last executing test programs:

21m12.975486389s ago: executing program 32 (id=22):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0) (fail_nth: 10)

18m54.014084094s ago: executing program 33 (id=143):
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0xffff}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (fail_nth: 4)

11m48.758953292s ago: executing program 2 (id=1361):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x4000000000000a1, 0x2, 0x0)
write(r2, &(0x7f00000001c0)="0ec8", 0x2)

11m48.188257444s ago: executing program 2 (id=1363):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x4e, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f0080065e0ffff00123c00630277fbac141416e000030a44079f03b180006000000000845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b868", 0x0, 0x6f, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000240)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e24, @private=0xa010103}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
fdatasync(r1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0)

11m47.838731516s ago: executing program 2 (id=1364):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@const={0x5, 0x0, 0x0, 0xa, 0x3}, @func={0xf, 0x0, 0x0, 0xc, 0x4}]}, {0x0, [0x2e, 0x0]}}, 0x0, 0x34, 0x0, 0x0, 0x6, 0x10000, @value}, 0x28)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r3, 0x20, &(0x7f0000000100)={&(0x7f0000000600)=""/185, 0xb9, 0x0, &(0x7f00000006c0)=""/182, 0xb6}}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000880)={@cgroup, 0x9, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000010c0)=@ipv6_getaddrlabel={0x2f, 0x4a, 0x3, 0x0, 0x0, {0xa, 0x0, 0x80}, [@IFAL_ADDRESS={0x14, 0x1, @remote}, @IFAL_ADDRESS={0x14, 0x1, @private1}]}, 0x44}}, 0x0)
r5 = dup(0xffffffffffffffff)
write$UHID_INPUT(r5, &(0x7f00000029c0)={0xc, {"a2e3ad214fc7529b1b5f470787f70e06d038e7ff7fc6e5539b3267078b089b3b083841090890e0878f0e1ac6e70a9b334a959b689a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31340d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ed30c000000000000040d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85824056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000007008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07845754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f5d6d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9ef6d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcdddd754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfbb655548cf99c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad03f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a12810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de0ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac34b308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2dd9bb96e222d8e904f6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39e3313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb9957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

11m46.143339743s ago: executing program 2 (id=1369):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000300)=ANY=[@ANYBLOB="1800", @ANYRESOCT=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_connect(0x0, 0x6b, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000240)="b9ff03076804268c989e14f088a8657986dd", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="165a0dd9693fda6ee966b34acfbeab8e978c6ff1ea395b84159e86f39620c76d7b", @ANYRES8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
unshare(0x62040200)
bind$vsock_stream(r2, &(0x7f0000000440), 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x50)
r5 = timerfd_create(0x7, 0x0)
timerfd_settime(r5, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x3938700}}, 0x0)
readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/52, 0x34}], 0x1)
listen(r2, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x60200, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r1, 0x400448ca, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

11m42.97636027s ago: executing program 2 (id=1380):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
mknodat$null(0xffffffffffffffff, 0x0, 0x20, 0x103)
chown(0x0, 0xee00, 0x0)
syz_usb_connect$hid(0x3, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x112, 0x4, 0x0, &(0x7f0000000080))

11m38.900395159s ago: executing program 2 (id=1389):
socket$kcm(0x2, 0xa, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCSMRU1(0xffffffffffffffff, 0x40047452, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

11m23.793060977s ago: executing program 34 (id=1389):
socket$kcm(0x2, 0xa, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCSMRU1(0xffffffffffffffff, 0x40047452, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

8m28.352345157s ago: executing program 4 (id=2035):
syz_mount_image$cramfs(&(0x7f0000000400), &(0x7f0000000000)='./file1\x00', 0x2200082, &(0x7f0000000140)=ANY=[], 0xfe, 0x15b, &(0x7f0000000280)="$eJzs0TtrWmEcx/Hvc87jBarYUgtS2ip0qK0UvNBupXhKpULtgZYunQR7egHFECHJqIRsGYSsDrmsIW9Bo0NI0CV5E1ncAhkN5xyTkMtL+H+28/vf4DyfP0zSimufmo2FRafVcn6nvtuV0o/Tfr/o5kEgfKPu9w+K8A/NQMO0A248isKf/3XHqDXr7ve0CCHAejDPacQu71lxTUdDDn8+/RKGT7w+g7uZUyDgzT3VYMX8LAs824JXzLAe+Zm77wwwQang/Nhzk7VyJvlYwUovs7d79G18WH775qOzni91X0cSZgbYxlLhg9HfE3M+NRlXvtoVe1LI598XsjmDd8fewnYX/SWyBL8UaHefgbcvSOKF/gmrCja8W9N9FQWGm+d2I3T1r9vLZgpUslerJgI71fhDAzOt3cqMe3gV7xGEEEIIIYQQQgghhBBCCCGEEEKIWy4CAAD//2EjUXo=")
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
getegid()
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0040, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@data_err_abort}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x1c1401, 0x0)
write(r4, &(0x7f0000004200), 0x473)
mkdirat(r0, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', &(0x7f0000000180)={'syz', 0x2}, &(0x7f0000000700)="14f604d78a96b6dca1b2b0daca9f1e7cd8e622b7d53af4c8392aad6f1349100231365ec1e9d55857f90605f15b6c85f6a3b84b7439a15b5ea6aefe9198d07e1e99340c926f6129526ecd37fd794abaa8ed5884c9199ac7f1e3085a433d100cc64aa44120da8b9bb84e20c30587fbeb335b96a0a257c840978a4c4bddc8f24b525274045b7ebb699bc8fdb23cf2294c2067a10f96edf8eb969ea17dab94885285fc7f437f721bd90cb4d06256e75c1589ff099bc701e38df811b38da23e1022963d93e166df4bc9e3c6e8ce63dd984b880f6f1e89fb6fa4ecd0e84fcf827516eb26a5deadb30a795f6f393931e739164f4a09787924d3a77f2c268d995ac2c81532cdd5b672ad01929f698c3cdc986c137e32c41422e695e38a19104c274b509a13b5e6184992edcde6a9e0716dab6bfa02d76b74478484355317ba9e84198c103615a755b02c7ee9d1c331b2", 0x14c, 0xfffffffffffffffe)
keyctl$session_to_parent(0x12)

8m25.736598291s ago: executing program 4 (id=2045):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x84, &(0x7f0000000080)={0x0, 0xf, 0x3, "03446d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8m22.420963834s ago: executing program 4 (id=2058):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_ep_write(r0, 0x82, 0x0, 0x0)
syz_usb_disconnect(r0)

8m18.41010975s ago: executing program 4 (id=2083):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x3000040, &(0x7f0000000440)=ANY=[], 0x83, 0x1501, &(0x7f0000002180)="$eJzs3Au8jtW2MPAx5pwPi6Q3yX2OOR7e5DJJklwSEkmSJEluCUmSJCGxyC0JScg9yT0kt1jJ/X7LPUm2JElCQpL5/bQ7n7NP+5z2/nbf8X1njf/vN39rjvW8Y7xzrrF+7/s8z/qt99uOg6vWr1a5LjPDvwT/+iUVAFIAoB8AXAMAEQCUylYqG+AwyKQx9V97EvHnemjalV6BuJKk/+mb9D99k/6nb9L/9E36n75J/9M36X/6Jv0XIj3bOj33tTLS7/jvu/8Pcv///zny/v8/yOFiY75cX+z6Tv9EivQ/fZP+p2/S//RN+p++Sf/TN+n//3ARQKX/4rD0P32T/guRnl3p+88yruy40r9/QgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHSh3PhMgMA/za/0usSQgghhBBCCCHEnydkvNIrEEIIIYQQQgghxP99CAo0GIggA2SEFMgEmeEqyAJXQ1a4BhJwLWSD6yA7XA85ICfkgtyQB/JCPrBA4IAhhvxQAJJwAxSEG6EQFIYiUBQ8FIPicBOUgJuhJNwCpeBWKA23QRkoC+WgPNwOFeAOqAiVoDLcCVXgLqgK1eBuqA73QA24F2rCfVAL7ofa8ADUgQehLjwE9eBhqA+PQAN4FBpCI2gMTaDp/1H+i9AVXoJu0B1SoQf0hJehF/SGPtAX+sEr0B9ehQHwGgyEQTAYXoch8AYMhTdhGAyHEfAWjIRRMBrGwFgYB+PhbZgA78BEeBcmwWSYAlNhGkyHGfAezIRZMBvehznwAcyFeTAfFsBC+BAWwWJIg49gCXwMS2EZLIcVsBJWwWpYA2thHayHDbARNsFm2AJb4RPYBtthB+yEXbAb9sCnsBc+g33wOeyHL/7J/LP/Ib8TAgIqVGjQYAbMgCmYgpkxM2bBLJgVs2ICE5gNs2F2zI45MAfmwlyYB/NgPsyHhISMjPkxPyYxiQWxIBbCQlgEi6BHj8WxOJbAm7EklsRSWApLY2ksg2WxLJbH8lgBK2BFrIiVsTJWwSpYFavi3Xg33oM1sAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2wATbEhtgYG2NTbIrNsBk2x+bYEltiK2yFrbE1tsE22BbbYjtsh+2xPXbADtgRO2In7Iyd8UV8EV/Cl7A7VlE9sCf2xF7YC/tgX+yLr2B/fBVfxddwIA7Cwfg6vo5v4FA8g8NwOI7AEVhBjcLROAZZjcPxOB4n4ASciBNxEk7GyTgVp+F0nIEzcCbOwln4Ps7BD/ADnIfzcAEuxIW4CBdjGqbhEjyLS3EZLscVuBJX4Upcg2txDa7HDbgeN+Em3IJb8BP8BLfjdtyJO3E37sZP8VP8DD/Dgbgf9+MBPIAH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8iafwJJ7G03gGz+I5PIfn8TxewOfzfF1vd+F1A0FdYpRRGVQGlaJSVGaVWWVRWVRWlVUlVEJlU9lUdpVd5VA5VC6VS+VReVQ+lU+RIsUqVvlVfpVUSVVQFVSFVCFVRBVRXnlVXBVXJVQJVVKVVKXUraq0uk2VUWVVC19elVcVVEtfUVVSlVVlVUXdpaqqaqqaqq6qqxqqhqqpaqpaqpaqrR5QdVQP7IMPqUudqa8GYQM1GBuqRqqxaqLewMdUMzUUm6sWqqV6Qg3HYdhaNfNt1NOqrRqN7dSzagw+pzqocdhRvaA6qc6qi3pRdVXNfbcMv70EqqnYS/VWfVRfNRPvUpc6VlW9pgaqQWqwel0twDfUUPWmGqaGqxHqLTVSjVKj1Rg1Vo1T49XbaoJ6R01U76pJarKaoqaqaWq6mqHeUzPVLDVbva/mqA/UXDVPzVcL1EL1oVqkFqs09ZFaoj5WS9UytVytUCvVKrVarVFr1Tq1Xm1QG9UmtVltUVvVJ2qb2q52qJ1ql9qt9qhP1V71mdqnPlf71RfqgPqLOqi+VIfUV+qw+lodUd+oo+pbdUx9p46r79UJdVKdUj+o0+pHdUadVefUT+q8+lldUL+oiyoo0KiV1troSGfQGXWKzqQz66t0Fn21zqqv0Ql9rc6mr9PZ9fU6h86pc+ncOo/Oq/Npq0k7zTrW+XUBndQ36IL6Rl1IF9ZFdFHtdTFdXN+kS+ibdUl9iy6lb9Wl9W26jC6ry+ny+nZdQd+hK+pKurK+U1fRd+mqupq+W1fX9+ga+l5dU9+na+n7dW39gK6jH9R19UO6nn5Y19eP6Ab6Ud1QN9KNdRPdVD+mm+nHdXPdQrfUT+hW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9Qv6E66s+6if9EXddDddHedqnvonvpl3Uv31n10X91Pv6L761f1AP2aHqgH6cH6dT1Ev6GH6jf1MD1cj9Bv6ZF6lB6tx+ixepwer9/WE/Q7eqJ+V0/Sk/UUPVVP09N1n98qzf4H8t/5O/kDfn32LXqr/kRv09v1Dr1T79K79R69R+/Ve/U+vU/v1/v1AX1AH9QH9SF9SB/Wh/URfUQf1Uf1MX1MH9fH9Ql9Uv+kf9Cn9Y/6jD6rz+qf9Hl9Xl/47WcABo0y2hgTmQwmo0kxmUxmc5XJYq42Wc01JmGuNdnMdSa7ud7kMDlNLpPb5DF5TT5jDRln2MQmvylgkuYGU9DcaAqZwqaIKWq8KWaKm5v+5fw/Wl9T09Q0M81Mc9PctDQtTSvTyrQ2rU0b08a0NW1NO9POtDftTQfTwXQ0HU0n08l0MV1MV9PVdDPdTKpJNT3Ny6aX6W36mL6mn3nF9Df9zQAzwAw0A81gM9gMMUPMUDPUDDPDzAgzwow0I81oM9qMNWPNeDPeTDATzEQz0Uwyk8wUM8VMM9PMDDPDzDQzzWwz28wxc8xcM9fMN/PNQrPQLDKLTJpJM0vMErPULDPLzAqzwqwyq8was8asM+vMBrPBbDKbzFKz1Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDKHzWFzxBwxR81Rc8wcM8fNcXPCnDCnzClz2pw2Z8wZc86cM+fNeXPBXDAXzcVLp32RilRkIhNliDJEKVFKlDnKHGWJskRZo6xRIkpE2aJsUfbo+ihHlDPKFeWO8kR5o1SwEUUu4iiO8kcFomR0Q1QwujEqFBWOikRFIx8Vi4pHN0UlopujktEtUano1qh0dFtUJioblYvKR7dHFaI7oopRpahydGdUJborqhpVi+6Oqkf3RDWie6Oa0X1Rrej+qHb0QFQnejCqGz0U1YsejupHj0QNokejhlGjqHHUJGr6p9YP4UzOx303292m2h62p33Z9rK9bR/b1/azr9j+9lU7wL5mB9pBdrB93Q6xb9ih9k07zA63I+xbdqQdZUfbMXasHWfH27ftBPuOnWjftZPsZDvFTrXT7HQ7w75nZ9pZdrZ9386xH9i5dp6dbxfYhfZDu8gutmn2I7vEfmyX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91it9pP7Da73e6wO+0uu9vusZ/avfYzu89+bvfbL+wB+xd70H5pD9mv7GH7tT1iv7FH7bf2mP3OHrff2xP2pD1lf7Cn7Y/2jD1rz9mf7Hn7s71gf7EXbbh0cn/p7Z0MGcpAGSiFUigzZaYslIWyUlZKUIKyUTbKTtkpB+WgXJSL8lAeykf56BImpvyUn5KUpIJUkApRISpCRciTp+JUnEpQCSpJJakUlaLSVJrKUBkqR+Xodrqd7qA7qBJVojvpTrqL7qJqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUj+pTfWpADaghNaTG1JiaUlNqRs2oOTWnltSSWlErak2tqQ21obbUltpRO2pP7akDdaCO1JE6USfqQl2oK3WlbtSNUimVelJP6kW9qA/1oX7Uj/pTfxpAA2ggDaTBNJiG0BAaSkNpGA2nEfQWjaRRNJrG0FgaR+NpPE2gCTSRJtIkmkRTaApNo2k0g2bQTJpJs2k2zaE5NJfm0nyaTwtpIS2iRZRGabSEltBSWkrLaTmtpJW0mlbTWlpL62k9baSNtJk201baSttoG+2gHbSLdtEe2kN7aS/to320n/bTATpAB+kgHaJDdJgO0xE6QkfpKB2jY3ScjtMJOkGn6BSdptN0hs7QOTpH5+lnukC/0EUKlOIUZHZXuSzuapfVXeNSXCZ3KY4A4FKcy+V2eVxel89Zl8Pl/JuYnHOFXGFXxBV13hVzxd1Nv4vLuLKunCvvbncV3B2u4u/i6u4eV8Pd62q6+1w1d/ffxLXc/a62e8TVcY+6uq6Rq+eauPruEdfAPeoaukausWviWrknXWv3lGvjnnZt3TO/ixe5xW6tW+fWuw1ur/vMnXM/uaPuW3fe/ey6ue6un3vF9XevugHuNTfQDfpdPMK95Ua6UW60G+PGunG/i6e4qW6am+5muPfcTDfrd/FC96Gb49LcXDfPzXcLfo0vrSnNfeSWuI/dUrfMLXcr3Eq3yq12a/73Wle4TW6z2+L2uE/dNrfd7XA73S63+9f40j72uc/dfveFO+K+cQfdl+6QO+YOu69/jS/t75j7zh1337sT7qQ75X5wp92P7ow7++v+L+39B/eLu+iCA0ZWrNlwxBk4I6dwJs7MV3EWvpqz8jWc4Gs5G1/H2fl6zsE5ORfn5jycl/OxZWLHzDHn5wKc5Bu4IN/IhbgwF+Gi7LkYF+ebuATfzCX5Fi7Ft3Jpvo3LcFkux+X5dq7Ad3BFrsSV+U6uEgJX5Wp8N1fne7gG38s1+T6uxfdzbX6A6/CDXJcf4nr8MNfnR7gBP8oNuRE35ibclB/jZvw4N+cW3JKf4Fb8JLfmp7gNP81t+Rlux89ye36OO/Dz3JFf4E7cmbvwi9yVX+Ju3J1TuQf35Je5F/fmPtyX+/Er3J9f5QH8Gg/kQTyYX+ch/AYP5Td5GA/nEfwWj+RRPJrH8Fgex+P5bZ7A7/BEfpcn8WSewlN5Gk/nGfwez+RZPJvf5zn8Ac/leTyfF/BC/pAX8WJO4494CX/MS3kZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJb+RPextt5B+/kXbyb9/CnvJc/4338Oe/nL/gA/4UP8pd8iL/iw/w1H+Fv+Ch/y8f4Oz7O3/MJPsmn+Ac+zT/yGT7L5/gnPs8/8wX+hS9yYIgxVrGOTRzFGeKMcUqcKc4cXxVnia+Os8bXxIn42jhbfF2cPb4+zhHnjHPFueM8cd44X2xjil3McRznjwvEyfiGuGB8Y1woLhwXiYvGPi4WF49vikvEN8cl41viUvGtcen4trhMXDZ+5L7y8e1xhfiOuGJcKa4c3xlXie+Kq8bV4rvj6vE9cY343rhmfF9cMr4/rh0/ENeJH4zrxg/F9eKH4/rxI3GD+NG4Ydwobhw3iZvGj8XN4sfj5nGLuGX8RNwqfjJuHT8Vt4mfjtvGz/zh8dS4R9wzfjl+OQ7hXj0/uSC5MPlhclFycTIt+VFySfLj5NLksuTy5IrkyuSq5OrkmuTa5Lrk+uSG5MbkpuTm5JZkCNUygkevvPbGRz6Dz+hTfCaf2V/ls/irfVZ/jU/4a302f53P7q/3OXxOn8vn9nl8Xp/PW0/eefaxz+8L+KS/wRf0N/pCvrAv4ot674v54r6Jb+qb+mb+cd/ct/At/RP+Cf+kf9I/5Z/yT/u2/hnfzj/r2/vnfAf/vH/ev+A7+c6+i3/Rd/Uv+W6+u0/1qb6n7+l7+V6+j+/j+/l+vr/v7wf4AX6gH+gH+8F+iB/ih/qhfpgf5kf4EX6kH+lH+9F+rB/rx/vxfoKf4Cf6iX6Sn+Sn+Cl+mp/mZ/gZfqaf6Wf72X5OoTl+rp/r5/v5fqFf6Bf5RT7Np/klfolf6pf65X65X+lX+tV+tV/r1/r1fr3f6Df6zX6z3+q3+m1+m9/hd/hdfpff4/f4vX6v3+f3+f1+vz/gD/iD/qA/5L/yh/3X/oj/xh/13/pj/jt/3H/vT/iT/pT/wZ/2P/oz/qw/53/y5/3P/oL/xV/0wY9PvJ2YkHgnMTHxbmJSYnJiSmJqYlpiemJG4r3EzMSsxOzE+4k5iQ8ScxPzEvMTCxILEx8mFiUWJ9ISHyWWJD5OLE0sSyxPrEisTKxKhJB3WxzyhwIhGW4IBcONoVAoHIqEosGHYqF4uCmUCDeHkuGWUCrcGkqH20KZUDaUC4+GhqFRaByahKbhsdAsPB6ahxahZXgitApPhtbhqdAmPB3ahmdCu/BsaB+eCx3C86FjeCF0Cp1Dl/Bi6BpeCt1C95AaeoSe4eXQK/QOfULf0C+8EvqHV8OA8FoYGAaFweH1MCS8EYaGN8OwMDyMCG+FkWFUGB3GhLFhXBgf3g4TwjthYng3TAqTw5QwNUwL08OM8F6YGWaF2eH9MCd8EOaGeWF+WBAWhg/DorA4pIWPwpLwcVgaloXlYUVYGVaF1WFNWBvWhfVhQ9gYNoXNYUvYGj4J28L2sCPsDLvC7rAnfBr2hs/CvvB52B++CAfCX8LB8GU4FL4Kh8PX4Uj4JhwN34Zj4btwPHwfToST4VT4IZwOP4Yz4Ww4F34K58PP4UL4JVyU/1kTQgghhPiH6D843uPvfE/9Ni7pCQBXb899+D/W3Jjjr/PeKk+rBAA83b3jQ/82qlRJTU397bFLNUQF5gFA4nL+r3+W+y1eBi3hSWgDLaDE311fb9X5PP9B/eStAJn/XU4KXI4v17/5P6n/2BMjFpWOz2X7L+rPAyhU4HJOJrgcX65f8j+pn7PZH6w/05fjAZr/u5wscDm+XL84PA7PQJu/eaQQQgghhBBCCPFXvVW59n90/Xzp+jyPuZyTES7Hf3R9LoQQQgghhBBCiCvvuc5dnnqsTZsW7f+xCf52X+Cfy5KJTGTy/9nkSr8yCSGEEEIIIf5sl0/6r/RKhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKI9Ou/4+PErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//l485ZQ==")
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setpgid(r0, r0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r2, &(0x7f0000001380)='./file1\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
unlinkat(r2, &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4b, 0x0, 0x0)
bind$inet6(r3, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb0100180000400000000040000000400000000300000002030000000f0000000500000006000000010000000000000000000002000000030000007b8f3d730b1f4f1e0b2afa9d364c52006e86da83d08100000c0100000000300078dc628666e170e6291a9825de4252e470df0748e841e1b49943e50ee999b30f4753a94220df16ad7cf5b0891075"], &(0x7f00000005c0)=""/240, 0x5b, 0xf0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4)
rmdir(&(0x7f0000000380)='./bus\x00')
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100))
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x10, 0x0, &(0x7f0000000740)=[@clear_death], 0x0, 0x0, 0x0})

