last executing test programs:

8m22.386675121s ago: executing program 5 (id=218):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280), 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x1)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0)
ioctl$BLKROSET(r1, 0x125d, &(0x7f0000000080)=0x3f)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x0, 0x8000c62)
copy_file_range(r0, 0x0, r0, 0x0, 0x863, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r3, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

8m19.963213426s ago: executing program 5 (id=229):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x1, 0x0, 0xac1d})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r0, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x3})
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r1, &(0x7f0000006140)={0x2020}, 0x2076)

8m17.354568812s ago: executing program 5 (id=232):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x3)
socket(0xa, 0x3, 0xff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)

8m16.465584271s ago: executing program 5 (id=238):
getdents64(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000dc0)=ANY=[@ANYBLOB="85e400002a000000250000000080ffff9500000000000000afcd48d6494d614dcc6fab5335ec470db2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249ee1c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bf2255d6a0244d35b213bda84cc172afd8cc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d068ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c89056a55a25f8fe3b28d7e53c78fbfe5ab0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab8b4b380a00d72bc0480f949c479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b846970cfd98b9d4139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000a0c548552b571bed5647323c78a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf8fd1e75ee76bd72346cfbb526890aa7fe5e68949a3b30567e54d3504723177d356c4604bca492ecec37e83efceefd7ca2533659edc8be05cc85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2304a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e561a9845e4ff29e2bdb1d0b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c3c0e812b28e2f30d035cee5d0e77a3c72208ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebce68663ef5af469abe753314fae31a0445859a5ece8fb11a4ee8e46354c9c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4f"], &(0x7f0000000000)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195}, 0x94)
syz_mount_image$ext4(&(0x7f0000000700)='ext3\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x8}}, {@dioread_nolock}, {@grpid}]}, 0x1, 0x4f8, &(0x7f0000001900)="$eJzs3E1oXNUeAPD/nXz26zXvvb6+176+Z2oVg8WkTavNQpCKggsFsYK6DElaatNGmhRsqTIFqUspuBeXbl24VTdFXAlu61KQQpFu2griyJ25dzIzmUmaSTJjmt8Pbuace2fuOeeee+6ce07mBrBlDad/kkr4VkTsjohC4xuGKy/3716denD36lQUS6VTvyblj91L45lsN7Eji4wUIgofJYsbasxfvnJucnZ25mIWH1s4/97Y/OUrz5wdzNZMTCS9bRaqSXppue7t/3DuwL5X3rnx2lR1z3lqteVYL8Mx3CwrZU+ud2Jdtqsm3Ha90XHp+Z9WV1+5/e+Onliu8oodzBmw0UqlUmmg9eZiqdG1JWuATSsGu50DoDvyL/r0/jdfmnUE+jem+9F1d05WboDSct/PlojHyivzcZC+hvvb9TQcEW8Xf/ssXWKDxiEAAGp9czLvCTb0/4YqMyO/X7r5Qvr6t2wOZSgi/h4R/4iIf0bEnoj4V0TsjYh/R8R/GvbfExGlZdIfbohX069OQhVur1NRm0r7f89nc1vpsjj3VQ0N9WSxXRF5h3nmSHZMRqJv4PTZ2Zmjy6Tx7Us/ftJqW23/L13SPOR9wSwft3sbBuimJxcm2yvtUneuRezvXSx/pf+b9EYk1ZmAJCL2RcT+Vex3qCZ89ukvDlQjffXvW7n8ZaWm82jrMM9U+jziqUr9F6Na/qibREzq5ifPT56ZOTNzYXxi4vixoyeeG392bDBmZ46MpWfBkaZpfP/D9ddbpb9i+b/6ufEjL5/4+lTWstYurf/tNed/5PO3i+UfSiKS6nzt/OrTuP7Txy3vado9//uTN8vh/L70/cmFhYtHI/qTV5euH1/8bB5PX6NYKf/Iocbzv5xu+RqXH4n/RkR6Ev8vIv4flTvENO8HI+LxiDi0TPm/e/GJd9sv/8ZKyz8d9eWv1Hxd/S/O17cKJNncYN2m/kgDPecO3nrQ4uLxcPV/vBwaydY0v/4ldZeIVjnNv+3SNX+s+egBAADA5lCIiJ01Y0k7o1AYHa2MAe2J7YXZufmFw6fnLl2YTrdFDEVfIR/pqowH9yX5+OdQTXy8IX4sGzf+tGdbOT46NTc73dWSAzvKbT4pjEa81VPT/lO/rM8QM/BX5vdasHUt1/7TTvzeGx3MDNBRD//9f/ODDc0I0HE17b/VL/yLbfzfF7AJPPT3f9LyeTbAI2PlB/0YM4TNr6Qtw5a2qvZ/2EMA4VHSG29Uw4Wu5gToNP1/2JJW/F3/mgKlgeabBmPpm2Nw+R32RHvZ2NYkra4E0p5VV1Lf1s6n8omelu+Jwup2OBD1a/rbrNPTazwaxYvzZ/Yunvz5s0XWeJxL2f/Kr3cNftmRdtos0PFLEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIb4MwAA///GJdfC")
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x4000000, 0x0, 0xfffffffffffffe10, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000680)=0x5, 0x4)
sysinfo(&(0x7f0000000140)=""/247)

8m10.839494527s ago: executing program 5 (id=245):
syz_create_resource$binfmt(0x0)
syz_mount_image$ext4(&(0x7f0000000380)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x80, &(0x7f00000003c0)={[{@inlinecrypt}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noquota}, {@data_err_abort}, {@dax_never}, {@commit={'commit', 0x3d, 0x6}}]}, 0x6, 0x61e, &(0x7f0000002740)="$eJzs3c9rHGUfAPDv7GbTJM37pn15FVsUAx5akKZJLVa92NaDPRQs2IOIh4YmqaHbHzQp2FowBQ8KCiJeRXrxH/Auxas3EdSbZ6GKRBRUujK7s+km2U3WNLubZD4f2Ow8zzO7z/PdyZN5ZibPTgC5NZr+KETsi7h/LokYaSgbjlrhaLbe4q+VrKRSefWXJJJq3q3z9fWT7Hl3lhiIiG9ORvyvuLreuRs3L06WKzXvRByev3T18NyNm4dmL01emL4wfXniyHNHj40/P3F0YlPi3J09nzr9yuMfvvvmszPflg8lcTzOlt6eihVxbJbRGI37WYiN+X0RcSxdaPK5bDc7IIRcK2a/j6WIeDRGolhN1YzE7Ac9bRzQUZViujdvy0C7KwLbRbLBbr1rsxsCdFl9HJAe/9Yf648aznZ4VNI9907UDoBWx99XOzcSA9Vjo6HFpOHIqHZuY88m1J/W8fet/Z+mj1h2HuKPpa3Ttwn1tLJwOyIeaxZ/Um3bnmqk/TG0WFjWjiQixqsltfa99BBtSBqWO3EeZi31+Eur6m+MP1bFX4iI49lzmn9yg/WPrkh3O34A8unuiWxHvpCmlvb/X8XSvqm+/1s+/hlusu/aiF7v/1qP/+r7+4HqOfLCinFYOmY50/wtSyszfnz/1Met6m8c/6WPtP76WLAb7t2O2L8i/vfSYLPxTxp/0mT7p6ucO95eHS9/9/OpVmW9jr9yJ+JA0+OfB6PSdGmN65OHZ2bL0+O1n03r+PLrNz5vVX+v40+3/1CL+Bu2f2Hl69LP5GqbdXxx5s6lVmXD68Zf+Kk/qR1v9mc5b03Oz1+biOhPTmerNOQfWbst9XXq75HGf/Cp5v1/2e//7eXvM1j/k9mGq69dXGxVtpHt33Ax+X6lzTa0ksY/tf72X9X/07yP2qzj99evP9GqbK34Bx8mMAAAAAAAAMihQvUabFIYW1ouFMbGavNl/x9DhfKVufmnZ65cvzwVcbD6/5ClQv1K90gtnaTpiez/YevpIyvSz0TE3oj4pDhYTY+dv1Ke6nXwAAAAAAAAAAAAAAAAAAAAsEXszub/1+9T/VuxNv8fyIlO3mAO2Nr0f8ivav9fdYsnIA/s/yG/9H/IL/0f8kv/h/zS/yG/9H/IL/0f8kv/BwAAAIAdae+Td39IImLhhcHqI9WflZkRBDtbqdcNAHqm2OsGAD2zdOnfYB9yp63x/5/ZlwN2vjlADyTNMquDg8ranf9u01cCAAAAAAAAAAAAAB1wYF/r+f/mBsPOZtof5NdDzP/31QGwzfnqf8gvx/jAerP4B1oVmP8PAAAAAAAAAAAAAF0zXH0khbFsLvBwFApjYxH/iYg9UUpmZsvT4xHx34j4vljalaYnet1oAAAAAAAAAAAAAAAAAAAA2GHmbty8OFkuT19rXPhrVc7WWyiut84j0fYb1u+C2oXGvxj/8lWRdP/jHYyIrbGVO7HQ15CTRCykW35LNOzaXGyNZlQXevyHCQAAAAAAAAAAAAAAAAAAcqhh7nFz+z/rcosAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoPse3P+/cwu9jhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2J7+CQAA//8kbTKq")
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, 0x0, 0x0, 0x2}, 0x20)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_ethernet(0xae, &(0x7f0000000000)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000308", 0x78, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b52ab", 0x0, 0x2b, 0x0, @private0, @private0, [@srh={0x873a84884f5b3ade, 0x4, 0x4, 0x2, 0x1, 0x0, 0x0, [@private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @dstopts={0x88, 0x2, '\x00', [@hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}]}]}}}}}}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000000))
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r7, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x4)

8m5.990101333s ago: executing program 5 (id=254):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
io_setup(0x81, &(0x7f0000001440)=<r1=>0x0)
r2 = syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x200000c5, &(0x7f0000000180)={0xa, 0x2, 0x10000, @loopback, 0x3}, 0x1c)
write$P9_RMKNOD(r3, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c)
io_submit(r1, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])

8m4.325332939s ago: executing program 1 (id=259):
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904b000003a"], 0x0)
syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x20000002}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x34}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000001300)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e640500000000007502faff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000002b000000b70000000000002995000000000000001da5ad3548ebb63d18db6a1c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6d5b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8c18119a6926083f4a2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa387a8077927a1ad367c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f20002b35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8c367d1bfd1aea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82dc568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000000000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac6f09c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccf5e882602897a85bf8523d891080593d831d758deb4f2c7e49c6d6b35d8fd92601c8500febb0c5fe0be294bf6bbbecad444695277a9e3992a354492513b43091d161c7c7cdbbe44e8e83b4cf333238a52f214b278c6485236ea880db2f113f6381187679a4620d6149808b0af024b3b3e6ba99b4b15ca"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x143}, 0x48)

8m1.650365767s ago: executing program 1 (id=266):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000600)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

7m59.690626415s ago: executing program 1 (id=268):
syz_create_resource$binfmt(0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x80, &(0x7f0000000100), 0x6, 0x61e, &(0x7f0000002740)="$eJzs3c9rHGUfAPDv7GbTJM37pn15FVsUAx5akKZJLVa92NaDPRQs2IOIh4YmqaHbHzQp2FowBQ8KCiJeRXrxH/Auxas3EdSbZ6GKRBRUujK7s+km2U3WNLubZD4f2Ow8zzO7z/PdyZN5ZibPTgC5NZr+KETsi7h/LokYaSgbjlrhaLbe4q+VrKRSefWXJJJq3q3z9fWT7Hl3lhiIiG9ORvyvuLreuRs3L06WKzXvRByev3T18NyNm4dmL01emL4wfXniyHNHj40/P3F0YlPi3J09nzr9yuMfvvvmszPflg8lcTzOlt6eihVxbJbRGI37WYiN+X0RcSxdaPK5bDc7IIRcK2a/j6WIeDRGolhN1YzE7Ac9bRzQUZViujdvy0C7KwLbRbLBbr1rsxsCdFl9HJAe/9Yf648aznZ4VNI9907UDoBWx99XOzcSA9Vjo6HFpOHIqHZuY88m1J/W8fet/Z+mj1h2HuKPpa3Ttwn1tLJwOyIeaxZ/Um3bnmqk/TG0WFjWjiQixqsltfa99BBtSBqWO3EeZi31+Eur6m+MP1bFX4iI49lzmn9yg/WPrkh3O34A8unuiWxHvpCmlvb/X8XSvqm+/1s+/hlusu/aiF7v/1qP/+r7+4HqOfLCinFYOmY50/wtSyszfnz/1Met6m8c/6WPtP76WLAb7t2O2L8i/vfSYLPxTxp/0mT7p6ucO95eHS9/9/OpVmW9jr9yJ+JA0+OfB6PSdGmN65OHZ2bL0+O1n03r+PLrNz5vVX+v40+3/1CL+Bu2f2Hl69LP5GqbdXxx5s6lVmXD68Zf+Kk/qR1v9mc5b03Oz1+biOhPTmerNOQfWbst9XXq75HGf/Cp5v1/2e//7eXvM1j/k9mGq69dXGxVtpHt33Ax+X6lzTa0ksY/tf72X9X/07yP2qzj99evP9GqbK34Bx8mMAAAAAAAAMihQvUabFIYW1ouFMbGavNl/x9DhfKVufmnZ65cvzwVcbD6/5ClQv1K90gtnaTpiez/YevpIyvSz0TE3oj4pDhYTY+dv1Ke6nXwAAAAAAAAAAAAAAAAAAAAsEXszub/1+9T/VuxNv8fyIlO3mAO2Nr0f8ivav9fdYsnIA/s/yG/9H/IL/0f8kv/h/zS/yG/9H/IL/0f8kv/BwAAAIAdae+Td39IImLhhcHqI9WflZkRBDtbqdcNAHqm2OsGAD2zdOnfYB9yp63x/5/ZlwN2vjlADyTNMquDg8ranf9u01cCAAAAAAAAAAAAAB1wYF/r+f/mBsPOZtof5NdDzP/31QGwzfnqf8gvx/jAerP4B1oVmP8PAAAAAAAAAAAAAF0zXH0khbFsLvBwFApjYxH/iYg9UUpmZsvT4xHx34j4vljalaYnet1oAAAAAAAAAAAAAAAAAAAA2GHmbty8OFkuT19rXPhrVc7WWyiut84j0fYb1u+C2oXGvxj/8lWRdP/jHYyIrbGVO7HQ15CTRCykW35LNOzaXGyNZlQXevyHCQAAAAAAAAAAAAAAAAAAcqhh7nFz+z/rcosAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoPse3P+/cwu9jhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2J7+CQAA//8kbTKq")
socket$inet6_udplite(0xa, 0x2, 0x88)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[@ANYBLOB="7f454c460b050808698200000000000003003e00ffffff7f30030000000000004000000000000000120100000000000000200000ff7f3800020007008fbc0c000300000081000000010000000000000009000000000000000a00000000000000020000000000000000000000000000000000000001000000070000006e100000000000000000000004000000000000000a00000000000000010400000000000009000000000000000700000000000000d18604035c0ee631fee5b08a05d0de9a9c64791d39a78be937524d940693b75b4e68fa7b74372c25d66d512957a3447a01da36ca53e92cc2b495af4aa444641fa80579f3007225ba8ac8ac3b6ca0fcc9461ada60f43e3e25000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cafc9e2e89fc35f922b0747800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005a00"/1544], 0x608)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, 0x0, 0x0, 0x2}, 0x20)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
syz_emit_ethernet(0xae, &(0x7f0000000000)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000308", 0x78, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "5b52ab", 0x0, 0x2b, 0x0, @private0, @private0, [@srh={0x873a84884f5b3ade, 0x7, 0x4, 0x2, 0x1, 0x0, 0x0, [@private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @dstopts={0x88, 0x2, '\x00', [@hao={0xc9, 0x10, @remote}]}]}}}}}}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={0x0, 0x0, 0x26}, 0x28)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f626172726965722c63726561746f723d5c5d07842c63726561746f723dbd3cfff52c6e6c733d63703433372c756d61736b3d3030303030303030303030303030000000000000dc599bad22eebebb0002372c6e6f6465000000000000000000"], 0x1, 0x6a4, &(0x7f0000001380)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
setxattr$incfs_metadata(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, 0x0, 0x0)
lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000680)=@known='user.incfs.metadata\x00', 0x0, 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1}, 0x6d)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r6, 0x0, 0x0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
ioctl$int_out(r0, 0x5462, 0x0)

7m57.460452788s ago: executing program 1 (id=273):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r1, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)

7m57.116618755s ago: executing program 1 (id=275):
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x82)
fchdir(r5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./bus\x00', 0x4d)
rename(&(0x7f0000000180)='./bus\x00', &(0x7f00000001c0)='./file0\x00')
sendmsg$IPCTNL_MSG_CT_GET(r3, 0x0, 0x0)
r6 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
iopl(0x3)
r7 = openat$dir(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0x5, 0x6, 0x5, 0x8ee7, 'syz0\x00', 0x1}, 0x2, 0x200, 0x9, r1, 0x0, 0x0, 'syz1\x00', 0x0})
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r6, 0x1, &(0x7f0000000200)={0x100, r7}, 0x0)

7m53.687234882s ago: executing program 1 (id=278):
r0 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r0, &(0x7f0000000040)="d56f48b3cb", 0x5, 0x20000800, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)

7m49.404077018s ago: executing program 32 (id=254):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000440)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
io_setup(0x81, &(0x7f0000001440)=<r1=>0x0)
r2 = syz_io_uring_setup(0x2af8, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x200000c5, &(0x7f0000000180)={0xa, 0x2, 0x10000, @loopback, 0x3}, 0x1c)
write$P9_RMKNOD(r3, &(0x7f0000000280)={0x14, 0x13, 0x2, {0x4, 0x2}}, 0xfffffe5c)
io_submit(r1, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])

7m38.039760639s ago: executing program 33 (id=278):
r0 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x8000, &(0x7f00000001c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
sendto$inet(r0, &(0x7f0000000040)="d56f48b3cb", 0x5, 0x20000800, &(0x7f0000000200)={0x2, 0x4e24, @multicast1}, 0x10)

2m4.697288536s ago: executing program 4 (id=897):
getsockname$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x0)
socket(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="62202a3a2a2072776d0022e0e429f7dfa3d87d053bf08f080303f8d6d103e59d3dc48ad1265c7be7580a"], 0xa)
r4 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000002c0)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000100)={'b', ' *:* ', 'rwm\x00'}, 0xa)

