.736159][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1156.981928][T16582] loop9: detected capacity change from 0 to 2048
[ 1156.994319][T16582] EXT4-fs: Ignoring removed bh option
[ 1157.104987][T16582] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1157.162854][T10141] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1157.192239][T16582] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1157.358310][T10141] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1157.383599][T10141] usb 7-1: config 0 has no interface number 0
[ 1157.417931][T10141] usb 7-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[ 1157.439396][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1157.459779][T10141] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1158.275538][T10141] usb 7-1: config 0 descriptor??
[ 1158.294267][T10141] usb 7-1: bad CDC descriptors
[ 1158.498100][T10141] usb 7-1: USB disconnect, device number 5
[ 1160.477787][T16608] loop9: detected capacity change from 0 to 512
[ 1160.579320][T16608] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1160.641892][T16608] EXT4-fs error (device loop9): ext4_validate_block_bitmap:439: comm syz.9.1859: bg 0: block 248: padding at end of block bitmap is not set
[ 1160.673544][T16608] Quota error (device loop9): write_blk: dquota write failed
[ 1160.681146][T16608] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1160.706605][T16608] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.1859: Failed to acquire dquot type 1
[ 1160.728997][T16608] EXT4-fs (loop9): 1 truncate cleaned up
[ 1160.776960][T16608] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1161.814509][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1162.061638][T16629] loop6: detected capacity change from 0 to 256
[ 1164.247117][T16649] loop9: detected capacity change from 0 to 128
[ 1166.417142][T16662] loop9: detected capacity change from 0 to 512
[ 1166.433075][T16662] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1166.492242][T16662] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1166.560778][T16662] EXT4-fs error (device loop9): ext4_validate_block_bitmap:439: comm syz.9.1871: bg 0: block 248: padding at end of block bitmap is not set
[ 1166.583638][T16662] Quota error (device loop9): write_blk: dquota write failed
[ 1166.591196][T16662] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1166.601394][T16662] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.1871: Failed to acquire dquot type 1
[ 1166.618634][T16662] EXT4-fs (loop9): 1 truncate cleaned up
[ 1166.633989][T16662] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1166.970598][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1168.230138][ T5781] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1168.243111][ T5781] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1168.271981][ T5781] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1168.291219][ T5781] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1168.303249][ T5781] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1168.310728][ T5781] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1168.615921][T16688] loop6: detected capacity change from 0 to 512
[ 1168.651561][T16686] loop9: detected capacity change from 0 to 256
[ 1168.732197][T16688] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1168.763816][T16686] FAT-fs (loop9): Directory bread(block 64) failed
[ 1168.770493][T16686] FAT-fs (loop9): Directory bread(block 65) failed
[ 1168.777433][T16686] FAT-fs (loop9): Directory bread(block 66) failed
[ 1168.784030][T16686] FAT-fs (loop9): Directory bread(block 67) failed
[ 1168.790866][T16686] FAT-fs (loop9): Directory bread(block 68) failed
[ 1168.797576][T16686] FAT-fs (loop9): Directory bread(block 69) failed
[ 1168.804359][T16686] FAT-fs (loop9): Directory bread(block 70) failed
[ 1168.811069][T16686] FAT-fs (loop9): Directory bread(block 71) failed
[ 1168.819069][T16686] FAT-fs (loop9): Directory bread(block 72) failed
[ 1168.825716][T16686] FAT-fs (loop9): Directory bread(block 73) failed
[ 1168.876465][T16686] FAT-fs (loop9): error, invalid access to FAT (entry 0x00006c61)
[ 1168.887223][   T28] audit: type=1800 audit(1756377448.862:291): pid=16686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1876" name="cpu.stat" dev="loop9" ino=1048855 res=0 errno=0
[ 1168.908884][T16688] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1169.379768][T16679] chnl_net:caif_netlink_parms(): no params data found
[ 1169.588338][T16707] syz.6.1877[16707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1169.588456][T16707] syz.6.1877[16707] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1170.413022][ T5781] Bluetooth: hci4: command tx timeout
[ 1170.924013][T16679] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1171.055353][T16679] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1171.078392][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1171.177831][T16679] bridge_slave_0: entered allmulticast mode
[ 1171.255826][T16679] bridge_slave_0: entered promiscuous mode
[ 1171.515456][T16679] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1171.596195][T16679] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1171.656527][T16679] bridge_slave_1: entered allmulticast mode
[ 1171.694270][T16679] bridge_slave_1: entered promiscuous mode
[ 1172.494725][ T5781] Bluetooth: hci4: command tx timeout
[ 1172.612467][T10139] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1172.728542][T16731] loop6: detected capacity change from 0 to 256
[ 1172.774652][T16679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1172.795312][T10139] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1172.822561][T10139] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1172.836048][T16679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1172.857451][T16731] FAT-fs (loop6): Directory bread(block 64) failed
[ 1172.859976][T10139] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1172.871340][T16731] FAT-fs (loop6): Directory bread(block 65) failed
[ 1172.900044][T16731] FAT-fs (loop6): Directory bread(block 66) failed
[ 1172.902962][T10139] usb 10-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1172.910290][T16731] FAT-fs (loop6): Directory bread(block 67) failed
[ 1172.945736][T16731] FAT-fs (loop6): Directory bread(block 68) failed
[ 1172.949435][T10139] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1172.952471][T16731] FAT-fs (loop6): Directory bread(block 69) failed
[ 1173.003617][T10139] usb 10-1: config 0 descriptor??
[ 1173.028497][T16731] FAT-fs (loop6): Directory bread(block 70) failed
[ 1173.054026][T16731] FAT-fs (loop6): Directory bread(block 71) failed
[ 1173.072258][T16731] FAT-fs (loop6): Directory bread(block 72) failed
[ 1173.093068][T16731] FAT-fs (loop6): Directory bread(block 73) failed
[ 1173.141211][ T1028] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1173.280147][T16679] team0: Port device team_slave_0 added
[ 1173.333677][T16679] team0: Port device team_slave_1 added
[ 1173.453126][ T1028] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1173.554042][T16679] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1173.561117][T16679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1173.592012][T16679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1173.691860][ T1028] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1173.708416][T16679] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1173.717058][T16679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1173.743670][T16679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1173.834049][T10139] usb 10-1: string descriptor 0 read error: -71
[ 1173.847825][T10139] uclogic 0003:256C:006D.0014: failed retrieving string descriptor #200: -71
[ 1173.868515][ T1028] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1173.881711][T10139] uclogic 0003:256C:006D.0014: failed retrieving pen parameters: -71
[ 1173.892283][T10139] uclogic 0003:256C:006D.0014: failed probing pen v2 parameters: -71
[ 1173.909940][T10139] uclogic 0003:256C:006D.0014: failed probing parameters: -71
[ 1173.931479][T10139] uclogic: probe of 0003:256C:006D.0014 failed with error -71
[ 1173.997382][T10139] usb 10-1: USB disconnect, device number 5
[ 1174.071197][T16679] hsr_slave_0: entered promiscuous mode
[ 1174.103514][T16679] hsr_slave_1: entered promiscuous mode
[ 1174.123496][T16679] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1174.141332][T16679] Cannot create hsr debugfs directory
[ 1174.563948][T16759] loop9: detected capacity change from 0 to 512
[ 1174.574673][ T5781] Bluetooth: hci4: command tx timeout
[ 1174.582273][T16759] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1174.655899][T16759] EXT4-fs (loop9): 1 truncate cleaned up
[ 1174.708865][T16759] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1176.657213][   T28] audit: type=1800 audit(1756377456.492:292): pid=16770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1888" name="file2" dev="loop9" ino=16 res=0 errno=0
[ 1176.664045][ T5781] Bluetooth: hci4: command tx timeout
[ 1176.734268][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1177.114453][T16784] loop6: detected capacity change from 0 to 128
[ 1177.496634][T16783] loop9: detected capacity change from 0 to 256
[ 1177.780828][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.787339][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.857056][T16783] FAT-fs (loop9): Directory bread(block 64) failed
[ 1177.898453][T16783] FAT-fs (loop9): Directory bread(block 65) failed
[ 1177.943402][T16783] FAT-fs (loop9): Directory bread(block 66) failed
[ 1177.950085][T16783] FAT-fs (loop9): Directory bread(block 67) failed
[ 1177.964916][T16783] FAT-fs (loop9): Directory bread(block 68) failed
[ 1177.976579][T16783] FAT-fs (loop9): Directory bread(block 69) failed
[ 1178.021040][T16783] FAT-fs (loop9): Directory bread(block 70) failed
[ 1178.103586][T16783] FAT-fs (loop9): Directory bread(block 71) failed
[ 1178.116387][T16783] FAT-fs (loop9): Directory bread(block 72) failed
[ 1178.144385][T16783] FAT-fs (loop9): Directory bread(block 73) failed
[ 1180.318329][T16679] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1180.333788][T16800] loop6: detected capacity change from 0 to 40427
[ 1180.355869][T16800] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[ 1180.379654][T16800] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[ 1180.380964][T16679] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1180.397128][T16800] F2FS-fs (loop6): invalid crc value
[ 1180.511340][T16800] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1180.542893][T16679] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1180.559614][T16679] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1180.617122][T16800] F2FS-fs (loop6): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1180.652072][T16800] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[ 1180.662408][T16800] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1181.110080][T16836] loop9: detected capacity change from 0 to 128
[ 1181.124003][T16836] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1181.168454][T16836] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1181.246783][T16836] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1181.315687][T16836] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1182.131897][ T1028] hsr_slave_0: left promiscuous mode
[ 1182.138155][ T1028] hsr_slave_1: left promiscuous mode
[ 1182.144463][ T1028] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1182.152055][ T1028] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1182.160167][ T1028] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1182.168626][ T1028] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1182.312478][ T1028] bridge_slave_1: left allmulticast mode
[ 1182.340644][ T1028] bridge_slave_1: left promiscuous mode
[ 1182.347804][T16155] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1182.364993][ T1028] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1182.422808][ T1028] bridge_slave_0: left allmulticast mode
[ 1182.428575][ T1028] bridge_slave_0: left promiscuous mode
[ 1182.526063][ T1028] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1182.709481][ T1028] veth1_macvtap: left promiscuous mode
[ 1182.737421][ T1028] veth0_macvtap: left promiscuous mode
[ 1182.758557][ T1028] veth1_vlan: left promiscuous mode
[ 1182.785213][ T1028] veth0_vlan: left promiscuous mode
[ 1185.481434][ T1028] team0 (unregistering): Port device team_slave_1 removed
[ 1185.573481][ T1028] team0 (unregistering): Port device team_slave_0 removed
[ 1186.204198][ T1028] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1186.364853][ T1028] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1187.964183][ T1028] bond0 (unregistering): Released all slaves
[ 1188.168681][T16871] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1909'.