8m14.257968036s ago: executing program 4 (id=2099):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0xab, 0x2)
r1 = fsopen(&(0x7f00000001c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='\xc7\xb1\xed\xa2\x8b\xca\xca\xbe\xa0\xc1\xd0\xfbi\xa4b\xfc\x8a\xb1{\xd0O\xf5\xfaG\x16\x81ry\x05m=\x9a461\x91`g\xc8}V\xda\x9af:\xd1\x8c\xd6\xd6\x8a\xf4 \xcb\x99\x8a\x95\x17\xd6', 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext2\x00', &(0x7f0000000000)='./file0\x00', 0xa0c055, &(0x7f00000000c0), 0xfc, 0x46b, &(0x7f0000000700)="$eJzs3MtrXFUYAPBv7mTSps/4qNqHNr6w+Gia9GEXbhQFFwqCLqq7mKalNrXSRLAlmCpSl1JwLy4F/wJXuhF1JbhVcCmFItk0PsCRe+fevCeTxyS3Or8fHTjn3tt7znfOPZNzz52ZADrWrwcjohKxIyJ+TjckWXZGlu7L/sX01MTwH1MTw5Wo11/9vRL1iLg1NTE879honCvNHEoiko8qsX+JcscuXzk/NDo6cinP949feKd/7PKVp85dGDo7cnbk7cGTJ48dHXj6xODxtsS5M63rvvcvHtj74uvXXx4+df3N77/sKuq6II526Yu+eW0516PtLqxkO+ekK10lVoRVqUZE2l21bPzvjmrMdt7ueOHDUisHbKh6vV7f1Xz31TrwP1aJsmsAlKP4Q39rqiciJoY34j74dnbz2cYNUBr3dP5q7OmKJD+mtuD+tp225usmp67++Vlk/bClo9ofANh8X6fznycb85/i1djTG/fMOW5Xth6cbo24IyLujIi7IuLuiNgTkR17b0Tct8ry+xbkF88/kxtrCmyF0vnfM/mzrfnzv3z290+9t5rndkZP9Eatcubc6MiRvE0ORW1Lmh9Ypoxvnv/pk2b7+vK5X/FKyy/mgnk9bnRtmf9/Tg+ND60v6lk3P8jWACcXxz/75CpN7Y2IfWs4fzpvPvf4Fwea7W8d/zLa8Jyp/nnEY43+vxrLxL/w+WRPvu/E4PH+rTE6cqS/uCoW++HHa680K39d8bdB2v/blrz+Z+Lvrcx9Xju2+jKu/fJx03uaVVz/bxRb0uu/u/Jalu7Ot703ND5+aSCiu/LS4u2Ds2cr8sXxN3fsiXh46fGfvsel11ga//6ISC/i+yPigYg4mNf9wYh4KLJTLGVyOiK+e+6Rt9YSf9KqYdsg7f/T8/o/WvT/6hPV899+tZb4G9L+P5alDuVbVvL+t9IKrqftAAAA4L8iyT4DX0kOz6ST5PDhiO3Z2u62ZPTi2PgTZy6++9fpxmfle6OWFCtdjfXgxnroQL42XOQHF+SP5uvGn1Z7svy2/Nk3UJ7tTcZ/6rdq2bUDNpzva0HnMv6hcxn/0LmMf+hcKx3/9Q2uB7D5lhr/kyXUA9h85v/QuYx/6FzGP3Qu4x860nq+1y/RIjHZ5ubtvk3iyhKRlF+Nv/OfYSm7NYpfy2h9cC0fd6U3XctEee9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7fRvAAAA//9YNNzA")
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080)=0x9, 0x2)
mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000000000/0x3000)=nil)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfdef)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x100000000000, 0x206602)
ioctl$EVIOCGRAB(r2, 0x40044590, &(0x7f0000000180)=0x5)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
futex(0x0, 0x8, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
syz_usb_control_io(r3, &(0x7f0000000000)={0x2c, &(0x7f0000000040)={0x20, 0x12, 0x7, {0x7, 0x1, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r4 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2)
write$tcp_congestion(r4, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={<r5=>0x0})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000140)={r5, 0x1, r0, 0x9})
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./bus\x00', 0x2009431, &(0x7f0000000580)=ANY=[], 0x1, 0x243, &(0x7f0000000600)="$eJzsmTuLE1EUx/93JpkkIrI2K6RJ4RYruslmgrJNcFUEKxHWZ2dwx2Wd7EaSEUxAcLGx0c5CsPULWGyxtZ1fQNDCB4KFAS1sbEbuY2Zu5sadJNjt+RWX/z3n3Mc5M3OKBARBHFi+fP796dn5launABzGAgrK/t0GGJPa0uI/vnxw8kXz4qs3H16/3T7yaC+9H18ShqOGonFqLlZzPORYHslJ8eo/XCyoSQVWrK/Bwgmlb4ChqvRtWLiutAeGrz+lvgeGW8re4fHV6t3Ntle902mvc7HMhzofXD400jcd7jCsq3kYhiHT/L3+wG+1215XE1F2Y1zZghcr5YoP8+eNSubhYHjOQlO7H6/izadPdvg8qs2yVr86LNRVEg0wrCn7CgpRbWRJtPzLuWR/28h/bLY8lDvSSdopS1GK5q9xFXGM5ROLsn90KbE46sKTLF/k6ayarjnMcI0BCiOWPBIXr+T0G2YLkagUwpITT+fCfqvOTlGflLi8TxZl3fK8ZL7c/1HwXiPFLFn4wGql2+vPD/femTHfspaHLPsINvn7U5z08tGHqLnGdyUlbOMRlDDwrZkqlnGx97uif4y0f94Uctq8Fmzdr/X6g6XNrdaGt+Ftu27jDAMen3ZrohHJ0eh7SX8uif50SNs//49Yx3LwsBUE3bocHeaghCDoumLuat/P2m7nR9QxAlwCcFxOeNt04h1t4wzmyBhLxHK1aAYRBEEQBEEQBEEQBEEQBEHMRAVM/AqagXtF/LfzNwAA///IJFKi")
r6 = dup2(r0, r4)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x30, 0x2, 0x3, 0x203, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFQA_CFG_CMD={0x8, 0x1, {0x2, 0x0, 0x25}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x6, 0x3}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x29}}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004006}, 0x400c084)

8m4.72107146s ago: executing program 4 (id=2126):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x1f, 0x16, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, &(0x7f00000005c0)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x0, 0x401eb94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
ioprio_set$pid(0x1, 0x0, 0x6000)
r1 = timerfd_create(0x9, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000007000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

7m49.654060182s ago: executing program 35 (id=2126):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x1f, 0x16, &(0x7f0000000140)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8000, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, &(0x7f00000005c0)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005240), 0x0, 0x401eb94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
ioprio_set$pid(0x1, 0x0, 0x6000)
r1 = timerfd_create(0x9, 0x0)
timerfd_settime(r1, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000007000)={{0x77359400}, {0x0, 0x989680}}, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

7m7.378661832s ago: executing program 6 (id=2298):
syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000124d5240e316e9f958000000000109021b00010000000009047800018fa68d0009058a"], 0x0)

7m5.15253503s ago: executing program 6 (id=2305):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x38, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x36}}, {0x8, 0x2, @rand_addr=0x64010101}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x2}]}]}, 0x38}}, 0x0)

7m4.490813529s ago: executing program 6 (id=2307):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}], 0x2}}], 0x1, 0x2, 0x0)
write(r2, &(0x7f00000001c0)="0ec8", 0x2)

7m4.234622732s ago: executing program 6 (id=2309):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_type(r1, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x1217880, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
sendfile(r3, r2, 0x0, 0x80000000)
r5 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r7, 0x541c, &(0x7f0000000000))
close(r5)
socket$inet_udplite(0x2, 0x2, 0x88)

7m3.52528027s ago: executing program 6 (id=2311):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x1, 0xb, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r1, 0xc0085504, 0x0)

7m1.650451131s ago: executing program 6 (id=2316):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8202, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000280)='cachefiles_mkdir\x00', r3, 0x0, 0x40}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff, 0xc, 0x0, 0x0, 0x9, 0x4, 0x458, 0x9, 0x9, 0x2, 0x7, 'syz0\x00'})
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x80640)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r6, 0xc0bc5351, &(0x7f0000000740)={0x3, 0x1, 'client1\x00', 0x5, "d86bc23cfbcfd0c5", "71d71ef322be6c4f6991963f65af07c54092a7e4d6dca3cb24b76f1cf4ba5a35", 0x80000001})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x95}, @in6=@private1, 0x0, 0x0, 0xfffd, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x1, 0x1, 0x0, 0x7}, {{@in=@local, 0x0, 0x32}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80000000, 0x4}}, 0xe8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
close(r1)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)

7m1.072810183s ago: executing program 36 (id=2316):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x8202, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'dummy0\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000280)='cachefiles_mkdir\x00', r3, 0x0, 0x40}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_bt_hidp_HIDPCONNADD(0xffffffffffffffff, 0x400448c8, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff, 0xc, 0x0, 0x0, 0x9, 0x4, 0x458, 0x9, 0x9, 0x2, 0x7, 'syz0\x00'})
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x80640)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r6, 0xc0bc5351, &(0x7f0000000740)={0x3, 0x1, 'client1\x00', 0x5, "d86bc23cfbcfd0c5", "71d71ef322be6c4f6991963f65af07c54092a7e4d6dca3cb24b76f1cf4ba5a35", 0x80000001})
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x95}, @in6=@private1, 0x0, 0x0, 0xfffd, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, {}, 0x0, 0x1, 0x1, 0x0, 0x7}, {{@in=@local, 0x0, 0x32}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80000000, 0x4}}, 0xe8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
close(r1)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)

6m48.056995003s ago: executing program 7 (id=2337):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000000)="89070404", 0x4)
syz_open_dev$vcsa(&(0x7f0000000040), 0x7f, 0x210800)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x1002004, &(0x7f0000002b80)=ANY=[@ANYRES64, @ANYRES8=r1, @ANYRES32, @ANYRES16, @ANYRES16=r0], 0x41, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f00000004c0)={0x4376ea830d4f549b, 0x0, [0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x32, 0x0, 0x800000]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000b6000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m47.352362159s ago: executing program 7 (id=2340):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$packet(0x11, 0x3, 0x300)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r5, 0x4b49, &(0x7f0000002600)={0xa9, "5b4e58f992cbe76c0ba015b91578b36d892c37f16f7f0c00ca4a070694f46e8b201eb8cabac6d674d63fd377045d945e8148819f9101be1dc5fa236cff26fbc160786c774af71b12076e858a394c1cb39b040f4f7d2db5256acb9d57eda82c60b00db4bff0f6f3cb143f5d6cfd06686a47463fd23430c8e24baa7b71d845595105ff27f75a8d969273b11c4cb4d749d279f0967457deeaab5e20761c1005a468acfe4ad613da04fb62c5db49c22154c3dc52692cc80310fc581bc963d7b33c1ac20dd1d39cb178ae6a99e36a19efe9c6bd448d8de29fec24689a18d7c944b97dcd9f562c0873b8f9ac77f015c97b6981c90bcc5c86ba44c851442cf0cb6b5ec2c390e9028a7f758264f3af43a55b813d01c78c39ffce681e626cd9883c9a1a80703be70156dfdc4b4bd1e21c0cc192caf72634ddab3258d901bbeb0aa1de3fb122990b82c2b4bef5c62b91ddae15a8a9ce0a41df28767212a053950434c537ec61238a30df001d24c4a26774ecc2fe03f4ae2ac0a03dc983bbf0b1a3cd3c2bd2098278348c9a6f7fd859fc9d69a3b3fee766848f4d845be1485949a7d69f182af1e13174be366fe37f2d7b589b28845c700a71bc9825d819ea7892d994411c679760d55f0ffc052fa9deded6d2c39f24d6d0d147537a6c46b5b94154abd90e772090f6d41b8c3f6b9639b5885d94a8bac558935b256da90cfbc544e5afe66c10"})

6m45.822277215s ago: executing program 7 (id=2343):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x40801, 0x0, 0x0)
shutdown(r0, 0x1)

6m44.28053498s ago: executing program 7 (id=2345):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000240)={[{@nogrpid}, {@journal_dev={'journal_dev', 0x3d, 0x5}}, {@data_err_abort}]}, 0x2, 0x521, &(0x7f0000000cc0)="$eJzs3U9sI1cZAPBvJsnau02bFHoAVOhSCgtarZ1421XVC+VUIVQJ0SOHbUi8URQ7jmKnNGEP2SN3JCpx48SZAxIHpJ64I3GAG5dyQCqwAjVISBh5PM46f5xYaWJv499PGvnNvLG/93Y071mfN/MCmFg3I2IvIq5FxLsRMZcfT/It3uxunfM+efxwef/xw+Uk2u13/pFk9Z1j0feejmfyzyxGxA/eivhRciToHyOaO7vrS7VadSs/VG7VN8vNnd07a/Wl1epqdaNSubd4b+H1u69VLqyvL9V//fH1iPjdb7/80R/2vvWTTrNm87r+flykbtdnDuJ0TEfE9y4j2BhM5f25dp43n+tNXKQ0Ij4XES9n9/9cTGVX87DDl+nbI2wdAHAZ2u25aM/17wMAV12a5cCStJTnAmYjTUulbg7vhbiR1hrN1u0Hje2NlW6ubD5m0gdrtepCniucj5nkwdp0dTEr9/Zr1cqR/bsR8XxE/KxwPdsvLTdqK+P84gMAE+yZI/P/vwvd+R8AuOKKT4qFcbYDABid4rgbAACMnPkfACaP+R8AJo/5HwAmj/kfACaP+R8AJsr33367s7X38+dfr7y3s73eeO/OSrW5XqpvL5eWG1ubpdVGYzV7Zk/9rM+rNRqbi6/G9vvlVrXZKjd3du/XG9sbrfvZc73vV2dG0isA4DTPv/Thn5OI2HvjerZF3/P+z5yrX7zs1gGXKR13A4CxmRp3A4CxOb7aFzAp5ONhcv2v3W5H39q9EfHooNT3MNCB/0Xog6HCpNYNhafPrS9+ivw/8Jkm/w+T63z5f9/l4SqQ/4fJ1W4n1vwHgAkjxw8kZ9T3//6/0O7bOfr7vwEFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACACTKbbUlaytcCn400LZUino2I+ZhJHqzVqgsR8VxE/KkwU+jsL1rmAwA+49K/Jfn6X7fmXpk9Wnut8J9C9hoRP/7FOz9/f6nV2lqMuJb88+B464P8eGUc7QeACTY93Gm9ebo3j/d88vjhcm+7tDae4OPvdBcX7cTdz7duzXTepWKWa7jxr+RQFzvfV6YuIP7eo4j4wkn9T7LcyHy+8unR+J3Yz440fnoofprVdV87/xafv4C2wKT5sDP+vHnS/ZfGzez15Pu/OPyQe6re+Ld/bPxLD8a/qQHj381hY7z6++8eO9ie69Y9ivjSdMR+78P7xp9e/GRA/FeGjP+XF7/ycl6cP1KVLTt9K07qf3LopHKrvllu7uzeWasvrVZXqxuVyr3Fewuv332tUs5y1OVepvq4v79x+7lBbev0/8aA+MUz+v/1Ifv/y/+++8OvnhL/m187+fq/cEr8zpz4jSHjL934TXFQXSf+yoD+n3X9bw8Z/6O/7q4MeSoAMALNnd31pVqtuvXpC8VTz0kvIsQQhSRi75JDPCkUfvXTt84+uTCy9pyzEIOqpp6WFl6ZQuHpaMYQhXGPTMBle3LTj7slAAAAAAAAAAAAAADAIKP4c6Jx9xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr6/8BAAD//xOl1VI=")
open(&(0x7f0000001740)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x1, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67816200400000000008000335263bdd6ef7ca21508e156ea51dd753abd950100002a00ffff01000000000009000200000000040000000100", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x8000000001, 0xfffffffffffffffe]})
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

6m43.552537883s ago: executing program 7 (id=2348):
chdir(&(0x7f0000000480)='./cgroup\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/70, 0x5f)
getdents(r0, 0xfffffffffffffffd, 0x58)

6m42.860370094s ago: executing program 7 (id=2350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r4 = dup(r3)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r6, 0x0)
setpgid(0x0, r6)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x8000, 0x0)

6m42.074682648s ago: executing program 37 (id=2350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r4 = dup(r3)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r6, 0x0)
setpgid(0x0, r6)
mount$tmpfs(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x8000, 0x0)

5m41.744454346s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5m12.194089432s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m44.383178135s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

4m11.928432992s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m42.766949003s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2m46.415248512s ago: executing program 5 (id=2522):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
write$UHID_CREATE(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1m40.092292675s ago: executing program 0 (id=3180):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x40000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1m38.966128719s ago: executing program 0 (id=3182):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000003c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d4", 0x20)