1m58.55799296s ago: executing program 4 (id=907):
r0 = socket$inet6(0xa, 0x3, 0x5)
syz_read_part_table(0x1061, &(0x7f0000001080)="$eJzsz71tAlEQBOA5n33nwJJdgku5yB24GSemCiogogdEA8SUgYRIkRZx/HUABN+XPI3erFYbHquZzqqqfhan+LfKe30m2TbXypj7oW2PYZLxSZf+/N0lr8m+Km+3kSH1kl2+kmZstJd135ssP1L1n6zzO7/bnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxA4BAAD//0yNF/Y=")
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast2, 0x800, 0x0, 0xff, 0x9, 0x100, 0x6190}, 0x20)

1m57.565795446s ago: executing program 4 (id=910):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
getdents(r0, &(0x7f00000000c0)=""/39, 0x27)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r1}, 0x18)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x17)
munmap(&(0x7f0000800000/0x800000)=nil, 0x800000)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x10, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0xfffffffc, 0x9, 0x4, 0xfffffffc, 0x7f, "c2e0fc7abcd4f340eb0081acf8905944823a7f"})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(r0, &(0x7f0000000140)="31196175060051165dd4706a81d05ff1dc973b1cebb346d496ba9cf0e69f24f6e563d544da47c15a2ad31b2144be47b79ec2", 0x32, 0x24008084, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)

1m54.547470639s ago: executing program 4 (id=913):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x60, 0x24, 0xf0b, 0x70bd2a, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x7, 0xf3, 0x3, 0x1, 0x2, 0xfffffff7, 0x1}}, {0x6, 0x2, [0x6]}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1m54.109900213s ago: executing program 4 (id=914):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)

1m52.684696522s ago: executing program 4 (id=915):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), 0x0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x34, 0x0, [{0x86956090991702cc, 0xfffffed6, &(0x7f0000001e80)=""/133}, {0x0, 0xfffffffffffffdd3, &(0x7f0000000500)=""/10}]})

1m37.018597037s ago: executing program 34 (id=915):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{}, &(0x7f0000000000), 0x0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f0000"], 0x48)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400)={0x34, 0x0, [{0x86956090991702cc, 0xfffffed6, &(0x7f0000001e80)=""/133}, {0x0, 0xfffffffffffffdd3, &(0x7f0000000500)=""/10}]})

15.336362436s ago: executing program 3 (id=1112):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@abort}]}, 0x22, 0x4d5, &(0x7f0000000580)="$eJzs3c9vG1kdAPDvTOIkm81usrASPwRsWRYKqmon7m602tNyAaHVSogVJw7dkLghih1HsVOa0EP6PyBRiRP8CRyQOCD1xJ0b3Li0B6QCFahB4mA09iRNUzvJtqlHij8faTTz5tn+vmdr3td+TvwCGFmXImIvIiYi4tOImM3PJ/kWH/a27HaPH91e3n90ezmJTueTfybd+uxcHLlP5tX8Maci4kffj/hp8mzc1s7u+lK9XtvKy5V2Y7PS2tm9utZYWq2t1jaq1cWFxfn3r71XPbe+vtX43cPvrX304z/+4av3/7z3nV9kzZrJ64724zz1ul46jJMZj4iPXkawAozl/ZkouiE8lzQiPhcRb2fXf6fo1gAAw9DpzEZn9mgZALjo0u4cWJKW87mAmUjTcrk3h/dmTKf1Zqt95UZze2OlN1c2F6X0xlq9Np/PFc5FKcnKC93jJ+XqsfK1iHgjIn45+Uq3XF5u1leKfOMDACPs1WP5/z+TvfwPAFxwU0U3AAAYOvkfAEaP/A8Ao0f+B4DRI/8DwOiR/wFg9Mj/ADBSfvjxx9nW2c9//3rl5s72evPm1ZVaa73c2F4uLze3NsurzeZq9zd7Gqc9Xr3Z3Fx4N7ZvVdq1VrvS2tm93mhub7Svd3/X+3qtNJReAQAneeOte39NImLvg1e6WxxZy0GuhostLboBQGHGim4AUJjxohsAFMZnfKDPEr1P6f8nQhMRd19Kc4AhuPwl8/8wqsz/w+jqP/8v88MoMP8Po6vTSaz5DwAjxid94Pm+/w/f/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDSZrpbkpbztcBnIk3L5YjXImIuSsmNtXptPiJej4i/TJYms/JC0Y0GAF5Q+vckX//r8uw7M8drJ5L/Tnb3EfHzX3/yq1tL7fbWQnb+X4fn23fz89Ui2g8AnOYgTx/k8QOPH91ePtiG2Z6H3+0tLprF3c+3Xs14jHf3U1GKiOl/J3m5J3u/MnYO8ffuRMQX+/U/6c6NzOUrnx6Pn8V+bajx06fip9263j57Lj5/Dm2BUXMvG38+7Hf9pXGpu+9//U91R6gXdzD+7T8z/qWH49/YgPHv0lljvPunHwysuxPx5fF+8ZPD+MmA+O+cMf7fvvK1twfVdX4TcTn6xz8aq9JubFZaO7tX1xpLq7XV2ka1uriwOP/+tfeqle4cdeVgpvpZ//jgyusn9X96QPypU/r/zTP2/7f/+/QnXz8h/re/0f/1f/OE+FlO/NYZ4y9N/37g8t1Z/JUB/T/t9b9yxvj3H+yunPGmAMAQtHZ215fq9dpWfjC+dfyMg/M+yN67FRZ9L3/hi34SLtLBg5/1ntMz36v0WW58wsEXXmK/ihyVgGF4ctEX3RIAAAAAAAAAAAAAAGCQYfybVNF9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OL6fwAAAP//M8rRSQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
write$uinput_user_dev(r2, &(0x7f0000000cc0)={'syz1\x00', {}, 0x3, [0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x3f9, 0x100, 0x0, 0x5, 0xfffffffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0x3, 0xe, 0x721a2d63, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x6], [0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x8, 0x7f, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0xc, 0x0, 0x0, 0x0, 0x0, 0x289, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xa47, 0x2000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6fff, 0x71, 0x0, 0x0, 0x5, 0xffffffff, 0x200000, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x5, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x3, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x9b0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000008, 0xc7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x1000, 0x10000, 0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffd, 0x400, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4]}, 0x45c)
r3 = socket(0xa, 0x3, 0xff)
syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r3)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40890)
setsockopt$inet6_int(r3, 0x29, 0x4d, 0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x0, &(0x7f0000000640), 0x1, 0x5bc, &(0x7f0000001440)="$eJzs3V2IXGcdB+D/md1N87E1H7Zqa2xWQ20gdGez2YREvLDEj1qTWlG8CIWwZKe7IbM7a3YD3algizeiIII3IggVe2FFNJCbSqntRYs3Ckr9oKIxoIIIRSsFEdSRdz620+akCe7uHJrzPHBm3/Oe2X3f2eE355w57zkngNIaSw9ZxGhEXIyI7Z3Z1z9hrPOjefDCXJqyaLU+/bes/byZgxfmek/t/d629DAcsTkidh3LYu/Ile0urTTPTtfrtXPd+ery/GJ1aaV595n56dnabG3h0JGpo5OHp45Mrd9rnfjZ1lv/fOf9l594/p///tZvDv8g9Xe0u6z/dayXsRjr/k9GYmdf/XAWcd96N1aQoc5bHXf21WXDBXaI69Zq7fp+ev/eHhF72/nfHkPRefNeevrBf2yPX91bdB+BjdPqyV/8Sgu4YVXa28BZZTwiOuVKZXy8sw1/S2yt1BtLy/sfapxfmOlsK++IkcpDZ+q1ie6+wo4YydL8gXb5tfnJN8wfjGhvA39paEt7fvx0oz4z6A87oG004tLFz53etO0N+f/LUCf/wI0r5f+XLzz1bCq/OlR0b4BBSvn/3qvznwj5h9KRfygv+Yfykn8oL/mH8pJ/KC/5h/KSfygv+Yfykn8or17+HzhxIh44caLV7J7/vtCYPXN2bvHo5MT4/PnT46cb5xbHZxuN2fYZO/PX/rv1RmPxwGScf7i6XFtari6tNE/NN84vLJ9qn9d/qpZzKQCgACcvb75v557nXsoi4tEPbGlPyabuclmFG1urlUXR5yADxbDrD+XlUm1QXvbxgewayzdfbUF9/fsCDEal6A4AhbnrNsf/oKx8/w/l5ft/KC/b+IDv/6F8fP8P5TV6lft/3dx3766JiHhbRPx0aOSm3r2+gLeU1+3qj0ZcuvSdz1ZX78OtoKCgsFoo7oMKGIzXQl90T4CizBy8MNebBtXmM7ODagnI8/I9nUFAKffN7tRZMrx6bGBkg8YJ7bwjPf7o94/vmxtKU3Q/hzagKSDHo49FxLvy1v9Z+9jAju7zdnWeFrdExK0R8Y6IeOca2/7GpyLG4oVaf538w+Bcb/5vi4i0ur49It4dEbsj4j1rbPsXF1P+f72lv07+oRw+/3zRPQCK8vGniu4BUJSTxhhAaX33kaJ7ABTl6R8W3QOgKF99segeQLk9d09ETOQd/6u0j/f3jHSvC3hT91oAWyJia0Rs655DeHP3HMHtfccMr+XUJyPG4o4f99c5/geD0xv/17xi/F9ldfzfUETsWUMbz3xw9Ct59dO7U/6feKQ3/i9Nqf3eWEBgY738WMTtufnPVsf8ZpFyGvHe/7ONsS9cfjKv/sX7098d+bn8QzFa3454f+TnvyeVqsvzi9Wllebd7ft4z9YWDh2ZOjp5eOrIVLV9iZBq70IhOY7//ZX9efW/m0z5/+Yh+YdipPX/1qvkv3/7/31raOPY1798Mq9+9I8p/7ufffP8V/66KftMe753X4KHp5eXzx2I2JQdv7J+cg0dhRtcLyO9DKX879ubv/+/q/s7af1/LCI+nLYXIuI/EfHfiPhIRHw0Ij4WEfe+SZtfu2v2cl79H55M+X/8rPU/FCPlf+Ya6//0819raGP/vp98Ma/+Q3tS/sd/+6fjDw6nSf4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1t/SSvPsdL1eO7eBhaJfIwAAAAAAAJTF/wIAAP//d8Uzog==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000480)=0x7)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_pktinfo(r6, 0x0, 0x8, &(0x7f0000000080)={0x0, @multicast1, @private}, &(0x7f00000000c0)=0xc)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r4, 0x40086610, &(0x7f00000004c0)={@id={0x2, 0x0, @c}})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

13.710546013s ago: executing program 3 (id=1114):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = socket(0x1000000000000010, 0x80802, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c0008000800113f080000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r1, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6(0xa, 0x5, 0x62f0d55d)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000040), 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe8c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x1, 0x8, 0x0, 'queue0\x00', 0x2})
write$sndseq(r2, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {0x1}, @result={0xffffffe0, 0xfffff001}}], 0x1c)
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @local}, 0x10)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000008900)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000e80)=""/4072, 0xfe8)

13.622293s ago: executing program 2 (id=1115):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_procfs(0x0, 0x0)
sendmsg$nl_generic(r1, 0x0, 0x50)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
socket$unix(0x1, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x5)
sendmsg$GTP_CMD_DELPDP(r2, 0x0, 0x10)
sendmmsg(r4, 0x0, 0x0, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x4c, 0x0, 0x0)

11.346095563s ago: executing program 2 (id=1116):
syz_usb_connect(0x3, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x2, 0x5, 0xe0, 0x8, 0x451, 0x5416, 0x100, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xdb, 0x4, 0x80, 0xe6, [{{0x9, 0x4, 0x6b, 0x4, 0x0, 0x28, 0xe5, 0x8c, 0x5}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})

11.027892205s ago: executing program 3 (id=1117):
r0 = syz_usb_connect(0x2, 0x68, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f7010203010902240001000000000904fb00026c5d650009050402100000fa000905820240"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10.028749922s ago: executing program 3 (id=1121):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2}}, 0x2}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1a4a, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendto$inet6(r0, &(0x7f0000000140)="8a", 0x1, 0x8001, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$sock_int(r1, 0x1, 0x8, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r1)
sendmsg$NL80211_CMD_GET_SCAN(r1, 0x0, 0x40001)

9.506224999s ago: executing program 3 (id=1124):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xce7c1000)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000000200000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)

6.627731813s ago: executing program 0 (id=1127):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = socket(0x1000000000000010, 0x80802, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c0008000800113f080000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r1, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6(0xa, 0x5, 0x62f0d55d)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000040), 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe8c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000000c0)={0x1, 0x8, 0x0, 'queue0\x00', 0x2})
write$sndseq(r2, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {0x1}, @result={0xffffffe0, 0xfffff001}}], 0x1c)
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @local}, 0x10)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000008900)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000e80)=""/4072, 0xfe8)

6.1377373s ago: executing program 0 (id=1129):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file1\x00', 0x2004081, &(0x7f0000000080)=ANY=[], 0x1, 0x6eb, &(0x7f0000000c80)="$eJzs3c9vHGcdB+DPrNeOt1TBaZM2QkGYRCqgiMSJlUK4YBBCOVSoKoeercRprGySKnGRWyFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnEIvSya2Vl7d73+lTh2oj5PNJ73nfedd77zzjvv2OtYE+AL68rZNO+nyJWzbyyX+bXV2fba6uyRuridpEw3kmZ3leJ2UjxI5sryom9J33qTjxYvv/Xpw7XPurlmvVT1x7bbb4QRdVfqJdN1e9Mj9xzf7SFW6vDyYpKr9XrQxG7bGqhYdtqZeg2HrjOokc7KXnbfy30LPGN6T6ei+9zcZCp5Iclk/X1A6tmhcXAR7quv9xJ7muUAAADgOfXJncOOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4/1fv/W+vZRndTMp2i9/7/id62Ov0Mmtt1zftPNQ4AAAAAAAAA2CdHti/+2qM8ynKO9vKdovqd/+kqczyfd5Iv5b3cy0Lu5lyWM5+lLOVuLiSZ6mtoYnl+aenuhfU9S6P3vDhyz4v7etYAAAAAAAAA8EXzq7Q2fv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPgiIZ20jmeL3OVBrNdMuq/EryryQThxrs3hSjNt4/+DgAAADgiUw+xj5ffpRHWc7RXr7vh+Qik3kvt7OUxSylnYVcq4vLn/oba6uz7bXV2VvlUuYH2/3Bf/YUxkTdwtiWRz5Z1WjleharLedytQrmWhrdY59JTvbi6Yurz4dlTMX3a7uMrFl3a3mwP/yv0+ns6bz2YvCjiMY2NVsbwSXrPTJTX51yz2PdHiiqD2qS4Z4YvjqbDtYcyE1VVcbXj3QhjfVPfo4/hT5/oV6X5/PbrT65OTD9fbHeE41UPXGxN/qSvLJ9TyTf+Nuf377Rvn3zxvV7Zw/3lPZgbIvtw2Nitq8nXn2ue6K5x/ozVU+cWM9fyY/z05zNdN7M3SzmZ5nPUhbSmznm6/Fcfp3avqfmBnJv7hTJRH1dutdsNzFN50dVaj6nq32PZjFF7uRaFvJ69e9iLuQ7uZRLudx3hU9sGXd1btVd3xi+63tX+u8jgz/zzTpRzm6/25jl5rY7461G537pzv1lvx7r69fuqH+4XutY330w09dLL/V6Z3xk448zNza/UifKY/x6h+fEwZqqe6K8gXpPiV50L3d7olk9izaP8z92yv3Svt3p3Jh/d4v2V4byr9XrclitfnWn2j2jL8X+KsfLS5msZ5LB0VGWvbw+y/SVdTbGcrds8Ilb7neiKiuK3p36k9ypBsDmO7Ws/crIli5WZa8OlZ2q5/Cy7GRf2cD3W7mTdq4dQP8B8Dj++fZ6ciovTLT+3fqk9XHrN60brTcmf3jku0dOTWT8H+Pfa86MvdY4Vfw1H+cXGz//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj+/e+x/cnG+3F+6OTjS2LhpItDK8ZaeWhxJF/UKfUXVu1m8p2FODh5yYTDKwpXrP0YGH0RoOY1Oi88tklw1+K8n+BNZ7ieDoOr8vE81dXe65gS1/2dzghzvHM5ahcbiL++IpJho52IOOZfQAOKwZCTgo55duvXv+3vsffHvx1vw7C+8s3B6/dOnyzOVLr8+ev77YXpjpfj3sKIGnYeOhf9iRAAAAAAAAAAAAALs16g8DTr+40x+NbEo0kgz/jYf/WQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsiytn07yfIhdmzs2U+bXV2Xa59NIbNZtJGo2k+HlSPEjm0l0y1ddckT89SGfEcT5avPzWpw/XPttoq9mtnzTq9da2L02yUi+ZTjJWr5/AQHtXn7C9Zor/9s6h7LDPO53O3JPFB/vj/wEAAP//6rLunw==")
lstat(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000000), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000240)={r0, 0x7, 0xfa})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x9, 0x2, 0x9, 0x42, 0xffffffffffffffff, 0x3}, 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x50, r2, 0x1, 0xfffffffc, 0x0, {}, [@WGDEVICE_A_PEERS={0x4}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x80002, 0x8c)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
syz_emit_ethernet(0x11, 0x0, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x2005, 0x5}, 0x3f, [0x9, 0x2, 0x8, 0x2, 0x2, 0x400, 0x80000000, 0x0, 0x8, 0x0, 0x6, 0x2, 0xfffffffb, 0x39, 0x747d5e12, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x2004, 0x3, 0x4, 0xf252, 0x80, 0x2000800, 0x300000, 0x7, 0xe, 0x4623f, 0x0, 0x0, 0x1ff, 0x8000, 0x0, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x2, 0x200, 0x2, 0x4, 0xe, 0x4, 0x2, 0x1, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0xffffffff, 0x4, 0x6, 0x1000, 0x5, 0x40, 0x8, 0xa, 0x5], [0x7, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x25, 0x7, 0xfffffffc, 0x4, 0x8002, 0x72c, 0x1c32, 0x8, 0x5, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0x7, 0x6, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0xe5, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0xe58, 0x1000, 0x80040101, 0x4, 0x4, 0x5, 0x200003, 0x2, 0x5, 0x80, 0x9, 0x8001, 0x3, 0x0, 0x2, 0x4, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x106, 0x9, 0x956, 0x0, 0x3ff, 0x3, 0x6, 0x10000001, 0x2005, 0x9, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0xd9, 0x0, 0x7d, 0x401, 0x4], [0x108e, 0xffff, 0x3, 0x3, 0x88, 0x2, 0x4000000, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x5, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x6, 0x4, 0xe47, 0x3, 0x3, 0x4, 0x200, 0x2851, 0x3b, 0x20000002, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x20008, 0xec87, 0x6, 0x44, 0x409, 0x3, 0x4, 0x4, 0x10, 0x4, 0xffffffff, 0x7fff, 0x2, 0xfffffff8, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x0, 0xf, 0xf, 0x136, 0x6]}, 0x45c)
ioctl$UI_DEV_CREATE(r3, 0x5501)
write$input_event(r3, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
socket$nl_route(0x10, 0x3, 0x0)