[ 1188.327162][T16679] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1188.439138][T16679] 8021q: adding VLAN 0 to HW filter on device team0
[ 1188.445403][T16892] syz.9.1920[16892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1188.446003][T16892] syz.9.1920[16892] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1188.485021][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1188.503696][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1188.723824][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1188.731308][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1191.120235][T16679] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1192.148350][T16931] loop9: detected capacity change from 0 to 1024
[ 1192.269239][T16931] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1192.366847][T16931] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1192.545401][T16679] veth0_vlan: entered promiscuous mode
[ 1192.575456][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.579485][T16679] veth1_vlan: entered promiscuous mode
[ 1192.672410][T16679] veth0_macvtap: entered promiscuous mode
[ 1192.722066][T16679] veth1_macvtap: entered promiscuous mode
[ 1192.825449][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1192.864940][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.908954][T16952] loop9: detected capacity change from 0 to 512
[ 1192.924014][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1192.943154][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1192.966616][T16952] EXT4-fs error (device loop9): ext4_orphan_get:1399: inode #15: comm syz.9.1921: iget: bad extended attribute block 1
[ 1192.979596][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1192.990960][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1193.004637][T16679] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1193.018282][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1193.029503][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1193.039983][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1193.050590][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1193.061149][T16679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1193.073710][T16679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1193.085898][T16679] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1193.097773][T16679] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.127192][T16952] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.1921: couldn't read orphan inode 15 (err -117)
[ 1193.157191][T16679] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.206314][T16679] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1193.234629][T16952] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1193.272850][T16679] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1194.233837][ T5960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1194.241872][ T5960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1195.092336][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1195.115617][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1195.127228][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1196.575777][T16990] loop7: detected capacity change from 0 to 128
[ 1196.641473][T16990] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1196.652285][T16990] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1196.667874][T16990] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1196.767373][T16990] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1197.882846][ T5781] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1197.958196][T16679] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1198.240878][T17010] loop6: detected capacity change from 0 to 256
[ 1198.269345][T17009] loop7: detected capacity change from 0 to 512
[ 1198.470907][T17010] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1198.491284][T17009] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1198.545653][T17009] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1199.632400][T17035] loop6: detected capacity change from 0 to 512
[ 1199.665289][T17035] EXT4-fs error (device loop6): ext4_orphan_get:1399: inode #15: comm syz.6.1933: iget: bad extended attribute block 1
[ 1199.699210][T17035] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.1933: couldn't read orphan inode 15 (err -117)
[ 1199.799821][T17035] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1201.046921][T17039] 9pnet_fd: Insufficient options for proto=fd
[ 1201.496267][T16938] EXT4-fs error (device loop6): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[ 1201.522037][T16938] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[ 1201.539265][T16938] EXT4-fs (loop7): Remounting filesystem read-only
[ 1202.514430][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1202.537544][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1204.805733][T17072] loop6: detected capacity change from 0 to 128
[ 1204.849704][T17072] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1204.897537][T17072] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1205.014188][T17072] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1205.043581][T17079] fuse: Unknown parameter 'fn'
[ 1205.095145][T17072] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1206.231135][T15801] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1206.483099][T11945] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[ 1206.865420][T11945] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1206.882842][T11945] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1206.893041][T11945] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1206.942155][T11945] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1206.992707][T11945] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.201768][T11945] usb 8-1: config 0 descriptor??
[ 1207.587369][T11945] usb 8-1: can't set config #0, error -71
[ 1207.604524][T11945] usb 8-1: USB disconnect, device number 6
[ 1210.629190][T17159] loop9: detected capacity change from 0 to 1024
[ 1210.637171][T17159] EXT4-fs: inline encryption not supported
[ 1210.645018][T17159] EXT4-fs: Ignoring removed i_version option
[ 1210.738558][T17159] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1211.233933][T17159] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1211.294632][T17158] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4036: comm syz.9.1955: Allocating blocks 497-513 which overlap fs metadata
[ 1211.325389][T17158] EXT4-fs (loop9): pa ffff88805cf77570: logic 256, phys. 385, len 8
[ 1211.333523][T17158] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5377: group 0, free 0, pa_free 1
[ 1211.363653][T17158] EXT4-fs error (device loop9): mb_free_blocks:1943: group 0, inode 15: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[ 1211.385264][T17158] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1955'.
[ 1211.394348][T17158] netlink: 24 bytes leftover after parsing attributes in process `syz.9.1955'.
[ 1211.467954][T17167] loop7: detected capacity change from 0 to 1024
[ 1211.612493][T17167] EXT4-fs: Ignoring removed nobh option
[ 1211.649640][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1211.688375][T17167] EXT4-fs: Ignoring removed bh option
[ 1211.916020][T17167] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1212.432694][T17167] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1213.549168][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1215.017691][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1964'.
[ 1215.062292][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1964'.
[ 1215.112212][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1964'.
[ 1215.128622][T17194] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1964'.
[ 1216.554361][T17227] loop7: detected capacity change from 0 to 4096
[ 1216.578571][T17227] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1216.614808][T17227] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1216.627084][T17227] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1216.661311][   T28] audit: type=1800 audit(1756377496.642:293): pid=17227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1970" name="file1" dev="loop7" ino=15 res=0 errno=0
[ 1216.885098][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1217.227564][T17246] loop7: detected capacity change from 0 to 1024
[ 1217.261117][T17246] EXT4-fs: Ignoring removed oldalloc option
[ 1217.455885][T17250] loop9: detected capacity change from 0 to 2048
[ 1217.645749][T17246] EXT4-fs: Ignoring removed bh option
[ 1217.704447][T17246] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1217.758279][T17250] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1218.716980][T17246] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1219.126989][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1219.218034][T17232] EXT4-fs error (device loop9): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1219.475607][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1220.087047][T17282] overlayfs: failed to resolve './bus': -2
[ 1220.376727][T17292] loop9: detected capacity change from 0 to 1024
[ 1220.408697][T17292] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1220.514480][T17292] ext4 filesystem being mounted at /45/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1220.822961][ T5781] Bluetooth: hci0: command 0x0406 tx timeout
[ 1221.027314][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1221.996785][T17336] loop9: detected capacity change from 0 to 1024
[ 1222.022243][T17336] EXT4-fs: Ignoring removed nobh option
[ 1222.049541][T17336] EXT4-fs: Ignoring removed bh option
[ 1222.067198][T17336] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1222.289463][T17336] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1222.466445][T17344] loop6: detected capacity change from 0 to 2048
[ 1222.534913][T17344] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1224.170346][T17342] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1224.608827][T17358] netlink: 96 bytes leftover after parsing attributes in process `syz.7.1994'.
[ 1224.640426][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1224.800318][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1224.927064][T17363] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2003'.
[ 1224.995613][T17367] loop6: detected capacity change from 0 to 1024
[ 1225.064407][T17367] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1225.098826][T17378] loop9: detected capacity change from 0 to 256
[ 1225.141895][T17367] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1225.213169][T17378] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[ 1225.647057][T17375] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1225.853006][T17388] syz.9.1998: attempt to access beyond end of device
[ 1225.853006][T17388] loop9: rw=524288, sector=280, nr_sectors = 128 limit=256
[ 1226.096292][T17388] syz.9.1998: attempt to access beyond end of device
[ 1226.096292][T17388] loop9: rw=524288, sector=408, nr_sectors = 256 limit=256
[ 1226.112055][T17388] syz.9.1998: attempt to access beyond end of device
[ 1226.112055][T17388] loop9: rw=0, sector=280, nr_sectors = 8 limit=256
[ 1226.131973][   T28] audit: type=1800 audit(1756377506.112:294): pid=17388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1998" name="file1" dev="loop9" ino=1048862 res=0 errno=0
[ 1226.231002][   T28] audit: type=1800 audit(1756377506.112:295): pid=17389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1998" name="file1" dev="loop9" ino=1048862 res=0 errno=0
[ 1226.334645][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1227.896749][T17429] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2008'.
[ 1228.248569][T17418] loop9: detected capacity change from 0 to 512
[ 1228.291869][T17418] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1228.395902][T17418] EXT4-fs (loop9): 1 truncate cleaned up
[ 1228.467106][T17418] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1229.007895][T17447] loop6: detected capacity change from 0 to 2048
[ 1229.182322][T17447] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1229.793381][T17455] overlay: ./file0 is not a directory
[ 1231.553029][T17445] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1231.659738][T17447] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.2010: bg 0: block 234: padding at end of block bitmap is not set
[ 1231.706238][T17447] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 208 with error 117
[ 1231.720729][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1231.780737][T17473] loop7: detected capacity change from 0 to 256
[ 1231.792411][T17473] exfat: Unknown parameter '˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙0xffffffffffffffff˙˙˙˙'
[ 1231.831163][T17447] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1231.831163][T17447] 
[ 1233.095256][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1233.308087][T17497] loop9: detected capacity change from 0 to 1024
[ 1233.621356][T17497] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1235.298490][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1236.546566][T17549] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1237.643445][T17563] loop9: detected capacity change from 0 to 2048
[ 1237.751395][T17563] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1237.853021][T17563] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1239.099950][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1239.245514][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.251905][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1241.234550][T17625] loop9: detected capacity change from 0 to 128
[ 1243.497149][T17640] loop7: detected capacity change from 0 to 1024
[ 1243.522450][T17640] EXT4-fs: Ignoring removed nobh option
[ 1243.538155][T17640] EXT4-fs: Ignoring removed bh option
[ 1243.555517][T17640] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1243.789153][T17640] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1243.831445][T17647] loop9: detected capacity change from 0 to 2048
[ 1243.961881][T17651] binder: 17650:17651 ioctl 4018620d 0 returned -22
[ 1243.984546][T17647] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1244.006055][T17654] binder: 17650:17654 ioctl c0306201 200000000280 returned -14
[ 1244.054029][T17647] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1244.077779][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1245.134015][T17669] loop7: detected capacity change from 0 to 2048
[ 1245.291039][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1245.330235][T17669] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1246.418356][ T5783] Bluetooth: hci3: command 0x0406 tx timeout
[ 1246.918943][T17695] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2048'.
[ 1247.261277][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1248.867595][T17715] loop6: detected capacity change from 0 to 128
[ 1251.430138][T17713] loop9: detected capacity change from 0 to 40427
[ 1251.475569][T17713] F2FS-fs (loop9): invalid crc value
[ 1251.506635][T17713] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1251.509302][T17714] loop7: detected capacity change from 0 to 40427
[ 1251.564290][T17714] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1251.582448][T17714] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1251.618909][T17714] F2FS-fs (loop7): invalid crc value
[ 1251.734342][T17713] F2FS-fs (loop9): Start checkpoint disabled!