1m38.639675943s ago: executing program 0 (id=3184):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB='A\x00'], 0x1, 0x1b1, &(0x7f0000000280)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x61)
lseek(r0, 0x3, 0x0)
getdents(r0, 0x0, 0x0)

1m38.564396435s ago: executing program 0 (id=3186):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x10c00, &(0x7f0000000100)=ANY=[], 0x3, 0x150a, &(0x7f0000002a80)="$eJzs3AnYTtX6MPD7XmttXjI8SeZ1r3vzJMMiSTIkyZAkSZLMCUmSJCGZMiUhCZmTzCGZQjLPU6YkyZEkSUhIsr5LnY5z/p3/Vefr/D/f/7z377r29az7Wvtee619v++z97Pf4esOgyvXrVKhNjPDn4K/vHQHgBQA6AcAmQEgAoASWUpkudSfTmP3P3cQ8e/1wLQrPQNxJUn9Uzepf+om9U/dpP6pm9Q/dZP6p25S/9RN6i9EarZtes6rZUu9259//p/yy4s8//9fSK7/qZvU/z/N6XT/yt5S//8kF0MI/1qG1D91k/qnblL/1E3qn7pJ/VM3qb8QqdmVfv4s25/b6jeckuHP5F/prz8hhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEKnDuXCZAYBf21d6XkIIIYQQQgghhPj3CWmv9AyEEEIIIYQQQgjxPw9BgQYDEaSBtJAC6SA9XAUZICNkgsyQgKshC1wDWeFayAbZIQfkhFyQG/KABQIHDDHkhXyQhOsgP1wPBaAgFILC4KEIFIUboBjcCMXhJigBN0NJuAVKQWkoA2XhVigHt0F5uB0qwB1QESpBZagCd0JVuAuqwd1QHe6BGnAv1IT7oBbcD7XhAagDD0JdeAjqQX1oAA2hETSGJv9X+c9BF3geukI36A49oCe8AL2gN/SBvtAPXoT+8BIMgJdhIAyCwfAKDIFXYSi8BsNgOIyA12EkjILRMAbGwjgYD2/ABHgTJsJbMAkmwxSYCtNgOsyAt2EmzILZ8A7MgXdhLsyD+bAAFsJ7sAgWwxJ4H5bCB7AMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA0+hO2wA3bCLtgNH8Ee+Bj2wiewDz6F/fDZv5h/9r/kd0RAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACs2AWzIpZMRtmwxyYA3NhLsyDeZCQkJExL+bFJCYxP+bHAlgAC2Eh9OixKBbFYngjFsfiWAJLYEksiaWwNAKWxbJYDgHKY3msgBWwIlbEylgZ78Q78S6shtWwOlbHGlgDa2JNrIW1sDbWxjpYB+tiXayH9bABNsBG2AibYBNsik2xGTbDFtgCW2JLbIWtsDW2xjbYBttiW2yH7bA9tscO2AE7YifshM/hc/g8Po/dsKLqgT2xJ/bCXtgH+2JffBH740v4Er6MA3EQDsZX8BV8FYfiGRyGw3EEjsByahSOxjHIahyOx/E4ASfgRJyIk3AyTsapOA2n4wycgTNxFs7Cd3AOvovv4jychwtwIS7ERbgYl+ASXIpncRkuxxW4ElfhalyFa3EdrsUNuBE34GbcjFtxK36IH+IO3IG7cBd+hB/hx/gxfoKf4EDcj/vxAB7Ag3gQD+EhPIyH8QgewaN4FI/hMTyOx/EEnsRTeBJP42k8g2fxHJ7D83geL+AFvIgXL33zq0uMMiqNSqNSVIpKr9KrDCqDyqQyqYRKqCwqi8qqsqpsKpvKoXKoXCqXyqPyKFKkWMUqr8qrkiqp8qv8qoAqoAqpQsorr4qqoqqYKqaKq+KqhLpZlVS3qFKqtGruy6qyqpxq4cur21UFVUFVVJVUZVVFVVFVVVVVTVVT1VV1VUPVUDXVfaqW6oF98AF1qTJ11SCspwZjA9VQNVKN1av4sGqqhmIz1Vy1UI+q4TgMW6mmvrV6QrVRo7GtekqNwadVezUOO6hnVUfVSXVWz6kuqpnvqrqpSdhD9VRTsZfqrfqovmomVlKXKlZZvawGqkFqsHpFLcBX1VD1mhqmhqsR6nU1Uo1So9UYNVaNU+PVG2qCelNNVG+pSWqymqKmqmlqupqh3lYz1Sw1W72j5qh31Vw1T81XC9RC9Z5apBarJep9tVR9oJap5WqFWqlWqdVqjVqr1qn1aoPaqDapzWqL2qq2qQ/VdrVD7VS71G6lfn3TVvvUp2q/+kwdUH9RB9Xn6pD6Qh1WX6oj6it1VH2tjqlv1HH1rTqhTqpT6jt1Wn2vzqiz6pz6QZ1XP6oL6id1UQUFPQBAa210pNPotDpFp9Pp9VU6g86oM+nMOqGv1ln0NTqrvlZn09l1Dp1T59K5dR5tNWmnWcc6r86nk/o6nV9frwvogrqQLqy9LqKL6ht0MX2jLq5v0iX0zbqkvkWX0qV1GV1W36rL6dt0eX27rqDv0BV1JV1ZV9F36qr6Ll1N362r63t0DX2vrqnv07X0/bq2fkDX0Q/quvohXU/X1w10Q91IN9ZN9MO6qX5EN9PNdQv9qG6pH9Ot9OO6tX5Ct9FP6rb6Kd1OP63b62d0B/2s7qg76c76J31RB91Vd9PddQ/dU7+ge+neuo/uq/vpF3V//ZIeoF/WA/UgPVi/oofoV/VQ/ZoepofrEfp1PVKP0qP1GD1Wj9Pj9Rt6gn5TT9Rv6Ul6sp6ip+pperru89eRZv+B/Df/Sf6An4++VW/TH+rteofeqXfp3fojvUfv0Xv1Xr1P79P79X59QB/QB/VBfUgf0of1YX1EH9FH9VF9TB/Tx/VxfUKf1D/o7/Rp/b0+o8/qs/oHfV6f1xf+eg7AoFFGG2Mik8akNSkmnUlvrjIZTEaTyWQ2CXO1yWKuMVnNtSabyW5ymJwml8lt8hhryDjDJjZ5TT6TNNeZ/OZ6U8AUNIVMYeNNEVPU3PCn839vfk1ME9PUNDXNTDPTwrQwLU1L08q0Mq1Na9PGtDFtTVvTzrQz7U1708F0MB1NR9PZdDZdTBcTAKC76W56mhdML9Pb9DF9TT/zoulv+psBZoAZaAaawWawGWKGmKFmqBlmhpkRZoQZaUaa0Wa0GWvGmvFmvJlgJpiJZqKZZCaZKWaKmWammRlmhplpZprZZraZY+aYuWaumW/mm4VmoVlkFpklZolZapaaZWa5WW5WmpVmtVlt1pq1Zr1ZbzaajWaz2WyWmV9/QXOn2Wl2m91mj9lj9pq9Zp/ZZ/ab/eaAOWAOmoPmkDlkDpvD5og5Yo6ao+aYOWaOm+PmhDlhTplT5rQ5bc6YM+acOWfOm/PmgrlgLpqLl277IhWpyEQmShOliVKilCh9lD7KEGWIMkWZokSUiLJEWaKs0bVRtih7lCPKGeWKckd5IhtR5CKO4ihvlC9KRtdF+aProwJRwahQVDjyUZGoaHRDVCy6MSoe3RSViG6OSka3RKWi0lGZqGx0a1Quui0qH90eVYjuiCpGlaLKUZXozqhqdFdULbo7qh7dE9WI7o1qRvdFtaL7o9rRA1Gd6MGobvRQVC+qHzWIGkaNosZRk3/r+CGcyf6I72q72e62h+1pX7C9bG/bx/a1/eyLtr99yQ6wL9uBdpAdbF+xQ+yrdqh9zQ6zw+0I+7odaUfZ0XaMHWvH2fH2DTvBvmkn2rfsJDvZTrFT7TQ73c6wb9uZdpadbd+xc+y7dq6dZ+fbBXahfc8usovtEvu+XWo/sMvscrvCrrSr7Gq7xq616+x6u8FutJvsZrvFbrXb7Id2u91hd9pddrf9yO6xH9u99hO7z35q99vP7AH7F3vQfm4P2S/sYfulPWK/skft1/aY/cYet9/aE/akPWW/s6ft9/aMPWvP2R/sefujvWB/shdtuHRzf+nyToYMpaE0lEIplJ7SUwbKQJkoEyUoQVkoC2WlrJSNslEOykG5KBfloTx0CRNTXspLSUpSfspPBagAFaJC5MlTUSpKxagYFafiVIJKUEkqSaWoFJWhS5e2W+k2uo1up9vpDrqDKlElqkJVqCpVpWpUjapTdapBNagm1aRaVItqU22qQ3WoLtWlelSPGlADakSNqAk1oabUlJpRM2pBLagltaRW1IpaU2tqQ22oLbWldtSO2lN76kAdqCN1pM7UmbpQF+pKXak7daee1JN6US/qQ32oH/Wj/tSfBtAAGkgDaTANpiE0hIbSUBpGw2kEvU4jaRSNpjE0lsbReBpPE2gCTaSJNIkm0RSaQtNoGs2gGTSTZtJsmk1zaA7Npbk0n+bTQlpIi2gRLaEltJSW0jJaRitoBa2iVbSG1tA6WkcbaANtok20hbbQNtpG22k77aSdtJt20x7aQ3tpL+2jfbSf9tMBOkAH6SAdokN0mA7TETpCR+koHaNjdJyO0wk6gafoFJ2m03SGztA5Okfn6Ue6QD/RRQqU4tK59O4ql8FldJlcZpfi0nUDgL/FOVxOl8vldnmcddlc9n+IyTlXwBV0hVxh510RV9Td8Ju4lCvtyriy7lZXzt3myv8mruructXc3a66u8dVcXf+Q1zD3etquodcLVff1XYNXR3X2NV1D7l6rr5r4Bq6Rq6xa+kec63c4661e8K1cU/+Jl7kFrt1br3b4Da6ve4Td8794I66r91596Pr6rq5fu5F19+95Aa4l91AN+g38Qj3uhvpRrnRbowb68b9Jp7iprppbrqb4d52M92s38QL3Xtujlvi5rp5br5b8HN8aU5L3PtuqfvALXPL3Qq30q1yq90at/Zvc13pNrstbqvb4z52290Ot9PtcrvdRz/Hl9axz33q9rvP3BH3lTvoPneH3DF32H35c3xpfcfcN+64+9adcCfdKfedO+2+d2fc2Z/Xf2nt37mf3EUXHDCyYs2GI07DaTmF03F6voozcEbOxJk5wVdzFr6Gs/K1nI2zcw7Oybk4N+dhy8SOmWPOy/k4mS8j5+fruQAX5EJcmD0X4aJ8AxfjG7k438Ql+GYuybdwKS7NZbgs38rl+DYuz7dzBb6DK3IlrsxV+E6uyndxNb6bq/M9XIPv5Zp8H9fi+7k2P8B1+EGuyw9xPa7PDbghN+LG3IQf5qb8CDfj5tyCH+WW/Bi34se5NT/BbfhJbstPcTt+mtvzM9yBn+WO3Ik783PchZ/nrtyNu3MP7skvcC/uzX24L/fjF7k/v8QD+GUeyIN4ML/CQ/hVHsqv8TAeziP4dR7Jo3g0j+GxPI7H8xs8gd/kifwWT+LJPIWn8jSezjP4bZ7Js3g2v8Nz+F2ey/N4Pi/ghfweL+LFvITf56X8AS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW3grb+MPeTvv4J28i3fzR7yHP+a9/Anv4095P3/GB/gvfJA/50P8BR/mL/kIf8VH+Ws+xt/wcf6WT/BJPsXf8Wn+ns/wWT7HP/B5/pEv8E98kQNDjLGKdWziKE4Tp41T4nRx+viqOEOcMc4UZ44T8dVxlviaOGt8bZwtzh7niHPGueLccZ7YxhS7mOM4zhvni5PxdXH++Pq4QFwwLhQXjn1cJC4a3xAXi2+Mi8c3xSXim+OS8S1xqbh0XCYuG98al4tvi8vHt8cV4jviinGluHJcJb4zrhrfFVeL746rx/fExeN745rxfXGt+P64dvxAXCd+MK4bPxTXi+vHDeKGcaO4cdwkfjhuGj8SN4ubxy3iR+OW8WNxq/jxuHX8RNwmfvJ3+7vHPeKe8QvxC3EId+v5yQXJhcn3kouSi5NLku8nlyY/SC5LLk+uSK5MrkquTq5Jrk2uS65PbkhuTG5Kbk5uSW5NhlAlLXj0ymtvfOTT+LQ+xafz6f1VPoPP6DP5zD7hr/ZZ/DU+q7/WZ/PZfQ6f0+fyuX0ebz1559nHPq/P55P+Op/fX+8L+IK+kC/svS/ii/rGvolv4pv6R3wz39y38I/6R/1j/jH/uH/cP+Hb+Cd9W/+Ub+ef9u39M/4Z/6zv6Dv5zv4538U/77v6br677+57+p6+l+/l+/g+vp/v5/v7/n6AH+AH+oF+sB/sh/ghfqgf6of5YX6EH+FH+pF+tB/tx/qxfrwf7yf4CX6in+gn+Ul+ip/ip/lpfoaf4Wf6mX62n+3n+Dl+rp/r5/v5fqFf6Bf5RX6JX+KX+qV+mV/mV/gVfpVf5df4NX6dX+c3+A1+k9/kt/gtfpvf5rf77X6n3+l3+91+j9/j96q9fp/f5/f7/f6AP+AP+oP+kP/CH/Zf+iP+K3/Uf+2P+W/8cf+tP+FP+lP+O3/af+/P+LP+nP/Bn/c/+gv+J3/RBz8+8UZiQuLNxMTEW4lJicmJKYmpiWmJ6YkZibcTMxOzErMT7yTmJN5NzE2kAMCCxMLEe4lFicWJJYn3E0sTHySWJZYnViRWJlYlVidCyJ0GAEK+kAzXhfzh+lAgFAyFQuHgQ5FQNNwQioUbQ/FwUygRbg4lwy2hVCgdyoT6oUFoGBqFxqFJeDg0DY+EZqF5aBEeDS3DY6FVeDy0Dk+ENuHJ0DY8FdqFp0P78EzoEJ4NHUOn0Dk8F7qE50PX0C10Dz1Cz/BC6BV6hz6hb+gXXgz9w0thQHg5DAyDwuDwShgSXg1Dw2thWBgeRoTXw8gwKowOY8LYMC6MD2+ECeHNMDG8FSaFyWFKmBqmhelhRng7zAyzwuzwTpgT3g1zw7wwPywIC8N7YVFYHJaE98PS8EFYFpaHFWFlWBVWhzVhbVgX1ocNYWPYFDaHLWFr2BY+DNvDjrAz7Aq7w0dhT/g47A2fhH3h07A/fBYOhL+Eg+HzcCh8EQ6HL8OR8FU4Gr4Ox8I34Xj4NpwIJ8Op8F04Hb4PZ8LZcC78EM6HH8OF8FO4KH+zJoQQQgjxh+jf6e/x3+T8+pOongCQcUfOw/+1f1O2X9q90+ZqmQCAJ7p1eODXrWLF7t27/3XfZRqifPMAIHE5/9Jt9K/xcmgBj0FraA7F/taf8nfH6q06neffGT95M0D6v8tJUZfbl8e/8Z+uv7caNeefj4+/7hIl5wEUyHc5Jx1cji+PX/y/GT9709+Zf7rPxwM0+7ucDHA5vjx+UXgEnoTW/7CnEEIIIYQQQgjxi96qTDv4A5/Pc5nLOWnhcvzPPp8LIYQQQgghhBDi/y9Pd+r8+MOtWzdv97+vYa7I0RHg52cjieiXE/j7WSHzL3te+TMmDWn84caVfFcSQgghhBBC/E+4fNP/274hV2JCQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFEKvT/4t+J/XIkvNJLFUIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIa6Y/xMAAP//d/UrsQ==")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x100, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x12a0880, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@dax_always}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@nobarrier}, {@bh}, {@nobarrier}]}, 0x1, 0x55a, &(0x7f0000000480)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLKMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MGQUvfAmctKTLluTNuuypprPB05533NO8p435zxvn5M3IQEMrYnsTyHixYj4Kok4HBFJvm008o0Ta/utPrw+my1JNBof/5E098vqredqPe5gXnkhIn75IuJkYWO7teWVhVK5nC7m9cl65cpkbXnl1KVKaT6dTy9Pz8yceXNm+p233+pbX187/9e3H919/8yXx1e/+en+kdtJnI1D+bb2fjyDG+2ViZjIX5OxOPvEjlN9aGw3SQZ9AGzLSB7nY5GNAYdjJI964L/v84hoAEMqEf8wpFp5QOvefvP74P/vUFaycx68t3YDtLH/o2vvjcS+5r3RgdXksTuj7H53vA/tZ238/Pud29kS/XsfAmBLN25GxOnR0Y3jX5KPf9t3uvPqfe2VJ9sw/sHOuZvlP693yn8K6/lPdMh/DnaI3e3YOv4L9/vQTFdZ/vdux/x3fdJqfCSv/a+Z840lFy+V09N5NnwixvZm9c3mc86s3mt029ae/2VL1n4rF8yP4/7o3scfM1eql56lz+0e3Ix4qWP+m6yf/6TD+c9ej/M9tnEsvfNKt21b9//5avwQ8WrH8/9oRivZfH5ysnk9TLauio3+vHXs127tD7r/2fk/sHn/x5P2+dra07fx/b6/027bHut/9H7970k+aZb35Ouuler1xamIPcmHG9dPP3psq97aP+v/ieObj3+drv/9EfFpj/2/dfTHl3vq/4DO/9xTnf+nL9z74LPvurXf2/j3RrN0Il/Ty/jX6wE+y2sHAAAAAAAAu00hIg5FUiiulwuFYnHt8x1H40ChXK3VT16sLl2ei+Z3ZcdjrNCa6T7c9nmIqfzzsK369BP1mYg4EhFfj+xv1ouz1fLcoDsPAAAAAAAAAAAAAAAAAAAAu8TBLt//z/w2MuijA547P/kNw2vL+O/HLz0Bu5L//zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPw0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dP3cuWxqrD6/PZvW5q8tLC9Wrp+bS2kKxsjRbnK0uXinOV6vz5bQ4W61s9XzlavXK1HQsXZusp7X6ZG155UKlunS5fuFSpTSfXkjHdqRXAAAAAAAAAAAAAAAAAAAA8O9SW15ZKJXL6aKCwrYKo7vjMBT6XBj0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/wTAAD//wQrN8c=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

1m38.370035339s ago: executing program 0 (id=3188):
syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @link_local, @val, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x0, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
io_uring_setup(0x177f, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xfffffffd})
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0xa6, &(0x7f00000003c0)=""/166, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x1, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map=r4, r3, 0x7, 0x0, 0x0, @void, @value}, 0x10)
sendto$inet6(r2, &(0x7f0000000040)="0b118f2b4190be586d04d99304c7975dfca451f6a36e5e11c583738f22bfc241adfd70c9456ea4fe6a5e0716c24ab3", 0xfffffffffffffea5, 0x0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1}, 0x1c)
sendmsg$SOCK_DESTROY(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000002440)={0x14}, 0xc3ec}}, 0x0)

1m38.091960202s ago: executing program 0 (id=3192):
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r3, 0x5)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x9)
flock(r4, 0x2)

1m22.547105889s ago: executing program 38 (id=3192):
unshare(0x64000600)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r3, 0x5)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x9)
flock(r4, 0x2)