6.018078049s ago: executing program 7 (id=1130):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x1218454, &(0x7f0000000000)=ANY=[], 0x4, 0x1533, &(0x7f00000002c0)="$eJzs3Am4TlX7MPD7XmttDhmeJPO+1715kmGRJBkSMlSSJCRzQtJJkqQSh0xJSJKMJ8kcMqeTzPOUOXTySpIkJCRZ33VSn6b36/++/97X+73n/l3Xvs66915r7Xuf+3n28FznPF92GVKjUc2q9ZkZ/hn65wZe/JEEAAkA0B8AsgNAAABlcpTJkbY9k8akf2on4l+kwdTLnYG4nKT+6ZvUP32T+qdvUv/0Teqfvkn90zepf/om9RciXZue90pZ0u8in///f079bwbL9f+/D+LvV/29vlL//zb6H+ot9U83MvzRSql/evHHlwCpf/om9U/PgsudgLjM5P2fvkn9hUjX/vLPlNed/Uf6B/+SHP7Ni4bLn8M/uwghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEP8GZ/0lBgB+bl/uvIQQQgghhBBCCPHX8e9c7gyEEEIIIYQQQgjxr4egQIOBADJARkiATJAZroAskBWyQXaIwZWQA66CnHA15ILckAfyQj7IDwUgBAILDBEUhEIQh2ugMFwLRaAoFIPi4KAElITroBRcD6XhBigDN0JZuAnKQXmoABXhZqgEt0BlqAJV4VaoBtWhBtSE2+B2uANqwZ1QG+6COnA31IV7oB7cC/WhATSE+6AR3A+NoQk0hWbQHFpAyz8Zn5z9j8Y/C93gOegOPSAJesIcAOgNfaAv9IP+8AIMgBdhILwEg2AwDIGXYSi8AsPgVRgOr8EIeB1GwigYDWNgLIyDZHgDxsObMAHeuj8rTILJMAWmwjSYDm/DDJgJs+AdmA1zYC4kZ5oPC2AhvAuL4D1IgfdhMXwAS2ApLIPlsAJWwipYDWtgLayD9bABNsIm2Axb4EPYCttgO+yAnbALdsNHsAf2wj74GFLxk39w/Jlfj4euCAioUKFBgxkwAyZgAmbGzJgFs2A2zIYxjGEOzIE5MSfmwlyYB/NgPsyHBbAAEhIyMhbEghjHOBbGwlgEi2AxLIYOHZbEklgKr8fSWBrLYBksi2WxHJbH8lgRK2IlrISVsTJWxapYDathDayBt+FteAfWwlpYG2tjHayDdbEu1sN6WB/rY0NsiI2wETbGxtgUm2JzbI4tsSW2wlbYGltjW2yL7bAdtsf2mIiJqAGgI3bETtgJO2Nn7IJdsCs+jU/js/gsPofPYQ+spnpiL+yFvbE39sV+2A9fwAH4Ir6IL+EgHIxD8GV8GV/BYXgah+NrOAJHYCU1CkfjGGQ1DpMxGTPCeJyAE3AiTsJJOAWn4jScjtNxBs7EmfgOzsY5OAfn4TxcgAtxIS7C9zAFU3AxnsEluBSX4XJcgStxBa7GNbga1+F6XIcbcSNuxs34IX6I23Ab7sAduAt34Uf4Ee7FvTgIUzEV9+N+PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP4wk8iSfwFJ7C03gGzwLAOTyH5/E8XsALaW9+lcYoozKoDCpBJajMKrPKorKobCqbiqmYyqFyqJwqp8qlcqk8Ko/Kp/KpAqqAIkWKVaQKqoIqruKqsCqsiqgiqpgqppxyqqQqqUqpUqq0Kq3KqBvPllU3qXKqvGrjKqqKqpJq6yqrKqqqqqqqqeqqhqqpaqrb1e2qlqqlaqvaqo6qo+qqe1Q91RP7YgOVVplGajA2VkOwqWqmmqsW6hV8QLVSw7C1aqPaqofUazgc26tWLlE9qjqo0dhRPa7G4BOqsxqHXdRTqqt6Wj2jnlXdVGvXXfVQE7Gn6qWmYG/VR/VV/dQMrK7SKlZDvaQGqcFqiHpZLcBX1DD16l68eMJUI9UoNVqNUWPVOJWs3lDj1ZtqgnpLTVST1GQ1RU1V09R09baaoWaqWeodNVvNUXPVPDVfLVAL1btqkXpPpaj31WL1gVqilqplarlaoVaqVWq1WqPWqnVqvdqgNqpNarPaoj5UW9U2tV3tUDvVLrVbfaT2qL1qn/pYpapP1H71N3VAfaoOqs/UIfW5Oqy+UEfUl+qo+kodU1+r4+qEOqm+UafUt+q0OqPOqu/UOfW9Oq9+UBeUV6BRK6210YHOoDPqBJ1JZ9ZX6Cw6q86ms+uYvlLn0FfpnPpqnUvn1nlMXp1P59cFdKhJW8060gV1IR3X1+jC+lpdRBfVxXRx7XQJXVJfp0vp63VpfYMuo2/UZfVNupwuryt40DfrSvoWXVlX0VX1rbqarq5r6Jr6Nn27vkPX0nfq2vouXUffrevqe3Q9fa+urxvohvo+3UjfrxvrJrqpbqab6xa6pX5At9IP6kC30W31Q7qdfli314/oRP2o7qAf0x3147qTfkJ31k/qLvop3VVXAYAf9AXtdXfdQyfpnrqXfl731n10X91P99cv6AH6RT1Qv6QH6cF6iH5ZD9Wv6GH6VT1cv6ZH6Nf1SD1Kj9Zj9Fg9TifrN/R4/aaeoN/SE/UkPVlP0VP1NN03bSZQF18xfzL+zT8YP/DHvW/WW/SHeqveprfrHXqn3qV36916j96j9+l9OlWn6v16vz6gD+iD+qA+pA/pw/qwPqKP6KP6qD6mj+nj+oT+Tn+jT+lv9Wl9Rp/R3+lz+pw+ry/+DsCgUUYbYwKTwWQ0CSaTyWyuMFlMVpPNZDcxc6XJYa4yOc3VJpfJbfKYvCafyW8KmNCQsYZNZAqaQiZurjGFzbWmiClqipnixpkSpqS57n89/s/ya2lamlamlWltWpu2pq1pZ9qZ9qa9STSJpoPpYDqajqaT6WQ6m86mi+liupqu5hnzjOlmupnuprtJMkmml3ne9DZ9TF/Tz/Q3L5gBZoAZaAaaQWaQGWKGmKFmqBlmhpnhCT/dMpmRZrQZbcaasSbZZzfjzXgzwUwwE81EM7l/djPVTDXTzXQzw8wws8wsM9vMNnPNXDPfzDcLzUKzyCwyKSbFLDaLzRKz1Cw1y81ys9KsNKvNarPWrDXrzXqz0Ww0S8wWs8VsNVvNdrPd7DQ7zW6z2+wxe8w+s8+kmlSz3+w3B8wBc9AcNIfMIXPYHDZHzBFz1Bw1x8wxc9wcNyfNSXPKnDKnzWlz1pw158w5c96cNxfMhbTbvkAFKjCBCTIEGYKEICHIHGQOsgRZgmxBtiAWxIIcQY4gZ3B1kCvIHeQJ8gb5gvxBgSAMKLABB1FQMCgUxINrgsLBtUGRoGhQLCgeuKBEUDK4LigVXB+UDm4IygQ3BmWDm4JyQfmgQlAxuDmoFNwSVA6qBFWDW4NqQfWgRlAzuC24PbgjqBXcGdQO7grqBHcHdYN7gnrBvUH9oEHQMLgvaBTcHzQOmgRNg2ZB86BF0PIvnd/707kfdN3DHmFS2DPsFT4f9g77hH3DfmH/8IVwQPhiODB8KRwUDg6HhC+HQ8NXwmHhq+Hw8LVwRPh6ODIcFY4Ox4Rjw3FhcvhGOD58M5wQvhVODCeFk4Mp4dRwWjg9fDucEc4MZ4XvhLPDOeHccF44P1wQ4k8Xl5Tw/XBx+EG4JFwaLguXhyvCleGqcHW4JlwbrgvXhxvCjWUGXOwabg23hdvDHeHOcFe4O/wo3BPuDfeFH4ep4Sfh/vBv4YHw0/Bg+Fl4KPw8PBx+ER4JvwyPhl+Fx8Kvw+PhiUwQfhOeCr8NT4dnwrPhd+G58PvwfPhDeCH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C1WhKnQr3UrVqTrVpJqEeDvVolpUm2pTHapDdaku1aN6VJ/qU0NqSI2oETWmxtSUmlJzak4tqSW1olbUmlpTW2pL7agdtaf2lEiJ1IE6UEfqSJ2oE3WmztSFulBX6krP0DPUjbpRd+pOSZREvagX9abe1Jf6Un/qTwNoAA2kgTSIBtEQGkJDaSgNo2E0nF6jEfQ6jaRRNJrG0FgaR8mUTONpPE2gCTSRJtJkmkxTaSpNp+k0g2bQLJpFs2k2zaW5NJ/m00JaSItoEaVQCi2mxbSEltAyWkYraAWtolW0htbQOlpHG2gDbaJNtIW20FbaSttpO+2knbSbdtMe2kP7aB+lUirtp/10gA7QQTpIh+gQHabDdISO0FE6SsfoGB2n43SSTtIpOkWn6TSdpbN0jr6n8/QDXSBPCTaTzWyvsFlsVpvNZre/jfPYvDafzW8L2NDmsrltJgD4OSZrbRFb1Bazxa2zJWxJe93v4nK2vK1gK9qbbSV7i61sy9lM8Mv4dnuHrWXvtLXtXbamve1XcR17t61r77f1bBNb3zazDW0L28jebxvbJrapbWab2xa2nX3YtreP2ET7qO1gH/tdvMi+Z9fYtXadXW/32L32rP3OHrFf2nP2e9vd9rD97Qt2gH3RDrQv2UF28K9jADvCvm5H2lF2tB1jx9pxv4sn2yl2qp1mp9u37Qw783fxQvuunW1T7Fw7z863C36M03JKse/bxfYD7723y+xyu8KutKvs6v+b63K70W6ym+1u+5HdarfZ7XaH3Wl3/RinHcc++7FNtZ/Yw/YLe8B+ag/ao/aQ/fzHOO34jtqv7DH7tT1uT9iT9ht7yn5rT9szPx5/2rF/Y3+wF6y3wMiKNRsOOANn5ATOxJn5Cs7CWTkbZ+cYX8k5+CrOyVdzLs7NeTgv5+P8XIBDJrbMHHFBLsRxvoYL87VchItyMS7OjktwSb6OS/H1XJpv4DJ8I5flm7gcl+cKXJFv5kp8C1fmKlyVb+VqXH3bHRfPdnwH1+I7uTbfxXX4bq7L93A9vpfrcwNuyPdxI76fG3MTbsrNuDm34Jb8ALfiB7k1t+G2/BC344e5PT/Cifwod+DHuCM/zp34Ce7MT3IXfoq78tP8DD/L3fg57s49OIl7ci9+nntzH+7L/bg/v8AD+EUeyC/xIB7MQ/hlZn6Fh/GrPJxf4xH8Oo/kUTyax/BYHsfJ/AaP5zd5Ar/FE3kST+YpPJWn8XR+m2fwTJ7F7/BsnsNzeR7P5wW8kN/lRfwep/D7vJg/4CW8lJfxcl7BK3kVr+Y1vJbX8XrewBt5E2/mLfwhb+VtvJ138E7exbv5I97De3kff8yp/Anv57/xAf6UD/JnfIg/58P8BR/hL/kof8XH+Gs+zif4JH/Dp/hbPs1n+Cx/x+f4ez7PP/AF9gwRRirSkYmCKEOUMUqIMkWZoyuiLFHWKFuUPYpFV0Y5oquinNHVUa4od5Qnyhvli/JHBaIwoshGHEVRwahQFI+uiQpH10ZFoqJRsah45KISUcnouqhUdH1UOrohKhPdGJWNborKReWjClHF6OaoUnRLVDmqElWNbo2qRdWjGlHN6Lbo9uiOqFZ0Z1Q7uisqHd0d1Y3uiepF90b1owZRw+i+qFF0f9Q4ahI1jZpFzaMWUcvogahV9GDUOmoTtY0eitpFD0fto0eixOjRqEP02KXtRYOLr6/fbE+Kekb6p9u9O/X8+IL4wvi78UXx9+Ip8ffji+MfxJfEl8aXxZfHV8RXxlfFV8fXxNfG18XXxzfEN8Y3xTfHva+ZERymPQiDcYHL4DK6BJfJZXZXuCwuq8vmsruYu9LlcFe5nO5ql8vldnlcXpfP5XcFXOjIWccucgVdIRd317jC7lpXxBV1xVxx51wJV9K1cC1dS9fKPehauzaurXvIPeQedg+7R9wj7lHXwT3mOrrHXSf3hOvsnnRPuqdcV/e0e8Y967q551x318MluSTXy/VyvV1v19f1df1dfzfADXAD3UA3yA1yQ9wQN9QNdcPcMDfcDXcj3Ag30o10o91oN9aNdcku2Y13490EN8FNdBPdZDfZTXVT3XQ33c1wM9wsN8vNdrPdXDfXzXfz3UK30C1yi1yKS3GLXVa3xC1xy9wyt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcVvdVrfdbXc73U632+12e9wet8/tc6ku1e13+90Bd8AddJ+5Q+5zd9h94Y64L91R95U75r52x90Jd9J94065b91pd8addd+5c+57d9794C4475Jjb8TGx96MTYi9FZsYmxSbHJsSmxqbFpseezs2IzYzNiv2Tmx2bE5sbmxebH5sQWxh7N3Yoth7sZTY+7HFsQ9iS2JLY8tiy2MrYitj3uffGvmCvpCP+2t8YX+tL+KL+mK+uHe+hC/pr/Ol/PW+tL/Bl/E3+rL+Jl/Ol/cVfBPf1DfzzX0L39I/4Fv5B31r38a39Q/5dv5h394/4hP9o76Df8x39I/7Tv4J39k/6bv4p+b89PL03fxzvrvv4ZN8T9/LP+97+z6+r+/n+/sX/AD/oh/oX/KD/GA/xL/sh/pX/DD/qh/uX/Mj/Ot+pB/lR/sxfqwf55P9G368f9NP8G/5iX6Sn+yn+Kl+mp/u3/Yz/Ew/y7/jZ/s5fq6f5+f7BX6hf9cv8u/5FP++X+w/8Ev8Ur/ML/cr/Eq/yq/2a/xav86v9xv8Rr/Jb/ZbfEbY6rf57X6H3+l3+d3+I7/H7/X7/Mc+1X/i9/u/+QP+U3/Qf+YP+c/9Yf+FP+K/9Ef9V/6Y/9of9yf8Sf+NP+W/9af9GX/Wf+fP+e/9ef+DvyD/syaEEEII8T+S9Cfbe/7BOvXTYgCgFwBk3Zb30C+3pz03bch1sd1H7ekQA4BHe3Rp8PPSoEFS0s/7XaIhKDQPAGKXxmeAS/FSaAsP/9gq9Yf59VEVkH8zf/CL7Wnzx28EyAyQ6ed1CfBj/Iv5E6ENXP935m/y7m/n/23+8XkARQpdGpO2o5/jS/OX/jvz72r3J/Nn+jQZoPUvxmSBS/Gl+UvCg/AYJP6qpxBCCCGEEEIIcVEfda7rnz3fpj2f5zOXxmSES/Gl588/fj7/E5X/imMQQgghhBBCCCHE/9sTTz/zyAOJiW06/Tc3Mv5npPEf0EAA+A9I47eNn/9i4z8lH2k8kHiZT0xCCCGEEEKIv9ylm/6/3yf4dyYkhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEKkQ//8N4Sp/3HnX+5P/3r38tUCQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQggh0oX/EwAA//8omkHu")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3fffffff404})
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

5.941850939s ago: executing program 3 (id=1131):
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
shmat(r0, &(0x7f0000ffa000/0x1000)=nil, 0x4000)

5.337731178s ago: executing program 7 (id=1132):
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000040)='./file2\x00', 0x808008, &(0x7f0000000080)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303136323134372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c696f636861727365743d6d61637475726b6973682c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c757466383d312c696f636861727365743d757466382c6572726f72733d636f6e74696e75652c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e39352c757365667265652c73686f72746e616d653d77696e6e742c005a77be0c36a8e60d572dbe625e0680a225abe4d4fc79e83de86dce78be26dba8f6ff0abfb9c2fba30a14b3b206ad905e994c27e6d4fc5d74f88b749758f85a07efcf3e17bd78aad46a325ec58b65332fe45ac5db6e722db0a32946415f0b3407d53ad233d1fe2593f1d4fe07041a0091b2f43c1e87fa638a217f4108c00d72f583780d7c46c229ae1229250e00"/380], 0xfd, 0x389, &(0x7f0000000bc0)="$eJzs3U9rXFUUAPDTsc0k1XSyEEFFvNSNboYkfoEO0oIYUGJHqgvh1Ux0yDQTZobIFNG4cuvnKC7dCeIXyEL37txl47KL0ieZP/k7TZV08ij+fhDuSe49k3vf5T3u5s3Zu/PjvY31bnU960XpRopSRJQeRiwMoqFLo7Y0iGfiqJ14p3Lnzzc+/vSzD2orKzdXU7pVu/3uckrp2pu/fv3NT9d/6734yc/XfinH7sLne38v/7X7yu6re49vf9XspmY3bbZ7KUt32+1edrfVSGvN7kY1pY9ajazbSM3NbqNzrH+91d7a6qdsc23+6lan0e2mbLOfNhr91GunXqefsi+z5maqzkXE1eBM422tDZvZM4beuIj5MCWdTi3b3+zyqZ76g0ImBAAU6rzn/5lnev6/Es/m/F+tpnnn/6erP1hdzWpFz4Lp2j//z4zu34O7eSec/wEAAAAAAAAAAAAA4DnxMM8reZ5Xxm0+fkl49HvB02PKTu3/iZ+i58d0HXlxbzai9cN2fbs+bIf9tfVoRisasRiVeLT/WBgbxrfeX7m5mAYWYv7ed4P8679H1F84nr8UlViYnL80zE8H+bHfXhl8g8dB/nJU4uXJ+csT82fi7beO5FejEn98Ee1oxdrg8XaY/+1SSu99uHIivzwYBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/QzWNvR7Duvfb9Yi52B7V768eDlg4Xh9/mH9QX38xKvFocn3+xYn1+S/Ha5eLXTsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjHX79zeyVqvRuahgXPN/8JeZcfDkrEvD4Tsnuubi+ODy0z7nnEHpyV3fn+6aGy1ywgc+zvN8WlOdvditPE9wJSLOGJOPLuD5/9dLEXHGmHJETH/JpeIv+H8OingaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLEOi37/y4TylCcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAIbr9+xtZq9XoTDEoeo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPk38CAAD//88iCvM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x20)
sendfile(r0, r0, 0x0, 0x7a680000)