[ 1251.753233][T17714] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1251.857550][T17752] loop6: detected capacity change from 0 to 512
[ 1252.001723][T17752] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1252.317573][T17752] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1252.839638][T17752] loop6: detected capacity change from 512 to 64
[ 1253.004449][T15801] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5902: Out of memory
[ 1253.082863][T15801] EXT4-fs error (device loop6): ext4_dirty_inode:6106: inode #2: comm syz-executor: mark_inode_dirty error
[ 1253.084106][T17766] loop7: detected capacity change from 0 to 1024
[ 1253.210028][T17766] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1255.406644][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1255.538661][T15801] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1256.477631][ T1085] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1256.880722][ T1085] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1257.035321][ T1085] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1257.078220][T17790] loop9: detected capacity change from 0 to 2048
[ 1257.280958][T17790] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1257.311763][ T1085] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1257.330041][T17790] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1260.167566][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1260.594141][ T5783] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1260.619002][ T5783] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1260.630998][ T5783] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1260.669234][ T5783] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1260.696669][ T5783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1260.704120][T17813] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1260.720944][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1262.477074][T17811] chnl_net:caif_netlink_parms(): no params data found
[ 1262.820673][ T5781] Bluetooth: hci0: command tx timeout
[ 1264.152323][T17867] loop7: detected capacity change from 0 to 2048
[ 1264.202561][T17847] loop9: detected capacity change from 0 to 40427
[ 1264.230737][T17847] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[ 1264.252808][T17847] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[ 1264.296803][T17847] F2FS-fs (loop9): invalid crc value
[ 1264.315513][T17867] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1264.352050][T17867] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1264.378668][T17847] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1264.444254][T17847] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[ 1264.451564][T17847] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1264.596129][T17811] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1264.643048][T17811] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1264.898600][ T5781] Bluetooth: hci0: command tx timeout
[ 1265.066723][T17811] bridge_slave_0: entered allmulticast mode
[ 1265.225424][T17811] bridge_slave_0: entered promiscuous mode
[ 1265.437557][T17811] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1265.468927][T17811] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1265.493106][T17811] bridge_slave_1: entered allmulticast mode
[ 1265.508036][T17811] bridge_slave_1: entered promiscuous mode
[ 1265.524709][ T1085] hsr_slave_0: left promiscuous mode
[ 1265.536467][ T1085] hsr_slave_1: left promiscuous mode
[ 1265.592346][ T1085] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1265.606080][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1265.618211][ T1085] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1265.662496][ T1085] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1265.678850][ T1085] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1265.705950][ T1085] bridge_slave_1: left allmulticast mode
[ 1265.729197][ T1085] bridge_slave_1: left promiscuous mode
[ 1265.744335][ T1085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1265.754492][ T1085] bridge_slave_0: left allmulticast mode
[ 1265.760741][ T1085] bridge_slave_0: left promiscuous mode
[ 1265.783207][ T1085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1265.908114][ T1085] veth1_macvtap: left promiscuous mode
[ 1265.935095][ T1085] veth0_macvtap: left promiscuous mode
[ 1265.964371][ T1085] veth1_vlan: left promiscuous mode
[ 1265.987019][ T1085] veth0_vlan: left promiscuous mode
[ 1266.973158][ T5781] Bluetooth: hci0: command tx timeout
[ 1267.887362][T17912] loop9: detected capacity change from 0 to 2048
[ 1268.018093][T17912]  loop9: p1 < > p4
[ 1268.032228][T17912] loop9: p4 size 8388608 extends beyond EOD, truncated
[ 1268.589971][ T1085] team0 (unregistering): Port device team_slave_1 removed
[ 1268.766237][ T1085] team0 (unregistering): Port device team_slave_0 removed
[ 1268.892552][ T1085] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1269.024168][ T1085] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1269.154090][ T5781] Bluetooth: hci0: command tx timeout
[ 1270.291458][T17914] loop9: detected capacity change from 0 to 40427
[ 1270.307358][T17914] F2FS-fs (loop9): Insane cp_payload (553648128 >= 504)
[ 1270.329640][T17914] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[ 1270.338530][T17914] F2FS-fs (loop9): build fault injection attr: rate: 17008, type: 0x7ffff
[ 1270.353721][T17914] F2FS-fs (loop9): build fault injection attr: rate: 0, type: 0x7
[ 1270.364551][T17914] F2FS-fs (loop9): invalid crc value
[ 1270.406805][T17914] F2FS-fs (loop9): Found nat_bits in checkpoint
[ 1270.526500][T17914] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[ 1270.533834][T17914] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1270.694756][ T1085] bond0 (unregistering): Released all slaves
[ 1271.018809][T17811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1271.044790][T17923] syz.9.2091[17923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1271.044923][T17923] syz.9.2091[17923] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1271.081899][T17811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1272.593112][T17811] team0: Port device team_slave_0 added
[ 1272.641254][T17811] team0: Port device team_slave_1 added
[ 1273.016423][T17811] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1273.047771][T17811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1273.121209][T17811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1273.136610][T17934] loop7: detected capacity change from 0 to 2048
[ 1273.186670][T17811] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1273.235306][T17811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1273.274493][T17934] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1273.294910][T17811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1273.298714][T17934] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1273.494228][T17811] hsr_slave_0: entered promiscuous mode
[ 1273.571972][T17811] hsr_slave_1: entered promiscuous mode
[ 1274.714262][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1276.790980][T17965] loop7: detected capacity change from 0 to 40427
[ 1276.829303][T17965] F2FS-fs (loop7): invalid crc value
[ 1276.867666][T17965] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1277.016317][T17965] F2FS-fs (loop7): Start checkpoint disabled!
[ 1277.069869][T17965] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1277.644262][ T1085] kworker/u4:6: attempt to access beyond end of device
[ 1277.644262][ T1085] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1277.693157][ T1085] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1278.158573][T17811] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1278.215309][T17811] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1278.284768][T17811] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1278.316714][T17811] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1278.366645][T18003] loop7: detected capacity change from 0 to 512
[ 1278.436988][T18003] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1278.463820][T18003] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1278.621755][T17811] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1278.702055][T17811] 8021q: adding VLAN 0 to HW filter on device team0
[ 1278.731948][ T6387] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.739286][ T6387] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1278.754059][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1278.774973][ T6387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.782402][ T6387] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1278.844664][T17811] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1278.860524][T17811] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1280.493212][T18028] overlay: ./file0 is not a directory
[ 1281.390365][T18042] loop7: detected capacity change from 0 to 2048
[ 1281.527144][T18042]  loop7: p1 < > p4
[ 1281.546847][T18042] loop7: p4 size 8388608 extends beyond EOD, truncated
[ 1282.328498][T17811] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1282.478455][T17811] veth0_vlan: entered promiscuous mode
[ 1282.492184][T17811] veth1_vlan: entered promiscuous mode
[ 1282.626017][T17811] veth0_macvtap: entered promiscuous mode
[ 1282.658460][T18048] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1282.685379][T18047] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2110'.
[ 1282.735264][T17811] veth1_macvtap: entered promiscuous mode
[ 1282.919475][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1282.983387][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.048465][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1283.097434][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.134526][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1283.178549][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.209029][T18050] loop9: detected capacity change from 0 to 2048
[ 1283.245541][T17811] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1283.331799][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1283.396540][T18050] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1283.399000][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.426000][T18050] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1283.472245][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1283.513302][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.555212][T17811] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1283.603110][T17811] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1283.646052][T17811] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1283.677880][T17811] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1283.689956][T17811] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1284.235389][T17811] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1284.285347][T17811] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1284.551169][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1284.606576][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1284.627461][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1284.708606][T18069] tipc: Started in network mode
[ 1284.719278][T18069] tipc: Node identity 5afa86c20b89, cluster identity 4711
[ 1284.727618][T18069] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1284.738298][ T5960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1284.751219][T18069] syzkaller0: entered promiscuous mode
[ 1284.760232][ T5960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1284.768268][T18069] syzkaller0: entered allmulticast mode
[ 1284.798811][T18069] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1284.894394][T18069] tipc: Resetting bearer <eth:syzkaller0>
[ 1284.967886][T18068] tipc: Resetting bearer <eth:syzkaller0>
[ 1285.045378][T18068] tipc: Disabling bearer <eth:syzkaller0>
[ 1285.937565][T18079] loop9: detected capacity change from 0 to 512
[ 1286.015389][T18079] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1286.043697][T18079] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1286.163332][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1288.109579][T18101] loop9: detected capacity change from 0 to 2048
[ 1288.244600][T18101] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1288.328332][T18101] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1289.526812][T18108] netlink: 1 bytes leftover after parsing attributes in process `syz.3.2066'.
[ 1289.670952][T18122] loop7: detected capacity change from 0 to 512
[ 1289.682069][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1289.855129][T18122] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1289.905438][T18122] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1289.964136][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1291.205032][T18151] loop3: detected capacity change from 0 to 256
[ 1291.243689][T18151] FAT-fs (loop3): bogus number of FAT sectors
[ 1291.250993][T18151] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1291.519230][T18159] loop9: detected capacity change from 0 to 256
[ 1291.609627][T18159] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1292.505085][ T5783] Bluetooth: hci4: command 0x0406 tx timeout
[ 1295.200646][ T5815] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[ 1295.684395][ T5815] usb 8-1: Using ep0 maxpacket: 32
[ 1295.713910][ T5815] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1295.729817][ T5815] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1296.979896][ T5815] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1296.999765][ T5815] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1297.018660][ T5815] usb 8-1: config 0 descriptor??
[ 1297.359258][T18208] loop3: detected capacity change from 0 to 2048
[ 1297.360027][ T5815] usbhid 8-1:0.0: can't add hid device: -71
[ 1297.442574][T18210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2142'.
[ 1297.566310][ T5815] usbhid: probe of 8-1:0.0 failed with error -71
[ 1297.588646][ T5815] usb 8-1: USB disconnect, device number 7
[ 1297.697002][T18208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1297.730675][T18208] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1298.798628][T18234] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1299.512704][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1299.774506][T18236] loop9: detected capacity change from 0 to 256
[ 1299.827337][T18236] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1300.326282][T18241] loop3: detected capacity change from 0 to 512
[ 1300.993695][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1301.001704][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.044426][T18241] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1301.098931][T18241] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1301.202092][T18241] EXT4-fs (loop3): 1 truncate cleaned up
[ 1301.244735][T18241] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1301.453943][T18228] tipc: Failed to remove unknown binding: 66,1,1/0:1841315175/1841315177
[ 1301.500476][T18228] tipc: Failed to remove unknown binding: 66,1,1/0:1841315175/1841315177
[ 1303.612444][T18267] ip6t_rpfilter: unknown options
[ 1303.939665][T18280] hub 6-0:1.0: USB hub found
[ 1303.961639][T18280] hub 6-0:1.0: 1 port detected
[ 1306.091501][T18312] overlay: ./file0 is not a directory
[ 1307.404392][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1308.102976][T15505] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[ 1308.563281][T15505] usb 8-1: Using ep0 maxpacket: 16
[ 1308.669099][T15505] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1308.677486][T15505] usb 8-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1308.689164][T15505] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1308.701278][T15505] usb 8-1: config 0 descriptor??