13.412459722s ago: executing program 3 (id=3434):
unshare(0x64000600)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x9)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, 0x0, 0x96000be8)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
flock(r0, 0x2)

10.863999106s ago: executing program 8 (id=3445):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @main=@item_4={0x3, 0x0, 0x9, "b2938f8d"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0x5, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/95)

9.323930195s ago: executing program 3 (id=3447):
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000800)={@in={{0x2, 0x4e23, @remote}}, 0x0, 0x0, 0x22, 0x0, "99b2d53ed1a3d9ea74c873760672322d2f73eed6887b06c6b484fa117ee927b23ebe86dc99d2092836b26f05e32ff376e73601ace393be52eb53ad772f39c426e6772ec104d999a53e3ee0ec9ac07acf"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000ac0)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x0, 0x2, 0x0, "317f83735b4bb1eadceec04c24eeec7ff3d3137a3087884fd5c89ab0220cefebd468f636457b9822766c1bfea4e01ff23c6a4caeaf049a572a9774d3a882eb3b4a66c5ec34c29f065d00"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
r0 = getpid()
sendmsg$inet(0xffffffffffffffff, 0x0, 0x800)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r2 = socket$inet(0x2, 0x1, 0x4)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x1c)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r3, &(0x7f0000000bc0)=[{&(0x7f0000000600)=""/104, 0x68}, {&(0x7f0000000340)=""/208, 0xd0}, {&(0x7f0000000440)=""/192, 0xc0}, {0x0}, {0x0}, {&(0x7f0000000a00)=""/133, 0x85}], 0x6, 0x10000007, 0x7)
r4 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f0000000100)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x9, 0x9, 0xf3, 0xfffffffffffff1e5, 0x300b2e34, 0x1ff}, {0x5, 0x3a9, 0x2, 0x661d5dd5, 0x6, 0x79}], ['\x00', '\x00']})
fsetxattr$system_posix_acl(r4, &(0x7f00000017c0)='system.posix_acl_access\x00', &(0x7f0000001940)=ANY=[@ANYBLOB="020000000100040000000000040004000000000010000200000000002000060000000000"], 0x24, 0x0)
r5 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
lseek(r5, 0x0, 0x1)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mincore(&(0x7f0000001000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/88)
syz_clone(0x41008000, 0x0, 0x0, 0x0, 0x0, 0x0)

7.210830068s ago: executing program 8 (id=3452):
pipe2(&(0x7f0000000840)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
close_range(r0, 0xffffffffffffffff, 0x0)

6.556433273s ago: executing program 3 (id=3454):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000000)="8e905069", 0x4, 0x3b00, 0x0, 0x0)

6.348757271s ago: executing program 1 (id=3456):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./bus\x00', 0x20081e, &(0x7f00000020c0), 0x1, 0x4ef, &(0x7f0000000a00)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x9, 0x1000f2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143441, 0x98)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

6.276436523s ago: executing program 8 (id=3457):
unshare(0x60400)
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4)

5.489587938s ago: executing program 9 (id=3458):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x50, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x41002, 0x1}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_LAST_MEMBER_CNT={0x8, 0x1c, 0x9}, @IFLA_BR_MCAST_STARTUP_QUERY_CNT={0x8, 0x1d, 0x6}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x7}]}}}]}, 0x50}}, 0x0)

5.364427396s ago: executing program 8 (id=3459):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000043c0)=ANY=[@ANYBLOB="003b09000000e9"], 0x2, 0x1a2, &(0x7f0000000440)="$eJzs0L9rE2Ecx/H397knPypUiYpDBRuweF6oJndVB6fgFCEHDi6CQUMam2KippfBlha6SEGq/Rd0qqMKOokoOBcHwUHPpZs0Q3EQB4nk8kTwb/B5Dfe57wfunodvK+pGGeD3/mqDMgmHg3xE0MC0jDqlRvnazN9Nbo2CS2beNPnM5FS0vHK73m43l/IX8+T+KYAfSfe3il5wTNEXysjn/dVGXW6GDMp01HxIrkrhEU6NrveYKT3J0Rs4DNxNLiu64lbhULHXuVeMllfOLHbqC82F5p0gmLtQOlcqnQ+KtxbbzdIrxHsoiies4YVkQia8NVI1HuzoA8wK4rVU7EihT7rG1o5z+uRsH+XtMUB45/bJfNWtvLrKKbLXh5evcER4ihMyU2VCoUkOqiBX1Evx9Sf9M6XIrjvO2cbd9vzGNSW/0ttl2cuKv0vK9QkKPnPD1XCY92zEzMRUYrZjdr8xLW+Gp4z3qteHz+dmOs4JSHO/3ust+Wn4IDokcEOCHEwmv1PJvXLw1nxjgi/jF8uyLMuyLMuyLOs/8CcAAP//o/hj9Q==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x2000, 0x41)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='\b'], 0x202400)

5.210875386s ago: executing program 1 (id=3460):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000340)={0x4, 0x0, 0x1}, &(0x7f00000002c0)=[{}])
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @rand_addr=0x64010100}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, 0x0, 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
write$FUSE_OPEN(r3, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x20)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',posixacl'])

5.152395408s ago: executing program 9 (id=3461):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x24}}, 0x0)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000040), 0x10)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)}], 0x1)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x1}, 0xe)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x358, 0x0)

5.114164787s ago: executing program 8 (id=3462):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @main=@item_4={0x3, 0x0, 0x9, "b2938f8d"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0x5, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000600)=[{{0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1}}], 0x1, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/95)

4.412988451s ago: executing program 9 (id=3463):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="009f587a31d53b5cb6077bd11087bb6e13aac56feecaaae0b009cee43814e80646ff2772abedb27f35c706ba7c624afb75f473956061ae41834d27270063fa18a3515f9ac6cd6f15a042b1edcd60bdeb55446beed1014aa13d43d399fb4f716b8a24502a8e3e697642b172841c89aecefe0cfb3c32d7c28955601f41fb90d51951d91a35a5abeb4ffceef5cf6e190ec9eb6f91a0d06882039b54dd4485b823414e06691b0244ca11ac0baeaeec1a96861d358464329c64b77e6ff2e2d8a6bb29268be3e7c46750210270d79e1054add6c2ef3f0373", @ANYRES32, @ANYRES64=0x0], 0x1, 0x1282, &(0x7f0000002880)="$eJzs3U1rY1UcB+B/pmmbduyLOo52QDzoRhHitAtXborMgFhQqh1QQbhjUy1Nm9KEQkScunIl+DFEXboTxC/QjRvXgiDSjctZiFfSpE7TpB2nNq0Mz7PJ5ZzzO+fce8qFW+7h7r3y5fraSr28kjXiUqEQxc3hKN5NkeJSDEXbTrxw6+dfnn7rnXdfn19YuLGY0s35t2dfTilNPvPDe598++yPjcu3vpv8fjR2p9/f+2Pu192ruzN7f30Tq/W0Wk8btUbK0u1arZHdrlbS8mp9rZzSm9VKVq+kUmeMe/Ur1drmZjNlG8sT45tblXo9ZRvNtFZppkYhNbaaKfswW91I5XI5TYwH/8XS13fzPI/I8+EYiTzP87EYj8vxSEzEZEzFdDwaj8XjcSWeiKvxZDwVM/utDvIjFzt9AAAAAAAAAAAAAAAAAAAAeEjcZ/9/oXf//+hFTxkAAAAAAAAAAAAAAAAAAAAeOkf3/xcjHuD7/wAAAAAAAAAAAAAAAAAAAMBZuM/3/4/s/3/R/n8AAAAAAAAAAAAAAAAAAAAYhFL7ZzGlUsT659tL20vt33b5/EqsRjUqcT2m4s/Y3/3f1j6++drCjetp33S8tH6nk7+zvTTUnZ8dnorpQt/8bDufuvOjMX44PxdTcaX/+HN986V4/rlW/rN2vhxT8dMHUYtqLEcUOme/n/90NqVX31gY685fa7U71tCAlwUAAADOUjn9o/f5fafTqG99u6rzfJ46LQsn/H/gyPN5Ma4VL+qsOVBvfryWVauVrVMejBzfz0h3yVin5anHKkRE1hWfHP9tsdXlaSd/ZgdD5zro8Mltjq7FTOnEDi8dWsEo/g8u5hkc/P7VoZJSDGqs4dafc0/VwQXNqq3757/rMHbyfKCXZaRf1ehJqePvGYUB3o84X/cW/aJnAgAAAAAAAAAAwIPo+/bfWET0vA/4UU/Jwevh3fHeno8f/YtzOEMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+ZgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwVQAAAP//kh3BBA==")
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000002c0)={0x2, 0x0, @pic={0x80, 0x1, 0x6, 0xa, 0x1, 0x1, 0x3, 0xd, 0x81, 0xf7, 0x87, 0x88, 0xe, 0x8, 0x9, 0x6}})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_mount_image$ext4(&(0x7f0000000b00)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x1408e, &(0x7f0000000780)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@stripe={'stripe', 0x3d, 0x5}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@resgid}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x1, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x2)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)

3.870888732s ago: executing program 1 (id=3464):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x1010})
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080))

3.336441176s ago: executing program 1 (id=3465):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000140), 0x1e)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r2, 0x0, 0x40081)
r3 = socket$unix(0x1, 0x3, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
connect$unix(r3, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000540), 0xed, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
ftruncate(r4, 0x8af6)

3.138949004s ago: executing program 9 (id=3466):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x1, 0x4, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}}, 0x14}}, 0x0)

2.85847749s ago: executing program 9 (id=3467):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000002500)='./file0/file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1041, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
close(0xffffffffffffffff)
close(0xffffffffffffffff)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

2.640480047s ago: executing program 1 (id=3468):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0xc, 0x49, [0xfac0b, 0xfac00]}]]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.510876094s ago: executing program 9 (id=3469):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',dfltuid=', @ANYRESHEX=0x0])

2.467664366s ago: executing program 3 (id=3470):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cpuset.memory_spread_slab\x00', 0x2, 0x0)
r2 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$cgroup_pid(r2, &(0x7f0000000580), 0x12)
write$cgroup_int(r1, &(0x7f0000000040)=0x8000, 0x12)

2.428951142s ago: executing program 1 (id=3471):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x4004551e, &(0x7f0000000380)={0x4, 0x1, "5a77bd038786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500031681905db88235f8a5447dd2a2fd6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd500800000000000000e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82577ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b394de70400d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca147df97db"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mount(&(0x7f0000000040), &(0x7f0000000040)='.\x00', &(0x7f0000000000)='binder\x00', 0x208000, 0x0)

1.922765986s ago: executing program 8 (id=3472):
unshare(0x60400)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000200)=0x40)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x8, @mcast1, 0xa}, 0x1c)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000180)=0xfe)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e29, 0x1000000, @mcast2, 0x4}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
write$tun(r1, 0x0, 0x46)
recvmmsg(r1, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}], 0x1, 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
fremovexattr(r0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x59, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0x40405515, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b4, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x8, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x6, 0xfffffffffffffbff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x100000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x72, 0x1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffffffffffe, 0x7ad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0xf290, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8]})
sendmsg$nl_route(r3, 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x78, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000020000202505a1a440000000010109026600010100208209040000ff020200000b24"], 0x0)

1.715212909s ago: executing program 3 (id=3473):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
finit_module(r6, 0x0, 0x0)

0s ago: executing program 3 (id=3474):
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000300)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="02", 0x1, 0x7fffffffffffffff}])
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00002f9000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x10, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x4080, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