4.710799361s ago: executing program 2 (id=1133):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000940)='./file0\x00', 0x10017, &(0x7f0000001380)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c756e695f786c2550425e9db063776965742c00aaed2e6322e12ca43d55f4e47d9fb6f319fab9c81cd7b9b508d5df5619dad30ed85701f46d5bb2b85a6aecd28cb992054878a859b15b1598ee0b05192ff4df579d2dd32fb9a6a092bb22740cfe0636a3d8ff4e975e21fc6d6e2d6ece2beac2098361fe652ea69917e6d47463ceb0b35bc7a2f8799debe5e7b6e82c84ab25d06157c08f006d90e62a8026a845835dbf4ac25eec51c3ec73c82014eee15eaaa123084415546ca2e37c23d441b343cec1f74e52bc1f21eb18053a9b98d3a304fba3751bd01219403c9d276f1e5352b9f4e674bb80ffeaaff6843ef1c8a7a7e0d592893a7771d1986ed6f5a23d9ee6bf1cec94fb17af0627c04bf47586ce288a466c039a1ead7fd99feacc51d9f7a2e67f46a0b86b45e5d7cb4affc1c539a764f5bf9749d02d645cb62b461fa418046359746ec1b07d9e32a554d0313249bcc24ad1292fc880d3a3ff9104fae7209e0438644ccb1039d1921fe9a00f83fbd5d96a99ea53d39a72322a90407acebcee08782e888e3b4115fb27c2640335961e74dab7e0e23812a328d8eae9aa5a78c93a4e4b5b1062c8dce48007461166c4d93b965286d12747f7d721bb6c1be951711e0a734e0b28dd4be9a3dbc0bb244f0f9d02a9144f131ff9fe9271e78863a59d319750d5f4f333fa8a6ac018d9083cb72988d8d9abf5d7d3ef91a970299dd7079f3439025de2c33e3dcd56f1b8d13bb690728038f2f2ffb9128b223467aa5ef5d1da78244e"], 0xf5, 0x30a, &(0x7f0000000480)="$eJzs3c9rE00YwPEnaZM07du3Pb28iMJQQRTp0hS8ebBIC2JAaRvBCsLWbjVkm5RsKETE9iB49eyhB48iiODNi4jXXvwL/HXrpTcLFkc2+6NpsmxjpbWt38+hme48z+zszmybTpPN+sUnC6V5x/iuu6WFXvYLK3Lu/eqnU1Pv/vG+V2pibDo3qlRSRG49eDH0ttZ34/W/bzKyNnh7fWP069rJaZEf0/ckqYqOKmuttZqtVGoJN3mu6JQMpa7blulYqlh2rGpNmY16c9a21LxdWVysK7M819+7WLUcR5nluipZdVWrqFq1rsy7ZrGsDMNQ/b2tff47DYalZFtdIi6x8HxTa9lwByizIlrriOiVoJDyHzO/11kcJi3jHxvbNjm69rNnOAibujsc//Qu44/jx7v+Pz/t5PrH8TN1c+bqWD4/PqlUj8jC46XCUsF79Oo/9klRbLFkdfL8zJa4c8QnCffrxJX8+IhqGJQzC8t+/vJSwfvlMDbv5+dkwH2e0pQvQX7Oy1c781PS25QfPOmIyh8N8iXZlJ+Ws6eb9m/IgHy4IxWxZa7Rznb+w5xSl6/lW/afbcQBAAAAAAAAAHAUGSq0vX6fCP/VmzWMTOMVH2F91t3sxnkB4fr6iAzIVvT6/Ejk+n63nGh7yQkAAAAAANgPTv1+ybRtq/rrBekgputZNmYXKRFxCyKPhtzOxDb4n9/jliq3jYistIi0t9PVSZ/9QvaCt7+Xk37HZK8nah8LSRFp3uK9WcM9ePtVEJONOj9OMn4CNOoS4TkcTrefedO2ew70kJuPVLTWkcHSs7eJnYk8wE4Kia1gy/+RMTphp3ZrR5tBTHBh7rb3S9GXQ3whnAnu6Hsj2Hqihr947doxPzS+hUt8AAAAAI6Qpj+cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH7KnO7EF9+3fWSX+R8S335Kt9XPiue8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEPoZwAAAP//k0Cqiw==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000007c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r5, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e22, @multicast2}}, 0x0, 0x0, 0xb, 0x0, "f6a7346a1ca3caf66200f0e70b995efa20d5ddc09c0bc0c88e00bdea5e6998967d569964c8b68dae57dea91c0e3ef03a96483bcaaa5ab222d1993083e8e3619fbbff30da0288a8b78a3f921c40fdc06a"}, 0xd8)
rt_sigaction(0x40, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
preadv(r6, &(0x7f00000001c0)=[{&(0x7f0000000380)=""/39, 0x27}], 0x1, 0x0, 0xfffffffd)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000300))

4.6898843s ago: executing program 7 (id=1134):
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0xb, 0x0, &(0x7f0000fd7ff0)={0x0, 0x3938700}, &(0x7f0000000180), 0x2)

3.399201311s ago: executing program 2 (id=1135):
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[], 0x10)

2.985932887s ago: executing program 7 (id=1136):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x26}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
mmap$binder(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x0)

2.985565031s ago: executing program 2 (id=1137):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x100}, 0x94)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
mlock2(&(0x7f0000628000/0x4000)=nil, 0x4000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000061112c0000000000851000000200dfff84b9215635ba25fff21c0000"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0xfffffffe)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000680)='h', 0x1}], 0x1)
r2 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000140)=""/120, 0x78}, {&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000003300)=""/107, 0x6b}], 0x3}}], 0x4000000000000a1, 0x2, 0x0)

2.69843797s ago: executing program 7 (id=1138):
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYRES8=0x0, @ANYBLOB="c014ef4404236f9d646fae87879085133ad8975219d7c5b0e17dd86d11bede6adfc32eed7f19fa34880cce7ec7990f63e5d7996e33044ee8a4b2e6b43a7c6d25d508062bd3333b86453bc2f02b2617adecd3d5a0ea7561f9f63dea03c7f7d0fdec633a94741d77d3104ba57f74dce4b01be342dcc7b2df0a450ac40e4fbe4bebd4f60df318fb469f802375dc7a08f4649f9ed5b384d30b0fd964d74d91db023b617888d7b56cb0", @ANYRESOCT], 0x1, 0x578, &(0x7f0000000640)="$eJzs3d9u08gewPGfSwolR0LocIRQVWAo50hFKsFJISjiyseZpAOOHdkOaq9QRVNUkcKKstK2N7vcsLvS7kNwuw+xT7DvsVdo32C7sp30D20aoG2CyvcT7Y5jj2d+40T+aUpsCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEMut2nbREs/4rQXVn1sNg8bO2+7e+1bIrT3FIf2KWMl/MjEhV7JVV/4jMtbdfDn537RMZe+mZCIpJmTzX5cvPriUG+vtf0jAQ7G+sfl8qdNpvxp1ICfo6rn+2+raN1FgGk5dKxMFqlIu23fma5GqGU9Hi1GsG8oNtRMHoZpxb6lipTKndGExaPn1quPp3sr7t0u2XVYPC03thFHg33lYiNx543nGr6d1ks1JnfvJF/GRiVWsnYZSK6ud9tygASSVih9TqTSoUskulYrFUqlYvle5d9+2c/tW2B+QfTV6X9o//tzaGtQfTqPjPYEDRzDWzf/iiRFfWrIg6sCXK1UJJZBGn+1dvfz/vzv60H535/9elr+ys3lS0vx/LXt3rV/+7xPLsb+sflvWZUM25bksSUc60pZXw4roC3nVRYsvRiIJxEhDnHSN6q5RUpGylMWWJzIvNYlESU2MeKIlkkWJJBadfqNcCUWLI7EEEoqSGXHlligpSkUqMidKtBRkUQJpiS91qYqTtrIiq+lxnzvkM9quVOw7jHzve9eW0iGjPc78j6/VsZ6/gaPY6uX/hdyoQwEAAAAAACfESv/6bonIuFxNl2rG0/aowwIAAAAAAMcomfnLVFKMJ0tXxWL+DwAAAADAaWOl19hZIpKX69nSiljp5VL8EQAAAAAAgFMi/ff/a0mR3gPluljbt0th/g8AAAAAwCnx08B77EfNc9bvf0kYjltvmgv/tdacpJ6zdibbLyve7LQY1yatC91G0qKcFbmcq6esiazS9k0w33eLlUFxWAcF8MN2ADI4gEs5+UVuZHVuLGflcm9L1ku+ZjxdcAPvQVEc58JYrBfib1+sfifp8H/2GxcsWVnttAtPX3aW01jSgb9Zs7LmrE+I5XV6v4X0mos9I/b+zlaPpxdidPvNZ/3au8fffVbC2Cf0+VamszrT3Tve5veOf6J2vtvIzuiTbdtRTMhqp1084sjfys2szs2Zm1nxYRTG06VCv8+geyxKu6P4rGOxPwpr37EYFMVcvyjOflwUADAqK32y0E7+35d3P+Nc+3nZXT4xu7+VmazOzGR6Ys1NHpBX7EFndPuI2e23fc9AOiCKYhJF0u+v2/1mWfVdssO7vv1GXslKDuGZ12vfyOX1jc3bq2tLz9rP2i9Kpbmyfde275VkPB1Gt9gV6dY5cg8AIDP4GTsDa1h3s1n1RZGDZ9X/3v5JQUGeykvpyLLMplcbpL84OLDV/K6fIcwOmLXm0zSZPeFl9pC55dn0Kodeu6VD6+6NYW4YHwUAAEMzPSAPf0z+nx0w796by/fOjs9Kv7rFoR8LAAC+Fjp8b+XjH60wNM0nxUql6MTzWoWB+0iFplrXyvixDt15x69r1QyDOHADL1l4bKo6UlGr2QzCWNWCUDWDyCykT35X3Ue/R7rh+LFxo6annUgrN/Bjx41V1UTnVbP1f89E8zpMd46a2jU14zqxCXwVBa3Q1QWlIq13VTRV7cemZpJFXzVD03DCRfU48FoNrSyxJDTNOMga7PVl/FoQNtJmC6M+2AAAfCHWNzafL3U67VcnuDDqMQIAgL3I0gAAAAAAAAAAAAAAAAAAAAAAfPmGcf0fC6NY6N2Afgh99W4FPeohn/CCNdQB5kRklEMeeOr4/kRPTABO3D8BAAD//9u0Si4=")
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000180)=ANY=[@ANYBLOB="20000000020000001d"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x2400c800)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$nl_audit(0x10, 0x3, 0x9)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r4, 0x10e, 0x2, &(0x7f0000001700)=0x7, 0x4)

2.22486725s ago: executing program 0 (id=1139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
sendmmsg$inet6(r0, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000440)="1d3b", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000a00)="dd2f36e83faa56d51540cf7c5f58b61006c8", 0x12}, {&(0x7f0000000a40)="d122e32587b4d7078a1b9626feffdbe50ca1ab34e9d3a25b03bf5fb1efb3095b77b831d137d67a447c06bac419fc4e494926b999e53628d91d5bab8e181e03cdbd626c285353305ad977270ddb9c9260d8ec41cb82ec252ef6eb7cd6ceeaa3dc2722a9bb7d17ce07f1329ded096b5175077b8bd3c866e5a6d20bbbd2cfeb9693c9957632be4aada0efbb818d25e35507f19aee422f0e2dc94b", 0x99}, {&(0x7f0000000bc0)="73f2ec1f", 0x4}], 0x3}}], 0x2, 0x4000001)
r1 = dup(r0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)

2.114720237s ago: executing program 0 (id=1140):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = socket(0x1000000000000010, 0x80802, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c0008000800113f080000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r2, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
socket$inet6(0xa, 0x5, 0x62f0d55d)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f0000000040), 0x10)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe8c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000000c0)={0x1, 0x8, 0x0, 'queue0\x00', 0x2})
write$sndseq(r3, &(0x7f00000001c0)=[{0x0, 0xe1, 0x0, 0x0, @time={0x0, 0x1}, {}, {0x1}, @result={0xffffffe0, 0xfffff001}}], 0x1c)
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={0x0, 0x1, 0x6, @local}, 0x10)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000008900)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000e80)=""/4072, 0xfe8)

1.837893324s ago: executing program 0 (id=1141):
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB], 0x48)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3000008, 0x1010, 0xffffffffffffffff, 0xffffc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
syz_open_procfs(0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
write(r0, &(0x7f0000000100)="07000000010000", 0x7)

1.826560116s ago: executing program 2 (id=1142):
semctl$SEM_STAT(0x0, 0x3, 0x12, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x10}, @l2cap_cid_signaling={{0xc}, [@l2cap_create_chan_rsp={{0xd, 0x8, 0x8}, {0x3, 0x1, 0x4, 0x495}}]}}, 0x15)

65.293624ms ago: executing program 7 (id=1143):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1010, 0x89}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000840)={0x0, &(0x7f0000000780)=""/106, &(0x7f0000000380), &(0x7f0000000000), 0x80, r0, 0x0, 0x7}, 0x38)

0s ago: executing program 0 (id=1144):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-256\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmmsg$unix(r1, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x40000040, 0x0)

kernel console output (not intermixed with test programs):

 Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  250.984578][   T52] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  250.992687][   T52] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  251.041616][ T6975] loop0: detected capacity change from 0 to 128
[  251.569496][ T6980] xt_CT: You must specify a L4 protocol and not use inversions on it
[  252.595193][ T6986] loop4: detected capacity change from 0 to 1024
[  252.679182][ T6986] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  252.752140][ T6986] hfsplus: failed to load root directory
[  253.054245][ T5142] Bluetooth: hci6: command tx timeout
[  254.005697][ T7004] netlink: 'syz.4.309': attribute type 15 has an invalid length.
[  254.659666][ T1146] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.680169][ T7005] loop4: detected capacity change from 0 to 256
[  254.796587][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  254.822284][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  254.848123][ T7010] loop2: detected capacity change from 0 to 764
[  254.861996][ T7010] rock: directory entry would overflow storage
[  254.868201][ T7010] rock: sig=0x4654, size=5, remaining=4
[  254.875410][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  254.895653][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  254.903806][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  255.141373][   T52] Bluetooth: hci6: command tx timeout
[  255.522123][ T7014] netlink: 'syz.3.310': attribute type 58 has an invalid length.
[  255.591552][ T7016] loop0: detected capacity change from 0 to 512
[  255.632092][ T7014] netlink: 20 bytes leftover after parsing attributes in process `syz.3.310'.
[  255.686900][ T7016] EXT4-fs: Mount option(s) incompatible with ext3
[  255.801844][ T1146] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.835344][ T5142] Bluetooth: hci6: command tx timeout
[  257.840971][   T52] Bluetooth: hci0: command tx timeout
[  259.843119][   T52] Bluetooth: hci6: command tx timeout
[  259.922175][   T52] Bluetooth: hci0: command tx timeout
[  259.952691][ T6970] chnl_net:caif_netlink_parms(): no params data found
[  262.819756][   T52] Bluetooth: hci0: command tx timeout
[  262.919213][ T1146] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.350907][ T1146] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  264.612776][ T7037] input: syz1 as /devices/virtual/input/input7
[  264.854121][ T7036] loop2: detected capacity change from 0 to 8192
[  264.882295][   T52] Bluetooth: hci0: command tx timeout
[  265.135459][ T6970] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.172879][ T6970] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.180177][ T6970] bridge_slave_0: entered allmulticast mode
[  265.241771][ T6970] bridge_slave_0: entered promiscuous mode
[  265.337557][ T6970] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.383244][ T6970] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.420375][ T6970] bridge_slave_1: entered allmulticast mode
[  265.533466][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  265.540043][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  265.741551][ T6970] bridge_slave_1: entered promiscuous mode
[  267.618893][ T6970] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.507165][ T6970] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.860922][ T5971] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  269.935075][ T6970] team0: Port device team_slave_0 added
[  270.043662][ T6970] team0: Port device team_slave_1 added
[  270.084531][ T5971] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  270.101936][ T5971] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.142846][ T5971] usb 1-1: config 0 descriptor??
[  270.191698][ T5971] cp210x 1-1:0.0: cp210x converter detected
[  270.215594][ T1146] bridge_slave_1: left allmulticast mode
[  270.246556][ T1146] bridge_slave_1: left promiscuous mode
[  270.307421][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.359902][ T1146] bridge_slave_0: left allmulticast mode
[  270.377591][ T1146] bridge_slave_0: left promiscuous mode
[  270.393527][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.604538][ T5971] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  270.683371][ T5971] usb 1-1: cp210x converter now attached to ttyUSB0
[  270.867661][ T6041] usb 1-1: USB disconnect, device number 6
[  270.910001][ T6041] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  270.937626][ T6041] cp210x 1-1:0.0: device disconnected
[  271.484068][ T1146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.508319][ T1146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.526910][ T1146] bond0 (unregistering): Released all slaves
[  271.664751][   T30] audit: type=1326 audit(1760171028.274:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7087 comm="syz.2.337" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x0
[  271.708679][ T6970] batman_adv: batadv0: Adding interface: batadv_slave_0
[  271.730251][ T6970] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  271.737752][ T7090] loop0: detected capacity change from 0 to 512
[  271.759274][ T6970] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.789870][ T7090] EXT4-fs: Ignoring removed i_version option
[  271.874908][ T7090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.917349][ T7090] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  272.054242][ T6970] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.086409][ T6970] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  272.141621][ T6970] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.355560][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.736073][ T7116] loop2: detected capacity change from 0 to 128
[  274.647376][ T1146] hsr_slave_0: left promiscuous mode
[  274.684949][ T1146] hsr_slave_1: left promiscuous mode
[  274.714933][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.734270][ T7125] netlink: 'syz.4.346': attribute type 15 has an invalid length.
[  274.772792][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.129869][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.397275][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.725454][ T1146] veth1_macvtap: left promiscuous mode
[  275.731356][ T1146] veth0_macvtap: left promiscuous mode
[  275.804519][ T1146] veth1_vlan: left promiscuous mode
[  275.810261][ T1146] veth0_vlan: left promiscuous mode
[  275.823821][ T7134] binder: 7133:7134 ioctl c0306201 200000000000 returned -14
[  276.320048][ T7141] loop0: detected capacity change from 0 to 128
[  276.333369][ T7141] vfat: Unknown parameter 'ż˙˙˙˙˙˙˙'
[  277.009244][ T7150] xt_NFQUEUE: number of total queues is 0
[  284.490805][ T1146] team0 (unregistering): Port device team_slave_1 removed
[  284.686430][ T1146] team0 (unregistering): Port device team_slave_0 removed
[  287.616696][ T7186] xt_CT: You must specify a L4 protocol and not use inversions on it
[  291.400050][ T7205] loop4: detected capacity change from 0 to 512
[  291.786314][ T6970] hsr_slave_0: entered promiscuous mode
[  291.840417][ T6970] hsr_slave_1: entered promiscuous mode
[  291.893204][ T6970] debugfs: 'hsr0' already exists in 'hsr'
[  291.899011][ T6970] Cannot create hsr debugfs directory
[  292.139945][ T7011] chnl_net:caif_netlink_parms(): no params data found
[  292.455386][ T7222] loop4: detected capacity change from 0 to 1024
[  292.465535][ T7224] loop2: detected capacity change from 0 to 512
[  292.514406][ T7224] EXT4-fs: Ignoring removed oldalloc option
[  292.533045][ T7224] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  294.311802][ T7250] loop4: detected capacity change from 0 to 1024
[  294.408033][ T7250] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  294.452065][ T7250] hfsplus: failed to load root directory
[  294.670592][ T7257] input: syz1 as /devices/virtual/input/input8
[  294.785473][ T7011] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.829660][ T7011] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.884504][ T7011] bridge_slave_0: entered allmulticast mode
[  294.913822][ T7011] bridge_slave_0: entered promiscuous mode
[  296.084825][ T1146] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.247944][ T7011] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.284479][ T7011] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.291808][ T7011] bridge_slave_1: entered allmulticast mode
[  296.330762][ T7011] bridge_slave_1: entered promiscuous mode
[  296.516392][ T1146] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.931043][ T1146] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.241427][ T1146] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.332395][ T7011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.490144][ T7011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.905821][   T52] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  297.981980][ T7291] loop2: detected capacity change from 0 to 16
[  298.954760][ T7291] erofs (device loop2): mounted with root inode @ nid 36.
[  299.245198][ T7011] team0: Port device team_slave_0 added
[  299.324088][ T7011] team0: Port device team_slave_1 added
[  299.411182][ T7298] loop2: detected capacity change from 0 to 512
[  299.480540][ T7294] loop0: detected capacity change from 0 to 1024
[  299.498128][ T7298] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.395: bad orphan inode 11862016
[  299.547383][ T7294] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  299.602956][ T7298] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  299.649975][ T7298] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.955819][ T6970] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  301.295243][ T7011] batman_adv: batadv0: Adding interface: batadv_slave_0
[  301.659208][ T7011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  301.711981][ T7011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  301.772800][ T7011] batman_adv: batadv0: Adding interface: batadv_slave_1
[  301.779967][ T7011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  302.388798][ T7011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  302.674196][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  303.048319][ T7318] Bluetooth: MGMT ver 1.23
[  303.125594][ T7011] hsr_slave_0: entered promiscuous mode
[  303.163145][ T7011] hsr_slave_1: entered promiscuous mode
[  303.190380][ T7011] debugfs: 'hsr0' already exists in 'hsr'
[  303.222111][ T7011] Cannot create hsr debugfs directory
[  303.228093][ T1146] bridge_slave_1: left allmulticast mode
[  303.256915][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.343891][ T1146] bridge_slave_0: left allmulticast mode
[  303.349614][ T1146] bridge_slave_0: left promiscuous mode
[  303.404578][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.409578][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  303.421305][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  303.429188][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  303.437815][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  303.446298][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  303.511213][ T7331] loop2: detected capacity change from 0 to 1024
[  303.584657][ T7334] loop4: detected capacity change from 0 to 256
[  303.615428][ T7334] loop4: detected capacity change from 0 to 764
[  303.645570][ T7331] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.881203][   T30] audit: type=1800 audit(1760171060.484:108): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.404" name="bus" dev="loop2" ino=18 res=0 errno=0
[  303.888867][ T7331] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4192: comm syz.2.404: Allocating blocks 385-513 which overlap fs metadata
[  303.986977][ T7331] EXT4-fs (loop2): pa ffff8880776a3cb0: logic 16, phys. 129, len 24
[  303.995169][ T7331] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5443: group 0, free 0, pa_free 8
[  304.973184][ T7331] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 1
[  305.164854][   T52] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  305.174274][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  305.212148][ T7331] EXT4-fs (loop2): This should not happen!! Data will be lost
[  305.212148][ T7331] 
[  305.532136][ T5831] Bluetooth: hci5: command tx timeout
[  306.679995][ T7363] loop4: detected capacity change from 0 to 256
[  306.736795][ T5836] Trying to write to read-only block-device loop2
[  306.870987][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.605435][ T5831] Bluetooth: hci5: command tx timeout
[  307.723408][ T7371] loop2: detected capacity change from 0 to 1024
[  307.940339][ T7373] loop2: detected capacity change from 0 to 256
[  307.955977][ T7373] exfat: Deprecated parameter 'utf8'
[  308.105150][ T1146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.125829][ T1146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.154387][ T1146] bond0 (unregistering): Released all slaves
[  309.187015][ T7376] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  310.462124][ T5831] Bluetooth: hci5: command tx timeout
[  310.467611][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  312.492041][ T5831] Bluetooth: hci5: command tx timeout
[  314.235853][ T7401] loop0: detected capacity change from 0 to 128
[  314.319051][ T1146] hsr_slave_0: left promiscuous mode
[  314.344913][ T7401] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 0000000d)
[  314.420646][ T1146] hsr_slave_1: left promiscuous mode
[  314.455674][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.492716][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.573069][ T1146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.611297][ T1146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.729197][ T1146] veth1_macvtap: left promiscuous mode
[  314.776321][ T1146] veth0_macvtap: left promiscuous mode
[  314.786217][ T5142] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  314.797985][ T5142] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  314.807037][ T5142] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  314.815353][ T5142] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  314.823338][ T5142] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  314.849333][ T1146] veth1_vlan: left promiscuous mode
[  314.856283][ T1146] veth0_vlan: left promiscuous mode
[  315.827409][ T7435] xt_CT: You must specify a L4 protocol and not use inversions on it
[  316.972084][ T5831] Bluetooth: hci6: command tx timeout
[  317.625604][ T7444] loop2: detected capacity change from 0 to 2048
[  317.944430][ T1146] team0 (unregistering): Port device team_slave_1 removed
[  318.114536][ T1146] team0 (unregistering): Port device team_slave_0 removed
[  318.343615][  T977] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  318.512496][  T977] usb 3-1: Using ep0 maxpacket: 16
[  318.547187][  T977] usb 3-1: unable to get BOS descriptor or descriptor too short
[  318.664266][  T977] usb 3-1: config 8 has an invalid interface number: 93 but max is 0
[  318.684608][  T977] usb 3-1: config 8 has no interface number 0
[  318.691671][  T977] usb 3-1: config 8 interface 93 has no altsetting 0
[  318.727426][  T977] usb 3-1: New USB device found, idVendor=1199, idProduct=0027, bcdDevice=f6.bc
[  318.740667][  T977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.760552][  T977] usb 3-1: Product: syz
[  318.771936][  T977] usb 3-1: Manufacturer: syz
[  318.777106][  T977] usb 3-1: SerialNumber: syz
[  319.062425][ T5831] Bluetooth: hci6: command tx timeout
[  319.261260][  T977] sierra 3-1:8.93: Sierra USB modem converter detected
[  319.342543][  T977] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  319.378534][  T977] usb 3-1: USB disconnect, device number 6
[  319.428838][  T977] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  319.461385][  T977] sierra 3-1:8.93: device disconnected
[  321.123062][ T5831] Bluetooth: hci6: command tx timeout
[  321.372063][ T6041] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  321.404082][ T7328] chnl_net:caif_netlink_parms(): no params data found
[  321.615286][ T6041] usb 1-1: Using ep0 maxpacket: 32
[  321.626036][ T6041] usb 1-1: config 8 has an invalid interface number: 107 but max is 0
[  321.650088][ T6041] usb 1-1: config 8 has no interface number 0
[  321.658511][ T6041] usb 1-1: config 8 interface 107 altsetting 8 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  321.670779][ T6041] usb 1-1: config 8 interface 107 has no altsetting 0
[  321.693857][ T6041] usb 1-1: New USB device found, idVendor=7392, idProduct=b811, bcdDevice=a0.9c
[  321.703433][ T6041] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.711671][ T6041] usb 1-1: Product: syz
[  321.768817][ T6041] usb 1-1: Manufacturer: syz
[  321.800584][ T6041] usb 1-1: SerialNumber: syz
[  322.160286][ T6041] usb 1-1: USB disconnect, device number 7
[  322.397748][ T7328] bridge0: port 1(bridge_slave_0) entered blocking state
[  322.424504][ T7328] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.478670][ T7328] bridge_slave_0: entered allmulticast mode
[  322.518565][ T7328] bridge_slave_0: entered promiscuous mode
[  322.555355][ T7328] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.592112][ T7328] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.619901][ T7328] bridge_slave_1: entered allmulticast mode
[  322.651553][ T7328] bridge_slave_1: entered promiscuous mode
[  323.032615][ T7494] loop0: detected capacity change from 0 to 1024
[  323.094807][ T7494] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  323.204092][ T5831] Bluetooth: hci6: command tx timeout
[  323.239945][ T7328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.266273][ T7328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.574927][ T7328] team0: Port device team_slave_0 added
[  324.586868][ T7417] chnl_net:caif_netlink_parms(): no params data found
[  324.720902][ T7328] team0: Port device team_slave_1 added
[  325.099502][ T7494] loop0: detected capacity change from 0 to 1024
[  325.166631][ T7328] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.199262][ T7328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.254959][ T7328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.294328][ T7328] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.310362][ T7328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  325.544654][ T7328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  326.966165][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  326.975482][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  326.993089][   T78] hfsplus: b-tree write err: -5, ino 4
[  327.109348][ T7328] hsr_slave_0: entered promiscuous mode
[  327.126898][ T7328] hsr_slave_1: entered promiscuous mode
[  327.669354][ T7417] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.722068][  T977] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  327.729927][ T7417] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.782456][ T7417] bridge_slave_0: entered allmulticast mode
[  327.810929][ T7417] bridge_slave_0: entered promiscuous mode
[  327.874670][  T977] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  327.880717][ T7417] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.885717][  T977] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  327.952892][ T7417] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.968374][  T977] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  327.975854][ T7417] bridge_slave_1: entered allmulticast mode
[  327.979243][  T977] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  327.995369][  T977] usb 1-1: SerialNumber: syz
[  328.000737][ T7417] bridge_slave_1: entered promiscuous mode
[  328.240070][  T977] usb 1-1: 0:2 : does not exist
[  328.287328][  T977] usb 1-1: unit 48 not found!
[  328.696441][ T7417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  328.715726][  T977] usb 1-1: USB disconnect, device number 8
[  329.036410][ T5994] udevd[5994]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  329.144073][ T7417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.306300][ T1161] bridge_slave_1: left allmulticast mode
[  329.333777][ T1161] bridge_slave_1: left promiscuous mode
[  329.347430][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.410653][ T1161] bridge_slave_0: left allmulticast mode
[  329.441950][ T1161] bridge_slave_0: left promiscuous mode
[  329.468381][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.523861][ T1161] bridge_slave_1: left allmulticast mode
[  329.546133][ T1161] bridge_slave_1: left promiscuous mode
[  329.554271][ T1161] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.565642][ T1161] bridge_slave_0: left allmulticast mode
[  329.571363][ T1161] bridge_slave_0: left promiscuous mode
[  329.587686][ T1161] bridge0: port 1(bridge_slave_0) entered disabled state
[  332.183243][ T7572] loop0: detected capacity change from 0 to 512
[  332.191206][ T7572] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  332.320456][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  332.663134][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.525778][ T1161] bond0 (unregistering): Released all slaves
[  333.652402][ T7583] IPv6: Can't replace route, no match found
[  333.733129][ T7585] loop0: detected capacity change from 0 to 512
[  333.830584][ T7585] netlink: 'syz.0.464': attribute type 8 has an invalid length.
[  337.172885][ T1161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.081691][ T1161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  338.246053][ T1161] bond0 (unregistering): Released all slaves
[  338.311760][ T7605] loop0: detected capacity change from 0 to 512
[  338.439774][ T7605] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.541703][ T7605] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.858567][ T5839] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.865291][ T7615] loop2: detected capacity change from 0 to 512
[  338.875789][ T1161] hsr_slave_0: left promiscuous mode
[  338.898637][ T1161] hsr_slave_1: left promiscuous mode
[  338.923237][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  339.243862][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.901018][ T1161] hsr_slave_0: left promiscuous mode
[  339.974913][ T1161] hsr_slave_1: left promiscuous mode
[  340.117476][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_0
[  340.321939][ T1161] batman_adv: batadv0: Removing interface: batadv_slave_1
[  340.691155][ T7624] loop2: detected capacity change from 0 to 16
[  342.042308][    T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  342.183656][    T9] usb 3-1: device descriptor read/64, error -71
[  342.301994][ T5907] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  342.462149][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  342.492018][ T5907] usb 1-1: Using ep0 maxpacket: 32
[  342.509263][ T5907] usb 1-1: config 4 has an invalid interface number: 128 but max is 0
[  342.520722][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  342.535612][ T5907] usb 1-1: config 4 has no interface number 0
[  342.549071][ T5907] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.562293][ T7638] loop4: detected capacity change from 0 to 1024
[  342.592038][ T5907] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.624606][ T5907] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  342.634579][    T9] usb 3-1: device descriptor read/64, error -71
[  342.661240][ T5907] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.675349][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  342.708730][ T5907] hub 1-1:4.128: USB hub found
[  342.742615][    T9] usb usb3-port1: attempt power cycle
[  342.899297][ T5907] hub 1-1:4.128: 2 ports detected
[  342.912412][ T5907] hub 1-1:4.128: Using single TT (err -22)
[  343.113585][ T5907] hub 1-1:4.128: hub_hub_status failed (err = -71)
[  343.121245][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  343.141970][ T5907] hub 1-1:4.128: config failed, can't get hub status (err -71)
[  343.163272][    T9] usb 3-1: device descriptor read/8, error -71
[  343.215426][ T5907] usb 1-1: USB disconnect, device number 9
[  343.401995][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  343.447758][    T9] usb 3-1: device descriptor read/8, error -71
[  343.500824][ T7638] loop4: detected capacity change from 0 to 1024
[  344.318317][    T9] usb usb3-port1: unable to enumerate USB device
[  345.344514][ T7655] loop2: detected capacity change from 0 to 512