[ 1309.263853][T15505] hid (null): unknown global tag 0xd
[ 1309.269653][T15505] hid (null): unknown global tag 0xc
[ 1309.301850][T15505] hid (null): unknown global tag 0xe
[ 1309.322824][T15505] hid (null): unknown global tag 0xd
[ 1309.328408][T15505] hid (null): unknown global tag 0xc
[ 1309.440131][T15505] usb 8-1: USB disconnect, device number 8
[ 1309.663977][T18356] loop9: detected capacity change from 0 to 512
[ 1309.696361][T18356] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1309.756064][T18356] EXT4-fs (loop9): revision level too high, forcing read-only mode
[ 1309.811486][T18356] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01d, mo2=0102]
[ 1309.837923][T18356] EXT4-fs (loop9): couldn't mount RDWR because of unsupported optional features (80)
[ 1309.868475][T18356] EXT4-fs (loop9): Skipping orphan cleanup due to unknown ROCOMPAT features
[ 1309.910335][T18356] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1310.161075][T18368] loop7: detected capacity change from 0 to 256
[ 1310.203489][T18368] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1310.496076][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1311.186271][T15505] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1311.409969][T15505] usb 3-1: Using ep0 maxpacket: 8
[ 1311.449739][T15505] usb 3-1: config 0 has an invalid interface number: 150 but max is 0
[ 1311.465307][T15505] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1311.487566][T15505] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1311.525073][T15505] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[ 1311.568011][T15505] usb 3-1: config 0 has no interface number 0
[ 1311.588451][T15505] usb 3-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1311.627644][T15505] usb 3-1: config 0 interface 150 has no altsetting 0
[ 1311.646966][T15505] usb 3-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[ 1311.669009][T15505] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1311.697969][T15505] usb 3-1: config 0 descriptor??
[ 1311.890129][T18360] loop3: detected capacity change from 0 to 40427
[ 1311.923294][T18360] F2FS-fs (loop3): heap/no_heap options were deprecated
[ 1311.949175][T18360] F2FS-fs (loop3): build fault injection attr: rate: 19, type: 0x7ffff
[ 1312.128434][T18377] tipc: Failed to remove unknown binding: 66,1,1/0:276885490/276885492
[ 1312.141031][T15505] usb 3-1: USB disconnect, device number 16
[ 1312.171368][T18377] tipc: Failed to remove unknown binding: 66,1,1/0:276885490/276885492
[ 1316.131204][T18437] loop7: detected capacity change from 0 to 1024
[ 1316.169758][T18437] EXT4-fs: inline encryption not supported
[ 1316.256671][T18437] EXT4-fs: Ignoring removed bh option
[ 1316.326940][T18437] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1316.442307][T18437] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1316.729574][T18456] loop9: detected capacity change from 0 to 2048
[ 1316.884595][T18456] Alternate GPT is invalid, using primary GPT.
[ 1316.891384][T18456]  loop9: p1 p2 p3
[ 1317.714004][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1319.597677][T18466] loop7: detected capacity change from 0 to 1024
[ 1319.710292][T18466] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1319.882238][   T28] audit: type=1800 audit(1756377599.862:296): pid=18466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2186" name="file1" dev="loop7" ino=15 res=0 errno=0
[ 1320.479282][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1321.413483][T18489] loop7: detected capacity change from 0 to 2048
[ 1321.496474][T18489] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1321.509177][T18489] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1322.529567][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1322.580989][T18506] loop3: detected capacity change from 0 to 512
[ 1322.619902][T18506] EXT4-fs: Ignoring removed oldalloc option
[ 1322.776204][T18506] EXT4-fs (loop3): 1 truncate cleaned up
[ 1322.808844][T18506] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1322.863026][T18506] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.2195: invalid indirect mapped block 234881024 (level 0)
[ 1323.542839][T18506] EXT4-fs (loop3): Remounting filesystem read-only
[ 1323.854041][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1324.039159][T18532] loop3: detected capacity change from 0 to 256
[ 1325.686363][T18532] FAT-fs (loop3): Directory bread(block 64) failed
[ 1325.728547][T18532] FAT-fs (loop3): Directory bread(block 65) failed
[ 1325.763086][T18532] FAT-fs (loop3): Directory bread(block 66) failed
[ 1325.786341][T18532] FAT-fs (loop3): Directory bread(block 67) failed
[ 1325.815420][T18532] FAT-fs (loop3): Directory bread(block 68) failed
[ 1325.850855][T18532] FAT-fs (loop3): Directory bread(block 69) failed
[ 1325.893142][T18532] FAT-fs (loop3): Directory bread(block 70) failed
[ 1325.899844][T18532] FAT-fs (loop3): Directory bread(block 71) failed
[ 1325.963918][T18532] FAT-fs (loop3): Directory bread(block 72) failed
[ 1325.970514][T18532] FAT-fs (loop3): Directory bread(block 73) failed
[ 1327.895127][T18549] loop3: detected capacity change from 0 to 2048
[ 1328.109652][T18549] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1328.147657][T18549] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1330.527256][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.582405][T18606] loop7: detected capacity change from 0 to 256
[ 1334.767475][T18606] FAT-fs (loop7): Directory bread(block 64) failed
[ 1334.810567][T18606] FAT-fs (loop7): Directory bread(block 65) failed
[ 1334.856926][T18606] FAT-fs (loop7): Directory bread(block 66) failed
[ 1334.891024][T18606] FAT-fs (loop7): Directory bread(block 67) failed
[ 1334.928124][T18606] FAT-fs (loop7): Directory bread(block 68) failed
[ 1334.955486][T18606] FAT-fs (loop7): Directory bread(block 69) failed
[ 1334.962897][T18606] FAT-fs (loop7): Directory bread(block 70) failed
[ 1334.969519][T18606] FAT-fs (loop7): Directory bread(block 71) failed
[ 1334.976770][T18606] FAT-fs (loop7): Directory bread(block 72) failed
[ 1334.983429][T18606] FAT-fs (loop7): Directory bread(block 73) failed
[ 1337.030862][T18634] loop9: detected capacity change from 0 to 512
[ 1337.038766][T18634] EXT4-fs: Ignoring removed oldalloc option
[ 1337.125112][T18634] EXT4-fs (loop9): 1 truncate cleaned up
[ 1337.144033][T18634] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1337.461113][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1337.995382][T18659] overlay: ./file0 is not a directory
[ 1343.308660][T18704] hub 8-0:1.0: USB hub found
[ 1343.324865][T18704] hub 8-0:1.0: 1 port detected
[ 1346.146453][T18719] loop7: detected capacity change from 0 to 2048
[ 1346.233060][T18719] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1346.292713][T18719] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1346.319277][T18713] overlay: ./file0 is not a directory
[ 1348.520076][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1349.238242][ T6905] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1350.595568][ T6941] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1350.669957][T18775] loop3: detected capacity change from 0 to 512
[ 1350.692599][ T6905] usb 10-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 129, changing to 11
[ 1350.710158][ T6905] usb 10-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1350.720506][ T6905] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1350.728279][ T6905] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[ 1350.737652][ T6905] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1350.750186][ T6905] usb 10-1: config 0 descriptor??
[ 1350.754552][T18775] EXT4-fs: Ignoring removed orlov option
[ 1350.916204][T18777] overlayfs: missing 'lowerdir'
[ 1351.303554][ T6941] usb 3-1: Using ep0 maxpacket: 8
[ 1351.350121][ T6941] usb 3-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[ 1351.382959][ T6941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1351.446124][ T6941] usb 3-1: config 0 descriptor??
[ 1351.515467][ T6905] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[ 1351.516318][ T6941] pwc: Logitech QuickCam Zoom USB webcam detected.
[ 1351.529833][ T6905] kovaplus 0003:1E7D:2D50.0016: unknown main item tag 0x0
[ 1351.556588][ T6905] kovaplus 0003:1E7D:2D50.0016: item fetching failed at offset 4/5
[ 1351.566514][ T6941] pwc: Warning: more than 1 configuration available.
[ 1351.576120][ T6905] kovaplus 0003:1E7D:2D50.0016: parse failed
[ 1351.589535][ T6905] kovaplus: probe of 0003:1E7D:2D50.0016 failed with error -22
[ 1351.605631][T18775] EXT4-fs (loop3): 1 orphan inode deleted
[ 1351.634325][ T1028] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1351.691508][T18775] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1351.716700][ T1028] EXT4-fs error (device loop3): ext4_release_dquot:6974: comm kworker/u4:5: Failed to release dquot type 1
[ 1351.724596][T18775] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1351.740329][ T6905] usb 10-1: USB disconnect, device number 6
[ 1352.118590][T18790] overlay: ./file0 is not a directory
[ 1352.843476][ T6941] pwc: Failed to set LED on/off time (-71)
[ 1352.850462][ T6941] pwc: send_video_command error -71
[ 1352.855920][ T6941] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1352.865211][ T6941] Philips webcam: probe of 3-1:0.0 failed with error -71
[ 1352.883151][ T6941] usb 3-1: USB disconnect, device number 17
[ 1353.412945][ T6905] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[ 1353.523934][T18814] loop7: detected capacity change from 0 to 2048
[ 1353.585245][T18814] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1353.617614][T18814] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1353.832965][ T6905] usb 3-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x78, skipping
[ 1353.860802][ T6905] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 221, setting to 64
[ 1353.882309][ T6905] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1353.922860][ T6905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.424513][T18801] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1354.462680][T18801] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1354.526409][ T6905] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[ 1354.591956][ T6905] usb 3-1: invalid MIDI in EP 0
[ 1354.599822][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1354.858000][T18828] udevd[18828]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1355.155054][ T6905] snd-usb-audio: probe of 3-1:27.0 failed with error -22
[ 1355.167020][ T6905] usb 3-1: USB disconnect, device number 18
[ 1355.523163][T18844] loop9: detected capacity change from 0 to 2048
[ 1355.719828][T18844] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1356.504220][T18844] ext4 filesystem being mounted at /125/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1357.901875][T16155] EXT4-fs error (device loop9): ext4_free_inode:356: comm syz-executor: bit already cleared for inode 11
[ 1358.007909][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.168015][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.212609][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.374132][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.430193][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.482304][T16155] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1358.572373][T18866] overlay: ./file0 is not a directory
[ 1359.305929][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1359.592332][T18879] wg2: entered promiscuous mode
[ 1359.649640][T18879] wg2: entered allmulticast mode
[ 1360.866568][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1362.097219][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.113507][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.393360][T18929] loop9: detected capacity change from 0 to 512
[ 1364.696512][T18937] overlay: ./file0 is not a directory
[ 1364.977063][T18939] hub 8-0:1.0: USB hub found
[ 1365.122900][T18939] hub 8-0:1.0: 1 port detected
[ 1365.560699][T18929] EXT4-fs warning (device loop9): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop9.
[ 1366.192703][T18948] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2269'.
[ 1367.884304][T18954] loop9: detected capacity change from 0 to 1024
[ 1367.924963][T18954] EXT4-fs: Ignoring removed nobh option
[ 1367.974230][T18954] EXT4-fs: Ignoring removed bh option
[ 1368.175258][T18954] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1369.800476][T18997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2278'.