change from 0 to 512
[ 1013.682379][T15631] EXT4-fs (loop9): blocks per group (95) and clusters per group (32768) inconsistent
[ 1014.686786][T15653] loop0: detected capacity change from 0 to 16
[ 1014.694009][T15653] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1017.230773][T15659] virt_wifi0 speed is unknown, defaulting to 1000
[ 1018.234212][T15679] virt_wifi0 speed is unknown, defaulting to 1000
[ 1018.669057][T15698] loop0: detected capacity change from 0 to 512
[ 1019.594347][T15708] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1019.602420][T15708] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1021.048206][T15741] loop8: detected capacity change from 0 to 2048
[ 1021.097868][T15741] udf: Unknown parameter ''
[ 1021.919535][T15721] loop5: detected capacity change from 0 to 32768
[ 1022.175943][T15721] XFS (loop5): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1022.421175][T15721] XFS (loop5): Ending clean mount
[ 1022.462531][  T974] XFS (loop5): Metadata CRC error detected at xfs_inobt_read_verify+0x41/0xd0, xfs_finobt block 0x20 
[ 1022.512752][  T974] XFS (loop5): Unmount and run xfs_repair
[ 1022.533365][T15762] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1022.543640][T15762] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1022.595293][  T974] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[ 1022.603192][  T974] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[ 1022.654219][  T974] 00000010: 00 00 00 00 00 00 00 20 00 00 00 01 00 00 00 40  ....... .......@
[ 1022.684264][  T974] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[ 1022.714082][  T974] 00000030: 00 00 00 00 8a d2 18 46 00 00 16 80 00 00 40 37  .......F......@7
[ 1022.742414][  T974] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[ 1022.770211][  T974] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 09 00 00  ................
[ 1022.794544][  T974] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1022.818996][  T974] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1022.846861][T15721] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x20 len 8 error 74
[ 1022.867145][T15721] XFS (loop5): Failed to initialize disk quotas, err -117.
[ 1022.878388][T15762] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1022.929625][T15762] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1022.985329][ T1206] XFS (loop5): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_bnobt block 0x8 
[ 1023.007681][ T1206] XFS (loop5): Unmount and run xfs_repair
[ 1023.023041][ T1206] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[ 1023.061887][ T1206] 00000000: 41 42 33 42 00 00 00 03 ff ff ff ff ff ff ff ff  AB3B............
[ 1023.109987][ T1206] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 40  ...............@
[ 1023.161295][ T1206] 00000020: 9f 1c ad 42 11 bd 4e 12 8f 0b f0 78 76 b8 1d 9a  ...B..N....xv...
[ 1023.206283][ T1206] 00000030: 00 00 00 00 72 89 6f 7a 00 00 00 06 00 00 00 02  ....r.oz........
[ 1023.267882][ T1206] 00000040: 00 00 05 9a 00 00 00 06 00 00 05 b0 00 00 0a 50  ...............P
[ 1023.306661][ T1206] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1023.329151][ T1206] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1023.355542][ T1206] 00000070: 00 00 00 00 00 00 00 00 00 07 00 00 00 00 00 00  ................
[ 1023.367223][T15721] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x8 len 8 error 74
[ 1023.418336][T15721] XFS (loop5): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x663/0xab0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[ 1023.439743][T15762] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.460386][T15721] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[ 1023.475123][T15762] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.503253][T15762] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.528362][T15762] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1023.572810][ T5999] XFS (loop5): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1024.303176][T15780] loop9: detected capacity change from 0 to 2048
[ 1024.349886][T15780] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 1024.361836][T15780] UDF-fs: Scanning with blocksize 512 failed
[ 1024.394619][T15780] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1024.833499][T15785] loop9: detected capacity change from 0 to 512
[ 1024.892960][T15785] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.2478: corrupted in-inode xattr: invalid ea_ino
[ 1025.031282][T15785] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.2478: couldn't read orphan inode 15 (err -117)
[ 1025.122827][T15785] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1025.235705][T15790] EXT4-fs error (device loop9): ext4_lookup:1817: inode #2: comm syz.9.2478: deleted inode referenced: 15
[ 1025.329415][T15796] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1025.351749][T15796] overlayfs: missing 'lowerdir'
[ 1025.542623][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1025.554392][T15798] loop5: detected capacity change from 0 to 512
[ 1026.490167][T15798] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1026.571679][T15798] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1026.586786][T15805] loop0: detected capacity change from 0 to 16
[ 1026.593969][T15805] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1026.682392][T15798] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[ 1026.695142][T15798] System zones: 1-12
[ 1026.723907][T15798] EXT4-fs (loop5): 1 truncate cleaned up
[ 1026.765716][T15798] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1027.116212][T15813] siw: device registration error -23
[ 1027.238983][ T5999] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1027.513580][T15829] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2487'.
[ 1027.765279][T15827] virt_wifi0 speed is unknown, defaulting to 1000
[ 1028.036936][T15843] loop9: detected capacity change from 0 to 1024
[ 1028.054723][T15843] EXT4-fs: Ignoring removed nobh option
[ 1028.115430][T15843] EXT4-fs: Ignoring removed bh option
[ 1028.174267][T15843] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1028.525714][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1028.736123][T15855] tmpfs: Bad value for 'mpol'
[ 1028.791432][T15854] virt_wifi0 speed is unknown, defaulting to 1000
[ 1029.078725][T15861] loop9: detected capacity change from 0 to 1024
[ 1029.113008][T15861] EXT4-fs: Ignoring removed nobh option
[ 1029.185005][T15861] EXT4-fs: Ignoring removed bh option
[ 1029.431271][T15861] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1029.615207][ T5832] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1030.991472][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1031.334175][    C0] IPv4: Oversized IP packet from 172.20.20.24
[ 1031.589829][T15907] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2501'.
[ 1031.611237][T15905] siw: device registration error -23
[ 1032.377070][T15924] loop9: detected capacity change from 0 to 16
[ 1032.384224][T15924] MTD: Attempt to mount non-MTD device "/dev/loop9"
[ 1033.633409][T15930] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1035.788798][T14951] bridge0: port 3(syz_tun) entered disabled state
[ 1035.848555][T14951] syz_tun (unregistering): left allmulticast mode
[ 1035.925305][T14951] syz_tun (unregistering): left promiscuous mode
[ 1035.952163][T14951] bridge0: port 3(syz_tun) entered disabled state
[ 1036.026995][T15952] veth0_vlan: left promiscuous mode
[ 1037.166084][T15972] loop8: detected capacity change from 0 to 64
[ 1037.786254][T15983] siw: device registration error -23
[ 1038.201973][T15990] loop9: detected capacity change from 0 to 512
[ 1038.288830][T15835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1038.294264][T15994] loop8: detected capacity change from 0 to 256
[ 1038.311084][T15835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1038.320846][T15990] EXT4-fs (loop9): blocks per group (255) and clusters per group (8192) inconsistent
[ 1038.332905][T15835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1038.346246][T15835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1038.428078][T15835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1038.435825][T15835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1038.737848][T15993] virt_wifi0 speed is unknown, defaulting to 1000
[ 1039.304060][T16014] netlink: 'syz.0.2535': attribute type 6 has an invalid length.
[ 1039.637355][T15993] chnl_net:caif_netlink_parms(): no params data found
[ 1039.767828][T16024] ipvlan2: entered promiscuous mode
[ 1039.795909][T16027] siw: device registration error -23
[ 1039.805202][T16024] ipvlan2: entered allmulticast mode
[ 1039.831017][T16024] bridge0: entered allmulticast mode
[ 1039.869537][T16024] bridge0: port 3(ipvlan2) entered blocking state
[ 1039.909060][T16024] bridge0: port 3(ipvlan2) entered disabled state
[ 1040.237388][T16001] loop8: detected capacity change from 0 to 32768
[ 1040.399536][T16001] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1040.495383][T15835] Bluetooth: hci3: command tx timeout
[ 1040.578325][T15993] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1040.615501][T15993] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.622823][T15993] bridge_slave_0: entered allmulticast mode
[ 1040.706253][T15993] bridge_slave_0: entered promiscuous mode
[ 1040.777665][T15993] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1040.791700][T15993] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1040.805224][T15993] bridge_slave_1: entered allmulticast mode
[ 1040.816490][T15993] bridge_slave_1: entered promiscuous mode
[ 1040.957786][T15993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1041.011907][T15993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1041.090863][T16001] XFS (loop8): Ending clean mount
[ 1041.156557][T16001] XFS (loop8): Quotacheck needed: Please wait.
[ 1041.224156][T15993] team0: Port device team_slave_0 added
[ 1041.236839][T15993] team0: Port device team_slave_1 added
[ 1041.395920][T16068] fuse: Bad value for 'fd'
[ 1041.424479][T16001] XFS (loop8): Quotacheck: Done.
[ 1041.628671][T16065] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1041.638175][T16065] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1041.646960][T16065] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1041.655747][T16065] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1041.683940][T14765] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1041.744214][T16065] vxlan0: entered promiscuous mode
[ 1041.778827][T16065] vxlan0: entered allmulticast mode
[ 1041.855159][T16065] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1041.864087][T16065] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1041.873682][T16065] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1041.882896][T16065] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1042.428905][T15993] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1042.448364][T15993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1042.567840][T15993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1042.583403][T15835] Bluetooth: hci3: command tx timeout
[ 1042.631239][T15993] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1042.643164][T15993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1042.683289][T15993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1042.937246][T15993] hsr_slave_0: entered promiscuous mode
[ 1042.982089][T15993] hsr_slave_1: entered promiscuous mode
[ 1042.996017][T15993] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1043.036479][T15993] Cannot create hsr debugfs directory
[ 1043.096781][T16086] loop8: detected capacity change from 0 to 512
[ 1043.266556][T16086] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1043.294102][T16086] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1043.386066][T16096] Quota error (device loop8): do_check_range: Getting block 4128768 out of range 0-5
[ 1043.700365][T14765] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1044.352878][T16104] virt_wifi0 speed is unknown, defaulting to 1000
[ 1044.554376][T15993] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1044.655418][T15835] Bluetooth: hci3: command tx timeout
[ 1044.711810][T16126] loop9: detected capacity change from 0 to 16
[ 1044.756222][T16126] MTD: Attempt to mount non-MTD device "/dev/loop9"
[ 1045.115601][T15993] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1045.431980][T15993] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1046.210310][T15993] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1046.735621][T15835] Bluetooth: hci3: command tx timeout
[ 1047.975006][T15993] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1048.044697][T15993] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1048.236839][T15993] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1049.307373][T15993] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1049.500081][T16176] virt_wifi0 speed is unknown, defaulting to 1000
[ 1049.723615][T16189] loop9: detected capacity change from 0 to 128
[ 1049.759418][T16189] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1049.860539][T16189] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1049.958785][T16189] ext4 filesystem being mounted at /55/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1051.022727][T15001] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1051.203530][T15993] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1051.351173][T15993] 8021q: adding VLAN 0 to HW filter on device team0
[ 1051.422656][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1051.423643][T16207] loop9: detected capacity change from 0 to 16
[ 1051.429938][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1051.488651][T16207] MTD: Attempt to mount non-MTD device "/dev/loop9"
[ 1051.614787][T16205] syzkaller0: entered promiscuous mode
[ 1051.621344][T16205] syzkaller0: entered allmulticast mode
[ 1051.729342][ T9919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1051.736609][ T9919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1054.745392][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1056.709564][T16246] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1056.849582][T16256] loop8: detected capacity change from 0 to 512
[ 1057.232201][T16256] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1057.316280][T16256] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1057.618567][T16256] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1058.012802][T16277] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1059.374009][T15993] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1061.467927][T15993] veth0_vlan: entered promiscuous mode
[ 1061.523088][T15993] veth1_vlan: entered promiscuous mode
[ 1061.680439][T15993] veth0_macvtap: entered promiscuous mode
[ 1061.729995][T15993] veth1_macvtap: entered promiscuous mode
[ 1061.995123][T15835] Bluetooth: hci1: command 0x0406 tx timeout
[ 1062.010446][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.149827][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.281350][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.508224][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.528654][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.539923][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.550468][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.561383][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.589344][T15993] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1062.698195][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.753448][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.765944][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.805406][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.835197][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.864961][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.880009][T16326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2586'.
[ 1062.889152][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.889179][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.889204][T15993] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.889219][T15993] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.891585][T15993] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1062.936713][T16326] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2586'.
[ 1063.002786][T15993] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.035182][T15993] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.055480][T16326] netlink: 'syz.0.2586': attribute type 7 has an invalid length.
[ 1063.060566][T15993] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.107820][T15993] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.483038][T16334] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.522401][T16333] virt_wifi0 speed is unknown, defaulting to 1000
[ 1063.538852][T16334] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.604506][T16334] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.623797][T16334] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.635688][T16343] syz.8.2589: attempt to access beyond end of device
[ 1063.635688][T16343] loop8: rw=4096, sector=0, nr_sectors = 1 limit=0
[ 1063.649835][T16343] XFS (loop8): SB validate failed with error -5.
[ 1063.721153][ T9911] I/O error, dev loop8, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0
[ 1063.809280][ T8518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1063.818474][ T8518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1064.091950][ T9919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1064.107559][T16355] loop8: detected capacity change from 0 to 8
[ 1064.137174][ T9919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.314424][T16371] No such timeout policy "syz0"
[ 1066.101550][T16381] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1066.789846][ T8518] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1067.338950][ T8518] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1067.420652][T16409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2599'.
[ 1067.771067][ T8518] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.095122][ T8518] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.727714][ T8518] bridge_slave_1: left allmulticast mode
[ 1068.733426][ T8518] bridge_slave_1: left promiscuous mode
[ 1068.780624][T15835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1068.799989][T15835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1068.802417][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1068.817647][T15835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1068.836848][T16400] loop9: detected capacity change from 0 to 32768
[ 1068.857680][T15835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1068.879863][T16400] XFS: ikeep mount option is deprecated.
[ 1069.031159][T15835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1069.042645][T15835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1069.822718][ T8518] bridge_slave_0: left allmulticast mode
[ 1069.835118][ T8518] bridge_slave_0: left promiscuous mode
[ 1069.855521][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1069.872875][T16400] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1070.458834][T16400] XFS (loop9): Ending clean mount
[ 1070.555993][T16450] xt_connbytes: Forcing CT accounting to be enabled
[ 1070.563347][T16450] Cannot find del_set index 0 as target
[ 1070.717191][T15001] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1071.862093][ T5832] Bluetooth: hci3: command tx timeout
[ 1072.274657][ T8518] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1072.305864][ T8518] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1072.323457][ T8518] bond0 (unregistering): Released all slaves
[ 1072.380549][T16449] netlink: 96 bytes leftover after parsing attributes in process `syz.8.2607'.
[ 1072.442679][T16457] geneve2: entered promiscuous mode
[ 1072.454986][T16457] geneve2: entered allmulticast mode
[ 1072.563774][T16447] virt_wifi0 speed is unknown, defaulting to 1000
[ 1072.651301][T16423] virt_wifi0 speed is unknown, defaulting to 1000
[ 1072.945061][T16471] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1073.953362][ T5832] Bluetooth: hci3: command tx timeout
[ 1074.164189][T15201] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1074.365728][T15201] usb 10-1: Using ep0 maxpacket: 16
[ 1074.387434][T15201] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1074.429359][T15201] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1074.452854][T15201] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1074.504054][T15201] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1074.544664][T15201] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1074.644227][T16490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2614'.
[ 1074.672606][T15201] usb 10-1: config 0 descriptor??
[ 1075.127058][ T8518] hsr_slave_0: left promiscuous mode
[ 1075.162393][ T8518] hsr_slave_1: left promiscuous mode
[ 1075.178888][ T8518] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1075.191432][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1075.217833][ T8518] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1075.246632][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1075.309177][ T8518] veth1_macvtap: left promiscuous mode
[ 1075.314807][ T8518] veth0_macvtap: left promiscuous mode
[ 1075.335612][ T8518] veth1_vlan: left promiscuous mode
[ 1075.341044][ T8518] veth0_vlan: left promiscuous mode
[ 1075.506059][T15201] usbhid 10-1:0.0: can't add hid device: -71
[ 1075.518524][T15201] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1075.589676][T15201] usb 10-1: USB disconnect, device number 2
[ 1075.950376][T16508] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2613'.
[ 1076.016368][ T5832] Bluetooth: hci3: command tx timeout
[ 1078.105066][ T5832] Bluetooth: hci3: command tx timeout
[ 1078.163796][ T8518] team0 (unregistering): Port device team_slave_1 removed
[ 1078.260818][ T8518] team0 (unregistering): Port device team_slave_0 removed
[ 1079.538706][T16423] chnl_net:caif_netlink_parms(): no params data found
[ 1080.487764][T16423] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1080.512094][T16577] input: syz0 as /devices/virtual/input/input20
[ 1080.556304][T16423] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1080.563608][T16423] bridge_slave_0: entered allmulticast mode
[ 1080.646813][T16423] bridge_slave_0: entered promiscuous mode
[ 1080.703944][T16423] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1080.745491][T16423] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1080.759856][T16423] bridge_slave_1: entered allmulticast mode
[ 1080.814040][T16558] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1081.577199][T16423] bridge_slave_1: entered promiscuous mode
[ 1081.909691][T16423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1082.148437][T16423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1082.261440][T16598] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1082.273765][T16595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2631'.
[ 1082.623404][T15835] Bluetooth: hci2: command 0x0406 tx timeout
[ 1083.459799][T16423] team0: Port device team_slave_0 added
[ 1083.477313][T16423] team0: Port device team_slave_1 added
[ 1083.580279][   T29] audit: type=1326 audit(1738907668.161:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16605 comm="syz.0.2633" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe40118cde9 code=0x0
[ 1083.637661][T16423] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1083.648941][T16423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.717941][T16423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1083.759158][T16423] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1083.780520][T16423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1083.819886][T16423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1084.070118][T16423] hsr_slave_0: entered promiscuous mode
[ 1084.097125][T16423] hsr_slave_1: entered promiscuous mode
[ 1084.120050][T16423] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1084.145824][T16423] Cannot create hsr debugfs directory
[ 1085.477547][T16629] loop8: detected capacity change from 0 to 128
[ 1085.541713][T16629] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1085.647938][T16629] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1085.709345][T16423] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1085.733131][T16629] ext4 filesystem being mounted at /51/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1085.749807][T16423] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1085.938532][T16423] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1086.030818][T16423] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1086.910669][T14765] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1087.185133][T16423] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1087.319827][T16423] 8021q: adding VLAN 0 to HW filter on device team0
[ 1087.385988][ T9919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1087.393365][ T9919] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1087.481476][T14447] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1087.488751][T14447] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1088.340997][T16423] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1088.973567][T16691] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2641'.
[ 1089.007117][T16691] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2641'.
[ 1089.032680][T16691] netlink: 'syz.8.2641': attribute type 7 has an invalid length.
[ 1089.283354][T16694] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1090.450839][T16423] veth0_vlan: entered promiscuous mode
[ 1090.556809][T16423] veth1_vlan: entered promiscuous mode
[ 1091.404501][T16423] veth0_macvtap: entered promiscuous mode
[ 1091.489630][T16423] veth1_macvtap: entered promiscuous mode
[ 1091.575515][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1091.614998][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1091.644401][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1091.684924][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1091.709962][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1091.734154][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1091.767312][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1091.797517][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1091.824065][T16423] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1091.885854][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1091.931855][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1091.983276][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1092.038203][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1092.075000][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1092.114521][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1092.132607][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1092.147314][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1092.160332][T16423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1092.190480][T16423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1092.231072][T16423] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1092.293208][T16423] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1092.323543][T16423] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1092.371242][T16423] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1092.394931][T16423] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1092.798791][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1092.826986][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1092.965239][ T9919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1092.973115][ T9919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1093.407821][T16733] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2643'.
[ 1093.776879][T16741] loop9: detected capacity change from 0 to 1024
[ 1093.808769][T16741] EXT4-fs: Ignoring removed nobh option
[ 1093.837254][T16741] EXT4-fs: Ignoring removed bh option
[ 1093.890754][T14447] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1093.926496][T16741] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1094.163619][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1094.237437][T14447] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.415390][T16756] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1096.403436][T14447] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1096.720576][T14447] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1097.246209][T15835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1097.267937][T15835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1097.285315][T15835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1097.305366][T15835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1097.315512][T15835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1097.326989][T15835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1097.413978][T14447] bridge_slave_1: left allmulticast mode