[  345.357961][ T1161] team0 (unregistering): Port device team_slave_1 removed
[  345.390132][ T7657] netlink: 'syz.4.487': attribute type 15 has an invalid length.
[  346.623074][ T1161] team0 (unregistering): Port device team_slave_0 removed
[  346.759800][ T7661] loop4: detected capacity change from 0 to 256
[  352.331197][ T7688] loop0: detected capacity change from 0 to 256
[  352.383294][ T7688] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  352.426806][ T7688] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  352.488129][ T7417] team0: Port device team_slave_0 added
[  352.512282][ T7417] team0: Port device team_slave_1 added
[  353.541237][ T7688] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  353.585987][ T7688] exFAT-fs (loop0): failed to load alloc-bitmap
[  353.592374][ T7688] exFAT-fs (loop0): failed to recognize exfat type
[  354.802323][ T7688] loop0: detected capacity change from 0 to 764
[  354.938509][ T7699] Symlink component flag not implemented
[  354.944679][ T7699] Symlink component flag not implemented
[  355.478659][ T7698] netlink: 12 bytes leftover after parsing attributes in process `syz.2.499'.
[  355.509891][ T7417] batman_adv: batadv0: Adding interface: batadv_slave_0
[  355.541957][ T7417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  355.641930][ T7417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  355.681237][ T7417] batman_adv: batadv0: Adding interface: batadv_slave_1
[  356.744072][ T7417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  357.720314][ T7417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  357.994596][ T7706] af_packet: tpacket_rcv: packet too big, clamped from 36 to 4294967272. macoff=96
[  358.552409][ T7417] hsr_slave_0: entered promiscuous mode
[  358.559561][ T7417] hsr_slave_1: entered promiscuous mode
[  358.613279][ T7417] debugfs: 'hsr0' already exists in 'hsr'
[  358.619084][ T7417] Cannot create hsr debugfs directory
[  360.117220][ T7723] cgroup: Unknown subsys name 'cpuset'
[  360.170683][ T7723] netlink: 16 bytes leftover after parsing attributes in process `syz.2.506'.
[  362.168772][ T7744] capability: warning: `syz.4.508' uses 32-bit capabilities (legacy support in use)
[  363.728035][ T7417] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  363.955619][ T7417] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  364.163878][ T7417] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  364.236288][ T7417] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  365.532624][ T5921] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  365.872480][ T5921] usb 1-1: not running at top speed; connect to a high speed hub
[  365.948645][ T7776] ptrace attach of "./syz-executor exec"[5841] was attempted by "ßRåÖ~…¼sŪ„9!ž+īĖlĆ vūs\x22~Uėxå¸a�*�fÜČPyōw.¼Į�É6ū©i¨īĀBÖ�O‹¼ÕĪ ¼‘Ģ^¦$ īĘwĆü*�ćū? Ę;Ų-é«b·?3—AÕ”‘SĆŃ­ĀKkĘŪr\x0aęéĆŲ™:…y>sÄy\x1b¢SD8\x1bŻu�\x0aŚŃ2Ū�.¼bf×h„³Üś¸™‰¨ĖŻ¹Ę5æcM¹+²w�ką×Ņ|Ķ(Hnō'cC¼ęj<,įØ�¬r.uń(ln¹vN¸ĶæF�Q+&iŻĮˇŠ�k��Š&Ȩ¢¬Ä¤>č²�½f‰bRs«ó·–¾\x0c~1��‰Ļ%^“?ń\x1bČYµū\x1b­g�Æ´-3Ė©VO|\x0aį³·ÖĘÄ[.ŲĄ'3õ¹‹ŚDµĮA˙ÅüzrcOĘ ��,�ō‘»;ņ½ˇŪj„Õ!pˇoū�Ue{‘™�Ås%@čO®tnZ–b™§B�&+4ū?pÄÅRN��ū½!YĖ‘Nj�āgĪiqŠļÜ[¶6ŁĶh“ķ²vN|›°Õ xiśčPo54(%*Ŗ Ėō½�įėħlåLU•»©²Dąä§�7`zś8ähØĀ“ż½„�Ł=»‚Ø�-eŽši¤’�ī}�\x5c\x09¯£v:-ׯĖ\x09•�9.½¦V€Ø•§E×&õ�†ę¹\x09   b&hĪ�€Aˇ‘`�R��&±½Ö•—AĢŌO •Ż›/\x1bLĄ\x07Ąū&÷ņDČuÄoO…ęĘ^Cņ'S1 @ÆĆ�ņōū#^^ō„�V1��¾56rč©´tUõ\x0cōø½�0é´²�´´>’‰ÅŖč�ŁģM¨Ńü²VŠjŲ\x07Ą=ŗÉ}]M†‡XUtūÜY[%>p¹ü¨Äł*×ój�s;”Ūx—9K§£4Ķm{yŽćWp5p\x0cVÕ\x0c×\x0a(UĪ·śX«ž8'C}ōħæ°J=ŅŃ�įę6WwŲ&äu×]÷±8?Æ� +Äßž3q·(*R\x09Ņ-e“\x22gē„ŪćõNŅųN?-ńņŻ‹²ņ³Õ0Š�ŽŖä…JxŹŁ~~°ÓŃ/AL†æI8‡ˇĘo$«¤īaŌ3ęe@�Jąc«®T š¶Ģ‘³Äѧ8%pž¯ē¼‘Ó/ܸ¸!/%Vž'R¨±joq£svgq½c´]\x09
[  365.985142][ T5921] usb 1-1: config 1 interface 1 has no altsetting 0
[  366.528017][ T5921] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  366.552281][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.074889][ T5921] usb 1-1: Product: syz
[  368.082319][ T5921] usb 1-1: Manufacturer: syz
[  368.086953][ T5921] usb 1-1: SerialNumber: syz
[  368.191822][ T5921] usb 1-1: can't set config #1, error -71
[  368.242945][ T5921] usb 1-1: USB disconnect, device number 10
[  369.623482][ T7783] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  369.642003][ T7783] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  369.767586][ T7783] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  369.802901][ T7783] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  370.030218][ T7783] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  370.066882][ T7783] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  370.882231][ T7417] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.891734][ T7800] loop0: detected capacity change from 0 to 1024
[  371.015837][ T7783] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  371.038220][ T7800] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  371.053354][ T7783] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  371.086086][ T7800] hfsplus: failed to load root directory
[  372.538072][ T7417] 8021q: adding VLAN 0 to HW filter on device team0
[  373.636275][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  374.243106][ T7248] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.243661][ T7783] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  374.250349][ T7248] bridge0: port 1(bridge_slave_0) entered forwarding state
[  374.312263][ T7800] input: syz1 as /devices/virtual/input/input9
[  374.321933][ T7248] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.329086][ T7248] bridge0: port 2(bridge_slave_1) entered forwarding state
[  374.392053][ T7783] Bluetooth: hci6: Error when powering off device on rfkill (-4)
[  374.596598][ T7814] netlink: 'syz.4.524': attribute type 15 has an invalid length.
[  374.623839][ T5142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  374.651567][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  374.742080][ T5142] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  374.772369][ T5142] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  374.846171][ T5142] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  375.092221][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  375.116039][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  375.125324][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  375.155651][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  375.165778][ T5831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  375.460667][ T7814] loop4: detected capacity change from 0 to 256
[  376.058078][   T12] bridge_slave_1: left allmulticast mode
[  376.088299][   T12] bridge_slave_1: left promiscuous mode
[  377.122798][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.599507][ T5831] Bluetooth: hci0: command tx timeout
[  377.788805][   T12] bridge_slave_0: left allmulticast mode
[  377.794776][  T977] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  377.815031][   T12] bridge_slave_0: left promiscuous mode
[  377.820868][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.995546][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.027339][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  378.071941][  T977] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  378.115662][  T977] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  378.141887][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.243726][ T5142] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  378.253428][ T5142] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  378.261141][ T5142] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  378.275700][ T5142] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  378.292455][ T5142] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  378.301031][  T977] usb 5-1: config 0 descriptor??
[  378.385491][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.405695][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.437406][   T12] bond0 (unregistering): Released all slaves
[  378.896043][  T977] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  378.983898][   T12] hsr_slave_0: left promiscuous mode
[  379.052551][   T12] hsr_slave_1: left promiscuous mode
[  379.059015][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.080506][  T977] usb 5-1: USB disconnect, device number 4
[  379.117049][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.245349][ T7844] fido_id[7844]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  379.688785][ T5831] Bluetooth: hci0: command tx timeout
[  380.182104][ T7855] loop4: detected capacity change from 0 to 2048
[  380.275077][ T7859] binder: 7858:7859 ioctl 4018620d 0 returned -22
[  380.310338][   T12] team0 (unregistering): Port device team_slave_1 removed
[  380.562826][ T5831] Bluetooth: hci5: command tx timeout
[  380.668495][ T7866] binder: 7858:7866 ioctl c0306201 0 returned -14
[  380.678690][ T7866] binder: 7858:7866 ioctl c0306201 200000000640 returned -14
[  381.393048][   T12] team0 (unregistering): Port device team_slave_0 removed
[  381.772108][ T5831] Bluetooth: hci0: command tx timeout
[  382.742684][ T5831] Bluetooth: hci5: command tx timeout
[  382.923875][ T7883] loop4: detected capacity change from 0 to 512
[  382.931700][ T7883] EXT4-fs: Ignoring removed oldalloc option
[  383.012026][  T977] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  383.116207][ T7887] loop0: detected capacity change from 0 to 764
[  383.126322][ T7887] rock: directory entry would overflow storage
[  383.132580][ T7887] rock: sig=0x4654, size=5, remaining=4
[  383.272014][  T977] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  383.281337][  T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.325383][ T7890] loop4: detected capacity change from 0 to 8
[  383.335853][  T977] usb 3-1: config 0 descriptor??
[  383.392237][  T977] cp210x 3-1:0.0: cp210x converter detected
[  383.549916][ T7890] loop4: detected capacity change from 0 to 2048
[  383.842561][ T5831] Bluetooth: hci0: command tx timeout
[  384.049345][ T7890]  loop4: p1 < > p3
[  384.100252][ T7890] loop4: p3 size 134217728 extends beyond EOD, truncated
[  384.205566][  T977] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  384.255056][  T977] usb 3-1: cp210x converter now attached to ttyUSB0
[  384.503893][ T5921] usb 3-1: USB disconnect, device number 11
[  384.535686][ T5994] udevd[5994]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  384.556325][ T5921] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  384.573072][ T6638] udevd[6638]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  384.623162][ T5921] cp210x 3-1:0.0: device disconnected
[  384.653540][ T7898] binder: 7897:7898 ioctl 4018620d 0 returned -22
[  384.802755][ T5831] Bluetooth: hci5: command tx timeout
[  385.058277][ T7906] binder: 7897:7906 ioctl c0306201 0 returned -14
[  385.068646][ T7906] binder: 7897:7906 ioctl c0306201 200000000640 returned -14
[  387.431939][ T5831] Bluetooth: hci5: command tx timeout
[  388.323073][ T7784] chnl_net:caif_netlink_parms(): no params data found
[  388.420823][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  388.428252][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  390.246159][ T7950] netlink: 'syz.4.556': attribute type 15 has an invalid length.
[  393.193708][ T7784] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.200912][ T7784] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.209128][ T7784] bridge_slave_0: entered allmulticast mode
[  393.229169][ T7784] bridge_slave_0: entered promiscuous mode
[  393.536483][ T7784] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.568102][ T7784] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.575977][ T7784] bridge_slave_1: entered allmulticast mode
[  393.594477][ T7784] bridge_slave_1: entered promiscuous mode
[  396.519019][ T7784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  396.542529][ T7840] chnl_net:caif_netlink_parms(): no params data found
[  396.649122][ T7784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  398.393212][ T7991] loop2: detected capacity change from 0 to 2048
[  398.400874][ T7991] udf: Bad value for 'session'
[  399.013960][ T7784] team0: Port device team_slave_0 added
[  399.460548][ T7784] team0: Port device team_slave_1 added
[  399.673988][ T7840] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.416376][ T7840] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.427250][ T7840] bridge_slave_0: entered allmulticast mode
[  400.437819][ T7840] bridge_slave_0: entered promiscuous mode
[  400.456145][ T7840] bridge0: port 2(bridge_slave_1) entered blocking state
[  400.471999][ T7840] bridge0: port 2(bridge_slave_1) entered disabled state
[  400.479269][ T7840] bridge_slave_1: entered allmulticast mode
[  400.505092][ T7840] bridge_slave_1: entered promiscuous mode
[  400.574031][ T8013] loop2: detected capacity change from 0 to 256
[  400.685459][ T7784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  400.702015][ T7784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  400.892767][ T7784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  401.363695][ T7784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  401.370679][ T7784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  401.552003][ T7784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  401.680559][ T8023] loop2: detected capacity change from 0 to 7
[  401.690210][ T8023] Dev loop2: unable to read RDB block 7
[  401.696586][ T8023]  loop2: AHDI p1 p2 p3
[  401.703657][ T8023] loop2: partition table partially beyond EOD, truncated
[  401.716942][ T8023] loop2: p1 start 1601398130 is beyond EOD, truncated
[  401.732851][ T8023] loop2: p2 start 1702059890 is beyond EOD, truncated
[  402.146091][ T7840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  402.943946][ T7840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  403.018642][   T12] bridge_slave_1: left allmulticast mode
[  403.032914][   T12] bridge_slave_1: left promiscuous mode
[  403.038812][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  403.066160][ T8036] netlink: 32 bytes leftover after parsing attributes in process `syz.4.577'.
[  403.085175][   T12] bridge_slave_0: left allmulticast mode
[  403.090955][   T12] bridge_slave_0: left promiscuous mode
[  403.118869][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  403.425066][ T8044] loop2: detected capacity change from 0 to 2048
[  405.428411][ T8058] loop2: detected capacity change from 0 to 512
[  405.466948][ T8058] EXT4-fs: inline encryption not supported
[  405.482850][ T8058] EXT4-fs: Ignoring removed mblk_io_submit option
[  405.490486][ T8058] EXT4-fs (loop2): Test dummy encryption mode enabled
[  405.512319][ T8058] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[  405.556544][ T8058] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  405.583649][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  405.693191][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  405.992515][   T12] bond0 (unregistering): Released all slaves
[  406.150633][ T8065] netlink: 16 bytes leftover after parsing attributes in process `syz.2.588'.
[  406.177775][ T8065] netlink: 16 bytes leftover after parsing attributes in process `syz.2.588'.
[  406.734853][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.039579][ T8071] loop2: detected capacity change from 0 to 1024
[  407.124176][ T8071] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  408.392136][ T8071] hfsplus: failed to load root directory
[  409.008914][   T12] hsr_slave_0: left promiscuous mode
[  409.115045][ T8077] input: syz1 as /devices/virtual/input/input11
[  409.130017][   T12] hsr_slave_1: left promiscuous mode
[  409.193034][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  409.267683][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  411.555362][   T12] team0 (unregistering): Port device team_slave_1 removed
[  411.677165][   T12] team0 (unregistering): Port device team_slave_0 removed
[  417.746262][ T7840] team0: Port device team_slave_0 added
[  417.757044][ T7840] team0: Port device team_slave_1 added
[  417.797144][ T7784] hsr_slave_0: entered promiscuous mode
[  417.818960][ T7784] hsr_slave_1: entered promiscuous mode
[  418.016158][ T8120] loop2: detected capacity change from 0 to 128
[  418.074471][ T7840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  418.094860][ T7840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  418.250150][ T7840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  418.447076][ T7840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  418.470274][ T7840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  418.522002][ T7840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  422.274256][ T7840] hsr_slave_0: entered promiscuous mode
[  422.314278][ T7840] hsr_slave_1: entered promiscuous mode
[  422.382018][ T7840] debugfs: 'hsr0' already exists in 'hsr'
[  422.405157][ T7840] Cannot create hsr debugfs directory
[  428.099876][ T8173] netlink: 'syz.2.623': attribute type 4 has an invalid length.
[  428.113630][ T5142] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  428.138763][ T5142] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  428.149856][ T5142] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  428.163315][ T5142] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  428.172543][ T5142] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  429.823805][   T50] bridge_slave_1: left allmulticast mode
[  429.829522][   T50] bridge_slave_1: left promiscuous mode
[  429.842126][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.921984][   T50] bridge_slave_0: left allmulticast mode
[  429.927683][   T50] bridge_slave_0: left promiscuous mode
[  429.964817][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  430.303852][ T5831] Bluetooth: hci6: command tx timeout
[  431.495812][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  431.573400][ T8196] loop2: detected capacity change from 0 to 1024
[  431.652561][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  431.670132][   T50] bond0 (unregistering): Released all slaves
[  432.711412][ T8198] netlink: 452 bytes leftover after parsing attributes in process `syz.0.629'.
[  432.816125][ T5831] Bluetooth: hci6: command tx timeout
[  433.415442][   T50] hsr_slave_0: left promiscuous mode
[  433.441202][   T50] hsr_slave_1: left promiscuous mode
[  433.455801][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  433.465005][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  435.283385][ T5831] Bluetooth: hci6: command tx timeout
[  435.563866][   T50] team0 (unregistering): Port device team_slave_1 removed
[  435.737360][   T50] team0 (unregistering): Port device team_slave_0 removed
[  436.006925][ T8219] netlink: 'syz.4.635': attribute type 15 has an invalid length.
[  436.632484][ T8221] loop4: detected capacity change from 0 to 256
[  436.718343][ T5142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  436.728144][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  436.736191][ T5142] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  436.744627][ T5142] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  436.752604][ T5142] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  437.166768][ T8228] capability: warning: `syz.0.636' uses deprecated v2 capabilities in a way that may be insecure
[  437.362213][ T5142] Bluetooth: hci6: command tx timeout
[  439.804573][ T5142] Bluetooth: hci0: command tx timeout
[  441.842157][ T5142] Bluetooth: hci0: command tx timeout
[  443.762359][ T8172] chnl_net:caif_netlink_parms(): no params data found
[  443.796173][ T8268] netlink: 72 bytes leftover after parsing attributes in process `syz.4.643'.
[  443.921939][ T5142] Bluetooth: hci0: command tx timeout
[  444.580583][ T8222] chnl_net:caif_netlink_parms(): no params data found
[  444.806449][ T8290] Bluetooth: MGMT ver 1.23
[  445.238995][ T8298] loop2: detected capacity change from 0 to 256
[  445.292844][ T8298] exfat: Deprecated parameter 'utf8'
[  446.853126][ T5142] Bluetooth: hci0: command tx timeout
[  447.858190][ T8172] bridge0: port 1(bridge_slave_0) entered blocking state
[  447.866738][ T8172] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.588453][ T8172] bridge_slave_0: entered allmulticast mode
[  448.604563][ T8172] bridge_slave_0: entered promiscuous mode
[  448.762647][ T8172] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.769846][ T8172] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.788009][ T8172] bridge_slave_1: entered allmulticast mode
[  449.418071][ T8172] bridge_slave_1: entered promiscuous mode
[  449.861320][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  449.868725][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  450.325948][ T8335] loop2: detected capacity change from 0 to 128
[  450.549544][ T8172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  452.983649][ T8222] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.990913][ T8222] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.999110][ T8347] loop2: detected capacity change from 0 to 128
[  453.006019][ T8222] bridge_slave_0: entered allmulticast mode
[  453.015218][ T8222] bridge_slave_0: entered promiscuous mode
[  453.029103][ T8172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.107521][ T8222] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.127567][ T8222] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.157275][ T8347] loop2: detected capacity change from 0 to 512
[  453.172921][ T8347] EXT4-fs: inline encryption not supported
[  453.178828][ T8347] EXT4-fs: Ignoring removed bh option
[  453.187517][ T8222] bridge_slave_1: entered allmulticast mode
[  453.215604][ T8222] bridge_slave_1: entered promiscuous mode
[  453.729788][ T8172] team0: Port device team_slave_0 added
[  453.755583][ T8222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  453.806645][ T8222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  453.860761][ T8172] team0: Port device team_slave_1 added
[  455.159451][ T8377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.666'.
[  455.270865][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.301330][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  455.380588][ T8172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.424715][ T8222] team0: Port device team_slave_0 added
[  455.545125][ T8222] team0: Port device team_slave_1 added
[  455.600531][ T8172] batman_adv: batadv0: Adding interface: batadv_slave_1
[  455.620332][ T8172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  455.687124][ T8172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  455.881115][ T8222] batman_adv: batadv0: Adding interface: batadv_slave_0
[  455.916825][ T8222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  455.967489][ T8222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  455.989312][   T13] bridge_slave_1: left allmulticast mode
[  456.001915][   T13] bridge_slave_1: left promiscuous mode
[  456.010028][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.054840][   T13] bridge_slave_0: left allmulticast mode
[  456.070591][   T13] bridge_slave_0: left promiscuous mode
[  456.098291][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.590340][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  458.732848][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.813516][   T13] bond0 (unregistering): Released all slaves
[  458.900084][ T8222] batman_adv: batadv0: Adding interface: batadv_slave_1
[  459.862366][ T8222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  459.888851][ T8222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.170170][ T8419] loop2: detected capacity change from 0 to 4096
[  460.428798][   T13] hsr_slave_0: left promiscuous mode
[  460.784202][   T13] hsr_slave_1: left promiscuous mode
[  460.872683][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  461.053514][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.184140][ T8430] netlink: 'syz.2.681': attribute type 15 has an invalid length.
[  461.425632][ T8432] loop2: detected capacity change from 0 to 256
[  462.125981][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.0.683'.
[  463.752739][   T13] team0 (unregistering): Port device team_slave_1 removed
[  466.500089][ T8469] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  466.598057][   T13] team0 (unregistering): Port device team_slave_0 removed
[  467.191400][ T8475] loop2: detected capacity change from 0 to 1024
[  471.269228][ T8172] hsr_slave_0: entered promiscuous mode
[  472.025883][ T8172] hsr_slave_1: entered promiscuous mode