[ 1370.337404][T19007] overlay: ./file0 is not a directory
[ 1371.597296][T19029] hub 8-0:1.0: USB hub found
[ 1371.602938][T19029] hub 8-0:1.0: 1 port detected
[ 1372.419229][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1372.822978][T10139] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[ 1373.018312][T10139] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1373.042598][T10139] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1373.155779][T19051] loop9: detected capacity change from 0 to 512
[ 1373.268716][T19051] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c01c, mo2=0002]
[ 1373.277422][T19051] System zones: 1-3, 19-19, 35-38
[ 1373.305513][T19051] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1373.319285][T19051] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1374.565947][T10139] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1374.583049][T10139] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1374.602818][T10139] usb 3-1: Product: syz
[ 1374.607049][T10139] usb 3-1: Manufacturer: syz
[ 1374.611663][T10139] usb 3-1: SerialNumber: syz
[ 1374.784010][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1374.964082][T10139] usb 3-1: 0:2 : does not exist
[ 1375.007138][T10139] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1375.105965][T10139] usb 3-1: USB disconnect, device number 19
[ 1375.222189][T16336] udevd[16336]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1375.344120][T19075] overlay: ./file0 is not a directory
[ 1380.430450][T19126] overlay: ./file0 is not a directory
[ 1381.554991][T19135] veth0_to_team: entered promiscuous mode
[ 1381.560947][T19135] veth0_to_team: entered allmulticast mode
[ 1382.499376][T19145] loop7: detected capacity change from 0 to 2048
[ 1383.331047][T19145] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1383.389671][T19145] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1384.247100][T19177] overlay: ./file0 is not a directory
[ 1384.662721][ T5781] Bluetooth: hci0: command 0x0406 tx timeout
[ 1385.603710][   T28] audit: type=1326 audit(1756377665.572:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19185 comm="syz.2.2313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e2938ebe9 code=0x0
[ 1389.441496][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1389.662892][T10140] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1389.856779][T10140] usb 4-1: config 0 has no interfaces?
[ 1389.894301][T10140] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1389.924302][T10140] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1389.941048][T10140] usb 4-1: Manufacturer: syz
[ 1389.974096][T10140] usb 4-1: config 0 descriptor??
[ 1390.773346][T19255] overlay: ./file0 is not a directory
[ 1392.765815][T17919] usb 4-1: USB disconnect, device number 7
[ 1393.011076][T19275] loop3: detected capacity change from 0 to 1024
[ 1393.121456][T19275] EXT4-fs: Ignoring removed i_version option
[ 1393.127754][T19275] EXT4-fs: inline encryption not supported
[ 1393.147024][T19275] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1393.159614][T19275] EXT4-fs (loop3): can't mount with commit=2, fs mounted w/o journal
[ 1393.280143][T19279] loop9: detected capacity change from 0 to 128
[ 1395.815223][T19290] loop9: detected capacity change from 0 to 2048
[ 1395.840790][T19290] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1395.858736][T19290] ext4 filesystem being mounted at /143/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1396.795095][   T28] audit: type=1800 audit(1756377676.772:298): pid=19309 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.2330" name="file0" dev="loop9" ino=13 res=0 errno=0
[ 1397.068274][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1398.996064][T19346] overlay: ./file0 is not a directory
[ 1399.807919][T19322] loop3: detected capacity change from 0 to 40427
[ 1399.846508][T19322] F2FS-fs (loop3): invalid crc value
[ 1399.879873][T19322] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1400.065210][T19322] F2FS-fs (loop3): Start checkpoint disabled!
[ 1400.111125][T19322] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1401.441282][ T5960] kworker/u4:9: attempt to access beyond end of device
[ 1401.441282][ T5960] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[ 1401.503257][ T5960] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1401.525084][ T5960] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1401.575162][ T5960] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1402.326999][T19390] loop3: detected capacity change from 0 to 512
[ 1402.354061][T19390] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1402.403375][T19390] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1402.476924][T19390] EXT4-fs (loop3): 1 truncate cleaned up
[ 1402.505111][T19390] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1403.419195][T19403] loop9: detected capacity change from 0 to 2048
[ 1403.489045][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1403.526199][T19403] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1403.589106][T19403] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1404.170161][T19420] overlay: ./file0 is not a directory
[ 1406.247712][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1410.334420][T19483] overlay: ./file0 is not a directory
[ 1411.432703][T19493] loop9: detected capacity change from 0 to 1024
[ 1411.536911][T19493] EXT4-fs: Ignoring removed i_version option
[ 1411.583216][T19493] EXT4-fs: inline encryption not supported
[ 1411.618325][T19493] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1411.647930][T19492] loop3: detected capacity change from 0 to 2048
[ 1411.659199][T19493] EXT4-fs (loop9): can't mount with commit=2, fs mounted w/o journal
[ 1412.272091][T19492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1412.364224][T19492] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1413.958460][T19518] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2360'.
[ 1414.373001][T10139] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1414.568777][T10139] usb 3-1: Using ep0 maxpacket: 16
[ 1414.595746][T10139] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[ 1414.629953][T10139] usb 3-1: config 0 has an invalid descriptor of length 119, skipping remainder of the config
[ 1414.658416][T10139] usb 3-1: config 0 has no interface number 0
[ 1414.664451][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1414.700051][T10139] usb 3-1: New USB device found, idVendor=0bd3, idProduct=05f4, bcdDevice= 0.5b
[ 1414.733176][T19536] loop9: detected capacity change from 0 to 256
[ 1414.742366][T10139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.756812][T19536] exfat: Unknown parameter '˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙0xffffffffffffffff˙˙˙˙'
[ 1414.790065][T10139] usb 3-1: config 0 descriptor??
[ 1415.038315][T10139] usb 3-1: string descriptor 0 read error: -71
[ 1415.088670][T10139] usb 3-1: Found UVC 0.00 device <unnamed> (0bd3:05f4)
[ 1415.141214][T10139] usb 3-1: No valid video chain found.
[ 1415.303781][T19539] overlay: ./file0 is not a directory
[ 1415.515907][T10139] usb 3-1: USB disconnect, device number 20
[ 1416.751501][T19571] overlayfs: overlapping lowerdir path
[ 1418.164993][T19595] loop7: detected capacity change from 0 to 1024
[ 1418.208858][T19595] EXT4-fs: Ignoring removed i_version option
[ 1418.247997][T19595] EXT4-fs: inline encryption not supported
[ 1418.280809][T19595] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1418.383275][T19595] EXT4-fs (loop7): can't mount with commit=2, fs mounted w/o journal
[ 1418.654112][T19603] loop3: detected capacity change from 0 to 128
[ 1421.334839][T19631] overlay: ./file0 is not a directory
[ 1422.484202][T19641] overlayfs: overlapping lowerdir path
[ 1423.548523][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.555126][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.709139][T19663] loop3: detected capacity change from 0 to 512
[ 1424.794283][T19663] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c118, mo2=0002]
[ 1424.814132][T19663] System zones: 1-12
[ 1424.853164][T19663] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.2384: corrupted in-inode xattr: e_value size too large
[ 1424.872940][T19663] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2384: couldn't read orphan inode 15 (err -117)
[ 1424.876903][T19663] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1425.277820][T19680] overlay: ./file0 is not a directory
[ 1425.457209][T19685] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2384'.
[ 1425.826702][T19690] loop9: detected capacity change from 0 to 256
[ 1425.887310][T19690] FAT-fs (loop9): Directory bread(block 64) failed
[ 1425.915983][T19690] FAT-fs (loop9): Directory bread(block 65) failed
[ 1425.922673][T19690] FAT-fs (loop9): Directory bread(block 66) failed
[ 1425.992900][T19690] FAT-fs (loop9): Directory bread(block 67) failed
[ 1425.999774][T19690] FAT-fs (loop9): Directory bread(block 68) failed
[ 1426.033419][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1426.043192][T19690] FAT-fs (loop9): Directory bread(block 69) failed
[ 1426.049984][T19690] FAT-fs (loop9): Directory bread(block 70) failed
[ 1426.124967][T19690] FAT-fs (loop9): Directory bread(block 71) failed
[ 1426.131662][T19690] FAT-fs (loop9): Directory bread(block 72) failed
[ 1426.187796][T19690] FAT-fs (loop9): Directory bread(block 73) failed
[ 1426.295100][   T28] audit: type=1326 audit(1756377706.262:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.345374][T19698] overlayfs: overlapping lowerdir path
[ 1426.440643][T19700] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1426.493719][   T28] audit: type=1326 audit(1756377706.262:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.598421][   T28] audit: type=1326 audit(1756377706.262:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.658205][   T28] audit: type=1326 audit(1756377706.262:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.721890][   T28] audit: type=1326 audit(1756377706.272:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.821374][   T28] audit: type=1326 audit(1756377706.272:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.915774][   T28] audit: type=1326 audit(1756377706.272:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1426.989800][   T28] audit: type=1326 audit(1756377706.272:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1427.036729][   T28] audit: type=1326 audit(1756377706.272:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1427.114302][   T28] audit: type=1326 audit(1756377706.272:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19689 comm="syz.9.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d4718ebe9 code=0x7ffc0000
[ 1428.063259][T19724] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[ 1429.356787][T19748] overlay: ./file0 is not a directory
[ 1430.224207][T19758] loop7: detected capacity change from 0 to 128
[ 1437.504846][T19821] loop7: detected capacity change from 0 to 2048
[ 1437.606339][T19825] overlay: ./file0 is not a directory
[ 1438.153485][T19821] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1438.238034][T19821] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1440.346494][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1440.592918][   T28] kauditd_printk_skb: 13 callbacks suppressed
[ 1440.592934][   T28] audit: type=1326 audit(1756377720.572:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1440.676205][   T28] audit: type=1326 audit(1756377720.572:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1440.752892][   T28] audit: type=1326 audit(1756377720.582:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1440.836553][   T28] audit: type=1326 audit(1756377720.582:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1440.903300][   T28] audit: type=1326 audit(1756377720.582:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1440.980854][   T28] audit: type=1326 audit(1756377720.582:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1441.041310][   T28] audit: type=1326 audit(1756377720.582:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7efc2698d69f code=0x7ffc0000
[ 1441.107223][   T28] audit: type=1326 audit(1756377720.582:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1441.210361][   T28] audit: type=1326 audit(1756377720.582:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1441.499631][T19858] loop9: detected capacity change from 0 to 1024
[ 1441.522591][T19858] EXT4-fs: Ignoring removed i_version option
[ 1441.529034][T19858] EXT4-fs: inline encryption not supported
[ 1441.625590][   T28] audit: type=1326 audit(1756377720.582:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19844 comm="syz.7.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x7ffc0000
[ 1441.656442][T19858] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1441.951616][T19858] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1443.398928][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1444.916221][T12925] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1445.103017][T12925] usb 3-1: Using ep0 maxpacket: 32
[ 1445.137732][T12925] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1445.168709][T12925] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1445.191286][T12925] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1445.235730][T12925] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1445.263169][T12925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1445.292000][T12925] usb 3-1: Product: syz
[ 1445.318730][T12925] usb 3-1: Manufacturer: syz
[ 1445.355543][T12925] usb 3-1: SerialNumber: syz
[ 1445.404462][T12925] cdc_ncm 3-1:1.0: skipping garbage
[ 1445.999875][T12925] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[ 1446.007444][T12925] cdc_ncm 3-1:1.0: bind() failure
[ 1446.094012][T12925] usb 3-1: USB disconnect, device number 21
[ 1446.230065][T19896] loop7: detected capacity change from 0 to 512
[ 1446.320142][T19896] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e002c118, mo2=0002]
[ 1446.360967][T19896] System zones: 1-12
[ 1446.390868][T19896] EXT4-fs error (device loop7): ext4_xattr_ibody_find:2244: inode #15: comm syz.7.2421: corrupted in-inode xattr: e_value size too large
[ 1446.459814][T19896] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2421: couldn't read orphan inode 15 (err -117)
[ 1446.482148][T19896] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1446.508394][T12924] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1446.713842][T12924] usb 10-1: Using ep0 maxpacket: 16
[ 1446.731825][T12924] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1446.799064][T12924] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1446.831858][T12924] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1447.133992][T19910] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2421'.