[ 1097.456168][T14447] bridge_slave_1: left promiscuous mode
[ 1097.495257][T14447] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1097.627181][T14447] bridge_slave_0: left allmulticast mode
[ 1097.632898][T14447] bridge_slave_0: left promiscuous mode
[ 1097.654020][T14447] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1098.022102][T16799] nfs: Unknown parameter ']'
[ 1098.083267][T16801] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2662'.
[ 1098.168604][T16770] loop8: detected capacity change from 0 to 32768
[ 1098.287190][T16770] XFS (loop8): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1098.481591][T16770] XFS (loop8): Ending clean mount
[ 1098.737616][T16770] syz.8.2657 (16770) used greatest stack depth: 18016 bytes left
[ 1098.828496][T14765] XFS (loop8): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1099.383679][T15835] Bluetooth: hci3: command tx timeout
[ 1099.664140][T14447] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1099.680059][T14447] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1099.722391][T14447] bond0 (unregistering): Released all slaves
[ 1099.804959][T16834] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[ 1099.814807][T16781] virt_wifi0 speed is unknown, defaulting to 1000
[ 1100.278793][T16849] loop9: detected capacity change from 0 to 1024
[ 1100.341313][T16849] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1100.656591][T16833] loop8: detected capacity change from 0 to 32768
[ 1100.684361][T16833] XFS: ikeep mount option is deprecated.
[ 1100.891106][T16833] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1100.970018][T16864] loop9: detected capacity change from 0 to 512
[ 1101.105124][T16864] EXT4-fs error (device loop9): ext4_xattr_ibody_find:2240: inode #15: comm syz.9.2675: corrupted in-inode xattr: invalid ea_ino
[ 1101.120163][T16864] EXT4-fs error (device loop9): ext4_orphan_get:1394: comm syz.9.2675: couldn't read orphan inode 15 (err -117)
[ 1101.171660][T16864] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1101.197328][T16833] XFS (loop8): Ending clean mount
[ 1101.350340][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1101.375870][T14447] hsr_slave_0: left promiscuous mode
[ 1101.401825][T14447] hsr_slave_1: left promiscuous mode
[ 1101.444031][T14447] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1101.458468][T15835] Bluetooth: hci3: command tx timeout
[ 1101.482689][T14447] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1101.503285][T14447] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1101.516177][T14447] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1101.609522][T16833] syz.8.2671 (16833) used greatest stack depth: 17104 bytes left
[ 1101.644372][T16878] loop9: detected capacity change from 0 to 128
[ 1101.651195][T14765] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1101.665214][T16878] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1101.712495][T14447] veth1_macvtap: left promiscuous mode
[ 1101.748919][T14447] veth0_macvtap: left promiscuous mode
[ 1101.757978][T14447] veth1_vlan: left promiscuous mode
[ 1101.763306][T14447] veth0_vlan: left promiscuous mode
[ 1101.992638][ T8516] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[ 1102.902986][T15835] Bluetooth: hci4: command 0x0406 tx timeout
[ 1103.108014][T14447] team0 (unregistering): Port device team_slave_1 removed
[ 1103.233993][T14447] team0 (unregistering): Port device team_slave_0 removed
[ 1103.618787][T16901] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1104.366154][ T5832] Bluetooth: hci3: command tx timeout
[ 1105.265737][T16781] chnl_net:caif_netlink_parms(): no params data found
[ 1106.139203][T16911] loop8: detected capacity change from 0 to 8192
[ 1106.157722][T16781] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1106.200724][T16781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1106.254588][T16781] bridge_slave_0: entered allmulticast mode
[ 1106.278378][T16927] loop9: detected capacity change from 0 to 2048
[ 1106.291813][T16781] bridge_slave_0: entered promiscuous mode
[ 1106.338002][T16781] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1106.375228][T16781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1106.382563][T16781] bridge_slave_1: entered allmulticast mode
[ 1106.415952][ T5832] Bluetooth: hci3: command tx timeout
[ 1106.483436][T16781] bridge_slave_1: entered promiscuous mode
[ 1106.524801][T16927] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1106.575943][T16927] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1106.629435][T16936] FAT-fs (loop8): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 1106.638064][T16936] FAT-fs (loop8): Filesystem has been set read-only
[ 1107.078142][T16781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1107.132140][T16781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1107.586442][T16781] team0: Port device team_slave_0 added
[ 1107.630955][T16781] team0: Port device team_slave_1 added
[ 1107.930468][T16963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2684'.
[ 1107.967809][T16781] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1107.974806][T16781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1108.057767][T16781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1108.121189][T16781] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1108.138673][T16781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1108.228057][T16781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1108.638715][T16973] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1109.839313][T16781] hsr_slave_0: entered promiscuous mode
[ 1109.874240][T16781] hsr_slave_1: entered promiscuous mode
[ 1109.894003][T16781] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1109.924305][T16781] Cannot create hsr debugfs directory
[ 1110.289308][T15001] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.716254][T16991] bridge0: port 3(gretap0) entered blocking state
[ 1110.777283][T16991] bridge0: port 3(gretap0) entered disabled state
[ 1110.783973][T16991] gretap0: entered allmulticast mode
[ 1110.838564][T16991] gretap0: entered promiscuous mode
[ 1110.845904][T16991] bridge0: port 3(gretap0) entered blocking state
[ 1110.852538][T16991] bridge0: port 3(gretap0) entered forwarding state
[ 1111.151163][T16994] wireguard0: entered promiscuous mode
[ 1111.188856][T16994] wireguard0: entered allmulticast mode
[ 1111.343243][T16998] gretap0: left allmulticast mode
[ 1111.373434][T16998] gretap0: left promiscuous mode
[ 1111.391755][T16998] bridge0: port 3(gretap0) entered disabled state
[ 1111.400294][T17014] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2706'.
[ 1112.574266][T16781] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1112.722647][T16781] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1112.759305][T16781] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1112.944695][T17046] syzkaller0: entered promiscuous mode
[ 1112.968221][T17046] syzkaller0: entered allmulticast mode
[ 1112.982056][T16781] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1113.320290][T17072] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2717'.
[ 1116.061577][T17107] xt_ipcomp: unknown flags 12
[ 1116.195636][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.993263][T17086] virt_wifi0 speed is unknown, defaulting to 1000
[ 1117.341444][T17115] loop8: detected capacity change from 0 to 128
[ 1117.542832][   T29] audit: type=1804 audit(1738907702.131:128): pid=17115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.2723" name="/newroot/73/file0/bus" dev="loop8" ino=116 res=1 errno=0
[ 1117.605069][T17123] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2727'.
[ 1117.653382][   T29] audit: type=1804 audit(1738907702.171:129): pid=17115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.2723" name="/newroot/73/file0/bus" dev="loop8" ino=116 res=1 errno=0
[ 1117.726302][    C1] IPv4: Oversized IP packet from 172.20.20.24
[ 1117.741752][T17123] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2727'.
[ 1117.761098][T16781] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1117.806800][T17122] virt_wifi0 speed is unknown, defaulting to 1000
[ 1117.995980][T16781] 8021q: adding VLAN 0 to HW filter on device team0
[ 1118.270950][T14447] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.278186][T14447] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1118.333594][ T9919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.340850][ T9919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1121.454802][T16781] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1121.514471][T17173] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2734'.
[ 1122.445104][T17191] loop9: detected capacity change from 0 to 8192
[ 1122.725216][T16781] veth0_vlan: entered promiscuous mode
[ 1123.019115][T16781] veth1_vlan: entered promiscuous mode
[ 1123.036295][T17203] FAT-fs (loop9): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 1123.048363][T17203] FAT-fs (loop9): Filesystem has been set read-only
[ 1123.344702][T17216] evm: overlay not supported
[ 1123.379856][T16781] veth0_macvtap: entered promiscuous mode
[ 1123.484780][T16781] veth1_macvtap: entered promiscuous mode
[ 1123.612968][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1123.653823][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1123.683205][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1123.697167][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1123.713332][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1123.744382][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1123.768394][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1123.815064][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1123.856026][T16781] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1123.893261][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1123.914469][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1123.952365][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1123.983791][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1124.014479][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1124.094596][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1124.173720][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1124.220837][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1124.264889][T16781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1124.307596][T16781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1124.341236][T17245] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2748'.
[ 1124.363372][T16781] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1124.419216][T16781] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.449549][T16781] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.506305][T16781] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.542920][T16781] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1124.974472][T14447] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1124.991790][T14447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1125.148811][T14447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1125.188669][T14447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1125.608938][T17238] loop8: detected capacity change from 0 to 32768
[ 1125.648681][T17238] XFS: ikeep mount option is deprecated.
[ 1125.772173][T17238] XFS (loop8): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1125.970485][T17238] XFS (loop8): Ending clean mount
[ 1126.033038][T17250] loop9: detected capacity change from 0 to 256
[ 1126.086384][T17250] FAT-fs (loop9): Directory bread(block 1285) failed
[ 1126.115926][T17238] XFS (loop8): Quotacheck needed: Please wait.
[ 1126.163717][T17250] FAT-fs (loop9): FAT read failed (blocknr 1281)
[ 1126.226767][T17250] FAT-fs (loop9): Directory bread(block 1285) failed
[ 1126.299818][T17238] XFS (loop8): Quotacheck: Done.
[ 1126.301793][ T8518] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1126.372423][T17238] XFS (loop8): User initiated shutdown received.
[ 1126.443268][T17238] XFS (loop8): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:463).  Shutting down filesystem.
[ 1126.533047][T17238] XFS (loop8): Please unmount the filesystem and rectify the problem(s)
[ 1126.716934][T14765] XFS (loop8): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1126.831563][ T8518] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.167948][ T8518] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.435504][ T8518] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.620503][T17305] loop9: detected capacity change from 0 to 16
[ 1127.668867][T17305] MTD: Attempt to mount non-MTD device "/dev/loop9"
[ 1128.302428][ T8518] bridge_slave_1: left allmulticast mode
[ 1128.315756][ T8518] bridge_slave_1: left promiscuous mode
[ 1128.345455][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1128.409165][T17323] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2763'.
[ 1128.419596][ T8518] bridge_slave_0: left allmulticast mode
[ 1128.433051][ T8518] bridge_slave_0: left promiscuous mode
[ 1128.591968][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1129.313195][T17340] netlink: 19 bytes leftover after parsing attributes in process `syz.1.2766'.
[ 1130.078380][T17345] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2770'.
[ 1130.151010][T15835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1130.182990][T15835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1130.205217][T15835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1130.217982][T15835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1130.228419][T15835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1130.282030][T15835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1131.145423][ T8518] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1131.158954][ T8518] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1131.169541][ T8518] bond0 (unregistering): Released all slaves
[ 1131.311228][T17346] virt_wifi0 speed is unknown, defaulting to 1000
[ 1133.035357][T17388] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1133.057885][ T5832] Bluetooth: hci3: command tx timeout
[ 1133.092889][T17389] netlink: 19 bytes leftover after parsing attributes in process `syz.9.2781'.
[ 1134.123915][T17412] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2786'.
[ 1134.201364][T17413] Cannot find add_set index 0 as target
[ 1134.211838][ T8518] hsr_slave_0: left promiscuous mode
[ 1134.243940][ T8518] hsr_slave_1: left promiscuous mode
[ 1134.281065][ T8518] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1134.301544][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1134.319738][ T8518] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1134.328359][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1134.413312][ T8518] veth1_macvtap: left promiscuous mode
[ 1134.432787][ T8518] veth0_macvtap: left promiscuous mode
[ 1134.449723][ T8518] veth1_vlan: left promiscuous mode
[ 1134.467870][ T8518] veth0_vlan: left promiscuous mode
[ 1135.150377][ T5832] Bluetooth: hci3: command tx timeout
[ 1135.926250][T17434] netlink: 19 bytes leftover after parsing attributes in process `syz.0.2794'.
[ 1136.934128][ T8518] team0 (unregistering): Port device team_slave_1 removed
[ 1137.018829][ T8518] team0 (unregistering): Port device team_slave_0 removed
[ 1137.215176][ T5832] Bluetooth: hci3: command tx timeout
[ 1138.402666][T17456] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1139.253708][T17346] chnl_net:caif_netlink_parms(): no params data found
[ 1139.295166][ T5832] Bluetooth: hci3: command tx timeout
[ 1140.080934][T17346] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1140.129191][T17346] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1140.165218][T17346] bridge_slave_0: entered allmulticast mode
[ 1140.173083][T17346] bridge_slave_0: entered promiscuous mode
[ 1140.213528][T17346] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1140.223323][T17346] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1140.243403][T17346] bridge_slave_1: entered allmulticast mode
[ 1140.265700][T17346] bridge_slave_1: entered promiscuous mode
[ 1140.477210][T17346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1140.502758][T17346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1140.874084][T17346] team0: Port device team_slave_0 added
[ 1140.891074][T17346] team0: Port device team_slave_1 added
[ 1140.996579][T17488] netlink: 19 bytes leftover after parsing attributes in process `syz.8.2806'.
[ 1142.135647][T17346] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1142.142645][T17346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.198300][T17346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1142.233743][T17346] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1142.242019][T17346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.279062][T17346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1142.764358][T17346] hsr_slave_0: entered promiscuous mode
[ 1142.807214][T17346] hsr_slave_1: entered promiscuous mode
[ 1142.813697][T17346] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1142.846822][T17346] Cannot create hsr debugfs directory
[ 1143.032760][T17511] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1144.420527][T17535] netlink: 19 bytes leftover after parsing attributes in process `syz.8.2819'.
[ 1145.352522][T17538] 9pnet_fd: Insufficient options for proto=fd
[ 1146.982111][T17566] sch_fq: defrate 0 ignored.
[ 1147.554058][T17346] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1147.594102][T17346] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1147.690227][T17346] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1147.769340][T17346] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1148.720292][T17346] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1148.749984][T17346] 8021q: adding VLAN 0 to HW filter on device team0
[ 1148.804166][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1148.811440][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1148.863983][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1148.871250][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1149.489540][T17346] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1151.368541][T17346] veth0_vlan: entered promiscuous mode
[ 1151.383825][T17346] veth1_vlan: entered promiscuous mode
[ 1151.897538][T17346] veth0_macvtap: entered promiscuous mode
[ 1152.030910][T17346] veth1_macvtap: entered promiscuous mode
[ 1152.138199][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.193795][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.234996][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.285681][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.315272][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.354255][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.387040][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.592206][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.874513][T17346] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1152.915662][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1152.926300][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.936568][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1152.950310][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.961789][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1152.983761][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.039473][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1153.086664][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.121903][T17346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1153.154956][T17346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1153.174515][T17346] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1153.256059][T17346] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.264806][T17346] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.341359][T17346] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.350172][T17346] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.849714][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1153.874610][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1154.022086][ T8516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1154.044494][ T8516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1155.100727][T17673] 9pnet_fd: Insufficient options for proto=fd
[ 1155.770299][ T8516] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1156.140742][ T8516] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1156.282037][ T8516] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1156.373629][ T8516] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1156.931403][ T8516] bridge_slave_1: left allmulticast mode
[ 1156.946586][ T8516] bridge_slave_1: left promiscuous mode
[ 1156.952443][ T8516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1157.006175][ T8516] bridge_slave_0: left allmulticast mode
[ 1157.022809][ T8516] bridge_slave_0: left promiscuous mode
[ 1157.036058][ T8516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1157.526365][T15835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1157.570096][T15835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1157.589516][T15835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1157.607207][T15835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1157.637069][T15835] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1157.657445][T15835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1158.245412][ T8516] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1158.259023][ T8516] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1158.270200][ T8516] bond0 (unregistering): Released all slaves
[ 1158.291907][T17726] IPVS: Error connecting to the multicast addr
[ 1158.409720][T17717] virt_wifi0 speed is unknown, defaulting to 1000
[ 1159.784996][T15835] Bluetooth: hci3: command tx timeout
[ 1161.945668][T15835] Bluetooth: hci3: command tx timeout
[ 1164.015244][T15835] Bluetooth: hci3: command tx timeout
[ 1164.415423][ T8516] hsr_slave_0: left promiscuous mode
[ 1164.449901][ T8516] hsr_slave_1: left promiscuous mode
[ 1164.477181][ T8516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1164.526839][ T8516] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1164.573128][ T8516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1164.611007][ T8516] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1164.698404][ T8516] veth1_macvtap: left promiscuous mode
[ 1164.874424][ T8516] veth0_macvtap: left promiscuous mode
[ 1165.042290][ T8516] veth1_vlan: left promiscuous mode
[ 1165.153124][ T8516] veth0_vlan: left promiscuous mode
[ 1166.103168][T15835] Bluetooth: hci3: command tx timeout
[ 1166.359080][   T29] audit: type=1326 audit(1738907750.951:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17827 comm="syz.0.2892" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe40118cde9 code=0x0
[ 1166.533685][T17832] overlayfs: failed to resolve './file0/../file0': -2
[ 1166.942122][ T8516] team0 (unregistering): Port device team_slave_1 removed
[ 1167.004395][ T8516] team0 (unregistering): Port device team_slave_0 removed
[ 1167.792834][T17717] chnl_net:caif_netlink_parms(): no params data found
[ 1168.389864][T17851] geneve3: entered promiscuous mode
[ 1168.395742][T17851] geneve3: entered allmulticast mode
[ 1168.455478][T17717] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1168.491727][T17717] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1168.522091][T17717] bridge_slave_0: entered allmulticast mode
[ 1168.536991][T17717] bridge_slave_0: entered promiscuous mode
[ 1168.669737][T17717] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1168.693304][T17717] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1168.723357][T17717] bridge_slave_1: entered allmulticast mode
[ 1168.748370][T17717] bridge_slave_1: entered promiscuous mode
[ 1169.002771][T17717] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1169.065353][T17717] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1169.303039][T17717] team0: Port device team_slave_0 added
[ 1169.340227][T17717] team0: Port device team_slave_1 added
[ 1169.611619][T17717] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1169.653959][T17717] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1169.758419][T17717] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1169.816895][T17717] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1169.826325][T17717] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1170.177971][T17717] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1171.397771][T17913] netlink: 'syz.0.2915': attribute type 7 has an invalid length.
[ 1171.408961][T17913] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2915'.
[ 1171.840085][T17917] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1176.200723][T17942] fuse: Bad value for 'fd'
[ 1176.221628][T17717] hsr_slave_0: entered promiscuous mode
[ 1176.266362][T17717] hsr_slave_1: entered promiscuous mode
[ 1176.272856][T17717] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1176.302695][T17717] Cannot create hsr debugfs directory
[ 1176.353619][T17946] ./file0: Can't lookup blockdev
[ 1177.286039][T17963] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1178.095645][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1183.264293][   T29] audit: type=1326 audit(1738907767.821:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18016 comm="syz.8.2945" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5494b8cde9 code=0x0
[ 1184.535554][T18027] fuse: Bad value for 'fd'
[ 1185.627426][  T974] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1185.828441][  T974] usb 10-1: Using ep0 maxpacket: 16
[ 1185.853915][  T974] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1185.881863][  T974] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1185.892612][  T974] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1185.919641][  T974] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1185.929328][  T974] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.953987][  T974] usb 10-1: config 0 descriptor??
[ 1187.313471][  T974] usbhid 10-1:0.0: can't add hid device: -71
[ 1187.325054][  T974] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1187.347788][  T974] usb 10-1: USB disconnect, device number 3
[ 1187.627037][T18055] 9pnet_fd: Insufficient options for proto=fd
[ 1188.178202][T17717] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1188.354574][T17717] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1188.509345][T17717] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1188.596656][T17717] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1189.131402][T17717] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1189.577060][T17717] 8021q: adding VLAN 0 to HW filter on device team0
[ 1190.676012][ T1206] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1190.895786][ T1206] usb 10-1: Using ep0 maxpacket: 16
[ 1190.907271][ T1206] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1191.034409][ T1206] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1191.067897][ T1206] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1191.094475][ T1206] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1191.164712][ T1206] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1191.194339][ T1206] usb 10-1: config 0 descriptor??
[ 1191.896188][ T1206] usbhid 10-1:0.0: can't add hid device: -71
[ 1191.902357][ T1206] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1191.936437][ T1206] usb 10-1: USB disconnect, device number 4
[ 1194.968522][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1194.975784][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1195.632752][T17717] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1195.695337][T17717] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1195.984265][T18143] virt_wifi0 speed is unknown, defaulting to 1000
[ 1196.029579][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.036879][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1196.304180][T18175] virt_wifi0 speed is unknown, defaulting to 1000
[ 1196.969911][T17717] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1208.925473][T17717] veth0_vlan: entered promiscuous mode
[ 1208.994661][T17717] veth1_vlan: entered promiscuous mode
[ 1209.116350][T17717] veth0_macvtap: entered promiscuous mode
[ 1209.185641][T17717] veth1_macvtap: entered promiscuous mode