[  472.358883][ T8222] hsr_slave_0: entered promiscuous mode
[  472.413727][ T8222] hsr_slave_1: entered promiscuous mode
[  472.420233][ T8222] debugfs: 'hsr0' already exists in 'hsr'
[  472.456728][ T8222] Cannot create hsr debugfs directory
[  472.877498][ T8518] netlink: 'syz.2.701': attribute type 15 has an invalid length.
[  473.575677][ T8522] loop2: detected capacity change from 0 to 256
[  476.082893][ T8527] loop4: detected capacity change from 0 to 8192
[  483.005915][ T8574] tty tty29: ldisc open failed (-12), clearing slot 28
[  490.838264][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  490.850885][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  490.862212][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  490.874549][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  490.884914][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  492.885649][ T8615] process 'syz.0.729' launched './file0' with NULL argv: empty string added
[  493.301284][ T5831] Bluetooth: hci5: command tx timeout
[  493.754253][ T1136] bridge_slave_1: left allmulticast mode
[  493.759935][ T1136] bridge_slave_1: left promiscuous mode
[  493.782465][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.963289][ T1136] bridge_slave_0: left allmulticast mode
[  493.969018][ T1136] bridge_slave_0: left promiscuous mode
[  494.022125][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state
[  494.878676][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  496.249682][ T5831] Bluetooth: hci5: command tx timeout
[  496.274762][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  496.665185][ T1136] bond0 (unregistering): Released all slaves
[  497.253300][ T8601] chnl_net:caif_netlink_parms(): no params data found
[  498.193554][ T1136] hsr_slave_0: left promiscuous mode
[  498.231961][ T1136] hsr_slave_1: left promiscuous mode
[  498.246083][ T8646] loop4: detected capacity change from 0 to 1024
[  498.256094][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  498.325933][ T5831] Bluetooth: hci5: command tx timeout
[  498.372912][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  498.633523][ T5142] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  498.645293][ T5142] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  498.663233][ T5142] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  498.764742][ T5142] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  498.775735][ T5142] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  499.765969][ T1136] team0 (unregistering): Port device team_slave_1 removed
[  499.891965][ T1136] team0 (unregistering): Port device team_slave_0 removed
[  500.404448][ T8646] loop4: detected capacity change from 0 to 1024
[  500.409250][ T5831] Bluetooth: hci5: command tx timeout
[  500.867498][ T5831] Bluetooth: hci6: command tx timeout
[  503.050266][ T5831] Bluetooth: hci6: command tx timeout
[  503.228092][ T8678] loop2: detected capacity change from 0 to 1024
[  503.275213][  T977] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  503.443166][  T977] usb 5-1: Using ep0 maxpacket: 16
[  503.464605][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  503.482335][  T977] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.531719][  T977] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  503.605960][ T8601] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.614705][  T977] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  503.643063][ T8601] bridge0: port 1(bridge_slave_0) entered disabled state
[  503.672002][  T977] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.701130][ T8601] bridge_slave_0: entered allmulticast mode
[  503.735296][ T8601] bridge_slave_0: entered promiscuous mode
[  503.745916][  T977] usb 5-1: config 0 descriptor??
[  503.782528][ T8601] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.811494][ T8601] bridge0: port 2(bridge_slave_1) entered disabled state
[  503.834351][ T8601] bridge_slave_1: entered allmulticast mode
[  503.863375][ T8601] bridge_slave_1: entered promiscuous mode
[  504.946423][  T977] HID 045e:07da: Invalid code 65791 type 1
[  505.066648][  T977] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0003/input/input12
[  505.132004][ T5831] Bluetooth: hci6: command tx timeout
[  505.190810][  T977] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  505.280232][  T977] usb 5-1: USB disconnect, device number 5
[  505.504620][ T8601] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  505.594683][ T8601] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  505.668915][ T8699] fido_id[8699]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  506.003392][ T8706] netlink: 'syz.4.749': attribute type 15 has an invalid length.
[  506.643911][ T8709] loop4: detected capacity change from 0 to 256
[  506.793450][ T8601] team0: Port device team_slave_0 added
[  506.826943][ T8601] team0: Port device team_slave_1 added
[  507.300763][ T5831] Bluetooth: hci6: command tx timeout
[  507.717589][ T8601] batman_adv: batadv0: Adding interface: batadv_slave_0
[  507.761843][ T8601] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  507.788360][ T8601] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.812605][ T8601] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.819579][ T8601] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  507.846374][ T8601] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  507.877910][ T8726] loop2: detected capacity change from 0 to 1024
[  509.998686][ T8737] loop4: detected capacity change from 0 to 764
[  510.033768][ T8737] /dev/loop4: Can't open blockdev
[  510.065545][ T8601] hsr_slave_0: entered promiscuous mode
[  510.105984][ T8601] hsr_slave_1: entered promiscuous mode
[  512.620363][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  512.626801][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  513.389993][ T8755] netlink: 'syz.3.762': attribute type 15 has an invalid length.
[  514.113639][ T8648] chnl_net:caif_netlink_parms(): no params data found
[  517.376966][ T8786] loop2: detected capacity change from 0 to 1024
[  518.111977][ T8786] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  518.123045][ T8786] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  519.047871][ T8786] JBD2: no valid journal superblock found
[  519.053735][ T8786] EXT4-fs (loop2): Could not load journal inode
[  519.644289][ T8648] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.651626][ T8648] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.672149][ T8648] bridge_slave_0: entered allmulticast mode
[  519.680490][ T8648] bridge_slave_0: entered promiscuous mode
[  519.739982][ T1136] bridge_slave_1: left allmulticast mode
[  519.762225][ T1136] bridge_slave_1: left promiscuous mode
[  519.768075][ T1136] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.134406][ T1136] bridge_slave_0: left allmulticast mode
[  520.170587][ T1136] bridge_slave_0: left promiscuous mode
[  520.191638][ T1136] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.677819][ T6041] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  523.864295][ T6041] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  523.887581][ T6041] usb 5-1: config 179 has no interface number 0
[  523.929591][ T6041] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  524.019710][ T6041] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64
[  524.072979][ T6041] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  524.112309][ T6041] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  524.173145][ T1136] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  524.192196][ T6041] usb 5-1: string descriptor 0 read error: -71
[  524.198477][ T6041] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  524.207906][ T6041] usb 5-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[  524.232957][ T6041] usb 5-1: can't set config #179, error -71
[  524.241053][ T6041] usb 5-1: USB disconnect, device number 6
[  524.330109][ T8811] loop2: detected capacity change from 0 to 1024
[  524.362566][ T1136] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  524.543687][ T1136] bond0 (unregistering): Released all slaves
[  524.678525][ T8648] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.696574][ T8648] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.726679][ T8648] bridge_slave_1: entered allmulticast mode
[  524.759349][ T8648] bridge_slave_1: entered promiscuous mode
[  525.417705][ T8818] netlink: 'syz.2.774': attribute type 15 has an invalid length.
[  525.464528][ T1136] hsr_slave_0: left promiscuous mode
[  525.541860][ T1136] hsr_slave_1: left promiscuous mode
[  525.548274][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_0
[  525.740596][ T8823] loop2: detected capacity change from 0 to 256
[  526.022831][ T1136] batman_adv: batadv0: Removing interface: batadv_slave_1
[  526.077742][ T8824] loop4: detected capacity change from 0 to 1024
[  526.096481][ T8824] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  526.130914][ T8824] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  526.305154][ T8824] JBD2: no valid journal superblock found
[  526.367458][ T8824] EXT4-fs (loop4): Could not load journal inode
[  527.384884][ T1136] team0 (unregistering): Port device team_slave_1 removed
[  528.220101][ T1136] team0 (unregistering): Port device team_slave_0 removed
[  529.431847][ T8601] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  531.266515][ T8648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  531.387406][ T8601] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  531.453552][ T8601] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  531.557703][ T8648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  531.695773][ T8847] netlink: 'syz.4.785': attribute type 12 has an invalid length.
[  531.751930][ T8601] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  532.086347][ T8648] team0: Port device team_slave_0 added
[  532.151145][ T8648] team0: Port device team_slave_1 added
[  532.503172][ T8867] netlink: 'syz.2.788': attribute type 15 has an invalid length.
[  532.978697][ T8868] loop2: detected capacity change from 0 to 256
[  532.993666][ T8859] loop4: detected capacity change from 0 to 8192
[  533.627097][ T8648] batman_adv: batadv0: Adding interface: batadv_slave_0
[  533.671862][ T8648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  533.766093][ T8648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  533.912751][ T8648] batman_adv: batadv0: Adding interface: batadv_slave_1
[  533.942331][ T8648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  534.039635][ T8879] loop2: detected capacity change from 0 to 512
[  534.061845][ T8648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  534.176472][ T8879] EXT4-fs: Ignoring removed oldalloc option
[  535.207475][ T8648] hsr_slave_0: entered promiscuous mode
[  535.263279][ T8648] hsr_slave_1: entered promiscuous mode
[  535.269782][ T8648] debugfs: 'hsr0' already exists in 'hsr'
[  535.329013][ T8648] Cannot create hsr debugfs directory
[  537.990239][ T8909] netlink: 220 bytes leftover after parsing attributes in process `syz.3.796'.
[  540.887367][ T5921] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  540.955973][ T5921] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  541.118146][ T8601] 8021q: adding VLAN 0 to HW filter on device bond0
[  541.179306][ T8923] netlink: 277 bytes leftover after parsing attributes in process `syz.3.799'.
[  542.581557][ T8601] 8021q: adding VLAN 0 to HW filter on device team0
[  542.857119][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.864366][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  542.946853][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.954128][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  545.234814][ T8648] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  545.349123][ T8964] loop4: detected capacity change from 0 to 512
[  545.358933][ T8648] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  547.614101][ T8964] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  547.644358][ T8648] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  547.704493][ T8648] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  547.713510][ T8964] EXT4-fs (loop4): write access unavailable, skipping orphan cleanup
[  547.791253][ T8964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  549.758541][ T8648] 8021q: adding VLAN 0 to HW filter on device bond0
[  549.836846][ T5142] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  549.852675][ T5142] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  549.860390][ T5142] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  549.873267][ T5142] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  549.884157][ T5142] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  549.895701][ T8648] 8021q: adding VLAN 0 to HW filter on device team0
[  549.926977][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.281181][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.288380][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  551.570162][ T9000] xt_CT: You must specify a L4 protocol and not use inversions on it
[  551.579284][ T5961] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  551.771144][ T5961] usb 5-1: unable to get BOS descriptor or descriptor too short
[  551.801728][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  551.808945][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  551.828643][ T5961] usb 5-1: New USB device found, idVendor=1740, idProduct=9707, bcdDevice=34.de
[  551.872843][ T5961] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.880877][ T5961] usb 5-1: Product: syz
[  551.916954][ T5961] usb 5-1: Manufacturer: syz
[  551.921588][ T5961] usb 5-1: SerialNumber: syz
[  551.976372][ T5961] usb 5-1: config 0 descriptor??
[  552.001906][ T5142] Bluetooth: hci0: command tx timeout
[  552.251550][   T24] usb 5-1: USB disconnect, device number 7
[  552.780262][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  552.968123][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  552.996509][   T24] usb 5-1: unable to read config index 0 descriptor/start: -71
[  553.022503][   T24] usb 5-1: can't read configurations, error -71
[  553.130720][   T78] bridge_slave_1: left allmulticast mode
[  553.152204][   T78] bridge_slave_1: left promiscuous mode
[  553.158029][   T78] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.223935][   T78] bridge_slave_0: left allmulticast mode
[  553.229641][   T78] bridge_slave_0: left promiscuous mode
[  553.254784][   T78] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.276632][ T9018] netlink: 'syz.3.821': attribute type 15 has an invalid length.
[  555.672147][ T5142] Bluetooth: hci0: command tx timeout
[  557.751944][ T5142] Bluetooth: hci0: command tx timeout
[  559.143135][   T78] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  559.200019][   T78] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  559.229204][   T78] bond0 (unregistering): Released all slaves
[  559.364455][ T9031] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  559.372571][ T9031] batadv_slave_0: entered promiscuous mode
[  559.588585][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  559.609036][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  559.617044][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  559.652149][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  559.672115][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  559.762346][ T5142] Bluetooth: hci0: command tx timeout
[  560.031888][   T78] hsr_slave_0: left promiscuous mode
[  560.107477][   T78] hsr_slave_1: left promiscuous mode
[  560.152975][   T78] batman_adv: batadv0: Removing interface: batadv_slave_0
[  560.985821][   T78] batman_adv: batadv0: Removing interface: batadv_slave_1
[  561.552946][ T9058] overlayfs: failed to resolve './file0': -2
[  561.736069][ T9064] netlink: 'syz.2.832': attribute type 15 has an invalid length.
[  561.763141][ T5142] Bluetooth: hci5: command tx timeout
[  562.213043][ T9065] loop2: detected capacity change from 0 to 256
[  562.449124][   T78] team0 (unregistering): Port device team_slave_1 removed
[  562.685647][   T78] team0 (unregistering): Port device team_slave_0 removed
[  562.820527][ T9077] loop4: detected capacity change from 0 to 2048
[  563.187464][ T9081] netlink: 12 bytes leftover after parsing attributes in process `syz.4.839'.
[  563.848810][ T5142] Bluetooth: hci5: command tx timeout
[  564.117042][ T8988] chnl_net:caif_netlink_parms(): no params data found
[  565.922120][ T5142] Bluetooth: hci5: command tx timeout
[  565.943907][ T9112] netlink: 'syz.2.847': attribute type 15 has an invalid length.
[  566.181890][ T9114] loop2: detected capacity change from 0 to 256
[  567.073044][ T9126] loop4: detected capacity change from 0 to 8
[  567.164103][ T8988] bridge0: port 1(bridge_slave_0) entered blocking state
[  567.181967][ T8988] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.209890][ T8988] bridge_slave_0: entered allmulticast mode
[  567.250133][ T8988] bridge_slave_0: entered promiscuous mode
[  567.277209][ T8988] bridge0: port 2(bridge_slave_1) entered blocking state
[  567.301940][ T8988] bridge0: port 2(bridge_slave_1) entered disabled state
[  567.319521][ T8988] bridge_slave_1: entered allmulticast mode
[  567.331848][ T8988] bridge_slave_1: entered promiscuous mode
[  567.947128][ T8988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  567.962780][ T8988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  568.001969][ T5142] Bluetooth: hci5: command tx timeout
[  569.003408][ T8988] team0: Port device team_slave_0 added
[  569.037101][ T9148] loop4: detected capacity change from 0 to 512
[  569.076453][ T8988] team0: Port device team_slave_1 added
[  569.102405][ T9150] loop2: detected capacity change from 0 to 1024
[  569.133057][ T9150] EXT4-fs: Ignoring removed nobh option
[  569.138706][ T9150] EXT4-fs: Ignoring removed bh option
[  569.650120][ T8988] batman_adv: batadv0: Adding interface: batadv_slave_0
[  569.667258][ T9162] netlink: 'syz.3.860': attribute type 15 has an invalid length.
[  569.680325][ T8988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  569.762028][ T8988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  569.809013][ T9043] chnl_net:caif_netlink_parms(): no params data found
[  569.842049][ T5971] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  569.885302][ T8988] batman_adv: batadv0: Adding interface: batadv_slave_1
[  569.898670][ T8988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  569.935580][ T8988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  570.074828][ T5971] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  570.087727][ T5971] usb 5-1: config 179 has no interface number 0
[  570.101333][ T5971] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  570.132388][ T5971] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64
[  570.146843][ T5971] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  570.158530][ T5971] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  570.192844][ T5971] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  570.213729][ T5971] usb 5-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[  570.234855][ T5971] usb 5-1: Product: syz
[  570.301056][ T9159] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  570.624888][ T5971] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input13
[  570.806998][ T5971] usb 5-1: USB disconnect, device number 10
[  570.807083][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  570.821392][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  570.987397][ T8988] hsr_slave_0: entered promiscuous mode
[  570.997084][ T8988] hsr_slave_1: entered promiscuous mode
[  571.103977][ T9043] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.111474][ T9043] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.119815][ T9043] bridge_slave_0: entered allmulticast mode
[  571.128909][ T9043] bridge_slave_0: entered promiscuous mode
[  571.139659][ T9043] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.147582][ T9043] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.154964][ T9043] bridge_slave_1: entered allmulticast mode
[  571.163315][ T9043] bridge_slave_1: entered promiscuous mode
[  571.172085][  T977] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  571.327204][ T9043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  571.336571][  T977] usb 3-1: Using ep0 maxpacket: 16
[  571.354111][  T977] usb 3-1: config 0 has an invalid interface number: 155 but max is 0
[  571.371847][  T977] usb 3-1: config 0 has no interface number 0
[  571.388498][  T977] usb 3-1: config 0 interface 155 has no altsetting 0
[  571.405746][  T977] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=37.c4
[  571.472193][  T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.473439][ T9043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  571.516448][  T977] usb 3-1: config 0 descriptor??
[  572.614460][ T9196] loop4: detected capacity change from 0 to 256
[  572.636403][  T977] appletouch 3-1:0.155: Failed to request geyser raw mode
[  572.665024][  T977] appletouch 3-1:0.155: probe with driver appletouch failed with error -5
[  572.709945][  T977] usb 3-1: USB disconnect, device number 12
[  572.733554][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  572.872013][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  572.932795][ T9043] team0: Port device team_slave_0 added
[  572.966759][ T9043] team0: Port device team_slave_1 added
[  573.332688][   T13] bridge_slave_1: left allmulticast mode
[  573.351593][   T13] bridge_slave_1: left promiscuous mode
[  573.363812][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.436049][   T13] bridge_slave_0: left allmulticast mode
[  573.460825][   T13] bridge_slave_0: left promiscuous mode
[  573.480071][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.555471][ T9209] netlink: 'syz.2.875': attribute type 15 has an invalid length.
[  574.615980][ T9212] loop2: detected capacity change from 0 to 256
[  576.473037][ T9221] loop4: detected capacity change from 0 to 8
[  576.553051][ T9221] SQUASHFS error: lzo decompression failed, data probably corrupt
[  576.560951][ T9221] SQUASHFS error: Failed to read block 0x91: -5
[  576.617662][ T9221] SQUASHFS error: Unable to read metadata cache entry [8f]
[  576.633260][ T9221] SQUASHFS error: Unable to read inode 0x11f
[  576.798827][ T9223] loop2: detected capacity change from 0 to 1024
[  576.876297][ T9223] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  577.904655][ T9223] hfsplus: failed to load root directory
[  579.196130][ T9228] input: syz1 as /devices/virtual/input/input15
[  579.914062][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  579.952640][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  579.974899][   T13] bond0 (unregistering): Released all slaves
[  580.067644][ T9043] batman_adv: batadv0: Adding interface: batadv_slave_0
[  580.077526][ T9043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  580.147238][ T9043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  580.166667][ T9043] batman_adv: batadv0: Adding interface: batadv_slave_1
[  580.175830][ T9043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  580.205033][ T9043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  580.368685][   T13] hsr_slave_0: left promiscuous mode
[  580.392721][   T13] hsr_slave_1: left promiscuous mode
[  580.412004][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  580.438416][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  583.072332][ T5907] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  583.232201][ T5907] usb 3-1: Using ep0 maxpacket: 16
[  583.240870][ T5907] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  583.251613][   T13] team0 (unregistering): Port device team_slave_1 removed
[  583.259473][ T5907] usb 3-1: config 0 has no interface number 0
[  583.272672][ T5907] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  583.292957][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  583.300992][ T5907] usb 3-1: Product: syz
[  583.305717][ T5907] usb 3-1: Manufacturer: syz
[  583.310339][ T5907] usb 3-1: SerialNumber: syz
[  583.326707][ T5907] usb 3-1: config 0 descriptor??
[  583.334801][ T5907] hub 3-1:0.132: bad descriptor, ignoring hub
[  583.341387][ T5907] hub 3-1:0.132: probe with driver hub failed with error -5