[ 1448.232898][T12924] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1448.268016][T12924] usb 10-1: Product: syz
[ 1448.294117][T12924] usb 10-1: Manufacturer: syz
[ 1448.315103][T12924] usb 10-1: SerialNumber: syz
[ 1448.597979][T12924] usb 10-1: 0:2 : does not exist
[ 1448.619116][T12924] usb 10-1: 5:0: failed to get current value for ch 0 (-22)
[ 1448.688856][T12924] usb 10-1: USB disconnect, device number 7
[ 1448.709786][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1448.758976][T16336] udevd[16336]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1449.539710][T19937] overlay: ./file0 is not a directory
[ 1452.996314][T19977] loop7: detected capacity change from 0 to 128
[ 1454.078298][T20000] loop9: detected capacity change from 0 to 512
[ 1454.212011][T20000] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1454.252048][T20000] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1455.250573][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1455.337196][T20017] overlay: ./file0 is not a directory
[ 1457.204494][T20036] netlink: 165 bytes leftover after parsing attributes in process `syz.9.2442'.
[ 1458.591334][T20061] loop9: detected capacity change from 0 to 1024
[ 1458.610953][T20061] EXT4-fs: Ignoring removed orlov option
[ 1458.618579][T20061] EXT4-fs (loop9): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1458.798085][T20061] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1458.847733][   T28] kauditd_printk_skb: 16 callbacks suppressed
[ 1458.847749][   T28] audit: type=1800 audit(1756377738.832:348): pid=20061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.2446" name="file1" dev="loop9" ino=15 res=0 errno=0
[ 1459.075328][T20068] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1459.619376][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1459.756920][T20074] loop7: detected capacity change from 0 to 2048
[ 1459.917246][T20074] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1459.969680][T20074] ext4 filesystem being mounted at /131/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1460.097100][T20085] overlay: ./file0 is not a directory
[ 1462.252346][T20099] loop9: detected capacity change from 0 to 1024
[ 1462.277169][T20099] EXT4-fs: Ignoring removed nobh option
[ 1462.327561][T20099] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1462.406046][T20099] EXT4-fs error (device loop9): ext4_ext_check_inode:520: inode #11: comm syz.9.2451: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1462.542948][T20099] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2451: couldn't read orphan inode 11 (err -117)
[ 1462.558059][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1462.576216][T20099] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1462.678070][T20099] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:478: comm syz.9.2451: Invalid block bitmap block 0 in block_group 0
[ 1462.732698][T20099] Quota error (device loop9): write_blk: dquota write failed
[ 1462.792216][T20099] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1462.805642][T20099] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.2451: Failed to acquire dquot type 0
[ 1463.645951][ T1028] EXT4-fs error (device loop9): __ext4_get_inode_loc:4483: comm kworker/u4:5: Invalid inode table block 8589934593 in block_group 0
[ 1463.657603][T20116] netlink: 165 bytes leftover after parsing attributes in process `syz.7.2454'.
[ 1463.714826][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1463.962201][T20125] loop7: detected capacity change from 0 to 1024
[ 1464.041353][T20125] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1464.108397][T20125] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1464.306547][T20132] loop3: detected capacity change from 0 to 1024
[ 1464.320658][T20132] EXT4-fs: Ignoring removed i_version option
[ 1464.327126][T20132] EXT4-fs: inline encryption not supported
[ 1464.346011][T11945] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1464.405470][T20132] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1464.477468][T20132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1465.556004][T11945] usb 10-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1465.629515][T11945] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1465.674506][T11945] usb 10-1: config 0 descriptor??
[ 1465.937571][T11945] usb 10-1: string descriptor 0 read error: -32
[ 1466.190587][T11945] usb 10-1: Cannot set MAC address
[ 1466.216358][T11945] MOSCHIP usb-ethernet driver: probe of 10-1:0.0 failed with error -71
[ 1466.261269][T11945] usb 10-1: USB disconnect, device number 8
[ 1466.367686][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1466.590806][T20125] EXT4-fs error (device loop7): ext4_validate_block_bitmap:439: comm syz.7.2458: bg 0: block 393: padding at end of block bitmap is not set
[ 1466.630462][T20125] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 280 with max blocks 112 with error 117
[ 1466.649783][T20125] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1466.649783][T20125] 
[ 1466.690306][T20125] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 392 with max blocks 4 with error 117
[ 1466.737501][T20125] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1466.737501][T20125] 
[ 1466.926359][T20153] overlay: ./file0 is not a directory
[ 1467.802315][T20151] loop9: detected capacity change from 0 to 128
[ 1469.217497][ T9202] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[ 1469.248802][ T9202] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1469.248802][ T9202] 
[ 1469.258684][ T9202] EXT4-fs (loop7): Total free blocks count 0
[ 1469.282846][ T9202] EXT4-fs (loop7): Free/Dirty block details
[ 1469.305779][ T9202] EXT4-fs (loop7): free_blocks=0
[ 1469.310884][ T9202] EXT4-fs (loop7): dirty_blocks=32
[ 1469.316372][ T9202] EXT4-fs (loop7): Block reservation details
[ 1469.322458][ T9202] EXT4-fs (loop7): i_reserved_data_blocks=2
[ 1469.361237][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1470.790616][T20174] loop7: detected capacity change from 0 to 2048
[ 1470.852987][T20174] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1470.903459][T20174] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1471.915816][T20191] loop9: detected capacity change from 0 to 256
[ 1471.924930][T20192] overlayfs: failed to resolve './file0': -2
[ 1472.009061][T20191] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[ 1473.225777][   T28] audit: type=1800 audit(1756377753.202:349): pid=20205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2463" name="file0" dev="loop7" ino=13 res=0 errno=0
[ 1475.396398][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1475.482117][T20217] overlay: ./file0 is not a directory
[ 1476.549101][T20230] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2471'.
[ 1476.558323][T20230] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2471'.
[ 1479.619726][T20253] loop3: detected capacity change from 0 to 512
[ 1479.642632][T20249] syzkaller0: entered promiscuous mode
[ 1479.650278][T20249] syzkaller0: entered allmulticast mode
[ 1479.719519][T20253] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1479.810179][T20253] ext4 filesystem being mounted at /75/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1480.710783][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1481.533831][T20294] loop7: detected capacity change from 0 to 512
[ 1481.563178][T20294] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #15: comm syz.7.2484: iget: bad extended attribute block 1
[ 1481.640927][T20294] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2484: couldn't read orphan inode 15 (err -117)
[ 1481.659450][T20294] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1482.676456][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1482.796691][T20301] loop7: detected capacity change from 0 to 1024
[ 1482.804540][T20301] EXT4-fs: Ignoring removed bh option
[ 1482.810321][T20301] EXT4-fs: Ignoring removed nobh option
[ 1482.830370][T20301] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1482.932092][T20301] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1483.165680][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1485.003452][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.009828][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1488.533175][ T6902] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1489.382938][ T6902] usb 10-1: Using ep0 maxpacket: 32
[ 1489.390039][T20354] loop3: detected capacity change from 0 to 512
[ 1489.401327][ T6902] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1489.526132][T20354] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2494: iget: bad extended attribute block 1
[ 1489.599198][ T6902] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1489.609934][ T6902] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1489.621442][T20354] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2494: couldn't read orphan inode 15 (err -117)
[ 1489.625006][ T6902] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1489.644506][ T6902] usb 10-1: config 0 descriptor??
[ 1489.652519][ T6902] hub 10-1:0.0: USB hub found
[ 1490.204637][T20354] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1490.339611][ T6902] hub 10-1:0.0: 1 port detected
[ 1491.298958][T20367] loop7: detected capacity change from 0 to 2048
[ 1491.470340][T20367] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1491.536014][T17919] hub 10-1:0.0: activate --> -90
[ 1491.559916][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1491.583741][T20367] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1491.690164][T20378] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2498'.
[ 1491.699275][T20378] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2498'.
[ 1493.625746][T17978] usb 10-1: USB disconnect, device number 9
[ 1495.277909][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1496.633990][T20421] netlink: 96 bytes leftover after parsing attributes in process `syz.9.2508'.
[ 1497.545560][T20435] loop9: detected capacity change from 0 to 2048
[ 1497.650795][T20435] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1497.697703][T20435] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1498.778992][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1500.262561][T20467] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2512'.
[ 1500.271741][T20467] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2512'.
[ 1503.015328][   T28] audit: type=1326 audit(1756377783.002:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20491 comm="syz.7.2518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc2698ebe9 code=0x0
[ 1505.421407][ T5815] hid-generic 0000:0000:0000.0017: unknown main item tag 0x0
[ 1505.435400][ T5815] hid-generic 0000:0000:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1505.662385][T20518] fido_id[20518]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1509.098932][T20553] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2527'.
[ 1509.108068][T20553] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2527'.