[ 1209.334214][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1209.391863][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1209.563441][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1209.629127][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1209.699902][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1209.845663][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1209.888979][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1209.901423][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1209.939536][T17717] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1210.001811][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1210.037158][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1210.057411][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1210.078569][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1210.098927][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1210.139244][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1210.169236][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1210.198523][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1210.208516][T17717] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1210.227834][T17717] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1210.260893][T17717] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1210.467287][T17717] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.510603][T17717] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.543805][T17717] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.572977][T17717] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1210.866766][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1210.885630][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1211.024465][ T8516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1211.062819][ T8516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1212.620730][ T8516] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1212.944505][ T8516] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1213.176857][ T8516] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1213.450357][ T8516] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1213.902541][ T8516] bridge_slave_1: left allmulticast mode
[ 1213.908244][ T8516] bridge_slave_1: left promiscuous mode
[ 1213.932475][ T8516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1213.951764][ T8516] bridge_slave_0: left allmulticast mode
[ 1213.957713][ T8516] bridge_slave_0: left promiscuous mode
[ 1213.973431][ T8516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1217.552800][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1217.721649][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1217.731765][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1217.743312][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1217.753484][ T5832] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1217.761078][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1218.055892][ T8516] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1218.087015][ T8516] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1218.110346][ T8516] bond0 (unregistering): Released all slaves
[ 1218.309156][T18412] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1218.310858][T18409] bridge0: port 3(gretap0) entered blocking state
[ 1218.361165][T18409] bridge0: port 3(gretap0) entered disabled state
[ 1218.412581][T18409] gretap0: entered allmulticast mode
[ 1218.469191][T18409] gretap0: entered promiscuous mode
[ 1218.513182][T18409] bridge0: port 3(gretap0) entered blocking state
[ 1218.519866][T18409] bridge0: port 3(gretap0) entered forwarding state
[ 1218.900220][T18421] virt_wifi0 speed is unknown, defaulting to 1000
[ 1219.426315][ T8516] hsr_slave_0: left promiscuous mode
[ 1219.467608][ T8516] hsr_slave_1: left promiscuous mode
[ 1219.481731][ T8516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1219.489183][ T8516] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1219.554082][ T8516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1219.591899][ T8516] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1219.752783][ T8516] veth1_macvtap: left promiscuous mode
[ 1219.774567][ T8516] veth0_macvtap: left promiscuous mode
[ 1219.793796][ T8516] veth1_vlan: left promiscuous mode
[ 1219.808647][ T8516] veth0_vlan: left promiscuous mode
[ 1219.852404][T15835] Bluetooth: hci3: command tx timeout
[ 1221.080824][T18479] FAT-fs (loop3): bogus number of reserved sectors
[ 1221.087490][T18479] FAT-fs (loop3): Can't find a valid FAT filesystem
[ 1221.986404][T15835] Bluetooth: hci3: command tx timeout
[ 1223.049608][ T8516] team0 (unregistering): Port device team_slave_1 removed
[ 1223.184827][ T8516] team0 (unregistering): Port device team_slave_0 removed
[ 1224.011027][T15835] Bluetooth: hci3: command tx timeout
[ 1224.994642][T18495] wireguard0: entered promiscuous mode
[ 1225.000167][T18495] wireguard0: entered allmulticast mode
[ 1226.100655][T15835] Bluetooth: hci3: command tx timeout
[ 1226.251146][T18496] gretap0: left allmulticast mode
[ 1226.330760][T18496] gretap0: left promiscuous mode
[ 1226.356973][T18496] bridge0: port 3(gretap0) entered disabled state
[ 1226.802600][T18534] geneve3: entered promiscuous mode
[ 1226.807877][T18534] geneve3: entered allmulticast mode
[ 1227.674153][T18421] chnl_net:caif_netlink_parms(): no params data found
[ 1235.643216][T18421] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1235.661437][T18421] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1235.668735][T18421] bridge_slave_0: entered allmulticast mode
[ 1236.046003][T18421] bridge_slave_0: entered promiscuous mode
[ 1236.069957][T18584] bridge0: port 3(gretap0) entered blocking state
[ 1236.078682][T18584] bridge0: port 3(gretap0) entered disabled state
[ 1236.085434][T18584] gretap0: entered allmulticast mode
[ 1236.092834][T18584] gretap0: entered promiscuous mode
[ 1236.132291][T18589] wireguard0: entered promiscuous mode
[ 1236.142249][T18589] wireguard0: entered allmulticast mode
[ 1236.195970][T18591] gretap0: left allmulticast mode
[ 1236.203456][T18591] gretap0: left promiscuous mode
[ 1236.212935][T18591] bridge0: port 3(gretap0) entered disabled state
[ 1236.294457][T18421] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1236.349616][T18421] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.399456][T18421] bridge_slave_1: entered allmulticast mode
[ 1236.407997][T18421] bridge_slave_1: entered promiscuous mode
[ 1238.604643][T18421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1238.777816][T18616] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1239.057923][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1242.516935][T18421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1242.814994][T18654] IPVS: Error connecting to the multicast addr
[ 1243.076761][T18421] team0: Port device team_slave_0 added
[ 1243.087678][T18421] team0: Port device team_slave_1 added
[ 1243.932383][T18421] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1244.008633][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1244.101938][T18421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1244.140215][T18421] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1244.158418][T18421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1244.286378][T18421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1244.654941][T18421] hsr_slave_0: entered promiscuous mode
[ 1244.699910][T18421] hsr_slave_1: entered promiscuous mode
[ 1244.706440][T18421] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1244.740909][T18421] Cannot create hsr debugfs directory
[ 1244.869519][   T25] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[ 1245.084174][   T25] usb 2-1: config 0 has an invalid interface number: 120 but max is 0
[ 1245.118696][   T25] usb 2-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[ 1245.133166][   T25] usb 2-1: config 0 has no interface number 0
[ 1245.140630][   T25] usb 2-1: config 0 interface 120 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1245.176115][   T25] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1245.193712][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1245.238820][T18690] team0: Port device team_slave_0 removed
[ 1245.267216][   T25] usb 2-1: config 0 descriptor??
[ 1245.353459][T18694] bridge0: port 3(gretap0) entered blocking state
[ 1245.388849][T18694] bridge0: port 3(gretap0) entered disabled state
[ 1245.411754][T18694] gretap0: entered allmulticast mode
[ 1245.447942][T18694] gretap0: entered promiscuous mode
[ 1245.456607][T18694] bridge0: port 3(gretap0) entered blocking state
[ 1245.463309][T18694] bridge0: port 3(gretap0) entered forwarding state
[ 1246.948476][T18695] gretap0: left allmulticast mode
[ 1246.953611][T18695] gretap0: left promiscuous mode
[ 1246.988184][T18695] bridge0: port 3(gretap0) entered disabled state
[ 1246.988418][   T25] usb 2-1: string descriptor 0 read error: -71
[ 1247.143062][   T25] usb 2-1: USB disconnect, device number 11
[ 1252.156867][T18755] bridge0: port 1(gretap0) entered blocking state
[ 1252.167079][T18755] bridge0: port 1(gretap0) entered disabled state
[ 1252.197595][T18755] gretap0: entered allmulticast mode
[ 1252.204815][T18755] gretap0: entered promiscuous mode
[ 1252.249444][T18755] bridge0: port 1(gretap0) entered blocking state
[ 1252.256105][T18755] bridge0: port 1(gretap0) entered forwarding state
[ 1252.280747][T18756] gretap0: left allmulticast mode
[ 1252.285828][T18756] gretap0: left promiscuous mode
[ 1252.322559][T18756] bridge0: port 1(gretap0) entered disabled state
[ 1252.366546][T18735] virt_wifi0 speed is unknown, defaulting to 1000
[ 1253.068887][T18771] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1257.058530][T18421] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1257.113000][T18421] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1257.181577][T18421] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1257.241095][T18421] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1257.481438][T18819] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1258.712697][T18812] virt_wifi0 speed is unknown, defaulting to 1000
[ 1260.636812][ T5955] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1260.836686][ T5955] usb 9-1: config 0 has an invalid interface number: 124 but max is 0
[ 1260.844904][ T5955] usb 9-1: config 0 has no interface number 0
[ 1260.866300][ T5955] usb 9-1: config 0 interface 124 altsetting 0 bulk endpoint 0xE has invalid maxpacket 1024
[ 1260.884147][ T5955] usb 9-1: config 0 interface 124 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 32
[ 1260.911572][ T5955] usb 9-1: New USB device found, idVendor=0421, idProduct=046e, bcdDevice=73.fb
[ 1260.921259][ T5955] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1260.939311][ T5955] usb 9-1: Product: syz
[ 1260.943503][ T5955] usb 9-1: Manufacturer: syz
[ 1260.948749][ T5955] usb 9-1: SerialNumber: syz
[ 1260.975955][ T5955] usb 9-1: config 0 descriptor??
[ 1260.981885][T18833] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1260.999373][T18833] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1261.040909][ T5955] usb 9-1: bad CDC descriptors
[ 1261.795047][T18853] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1266.943917][T18833] netlink: 'syz.8.3149': attribute type 12 has an invalid length.
[ 1266.995612][ T5883] usb 9-1: USB disconnect, device number 3
[ 1270.722939][T18869] bridge0: port 3(gretap0) entered blocking state
[ 1270.729968][T18869] bridge0: port 3(gretap0) entered disabled state
[ 1270.743059][T18869] gretap0: entered allmulticast mode
[ 1270.750292][T18869] gretap0: entered promiscuous mode
[ 1270.759094][T18870] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1270.798398][T18874] gretap0: left allmulticast mode
[ 1270.813687][T18874] gretap0: left promiscuous mode
[ 1270.821780][T18874] bridge0: port 3(gretap0) entered disabled state
[ 1271.307816][T18421] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1271.409694][T18421] 8021q: adding VLAN 0 to HW filter on device team0
[ 1271.449681][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1271.456927][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1271.531821][ T8518] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1271.539105][ T8518] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1274.412464][T18421] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1276.270294][T18944] bridge0: port 1(gretap0) entered blocking state
[ 1276.290028][T18944] bridge0: port 1(gretap0) entered disabled state
[ 1276.322495][T18944] gretap0: entered allmulticast mode
[ 1276.340116][T18944] gretap0: entered promiscuous mode
[ 1276.403149][T18944] bridge0: port 1(gretap0) entered blocking state
[ 1276.409859][T18944] bridge0: port 1(gretap0) entered forwarding state
[ 1276.805931][T18952] gretap0: left allmulticast mode
[ 1276.820586][T18952] gretap0: left promiscuous mode
[ 1276.858325][T18952] bridge0: port 1(gretap0) entered disabled state
[ 1276.865444][ T5955] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1277.064454][ T5955] usb 9-1: Using ep0 maxpacket: 32
[ 1277.077647][ T5955] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1277.126157][ T5955] usb 9-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1277.164318][ T5955] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1277.212030][ T5955] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1277.358481][ T5955] usb 9-1: config 0 descriptor??
[ 1277.738056][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1277.754445][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1277.764351][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1277.777329][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1277.785275][ T5832] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1277.792714][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1278.262457][T18960] netlink: 28 bytes leftover after parsing attributes in process `syz.8.3177'.
[ 1278.323497][T15201] usb 9-1: USB disconnect, device number 4
[ 1278.502711][T18973] virt_wifi0 speed is unknown, defaulting to 1000
[ 1279.844313][ T5832] Bluetooth: hci3: command tx timeout
[ 1281.451199][T19041] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1281.938924][ T5832] Bluetooth: hci3: command tx timeout
[ 1284.003666][ T5832] Bluetooth: hci3: command tx timeout
[ 1285.048506][T19020] bridge0: port 3(gretap0) entered blocking state
[ 1285.073105][T19020] bridge0: port 3(gretap0) entered disabled state
[ 1285.103109][T19020] gretap0: entered allmulticast mode
[ 1285.120783][T19020] gretap0: entered promiscuous mode
[ 1285.167679][T19028] wireguard0: entered promiscuous mode
[ 1285.173203][T19028] wireguard0: entered allmulticast mode
[ 1285.192009][T19029] gretap0: left allmulticast mode
[ 1285.203632][T19029] gretap0: left promiscuous mode
[ 1285.208861][T19029] bridge0: port 3(gretap0) entered disabled state
[ 1285.360059][T18973] chnl_net:caif_netlink_parms(): no params data found
[ 1285.491869][T19023] virt_wifi0 speed is unknown, defaulting to 1000
[ 1285.598703][T19063] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3197'.
[ 1285.655563][ T8518] bridge_slave_1: left allmulticast mode
[ 1285.661247][ T8518] bridge_slave_1: left promiscuous mode
[ 1285.681210][ T8518] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1285.740021][ T8518] bridge_slave_0: left allmulticast mode
[ 1285.758528][ T8518] bridge_slave_0: left promiscuous mode
[ 1285.773511][ T8518] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1286.083400][ T5832] Bluetooth: hci3: command tx timeout
[ 1288.340698][ T8518] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1288.360780][ T8518] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1288.374698][ T8518] bond0 (unregistering): Released all slaves
[ 1288.393589][T19027] virt_wifi0 speed is unknown, defaulting to 1000
[ 1288.583783][ T8518] hsr_slave_0: left promiscuous mode
[ 1288.605910][ T8518] hsr_slave_1: left promiscuous mode
[ 1288.622670][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1288.652616][ T8518] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1289.493268][ T8518] team0 (unregistering): Port device team_slave_1 removed
[ 1289.605326][ T8518] team0 (unregistering): Port device team_slave_0 removed
[ 1291.161566][ T1324] wlan1: Trigger new scan to find an IBSS to join
[ 1291.540435][T19147] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1295.877221][  T974] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1296.042483][T15835] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1296.055335][T15835] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1296.064029][  T974] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1296.076157][T15835] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1296.088479][  T974] usb 9-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[ 1296.098046][  T974] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.113533][  T974] usb 9-1: config 0 descriptor??
[ 1296.117926][T15835] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1296.151845][T15835] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1296.162230][T15835] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1296.192979][ T1324] wlan1: Trigger new scan to find an IBSS to join
[ 1296.340323][T15201] usb 9-1: USB disconnect, device number 5
[ 1297.195084][   T11] wlan1: Creating new IBSS network, BSSID 2e:e0:34:84:60:c8
[ 1298.172711][T18973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1298.179924][T18973] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1298.213029][T18973] bridge_slave_0: entered allmulticast mode
[ 1298.239977][T18973] bridge_slave_0: entered promiscuous mode
[ 1298.246233][T15835] Bluetooth: hci5: command tx timeout
[ 1298.326466][T18973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1298.364614][T18973] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1298.402181][T18973] bridge_slave_1: entered allmulticast mode
[ 1298.411378][T18973] bridge_slave_1: entered promiscuous mode
[ 1298.881954][T19182] virt_wifi0 speed is unknown, defaulting to 1000
[ 1299.034922][T18973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1299.076856][T18973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1299.599429][T18973] team0: Port device team_slave_0 added
[ 1299.643842][T18973] team0: Port device team_slave_1 added
[ 1300.115597][T18973] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1300.133777][T18973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1300.221593][T18973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1300.262845][T18973] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1300.269824][T18973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1300.336660][T15835] Bluetooth: hci5: command tx timeout
[ 1300.343435][T18973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1300.493720][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.707444][T18973] hsr_slave_0: entered promiscuous mode
[ 1300.732334][T18973] hsr_slave_1: entered promiscuous mode
[ 1300.746841][T18973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1300.765016][T18973] Cannot create hsr debugfs directory
[ 1302.991236][T15835] Bluetooth: hci5: command tx timeout
[ 1304.266141][T19182] chnl_net:caif_netlink_parms(): no params data found
[ 1304.464299][   T62] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1304.816489][   T62] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1304.961530][T15201] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1305.026390][   T62] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.041003][T15835] Bluetooth: hci5: command tx timeout
[ 1305.130973][T15201] usb 2-1: Using ep0 maxpacket: 32
[ 1305.192149][T15201] usb 2-1: config 10 has an invalid interface number: 248 but max is 0
[ 1305.223636][T15201] usb 2-1: config 10 has no interface number 0
[ 1305.229907][T15201] usb 2-1: config 10 interface 248 altsetting 9 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[ 1305.281038][T15201] usb 2-1: config 10 interface 248 has no altsetting 0
[ 1305.681317][T15201] usb 2-1: New USB device found, idVendor=06cd, idProduct=011c, bcdDevice=d3.7f
[ 1305.700697][T15201] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1305.720908][T15201] usb 2-1: Product: syz
[ 1305.725111][T15201] usb 2-1: Manufacturer: syz
[ 1306.688085][T15201] usb 2-1: SerialNumber: syz
[ 1307.354457][T15201] keyspan 2-1:10.248: Keyspan 1 port adapter converter detected
[ 1307.401151][T15201] keyspan 2-1:10.248: found no endpoint descriptor for endpoint 84
[ 1307.460099][   T62] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1307.507845][T19182] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.517214][T19182] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.525250][T19182] bridge_slave_0: entered allmulticast mode
[ 1307.534120][T19182] bridge_slave_0: entered promiscuous mode
[ 1307.543930][T19182] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.552456][T19182] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1307.559707][T19182] bridge_slave_1: entered allmulticast mode
[ 1307.589338][T19182] bridge_slave_1: entered promiscuous mode
[ 1307.654566][T15201] keyspan 2-1:10.248: found no endpoint descriptor for endpoint 81
[ 1308.398690][T15201] keyspan 2-1:10.248: found no endpoint descriptor for endpoint 82
[ 1308.431577][T15201] keyspan 2-1:10.248: found no endpoint descriptor for endpoint 1
[ 1308.439550][T15201] keyspan 2-1:10.248: unsupported endpoint type 0
[ 1308.482017][T15201] keyspan 2-1:10.248: found no endpoint descriptor for endpoint 83
[ 1308.535235][T19182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1308.560834][T15201] keyspan 2-1:10.248: unsupported endpoint type 0
[ 1308.581467][T15201] usb 2-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[ 1308.591954][T19182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1308.620934][T15201] usb 2-1: USB disconnect, device number 12
[ 1308.649484][T15201] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[ 1308.667459][T15201] keyspan 2-1:10.248: device disconnected
[ 1310.168479][T19182] team0: Port device team_slave_0 added
[ 1310.233018][T19182] team0: Port device team_slave_1 added
[ 1310.639528][T19182] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1310.690904][T19182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1310.795338][T19182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1310.857047][T19182] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1310.887637][T19182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1311.010330][T19182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1311.044668][   T62] bridge_slave_1: left allmulticast mode
[ 1311.060303][   T62] bridge_slave_1: left promiscuous mode
[ 1311.086659][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1311.151502][   T62] bridge_slave_0: left allmulticast mode
[ 1311.157193][   T62] bridge_slave_0: left promiscuous mode
[ 1311.202056][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1311.510260][   T25] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1311.518241][ T5955] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1312.123414][ T5955] usb 9-1: Using ep0 maxpacket: 32
[ 1312.131239][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1312.152741][ T5955] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1312.170145][   T25] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1312.180001][   T25] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1312.230466][   T25] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1312.239712][   T25] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1312.252590][ T5955] usb 9-1: config 1 has an invalid interface descriptor of length 2, skipping
[ 1312.261653][ T5955] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1312.273494][ T5955] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 189, changing to 7
[ 1312.285698][   T25] usb 10-1: config 0 descriptor??
[ 1312.291235][ T5955] usb 9-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1312.318446][ T5955] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1312.360237][ T5955] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1312.368297][ T5955] usb 9-1: Product: syz
[ 1312.372907][ T5955] usb 9-1: Manufacturer: syz
[ 1312.411150][ T5955] usb 9-1: SerialNumber: syz
[ 1313.711491][   T25] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max
[ 1313.727183][ T5955] usb 9-1: USB disconnect, device number 6
[ 1313.733580][   T25] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max
[ 1313.742390][   T25] plantronics 0003:047F:FFFF.000B: usage index exceeded
[ 1313.784370][   T25] plantronics 0003:047F:FFFF.000B: item 0 1 2 2 parsing failed
[ 1313.801609][   T25] plantronics 0003:047F:FFFF.000B: parse failed
[ 1313.808030][   T25] plantronics 0003:047F:FFFF.000B: probe with driver plantronics failed with error -22
[ 1313.832615][   T25] usb 10-1: USB disconnect, device number 5
[ 1313.966008][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1313.985350][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1314.009011][   T62] bond0 (unregistering): Released all slaves
[ 1316.210050][    T9] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1316.389398][T19182] hsr_slave_0: entered promiscuous mode
[ 1316.399969][    T9] usb 10-1: Using ep0 maxpacket: 32
[ 1316.413772][T19182] hsr_slave_1: entered promiscuous mode
[ 1316.422482][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1316.430743][T19182] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1316.454511][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1316.459639][T19182] Cannot create hsr debugfs directory
[ 1316.488738][    T9] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1316.523004][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1316.560513][    T9] usb 10-1: config 0 descriptor??
[ 1316.579072][    T9] hub 10-1:0.0: USB hub found
[ 1316.787485][    T9] hub 10-1:0.0: 1 port detected
[ 1317.029778][   T62] hsr_slave_0: left promiscuous mode
[ 1317.051985][   T62] hsr_slave_1: left promiscuous mode
[ 1317.070878][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1317.098727][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1317.127845][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1317.146170][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1317.262513][T19366] udevd[19366]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1317.334769][   T62] veth1_macvtap: left promiscuous mode
[ 1317.371922][   T62] veth0_macvtap: left promiscuous mode
[ 1317.377754][   T62] veth1_vlan: left promiscuous mode
[ 1317.397959][    T9] hub 10-1:0.0: activate --> -90
[ 1317.408121][   T62] veth0_vlan: left promiscuous mode
[ 1317.812977][   T25] usb 10-1: USB disconnect, device number 6
[ 1318.663647][T19386] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1322.206656][   T62] team0 (unregistering): Port device team_slave_1 removed
[ 1322.380651][   T62] team0 (unregistering): Port device team_slave_0 removed
[ 1324.183548][T18973] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1325.243615][T18973] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1325.295526][T18973] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1325.380163][T18973] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1327.046832][T18973] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1327.277232][ T8516] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1328.620123][T18973] 8021q: adding VLAN 0 to HW filter on device team0
[ 1330.127680][T19511] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3305'.
[ 1330.338220][   T47] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1330.400863][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1330.408197][ T5986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1330.518525][   T47] usb 9-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1330.572578][   T47] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1330.673370][   T47] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1330.691674][   T45] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1330.698971][   T45] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1331.726187][   T47] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 1331.997306][   T47] snd-usb-audio 9-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 1332.059633][   T47] usb 9-1: USB disconnect, device number 7
[ 1332.280674][T19520] virt_wifi0 speed is unknown, defaulting to 1000
[ 1332.331952][T19364] udevd[19364]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1333.108802][T19182] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1333.136395][T19182] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1333.768427][T19182] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1333.824729][T19182] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1334.170270][T18973] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1334.484304][T19182] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1334.592039][T19182] 8021q: adding VLAN 0 to HW filter on device team0
[ 1334.662618][   T45] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1334.669897][   T45] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1334.754066][ T8516] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1334.761293][ T8516] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1335.429357][T18973] veth0_vlan: entered promiscuous mode
[ 1335.515166][T18973] veth1_vlan: entered promiscuous mode
[ 1335.650646][T18973] veth0_macvtap: entered promiscuous mode
[ 1335.713732][T18973] veth1_macvtap: entered promiscuous mode