[ 1513.545566][T20577] loop3: detected capacity change from 0 to 512
[ 1513.820064][T20577] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2533: iget: bad extended attribute block 1
[ 1514.109012][T20577] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2533: couldn't read orphan inode 15 (err -117)
[ 1514.479482][T20577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1514.698087][T20589] loop9: detected capacity change from 0 to 512
[ 1515.036874][T20589] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1515.163091][T20589] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1515.309776][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1515.331937][T20589] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1515.499543][T20589] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 33 with error 28
[ 1515.582161][T20589] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1515.582161][T20589] 
[ 1515.618218][T20589] EXT4-fs (loop9): Total free blocks count 0
[ 1515.638635][T20589] EXT4-fs (loop9): Free/Dirty block details
[ 1515.663114][T20589] EXT4-fs (loop9): free_blocks=65280
[ 1515.676297][T20589] EXT4-fs (loop9): dirty_blocks=33
[ 1515.691779][T20589] EXT4-fs (loop9): Block reservation details
[ 1515.716613][T20589] EXT4-fs (loop9): i_reserved_data_blocks=33
[ 1516.515867][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1519.500633][T20658] loop7: detected capacity change from 0 to 512
[ 1519.557094][T20658] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #15: comm syz.7.2549: iget: bad extended attribute block 1
[ 1519.638837][T20658] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2549: couldn't read orphan inode 15 (err -117)
[ 1519.715123][T20658] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1520.651776][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1521.598307][   T28] audit: type=1326 audit(1756377801.582:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20682 comm="syz.3.2553" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faa3518ebe9 code=0x0
[ 1525.434727][T20745] loop7: detected capacity change from 0 to 2048
[ 1525.536302][T20745] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1525.621556][T20745] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1525.947729][T20759] loop3: detected capacity change from 0 to 256
[ 1526.586931][T20759] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x1119abd0, checksum : 0x1119abc2)
[ 1526.664787][   T28] audit: type=1800 audit(1756377806.552:352): pid=20761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2564" name="file0" dev="loop7" ino=13 res=0 errno=0
[ 1526.682859][T20759] exFAT-fs (loop3): invalid boot region
[ 1526.710956][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1526.718154][T20759] exFAT-fs (loop3): failed to recognize exfat type
[ 1527.861843][T10140] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[ 1528.153497][T10140] usb 8-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1528.442534][T10140] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1528.453718][T10140] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1529.054002][T10140] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1529.062196][T10140] usb 8-1: SerialNumber: syz
[ 1529.296253][T10140] usb 8-1: 0:2 : does not exist
[ 1529.324812][T10140] usb 8-1: unit 5: unexpected type 0x0d
[ 1529.399203][T10140] usb 8-1: USB disconnect, device number 9
[ 1529.442620][T20513] udevd[20513]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1530.582318][T20806] loop7: detected capacity change from 0 to 2048
[ 1530.703494][T20806]  loop7: p1 < > p4
[ 1530.717948][T20806] loop7: p4 size 8388608 extends beyond EOD, truncated
[ 1532.047197][T20513] udevd[20513]: inotify_add_watch(7, /dev/loop7p1, 10) failed: No such file or directory
[ 1532.047966][T20483] udevd[20483]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[ 1538.634703][T20879] syz.7.2586[20879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1538.634864][T20879] syz.7.2586[20879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1540.718217][T20903] loop9: detected capacity change from 0 to 2048
[ 1541.518482][T20903] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1541.673455][T20903] ext4 filesystem being mounted at /210/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1542.773390][   T28] audit: type=1804 audit(1756377822.752:353): pid=20917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.2592" name="/newroot/210/file0/file0/file0" dev="loop9" ino=13 res=1 errno=0
[ 1542.846124][   T28] audit: type=1800 audit(1756377822.762:354): pid=20917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.2592" name="file0" dev="loop9" ino=13 res=0 errno=0
[ 1543.471733][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1544.000809][T20940] loop9: detected capacity change from 0 to 128
[ 1545.695696][T20948] vlan0: entered promiscuous mode
[ 1545.899839][T20955] syz.3.2602[20955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1545.899970][T20955] syz.3.2602[20955] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1546.368032][T20968] loop3: detected capacity change from 0 to 2048
[ 1546.420413][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.427147][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.603938][T20968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1546.640968][T20968] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1548.865628][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1550.061586][T21020] syz.2.2616[21020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1550.061762][T21020] syz.2.2616[21020] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1550.440653][T21030] loop9: detected capacity change from 0 to 512
[ 1550.527540][T21030] EXT4-fs error (device loop9): ext4_orphan_get:1399: inode #15: comm syz.9.2618: iget: bad extended attribute block 1
[ 1550.729280][T21030] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2618: couldn't read orphan inode 15 (err -117)
[ 1550.814034][T21030] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1551.747332][T21036] EXT4-fs error (device loop9): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[ 1552.415959][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1553.668837][T21076] bridge0: entered promiscuous mode
[ 1553.683349][T21076] macsec1: entered promiscuous mode
[ 1553.704703][T21076] bridge0: port 3(macsec1) entered blocking state
[ 1553.793476][T21076] bridge0: port 3(macsec1) entered disabled state
[ 1553.814787][T21076] macsec1: entered allmulticast mode
[ 1553.820162][T21076] bridge0: entered allmulticast mode
[ 1553.884022][T21076] macsec1: left allmulticast mode
[ 1553.889800][T21076] bridge0: left allmulticast mode
[ 1553.910390][T21076] bridge0: left promiscuous mode
[ 1554.047469][T21089] loop9: detected capacity change from 0 to 512
[ 1554.233047][T21089] EXT4-fs error (device loop9): ext4_orphan_get:1399: inode #15: comm syz.9.2630: iget: bad extended attribute block 1
[ 1554.552267][T21089] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2630: couldn't read orphan inode 15 (err -117)
[ 1554.887353][T21089] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1555.050969][T21099] loop7: detected capacity change from 0 to 2048
[ 1555.151774][T21099] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1555.202593][T21099] ext4 filesystem being mounted at /179/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1556.054689][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1556.408008][   T28] audit: type=1800 audit(1756377836.392:355): pid=21111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2631" name="file0" dev="loop7" ino=13 res=0 errno=0
[ 1556.960316][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1557.181715][T21128] loop3: detected capacity change from 0 to 512
[ 1557.217526][T21129] loop9: detected capacity change from 0 to 128
[ 1557.294472][T21128] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2636: casefold flag without casefold feature
[ 1557.401288][T21128] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2636: couldn't read orphan inode 15 (err -117)
[ 1557.426299][T21128] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1557.475392][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.475392][T21129] loop9: rw=2049, sector=145, nr_sectors = 424 limit=128
[ 1557.530448][T21128] EXT4-fs error (device loop3): ext4_check_dx_root:2266: inode #2: comm syz.3.2636: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[ 1557.655684][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.655684][T21129] loop9: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1557.671349][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.671349][T21129] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.693067][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.693067][T21129] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.725940][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.725940][T21129] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.742282][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1557.753656][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.753656][T21129] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.801845][T21130] syz.9.2638: attempt to access beyond end of device
[ 1557.801845][T21130] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.849313][T21130] syz.9.2638: attempt to access beyond end of device
[ 1557.849313][T21130] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.879055][T21129] syz.9.2638: attempt to access beyond end of device
[ 1557.879055][T21129] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1557.893304][T21130] syz.9.2638: attempt to access beyond end of device
[ 1557.893304][T21130] loop9: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1558.791394][T21157] fuse: Bad value for 'fd'
[ 1558.989865][T21162] loop3: detected capacity change from 0 to 2048
[ 1559.127326][T21162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1559.200341][T21162] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1560.130041][T21176] loop9: detected capacity change from 0 to 1024
[ 1560.195656][T21176] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1560.277718][T21176] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1560.331644][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1560.546338][T21176] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:478: comm syz.9.2648: Invalid block bitmap block 0 in block_group 0
[ 1560.575457][T21176] Quota error (device loop9): write_blk: dquota write failed
[ 1560.621060][T21176] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[ 1560.687212][T21176] EXT4-fs error (device loop9): ext4_acquire_dquot:6938: comm syz.9.2648: Failed to acquire dquot type 0
[ 1560.827008][T21176] EXT4-fs error (device loop9): ext4_free_blocks:6681: comm syz.9.2648: Freeing blocks not in datazone - block = 0, count = 4096
[ 1560.867883][T21176] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.2648: Invalid inode bitmap blk 0 in block_group 0
[ 1560.910880][T21176] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[ 1560.918387][   T42] Quota error (device loop9): do_check_range: Getting block 0 out of range 1-8
[ 1560.942985][   T42] EXT4-fs error (device loop9): ext4_release_dquot:6974: comm kworker/u4:2: Failed to release dquot type 0
[ 1560.966442][T21176] EXT4-fs (loop9): 1 orphan inode deleted
[ 1560.980034][T21176] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1561.701048][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1561.840365][T21212] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3507366080 (224471429120 ns) > initial count (25249277504 ns). Using initial count to start timer.
[ 1565.219359][T21256] loop3: detected capacity change from 0 to 512
[ 1565.321781][T21264] loop9: detected capacity change from 0 to 512
[ 1565.468520][T21256] EXT4-fs warning (device loop3): ext4_enable_quotas:7173: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1565.495789][T21264] EXT4-fs error (device loop9): ext4_orphan_get:1399: inode #15: comm syz.9.2661: iget: bad extended attribute block 1
[ 1565.557155][T21256] EXT4-fs (loop3): mount failed
[ 1565.579237][T21264] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2661: couldn't read orphan inode 15 (err -117)
[ 1565.639973][T21264] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1566.519705][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1567.396213][T21297] loop9: detected capacity change from 0 to 128
[ 1567.505514][T21297] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1567.579814][T21297] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1567.803062][T16155] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1568.421734][T21323] loop9: detected capacity change from 0 to 2048
[ 1568.492422][T21323] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1568.550467][T21323] ext4 filesystem being mounted at /235/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1568.613476][T21331] loop3: detected capacity change from 0 to 256
[ 1569.672116][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1569.861411][T21341] loop7: detected capacity change from 0 to 512
[ 1569.896604][T21341] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #15: comm syz.7.2673: iget: bad extended attribute block 1
[ 1569.927876][T21341] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2673: couldn't read orphan inode 15 (err -117)
[ 1569.959432][T21341] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1571.522372][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1572.979051][T21383] loop9: detected capacity change from 0 to 2048
[ 1573.113925][T21383] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1573.158922][T21383] ext4 filesystem being mounted at /238/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1573.420109][T21392] loop7: detected capacity change from 0 to 1024
[ 1573.974092][T21392] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1573.983167][T21392] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1574.023657][T21392] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:478: comm syz.7.2680: Invalid block bitmap block 0 in block_group 0
[ 1574.060385][T21392] Quota error (device loop7): write_blk: dquota write failed
[ 1574.068696][T21392] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 1574.081150][T21392] EXT4-fs error (device loop7): ext4_acquire_dquot:6938: comm syz.7.2680: Failed to acquire dquot type 0
[ 1574.279993][T21392] EXT4-fs error (device loop7): ext4_free_blocks:6681: comm syz.7.2680: Freeing blocks not in datazone - block = 0, count = 4096
[ 1574.349807][T21392] EXT4-fs error (device loop7): ext4_read_inode_bitmap:140: comm syz.7.2680: Invalid inode bitmap blk 0 in block_group 0
[ 1574.384460][T12937] Quota error (device loop7): do_check_range: Getting block 0 out of range 1-8
[ 1574.409998][T21392] EXT4-fs error (device loop7) in ext4_free_inode:363: Corrupt filesystem
[ 1574.433214][T12937] EXT4-fs error (device loop7): ext4_release_dquot:6974: comm kworker/u4:16: Failed to release dquot type 0
[ 1574.604855][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1574.634134][T21392] EXT4-fs (loop7): 1 orphan inode deleted
[ 1575.063314][T21392] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1575.110448][T21380] loop3: detected capacity change from 0 to 40427
[ 1575.216706][T21380] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[ 1575.268718][T21380] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1575.353624][T21380] F2FS-fs (loop3): invalid crc value
[ 1575.361209][T21408] loop9: detected capacity change from 0 to 512
[ 1575.477663][T21380] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1575.527903][T21408] EXT4-fs error (device loop9): ext4_orphan_get:1399: inode #15: comm syz.9.2684: iget: bad extended attribute block 1
[ 1575.645519][T21408] EXT4-fs error (device loop9): ext4_orphan_get:1404: comm syz.9.2684: couldn't read orphan inode 15 (err -117)
[ 1575.747998][T21408] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1576.573086][T21415] EXT4-fs error (device loop9): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[ 1576.806910][T16679] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1576.834488][T16155] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1576.962352][T21430] loop7: detected capacity change from 0 to 256
[ 1580.537379][T21455] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2693'.