[ 1335.792809][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1335.856504][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1335.870659][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1335.882846][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1335.937052][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1335.948135][    T9] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1335.965164][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1335.986270][T18973] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1336.008364][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1336.026774][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1336.042831][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1336.056709][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1336.066850][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1336.078650][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1336.088737][T18973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1336.099414][T18973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1336.111726][T18973] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1336.129524][    T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1336.159434][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1336.205650][T18973] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1336.206344][    T9] usb 2-1: config 0 descriptor??
[ 1336.238114][T18973] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1336.265803][T18973] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1336.276875][    T9] cp210x 2-1:0.0: cp210x converter detected
[ 1336.284693][T18973] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1336.315449][T19182] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1336.522237][T19182] veth0_vlan: entered promiscuous mode
[ 1336.569274][T19182] veth1_vlan: entered promiscuous mode
[ 1336.699605][    T9] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1336.754093][    T9] usb 2-1: cp210x converter now attached to ttyUSB0
[ 1336.773285][T19182] veth0_macvtap: entered promiscuous mode
[ 1336.814957][T19182] veth1_macvtap: entered promiscuous mode
[ 1336.908285][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1336.939793][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1336.972622][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1336.977175][   T47] usb 2-1: USB disconnect, device number 13
[ 1336.996680][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.010704][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1337.021688][   T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1337.026558][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.057350][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1337.076562][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.102225][T19182] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1337.177781][   T47] cp210x 2-1:0.0: device disconnected
[ 1337.345140][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1337.396431][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.415125][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1337.450546][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.477520][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1337.498344][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.536016][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1337.567672][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.603484][T19182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1337.634521][T19182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1337.669403][T19182] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1337.709965][T19182] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.735120][T19182] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.778464][T19182] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1337.805035][T19182] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1338.035356][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1338.052440][   T45] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.070075][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1338.084490][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1338.108071][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1338.117686][ T5832] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1338.147542][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1338.560274][   T45] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1338.718087][T19632] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1339.888274][T19634] virt_wifi0 speed is unknown, defaulting to 1000
[ 1340.022261][   T45] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.170259][T19655] IPVS: set_ctl: invalid protocol: 41 127.0.0.1:20003
[ 1340.239119][ T5832] Bluetooth: hci3: command tx timeout
[ 1340.436087][   T45] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1340.553394][T19659] bridge_slave_1: left allmulticast mode
[ 1340.566222][T19659] bridge_slave_1: left promiscuous mode
[ 1340.598516][T19659] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1340.652270][T19659] bridge_slave_0: left allmulticast mode
[ 1340.659640][T19659] bridge_slave_0: left promiscuous mode
[ 1340.665484][T19659] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1341.043611][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1341.087475][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1341.384612][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1341.416043][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1341.580781][   T45] bridge_slave_1: left allmulticast mode
[ 1341.586485][   T45] bridge_slave_1: left promiscuous mode
[ 1341.645051][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1341.773010][   T45] bridge_slave_0: left allmulticast mode
[ 1341.794268][   T45] bridge_slave_0: left promiscuous mode
[ 1341.817816][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1342.629600][T19713] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1343.237778][ T5832] Bluetooth: hci3: command tx timeout
[ 1345.522427][ T5832] Bluetooth: hci3: command tx timeout
[ 1346.168311][   T45] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1346.181447][   T45] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1346.193176][   T45] bond0 (unregistering): Released all slaves
[ 1346.525900][   T45] hsr_slave_0: left promiscuous mode
[ 1346.536527][   T45] hsr_slave_1: left promiscuous mode
[ 1346.549811][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1346.567409][   T45] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1346.588935][   T45] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1346.598822][   T45] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1346.704963][   T45] veth1_macvtap: left promiscuous mode
[ 1346.720570][   T45] veth0_macvtap: left promiscuous mode
[ 1346.740060][   T45] veth1_vlan: left promiscuous mode
[ 1346.758760][   T45] veth0_vlan: left promiscuous mode
[ 1347.597811][ T5832] Bluetooth: hci3: command tx timeout
[ 1348.337497][ T5914] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1348.598374][ T5914] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1348.657929][ T5914] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 1348.676326][ T5914] usb 9-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[ 1348.706045][ T5914] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1348.754907][ T5914] usb 9-1: config 0 descriptor??
[ 1349.275810][T19788] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1349.461393][ T5914] Bluetooth: Can't get version to change to load ram patch err
[ 1349.469259][ T5914] Bluetooth: Loading sysconfig file failed
[ 1349.475107][ T5914] ath3k 9-1:0.0: probe with driver ath3k failed with error -71
[ 1349.506576][ T5914] usb 9-1: USB disconnect, device number 8
[ 1349.553074][   T45] team0 (unregistering): Port device team_slave_1 removed
[ 1349.689065][   T45] team0 (unregistering): Port device team_slave_0 removed
[ 1349.833678][ T5914] kernel write not supported for file /input/event2 (pid: 5914 comm: kworker/0:6)
[ 1351.932079][ T5883] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[ 1352.139279][ T5883] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1352.889395][T19634] chnl_net:caif_netlink_parms(): no params data found
[ 1354.267762][T19634] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1354.274971][T19634] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1354.347765][T19634] bridge_slave_0: entered allmulticast mode
[ 1354.355493][T19634] bridge_slave_0: entered promiscuous mode
[ 1354.401437][T19634] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1354.424479][T19634] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1354.483640][T19634] bridge_slave_1: entered allmulticast mode
[ 1354.509301][T19634] bridge_slave_1: entered promiscuous mode
[ 1354.804631][T19634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1354.852910][T19634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1354.871847][   T47] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1355.060069][   T47] usb 9-1: Using ep0 maxpacket: 32
[ 1355.176380][   T47] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1355.389126][   T47] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1355.549575][   T47] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1355.589491][   T47] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1355.688961][   T47] usb 9-1: config 0 descriptor??
[ 1355.697812][T19866] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1355.769571][   T47] hub 9-1:0.0: USB hub found
[ 1356.080125][T19634] team0: Port device team_slave_0 added
[ 1356.107463][   T47] hub 9-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1356.124125][   T47] usbhid 9-1:0.0: can't add hid device: -71
[ 1356.133216][   T47] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1356.153473][T19634] team0: Port device team_slave_1 added
[ 1356.184185][   T47] usb 9-1: USB disconnect, device number 9
[ 1357.666132][T19634] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1357.708510][T19634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1357.807340][T19634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1357.867553][T19634] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1357.874593][T19634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1357.946623][T19634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1358.180942][T19634] hsr_slave_0: entered promiscuous mode
[ 1358.184881][T19634] hsr_slave_1: entered promiscuous mode
[ 1358.188945][    T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1358.212346][T19634] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1358.212375][T19634] Cannot create hsr debugfs directory
[ 1358.926010][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1359.057430][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1359.091947][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1359.120212][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1359.139240][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1359.152369][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1359.161478][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1359.188529][    T9] usb 2-1: config 0 descriptor??
[ 1359.583269][T19942] Invalid ELF header magic: != ELF
[ 1359.625222][    T9] HID 045e:07da: Invalid code 65791 type 1
[ 1359.693963][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000D/input/input22
[ 1359.763085][    T9] microsoft 0003:045E:07DA.000D: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1359.868639][    T9] usb 2-1: USB disconnect, device number 14
[ 1360.856605][   T29] audit: type=1326 audit(1738915881.445:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19962 comm="syz.1.3417" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5a2b78cde9 code=0x0
[ 1361.472041][T19982] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1361.472041][T19982] The task syz.9.3421 (19982) triggered the difference, watch for misbehavior.
[ 1361.475178][T19634] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1361.614214][T19634] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1361.701289][T19634] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1361.804954][T19634] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1361.938792][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.627447][   T47] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1362.827771][   T47] usb 9-1: Using ep0 maxpacket: 16
[ 1362.869485][   T47] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1362.949707][   T47] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1362.997789][   T47] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1363.074430][   T47] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1363.114544][   T47] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1363.156317][   T47] usb 9-1: config 0 descriptor??
[ 1364.136515][T20012] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[ 1364.270451][T19634] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1364.366407][T19634] 8021q: adding VLAN 0 to HW filter on device team0
[ 1364.433443][   T47] HID 045e:07da: Invalid code 65791 type 1
[ 1364.481668][ T8518] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1364.488922][ T8518] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1364.559820][ T8518] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1364.567111][ T8518] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1364.712397][   T47] input: HID 045e:07da as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:045E:07DA.000E/input/input23
[ 1364.732147][   T47] microsoft 0003:045E:07DA.000E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[ 1365.129138][   T47] usb 9-1: USB disconnect, device number 10
[ 1365.390874][   T29] audit: type=1326 audit(1738915885.995:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20029 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978718cde9 code=0x7ffc0000
[ 1365.451138][   T29] audit: type=1326 audit(1738915886.025:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20029 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f978718cde9 code=0x7ffc0000
[ 1365.558214][   T29] audit: type=1326 audit(1738915886.025:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20029 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978718cde9 code=0x7ffc0000
[ 1365.642625][T20030] virt_wifi0 speed is unknown, defaulting to 1000
[ 1365.694125][   T29] audit: type=1326 audit(1738915886.025:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20029 comm="syz.3.3434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978718cde9 code=0x7ffc0000
[ 1368.301704][T19634] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1368.550010][T20069] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input24
[ 1369.237478][ T5844] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1369.541129][T20079] virt_wifi0 speed is unknown, defaulting to 1000
[ 1369.977598][ T5844] usb 9-1: Using ep0 maxpacket: 16
[ 1369.988608][ T5844] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1370.025458][ T5844] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1370.062608][T20084] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1370.077533][ T5844] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1370.097857][T20085] 9pnet_fd: Insufficient options for proto=fd
[ 1370.116185][ T5844] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1370.135893][ T5844] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1371.172880][ T5844] usb 9-1: config 0 descriptor??
[ 1371.180724][ T5844] usb 9-1: can't set config #0, error -71
[ 1371.189704][ T5844] usb 9-1: USB disconnect, device number 11
[ 1371.700869][T19634] veth0_vlan: entered promiscuous mode
[ 1371.752390][T19634] veth1_vlan: entered promiscuous mode
[ 1372.442098][T19634] veth0_macvtap: entered promiscuous mode
[ 1372.514033][T19634] veth1_macvtap: entered promiscuous mode
[ 1372.618516][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1372.663539][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1372.707395][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1372.746035][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1372.771856][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1372.813069][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1372.996484][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1373.169129][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1373.520734][T19634] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1373.625987][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1373.687412][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1373.760133][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1373.777474][T15201] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1373.836573][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1373.889995][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1373.927686][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1373.971327][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1373.982869][T15201] usb 9-1: Using ep0 maxpacket: 16
[ 1374.045750][T15201] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1374.082823][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1374.111849][T15201] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1374.142144][T19634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1374.173077][T15201] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1374.221317][T19634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1374.257626][T15201] usb 9-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1374.294866][T19634] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1374.339722][T15201] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1374.448344][T19634] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1374.490908][T15201] usb 9-1: config 0 descriptor??
[ 1374.537872][T19634] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1374.546618][T19634] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1374.650619][T19634] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1374.801751][T20131] cgroup: Unknown subsys name 'cpuset'
[ 1374.980329][T15201] HID 045e:07da: Invalid code 65791 type 1
[ 1375.047010][T15201] input: HID 045e:07da as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:045E:07DA.000F/input/input25
[ 1375.133743][T15201] microsoft 0003:045E:07DA.000F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.8-1/input0
[ 1375.174204][ T8518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1375.220382][T15201] usb 9-1: USB disconnect, device number 12
[ 1375.239061][ T8518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1375.361448][ T9919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1375.376978][ T9919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1378.270949][T15201] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1378.333931][T20072] ==================================================================
[ 1378.342032][T20072] BUG: KASAN: slab-use-after-free in hci_chan_del+0x3b/0x1b0
[ 1378.349418][T20072] Read of size 8 at addr ffff888027bba418 by task khidpd_15c25886/20072
[ 1378.357749][T20072] 
[ 1378.360090][T20072] CPU: 1 UID: 0 PID: 20072 Comm: khidpd_15c25886 Not tainted 6.14.0-rc1-next-20250206-syzkaller #0
[ 1378.360111][T20072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1378.360126][T20072] Call Trace:
[ 1378.360135][T20072]  <TASK>
[ 1378.360143][T20072]  dump_stack_lvl+0x241/0x360
[ 1378.360166][T20072]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1378.360183][T20072]  ? __pfx__printk+0x10/0x10
[ 1378.360208][T20072]  ? _printk+0xd5/0x120
[ 1378.360230][T20072]  ? __virt_addr_valid+0x183/0x530
[ 1378.360252][T20072]  ? __virt_addr_valid+0x183/0x530
[ 1378.360276][T20072]  print_report+0x169/0x550
[ 1378.360299][T20072]  ? __virt_addr_valid+0x183/0x530
[ 1378.360320][T20072]  ? __virt_addr_valid+0x183/0x530
[ 1378.360341][T20072]  ? __virt_addr_valid+0x45f/0x530
[ 1378.360361][T20072]  ? __phys_addr+0xba/0x170
[ 1378.360383][T20072]  ? hci_chan_del+0x3b/0x1b0
[ 1378.360402][T20072]  kasan_report+0x143/0x180
[ 1378.360417][T20072]  ? queue_delayed_work_on+0x267/0x390
[ 1378.360439][T20072]  ? hci_chan_del+0x3b/0x1b0
[ 1378.360463][T20072]  hci_chan_del+0x3b/0x1b0
[ 1378.360484][T20072]  l2cap_conn_put+0x70/0xe0
[ 1378.360507][T20072]  hidp_session_put+0x1e7/0x220
[ 1378.360528][T20072]  hidp_session_thread+0x458/0x490
[ 1378.360547][T20072]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1378.360567][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1378.360586][T20072]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1378.360603][T20072]  ? __pfx_hidp_session_wake_function+0x10/0x10
[ 1378.360626][T20072]  ? __pfx_hidp_session_wake_function+0x10/0x10
[ 1378.360649][T20072]  ? __kthread_parkme+0x169/0x1d0
[ 1378.360671][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1378.360691][T20072]  kthread+0x7a9/0x920
[ 1378.360712][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360734][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1378.360754][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360774][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360797][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360816][T20072]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1378.360832][T20072]  ? lockdep_hardirqs_on+0x99/0x150
[ 1378.360849][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360869][T20072]  ret_from_fork+0x4b/0x80
[ 1378.360888][T20072]  ? __pfx_kthread+0x10/0x10
[ 1378.360908][T20072]  ret_from_fork_asm+0x1a/0x30
[ 1378.360940][T20072]  </TASK>
[ 1378.360946][T20072] 
[ 1378.580951][T20072] Allocated by task 15835:
[ 1378.585352][T20072]  kasan_save_track+0x3f/0x80
[ 1378.590029][T20072]  __kasan_kmalloc+0x98/0xb0
[ 1378.594614][T20072]  __kmalloc_cache_noprof+0x243/0x390
[ 1378.600061][T20072]  hci_chan_create+0xc8/0x310
[ 1378.604728][T20072]  l2cap_conn_add+0x69/0x8e0
[ 1378.609307][T20072]  l2cap_connect_cfm+0x115/0x1090
[ 1378.614333][T20072]  hci_remote_features_evt+0x68e/0xac0
[ 1378.619796][T20072]  hci_event_packet+0xac2/0x1540
[ 1378.624728][T20072]  hci_rx_work+0x3f3/0xdb0
[ 1378.629150][T20072]  process_scheduled_works+0xa66/0x1840
[ 1378.634691][T20072]  worker_thread+0x870/0xd30
[ 1378.639272][T20072]  kthread+0x7a9/0x920
[ 1378.643333][T20072]  ret_from_fork+0x4b/0x80
[ 1378.647739][T20072]  ret_from_fork_asm+0x1a/0x30
[ 1378.652490][T20072] 
[ 1378.654802][T20072] Freed by task 19634:
[ 1378.658853][T20072]  kasan_save_track+0x3f/0x80
[ 1378.663524][T20072]  kasan_save_free_info+0x40/0x50
[ 1378.668543][T20072]  __kasan_slab_free+0x59/0x70
[ 1378.673307][T20072]  kfree+0x196/0x430
[ 1378.677201][T20072]  hci_conn_del+0x4b5/0xc40
[ 1378.681694][T20072]  hci_conn_hash_flush+0x258/0x350
[ 1378.686795][T20072]  hci_dev_close_sync+0xa42/0x11c0
[ 1378.691908][T20072]  hci_unregister_dev+0x20b/0x510
[ 1378.696941][T20072]  vhci_release+0x80/0xd0
[ 1378.701260][T20072]  __fput+0x3e9/0x9f0
[ 1378.705228][T20072]  task_work_run+0x24f/0x310
[ 1378.709808][T20072]  do_exit+0xa2a/0x2860
[ 1378.713956][T20072]  do_group_exit+0x207/0x2c0
[ 1378.718531][T20072]  __x64_sys_exit_group+0x3f/0x40
[ 1378.723545][T20072]  x64_sys_call+0x26c3/0x26d0
[ 1378.728210][T20072]  do_syscall_64+0xf3/0x230
[ 1378.732698][T20072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1378.738584][T20072] 
[ 1378.740898][T20072] The buggy address belongs to the object at ffff888027bba400
[ 1378.740898][T20072]  which belongs to the cache kmalloc-128 of size 128
[ 1378.754937][T20072] The buggy address is located 24 bytes inside of
[ 1378.754937][T20072]  freed 128-byte region [ffff888027bba400, ffff888027bba480)
[ 1378.768631][T20072] 
[ 1378.770941][T20072] The buggy address belongs to the physical page:
[ 1378.777351][T20072] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x27bba
[ 1378.786105][T20072] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1378.793200][T20072] page_type: f5(slab)
[ 1378.797169][T20072] raw: 00fff00000000000 ffff88801ac41a00 ffffea0001af7600 dead000000000006
[ 1378.805733][T20072] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1378.814298][T20072] page dumped because: kasan: bad access detected
[ 1378.820700][T20072] page_owner tracks the page as allocated
[ 1378.826396][T20072] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6071, tgid 6071 (udevadm), ts 113751466109, free_ts 113712187184
[ 1378.845394][T20072]  post_alloc_hook+0x1f4/0x240
[ 1378.850147][T20072]  get_page_from_freelist+0x365c/0x37a0
[ 1378.855681][T20072]  __alloc_frozen_pages_noprof+0x292/0x710
[ 1378.861480][T20072]  alloc_pages_mpol+0x311/0x660
[ 1378.866314][T20072]  allocate_slab+0x8f/0x3a0
[ 1378.870804][T20072]  ___slab_alloc+0xc27/0x14a0
[ 1378.875466][T20072]  __slab_alloc+0x58/0xa0
[ 1378.879783][T20072]  __kmalloc_cache_noprof+0x27b/0x390
[ 1378.885144][T20072]  kernfs_fop_open+0x826/0xd10
[ 1378.889897][T20072]  do_dentry_open+0xdec/0x1960
[ 1378.894648][T20072]  vfs_open+0x3b/0x370
[ 1378.898698][T20072]  path_openat+0x2c81/0x3590
[ 1378.903277][T20072]  do_filp_open+0x27f/0x4e0
[ 1378.907767][T20072]  do_sys_openat2+0x13d/0x1c0
[ 1378.912427][T20072]  __x64_sys_openat+0x247/0x2a0
[ 1378.917261][T20072]  do_syscall_64+0xf3/0x230
[ 1378.921758][T20072] page last free pid 9 tgid 9 stack trace:
[ 1378.927542][T20072]  free_frozen_pages+0xe0d/0x10e0
[ 1378.932552][T20072]  vfree+0x1c3/0x360
[ 1378.936433][T20072]  delayed_vfree_work+0x56/0x80
[ 1378.941299][T20072]  process_scheduled_works+0xa66/0x1840
[ 1378.946828][T20072]  worker_thread+0x870/0xd30
[ 1378.951408][T20072]  kthread+0x7a9/0x920
[ 1378.955463][T20072]  ret_from_fork+0x4b/0x80
[ 1378.959870][T20072]  ret_from_fork_asm+0x1a/0x30
[ 1378.964619][T20072] 
[ 1378.966926][T20072] Memory state around the buggy address:
[ 1378.972537][T20072]  ffff888027bba300: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc
[ 1378.980588][T20072]  ffff888027bba380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1378.988642][T20072] >ffff888027bba400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1378.996682][T20072]                             ^
[ 1379.001513][T20072]  ffff888027bba480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1379.009557][T20072]  ffff888027bba500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1379.017602][T20072] ==================================================================
[ 1379.134921][T20072] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1379.142156][T20072] CPU: 1 UID: 0 PID: 20072 Comm: khidpd_15c25886 Not tainted 6.14.0-rc1-next-20250206-syzkaller #0
[ 1379.152840][T20072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1379.162912][T20072] Call Trace:
[ 1379.166200][T20072]  <TASK>
[ 1379.169141][T20072]  dump_stack_lvl+0x241/0x360
[ 1379.173837][T20072]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1379.179051][T20072]  ? __pfx__printk+0x10/0x10
[ 1379.183658][T20072]  ? preempt_schedule+0xe1/0xf0
[ 1379.188520][T20072]  ? vscnprintf+0x5d/0x90
[ 1379.192865][T20072]  panic+0x349/0x880
[ 1379.196785][T20072]  ? check_panic_on_warn+0x21/0xb0
[ 1379.201911][T20072]  ? __pfx_panic+0x10/0x10
[ 1379.206327][T20072]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[ 1379.212296][T20072]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1379.218608][T20072]  ? print_report+0x502/0x550
[ 1379.223277][T20072]  check_panic_on_warn+0x86/0xb0
[ 1379.228211][T20072]  ? hci_chan_del+0x3b/0x1b0
[ 1379.232805][T20072]  end_report+0x77/0x160
[ 1379.237039][T20072]  kasan_report+0x154/0x180
[ 1379.241530][T20072]  ? queue_delayed_work_on+0x267/0x390
[ 1379.246979][T20072]  ? hci_chan_del+0x3b/0x1b0
[ 1379.251561][T20072]  hci_chan_del+0x3b/0x1b0
[ 1379.255968][T20072]  l2cap_conn_put+0x70/0xe0
[ 1379.260466][T20072]  hidp_session_put+0x1e7/0x220
[ 1379.265305][T20072]  hidp_session_thread+0x458/0x490
[ 1379.270404][T20072]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1379.276292][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1379.281916][T20072]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1379.287803][T20072]  ? __pfx_hidp_session_wake_function+0x10/0x10
[ 1379.294044][T20072]  ? __pfx_hidp_session_wake_function+0x10/0x10
[ 1379.300277][T20072]  ? __kthread_parkme+0x169/0x1d0
[ 1379.305293][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1379.310917][T20072]  kthread+0x7a9/0x920
[ 1379.315033][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.319633][T20072]  ? __pfx_hidp_session_thread+0x10/0x10
[ 1379.325267][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.329857][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.334443][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.339025][T20072]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1379.344215][T20072]  ? lockdep_hardirqs_on+0x99/0x150
[ 1379.349405][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.353987][T20072]  ret_from_fork+0x4b/0x80
[ 1379.358397][T20072]  ? __pfx_kthread+0x10/0x10
[ 1379.362979][T20072]  ret_from_fork_asm+0x1a/0x30
[ 1379.367739][T20072]  </TASK>
[ 1379.371001][T20072] Kernel Offset: disabled
[ 1379.375312][T20072] Rebooting in 86400 seconds..