[ 1580.838985][T21464] 
[ 1580.841393][T21464] ======================================================
[ 1580.848509][T21464] WARNING: possible circular locking dependency detected
[ 1580.855636][T21464] 6.6.102-syzkaller #0 Not tainted
[ 1580.860767][T21464] ------------------------------------------------------
[ 1580.867810][T21464] syz.9.2694/21464 is trying to acquire lock:
[ 1580.873980][T21464] ffff8880b8f295a8 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0x15a/0x780
[ 1580.882910][T21464] 
[ 1580.882910][T21464] but task is already holding lock:
[ 1580.890455][T21464] ffff8880b8f2b958 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0xf3/0x1000
[ 1580.900675][T21464] 
[ 1580.900675][T21464] which lock already depends on the new lock.
[ 1580.900675][T21464] 
[ 1580.911273][T21464] 
[ 1580.911273][T21464] the existing dependency chain (in reverse order) is:
[ 1580.920493][T21464] 
[ 1580.920493][T21464] -> #1 (hrtimer_bases.lock){-.-.}-{2:2}:
[ 1580.928526][T21464]        _raw_spin_lock_irqsave+0xa8/0xf0
[ 1580.934468][T21464]        hrtimer_start_range_ns+0xf3/0x1000
[ 1580.940400][T21464]        kvfree_call_rcu+0x5d5/0x780
[ 1580.945726][T21464]        rtnl_register_internal+0x486/0x590
[ 1580.951639][T21464]        rtnl_register+0x32/0x70
[ 1580.956610][T21464]        ip_rt_init+0x2ec/0x390
[ 1580.961587][T21464]        ip_init+0xe/0x20
[ 1580.964912][T21467] loop3: detected capacity change from 0 to 512
[ 1580.965946][T21464]        inet_init+0x2c1/0x3e0
[ 1580.977369][T21464]        do_one_initcall+0x1fd/0x750
[ 1580.982961][T21464]        do_initcall_level+0x137/0x1f0
[ 1580.988570][T21464]        do_initcalls+0x69/0xd0
[ 1580.993507][T21464]        kernel_init_freeable+0x3d2/0x570
[ 1580.999274][T21464]        kernel_init+0x1d/0x1c0
[ 1581.004291][T21464]        ret_from_fork+0x48/0x80
[ 1581.009262][T21464]        ret_from_fork_asm+0x11/0x20
[ 1581.014601][T21464] 
[ 1581.014601][T21464] -> #0 (krc.lock){..-.}-{2:2}:
[ 1581.021870][T21464]        __lock_acquire+0x2ddb/0x7c80
[ 1581.027473][T21464]        lock_acquire+0x197/0x410
[ 1581.032532][T21464]        _raw_spin_lock+0x2e/0x40
[ 1581.037611][T21464]        kvfree_call_rcu+0x15a/0x780
[ 1581.042988][T21464]        trie_delete_elem+0x535/0x6a0
[ 1581.048674][T21464]        bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1581.054873][T21464]        bpf_trace_run2+0x1d1/0x3c0
[ 1581.060101][T21464]        __bpf_trace_hrtimer_start+0xfb/0x150
[ 1581.066290][T21464]        enqueue_hrtimer+0x318/0x370
[ 1581.071691][T21464]        hrtimer_start_range_ns+0xb4c/0x1000
[ 1581.077785][T21464]        common_timer_set+0x3be/0x4d0
[ 1581.083193][T21464]        do_timer_settime+0x1bd/0x300
[ 1581.088602][T21464]        __x64_sys_timer_settime+0x1a6/0x240
[ 1581.094575][T21464]        do_syscall_64+0x55/0xb0
[ 1581.099558][T21464]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1581.105956][T21464] 
[ 1581.105956][T21464] other info that might help us debug this:
[ 1581.105956][T21464] 
[ 1581.116246][T21464]  Possible unsafe locking scenario:
[ 1581.116246][T21464] 
[ 1581.123721][T21464]        CPU0                    CPU1
[ 1581.129164][T21464]        ----                    ----
[ 1581.134516][T21464]   lock(hrtimer_bases.lock);
[ 1581.139199][T21464]                                lock(krc.lock);
[ 1581.145523][T21464]                                lock(hrtimer_bases.lock);
[ 1581.152727][T21464]   lock(krc.lock);
[ 1581.156524][T21464] 
[ 1581.156524][T21464]  *** DEADLOCK ***
[ 1581.156524][T21464] 
[ 1581.164935][T21464] 3 locks held by syz.9.2694/21464:
[ 1581.170295][T21464]  #0: ffff8880317efaa8 (&new_timer->it_lock){-.-.}-{2:2}, at: __lock_timer+0x2b6/0x3f0
[ 1581.180379][T21464]  #1: ffff8880b8f2b958 (hrtimer_bases.lock){-.-.}-{2:2}, at: hrtimer_start_range_ns+0xf3/0x1000
[ 1581.192073][T21464]  #2: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0xde/0x3c0
[ 1581.202119][T21464] 
[ 1581.202119][T21464] stack backtrace:
[ 1581.208496][T21464] CPU: 1 PID: 21464 Comm: syz.9.2694 Not tainted 6.6.102-syzkaller #0
[ 1581.216669][T21464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1581.226874][T21464] Call Trace:
[ 1581.230175][T21464]  <TASK>
[ 1581.233123][T21464]  dump_stack_lvl+0x16c/0x230
[ 1581.237814][T21464]  ? load_image+0x3b0/0x3b0
[ 1581.242600][T21464]  ? show_regs_print_info+0x20/0x20
[ 1581.248074][T21464]  ? print_circular_bug+0x12b/0x1a0
[ 1581.253292][T21464]  check_noncircular+0x2bd/0x3c0
[ 1581.258236][T21464]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1581.263443][T21464]  ? lockdep_lock+0xe0/0x220
[ 1581.268047][T21464]  ? _find_first_zero_bit+0xd3/0x100
[ 1581.273342][T21464]  __lock_acquire+0x2ddb/0x7c80
[ 1581.278473][T21464]  ? stack_trace_snprint+0xf0/0xf0
[ 1581.283663][T21464]  ? __stack_depot_save+0x560/0x630
[ 1581.289027][T21464]  ? verify_lock_unused+0x140/0x140
[ 1581.294212][T21464]  ? kasan_save_stack+0x4d/0x60
[ 1581.299045][T21464]  ? kasan_save_stack+0x3e/0x60
[ 1581.303883][T21464]  ? __kasan_record_aux_stack+0xaf/0xc0
[ 1581.309424][T21464]  ? kvfree_call_rcu+0xee/0x780
[ 1581.314259][T21464]  ? trie_delete_elem+0x535/0x6a0
[ 1581.319271][T21464]  ? bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1581.324898][T21464]  ? bpf_trace_run2+0x1d1/0x3c0
[ 1581.329865][T21464]  ? __bpf_trace_hrtimer_start+0xfb/0x150
[ 1581.335682][T21464]  ? enqueue_hrtimer+0x318/0x370
[ 1581.340703][T21464]  ? hrtimer_start_range_ns+0xb4c/0x1000
[ 1581.346359][T21464]  ? common_timer_set+0x3be/0x4d0
[ 1581.351751][T21464]  ? do_timer_settime+0x1bd/0x300
[ 1581.356782][T21464]  ? __x64_sys_timer_settime+0x1a6/0x240
[ 1581.362430][T21464]  ? do_syscall_64+0x55/0xb0
[ 1581.367014][T21464]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1581.373165][T21464]  lock_acquire+0x197/0x410
[ 1581.377748][T21464]  ? kvfree_call_rcu+0x15a/0x780
[ 1581.382708][T21464]  ? read_lock_is_recursive+0x20/0x20
[ 1581.388184][T21464]  ? __phys_addr+0xba/0x170
[ 1581.393231][T21464]  _raw_spin_lock+0x2e/0x40
[ 1581.397739][T21464]  ? kvfree_call_rcu+0x15a/0x780
[ 1581.402682][T21464]  kvfree_call_rcu+0x15a/0x780
[ 1581.407532][T21464]  ? call_rcu+0x930/0x930
[ 1581.411854][T21464]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[ 1581.417832][T21464]  ? _raw_spin_unlock+0x40/0x40
[ 1581.422682][T21464]  trie_delete_elem+0x535/0x6a0
[ 1581.427647][T21464]  bpf_prog_2c29ac5cdc6b1842+0x42/0x46
[ 1581.433132][T21464]  bpf_trace_run2+0x1d1/0x3c0
[ 1581.438345][T21464]  ? bpf_trace_run2+0xde/0x3c0
[ 1581.443117][T21464]  ? bpf_trace_run1+0x3b0/0x3b0
[ 1581.448042][T21464]  ? __bpf_trace_hrtimer_start+0xe7/0x150
[ 1581.453893][T21464]  __bpf_trace_hrtimer_start+0xfb/0x150
[ 1581.459434][T21464]  ? _raw_spin_unlock+0x40/0x40
[ 1581.464383][T21464]  ? __bpf_trace_hrtimer_init+0x190/0x190
[ 1581.470224][T21464]  enqueue_hrtimer+0x318/0x370
[ 1581.475096][T21464]  hrtimer_start_range_ns+0xb4c/0x1000
[ 1581.480581][T21464]  common_timer_set+0x3be/0x4d0
[ 1581.485445][T21464]  do_timer_settime+0x1bd/0x300
[ 1581.490389][T21464]  __x64_sys_timer_settime+0x1a6/0x240
[ 1581.495838][T21464]  ? common_timer_set+0x4d0/0x4d0
[ 1581.500939][T21464]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1581.506907][T21464]  ? lock_chain_count+0x20/0x20
[ 1581.511800][T21464]  ? lockdep_hardirqs_on+0x98/0x150
[ 1581.517159][T21464]  do_syscall_64+0x55/0xb0
[ 1581.521565][T21464]  ? clear_bhb_loop+0x40/0x90
[ 1581.526224][T21464]  ? clear_bhb_loop+0x40/0x90
[ 1581.530968][T21464]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1581.536853][T21464] RIP: 0033:0x7f8d4718ebe9
[ 1581.541254][T21464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1581.561114][T21464] RSP: 002b:00007f8d47ffa038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[ 1581.569688][T21464] RAX: ffffffffffffffda RBX: 00007f8d473b5fa0 RCX: 00007f8d4718ebe9
[ 1581.577671][T21464] RDX: 0000200000000200 RSI: 0000000000000000 RDI: 0000000000000000
[ 1581.585656][T21464] RBP: 00007f8d47211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1581.593639][T21464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1581.601861][T21464] R13: 00007f8d473b6038 R14: 00007f8d473b5fa0 R15: 00007ffff33b5148
[ 1581.610016][T21464]  </TASK>
[ 1581.675282][T21467] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.2695: iget: bad extended attribute block 1
[ 1581.699096][T21467] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2695: couldn't read orphan inode 15 (err -117)
[ 1581.713936][T21467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1582.284907][T17811] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.