[  583.367445][ T5907] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input16
[  583.399079][   T13] team0 (unregistering): Port device team_slave_0 removed
[  583.927546][ T9252] netlink: 'syz.0.890': attribute type 15 has an invalid length.
[  584.935363][ T9043] hsr_slave_0: entered promiscuous mode
[  584.946972][ T9043] hsr_slave_1: entered promiscuous mode
[  584.975750][ T9043] debugfs: 'hsr0' already exists in 'hsr'
[  584.981533][ T9043] Cannot create hsr debugfs directory
[  585.259067][ T9269] fuse: Bad value for 'fd'
[  586.854222][ T9274] loop2: detected capacity change from 0 to 2048
[  586.880837][ T9274] EXT4-fs: Ignoring removed mblk_io_submit option
[  590.814000][ T9294] netlink: 'syz.2.904': attribute type 15 has an invalid length.
[  591.066292][ T9296] loop2: detected capacity change from 0 to 256
[  591.377554][ T5971] usb 3-1: USB disconnect, device number 13
[  591.532226][ T8988] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  591.605121][ T8988] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  591.831842][ T8988] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  591.897833][ T9303] loop4: detected capacity change from 0 to 8192
[  591.923328][ T8988] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  595.298326][ T8988] 8021q: adding VLAN 0 to HW filter on device bond0
[  595.419637][ T8988] 8021q: adding VLAN 0 to HW filter on device team0
[  595.446032][ T9043] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  595.490209][ T9043] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  595.519663][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.526827][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state
[  595.573522][ T9043] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  595.613593][ T9043] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  595.677254][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  595.684484][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  598.056982][ T9043] 8021q: adding VLAN 0 to HW filter on device bond0
[  598.188695][ T9043] 8021q: adding VLAN 0 to HW filter on device team0
[  598.246214][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.253452][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  598.339236][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  598.346469][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  598.555356][ T9043] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  600.006598][ T8988] 8021q: adding VLAN 0 to HW filter on device batadv0
[  600.073036][ T9360] netlink: 'syz.3.917': attribute type 15 has an invalid length.
[  600.241626][ T9043] 8021q: adding VLAN 0 to HW filter on device batadv0
[  603.613330][ T8988] veth0_vlan: entered promiscuous mode
[  603.704512][ T8988] veth1_vlan: entered promiscuous mode
[  603.874809][ T8988] veth0_macvtap: entered promiscuous mode
[  603.967763][ T8988] veth1_macvtap: entered promiscuous mode
[  604.040079][ T9043] veth0_vlan: entered promiscuous mode
[  604.118191][ T9043] veth1_vlan: entered promiscuous mode
[  604.276757][ T8988] batman_adv: batadv0: Interface activated: batadv_slave_0
[  604.344709][ T8988] batman_adv: batadv0: Interface activated: batadv_slave_1
[  604.484059][ T1146] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  604.554839][ T1146] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  604.607841][ T1146] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  604.658056][ T1146] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  604.735581][ T9043] veth0_macvtap: entered promiscuous mode
[  604.828985][ T9043] veth1_macvtap: entered promiscuous mode
[  605.064315][ T9043] batman_adv: batadv0: Interface activated: batadv_slave_0
[  605.180331][ T9043] batman_adv: batadv0: Interface activated: batadv_slave_1
[  605.193389][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  605.241815][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  605.376384][ T9417] loop2: detected capacity change from 0 to 1024
[  605.454613][ T1146] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  605.480074][ T1146] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  605.600270][ T1146] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  605.629499][ T1146] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  606.344716][ T1146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  606.412136][ T1146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  606.658375][ T1156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  606.720071][ T1156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  609.553409][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  609.571908][ T5831] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  609.612338][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  609.637668][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  609.648590][ T5831] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  610.097576][ T5982] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  610.322859][   T30] audit: type=1326 audit(1760171366.914:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  610.392332][   T30] audit: type=1326 audit(1760171366.924:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  610.426886][   T30] audit: type=1326 audit(1760171366.934:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  610.531843][   T30] audit: type=1326 audit(1760171366.934:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  610.621093][   T30] audit: type=1326 audit(1760171366.934:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  610.677058][ T5982] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  611.948215][ T5831] Bluetooth: hci0: command tx timeout
[  611.988092][   T30] audit: type=1326 audit(1760171366.934:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  612.962412][   T30] audit: type=1326 audit(1760171366.944:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  613.071926][   T30] audit: type=1326 audit(1760171366.944:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  613.210961][   T30] audit: type=1326 audit(1760171366.944:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  613.258359][ T9474] netlink: 'syz.0.940': attribute type 15 has an invalid length.
[  613.338999][   T30] audit: type=1326 audit(1760171366.944:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9455 comm="syz.3.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0d878eec9 code=0x7ffc0000
[  614.941837][ T5831] Bluetooth: hci0: command tx timeout
[  615.164236][ T5982] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.686261][ T9489] fuse: Bad value for 'fd'
[  615.687522][ T5982] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  616.042607][ T9493] fuse: Bad value for 'fd'
[  616.503700][ T9501] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  616.516729][ T9501] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  616.524709][ T9501] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  616.562074][ T5982] bridge_slave_1: left allmulticast mode
[  616.567787][ T5982] bridge_slave_1: left promiscuous mode
[  616.574378][ T9501] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  616.581900][ T5982] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.590162][ T9501] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  616.658919][ T5982] bridge_slave_0: left allmulticast mode
[  616.689333][ T5982] bridge_slave_0: left promiscuous mode
[  616.725975][ T5982] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.967169][ T9501] Bluetooth: hci0: command tx timeout
[  618.641960][ T9501] Bluetooth: hci6: command tx timeout
[  619.668209][ T9501] Bluetooth: hci0: command tx timeout
[  619.903414][ T9535] loop2: detected capacity change from 0 to 1024
[  620.197212][ T9541] netlink: 'syz.7.954': attribute type 15 has an invalid length.
[  620.735682][ T9501] Bluetooth: hci6: command tx timeout
[  621.342014][ T9544] loop7: detected capacity change from 0 to 256
[  621.466899][ T9544] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  621.478114][ T9544] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  621.783545][ T9544] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  621.831837][ T9544] exFAT-fs (loop7): failed to load alloc-bitmap
[  621.851909][ T9544] exFAT-fs (loop7): failed to recognize exfat type
[  621.970080][ T5982] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  622.015577][ T5982] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  622.046205][ T5982] bond0 (unregistering): Released all slaves
[  622.420382][ T9554] loop2: detected capacity change from 0 to 1024
[  622.422302][ T9444] chnl_net:caif_netlink_parms(): no params data found
[  622.812414][ T9501] Bluetooth: hci6: command tx timeout
[  624.128667][ T5982] hsr_slave_0: left promiscuous mode
[  624.180018][ T5982] hsr_slave_1: left promiscuous mode
[  624.194341][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  624.220197][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_0
[  624.259301][ T5982] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  624.311373][ T5982] batman_adv: batadv0: Removing interface: batadv_slave_1
[  624.448547][ T5982] veth1_macvtap: left promiscuous mode
[  624.469124][ T5982] veth0_macvtap: left promiscuous mode
[  624.486015][ T5982] veth1_vlan: left promiscuous mode
[  624.502172][ T5982] veth0_vlan: left promiscuous mode
[  624.882000][ T9501] Bluetooth: hci6: command tx timeout
[  626.969052][ T9600] netlink: 'syz.0.968': attribute type 15 has an invalid length.
[  627.141617][ T9602] binder_alloc: binder_alloc_mmap_handler: 9601 200000ffc000-200000ffd000 already mapped failed -16
[  628.843404][ T9612] loop7: detected capacity change from 0 to 128
[  628.896350][ T9612] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  628.957207][ T9612] ext4 filesystem being mounted at /7/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  629.312953][ T9043] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  629.389074][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  629.389101][   T30] audit: type=1326 audit(1760171385.994:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.451884][   T30] audit: type=1326 audit(1760171385.994:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.474610][   T30] audit: type=1326 audit(1760171386.034:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.498272][   T30] audit: type=1326 audit(1760171386.034:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.561861][   T30] audit: type=1326 audit(1760171386.034:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.611917][   T30] audit: type=1326 audit(1760171386.044:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  629.673884][   T30] audit: type=1326 audit(1760171386.134:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcaaa92af79 code=0x7ffc0000
[  630.104719][ T9626] Bluetooth: MGMT ver 1.23
[  630.727881][   T30] audit: type=1326 audit(1760171386.134:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcaaa92af79 code=0x7ffc0000
[  631.991970][   T30] audit: type=1326 audit(1760171386.134:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcaaa92af79 code=0x7ffc0000
[  632.041958][   T30] audit: type=1326 audit(1760171386.134:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.2.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcaaa92af79 code=0x7ffc0000
[  632.804126][ T9501] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  632.812952][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  633.098201][ T5982] team0 (unregistering): Port device team_slave_1 removed
[  633.437265][ T5982] team0 (unregistering): Port device team_slave_0 removed
[  634.167020][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  634.174061][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  634.435545][ T9644] loop7: detected capacity change from 0 to 2048
[  634.491711][ T9644] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  634.506607][ T9644] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  634.811256][ T9043] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.429121][ T9444] bridge0: port 1(bridge_slave_0) entered blocking state
[  636.443129][ T9444] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.462855][ T9444] bridge_slave_0: entered allmulticast mode
[  636.487607][ T9444] bridge_slave_0: entered promiscuous mode
[  636.511492][ T9444] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.529226][ T9444] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.545660][ T9444] bridge_slave_1: entered allmulticast mode
[  636.564078][ T9444] bridge_slave_1: entered promiscuous mode
[  636.866903][ T9444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  637.523659][ T9444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  637.705855][ T9672] loop7: detected capacity change from 0 to 8
[  638.101007][ T9444] team0: Port device team_slave_0 added
[  638.181014][ T9444] team0: Port device team_slave_1 added
[  640.739490][ T9444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  640.761823][ T9444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  640.841852][ T9444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  640.874671][ T9444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  640.881655][ T9444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  640.952245][ T9444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  640.988823][ T9499] chnl_net:caif_netlink_parms(): no params data found
[  642.493328][ T9444] hsr_slave_0: entered promiscuous mode
[  642.500331][ T9444] hsr_slave_1: entered promiscuous mode
[  643.404491][ T9499] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.411829][ T9499] bridge0: port 1(bridge_slave_0) entered disabled state
[  643.419057][ T9499] bridge_slave_0: entered allmulticast mode
[  643.464263][ T9499] bridge_slave_0: entered promiscuous mode
[  643.555778][ T9499] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.582997][ T9499] bridge0: port 2(bridge_slave_1) entered disabled state
[  643.590303][ T9499] bridge_slave_1: entered allmulticast mode
[  643.612292][ T9713] netlink: 'syz.0.1003': attribute type 15 has an invalid length.
[  643.691878][ T9499] bridge_slave_1: entered promiscuous mode
[  644.105032][ T9499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  644.144837][ T9499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  645.726485][ T9499] team0: Port device team_slave_0 added
[  645.747513][ T9499] team0: Port device team_slave_1 added
[  648.933556][ T9736] ˙: renamed from bond_slave_0 (while UP)
[  649.042544][ T9741] loop2: detected capacity change from 0 to 512
[  649.172200][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  649.179213][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  649.293146][ T9499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  649.294511][ T9754] loop7: detected capacity change from 0 to 16
[  649.354475][ T9499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  649.361457][ T9499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  649.389897][ T9754] erofs (device loop7): mounted with root inode @ nid 36.
[  649.459761][ T9499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  649.782934][ T9763] loop2: detected capacity change from 0 to 128
[  649.842372][ T9766] netlink: 'syz.0.1014': attribute type 15 has an invalid length.
[  650.006415][ T9769] loop7: detected capacity change from 0 to 1024
[  650.020073][ T9772] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1015'.
[  650.200583][ T9499] hsr_slave_0: entered promiscuous mode
[  650.210054][ T9775] loop2: detected capacity change from 0 to 256
[  650.243924][ T9499] hsr_slave_1: entered promiscuous mode
[  650.284768][ T9499] debugfs: 'hsr0' already exists in 'hsr'
[  650.300123][ T9775] loop2: detected capacity change from 0 to 764
[  650.312511][ T9499] Cannot create hsr debugfs directory
[  650.497626][ T9779] Symlink component flag not implemented
[  650.521749][ T9779] Symlink component flag not implemented
[  650.794654][ T9784] loop7: detected capacity change from 0 to 128
[  650.886548][ T9784] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  652.032284][ T9784] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  655.088088][ T9444] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  655.125437][ T9043] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  655.186912][ T9444] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  656.049044][ T9444] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  656.174626][ T9444] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  658.208429][ T9834] loop7: detected capacity change from 0 to 512
[  658.220168][ T9499] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  658.247920][ T9834] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  658.284318][ T9499] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  658.338952][ T9834] EXT4-fs error (device loop7): ext4_free_branches:1020: inode #11: comm syz.7.1031: invalid indirect mapped block 4294967295 (level 1)
[  658.401337][ T9499] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  658.737615][ T9834] EXT4-fs (loop7): Remounting filesystem read-only
[  658.744805][ T9834] EXT4-fs (loop7): 2 truncates cleaned up
[  658.758747][ T9499] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  658.850891][ T9834] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.942132][ T9834] EXT4-fs (loop7): shut down requested (2)
[  659.195662][ T9043] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.338680][ T9444] 8021q: adding VLAN 0 to HW filter on device bond0
[  659.472718][ T9444] 8021q: adding VLAN 0 to HW filter on device team0
[  659.521041][ T9499] 8021q: adding VLAN 0 to HW filter on device bond0
[  659.567599][ T9854] binder_alloc: binder_alloc_mmap_handler: 9853 200000ffc000-200000ffd000 already mapped failed -16
[  659.594326][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  659.601511][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  659.708122][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  659.715323][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  659.780836][ T9499] 8021q: adding VLAN 0 to HW filter on device team0
[  659.781188][ T9860] loop2: detected capacity change from 0 to 2048
[  659.924426][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state
[  659.931671][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  661.150803][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.158050][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state
[  662.482460][   T30] kauditd_printk_skb: 260 callbacks suppressed
[  662.482496][   T30] audit: type=1326 audit(1760171416.095:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  662.657909][   T30] audit: type=1326 audit(1760171416.095:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  662.781732][   T30] audit: type=1326 audit(1760171416.145:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  662.935808][   T30] audit: type=1326 audit(1760171416.145:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.035560][   T30] audit: type=1326 audit(1760171416.145:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.142322][   T30] audit: type=1326 audit(1760171416.145:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.208166][ T5831] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  663.214601][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  663.276093][   T30] audit: type=1326 audit(1760171416.145:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.386858][   T30] audit: type=1326 audit(1760171416.145:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.507520][ T9885] netlink: 'syz.3.1041': attribute type 15 has an invalid length.
[  663.589685][   T30] audit: type=1326 audit(1760171416.155:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  663.784024][ T9499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  663.791829][   T30] audit: type=1326 audit(1760171416.155:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9868 comm="syz.2.1039" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcaaa98eec9 code=0x7ffc0000
[  665.056106][ T9444] 8021q: adding VLAN 0 to HW filter on device batadv0
[  666.315145][ T6020] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.837488][ T6020] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.235964][ T6020] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.025833][ T6020] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  668.197693][ T9928] binder_alloc: binder_alloc_mmap_handler: 9927 200000ffc000-200000ffd000 already mapped failed -16
[  668.396669][ T9499] veth0_vlan: entered promiscuous mode
[  668.459435][ T9499] veth1_vlan: entered promiscuous mode
[  668.730701][ T9499] veth0_macvtap: entered promiscuous mode
[  668.895112][ T9501] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  668.904141][ T9501] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  668.912123][ T9501] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  668.921083][ T9501] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  668.929088][ T9501] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  669.104678][ T9499] veth1_macvtap: entered promiscuous mode
[  669.299921][ T9937] loop7: detected capacity change from 0 to 2048
[  669.313363][ T9499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.340375][ T6020] bridge_slave_1: left allmulticast mode
[  669.362492][ T9937] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  669.365687][ T6020] bridge_slave_1: left promiscuous mode
[  669.442665][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.488252][ T6020] bridge_slave_0: left allmulticast mode
[  669.700851][ T6020] bridge_slave_0: left promiscuous mode
[  669.708179][ T6020] bridge0: port 1(bridge_slave_0) entered disabled state
[  670.019643][ T9941] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1052'.
[  671.472799][ T5831] Bluetooth: hci0: command tx timeout
[  672.325884][ T9960] loop2: detected capacity change from 0 to 256
[  673.164880][ T6020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  673.292411][ T6020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  673.321539][ T6020] bond0 (unregistering): Released all slaves
[  673.520341][ T5831] Bluetooth: hci0: command tx timeout
[  673.848280][ T9968] binder_alloc: binder_alloc_mmap_handler: 9967 200000ffc000-200000ffd000 already mapped failed -16
[  674.324214][ T9978] loop2: detected capacity change from 0 to 1024
[  674.380849][ T9978] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  674.422181][ T9978] hfsplus: failed to load root directory
[  675.349858][ T9978] input: syz1 as /devices/virtual/input/input17
[  675.589260][ T5831] Bluetooth: hci0: command tx timeout
[  675.813374][ T9993] loop7: detected capacity change from 0 to 512
[  675.912907][ T9993] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  676.023620][ T9993] EXT4-fs (loop7): invalid journal inode
[  676.052494][ T9993] EXT4-fs (loop7): can't get journal size
[  676.100472][ T9993] EXT4-fs (loop7): 1 truncate cleaned up
[  676.156762][ T9993] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  676.194839][ T6020] hsr_slave_0: left promiscuous mode
[  676.229449][ T6020] hsr_slave_1: left promiscuous mode
[  676.235764][ T6020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  676.311608][ T9501] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  676.320073][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_0
[  676.328411][ T9501] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  676.337981][ T9501] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  676.348233][ T9501] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  676.422312][ T9501] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  676.563344][ T6020] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  676.672262][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_1
[  676.703309][ T6020] veth1_macvtap: left promiscuous mode
[  677.498235][ T6020] veth0_macvtap: left promiscuous mode
[  677.551057][ T6020] veth1_vlan: left promiscuous mode
[  677.562425][ T6020] veth0_vlan: left promiscuous mode
[  677.669756][ T5831] Bluetooth: hci0: command tx timeout
[  678.489253][ T5831] Bluetooth: hci4: command tx timeout
[  678.891070][T10015] loop2: detected capacity change from 0 to 256
[  678.967145][T10015] loop2: detected capacity change from 0 to 764
[  679.111842][T10015] Symlink component flag not implemented
[  679.117575][T10015] Symlink component flag not implemented
[  680.430805][T10030] netlink: 'syz.3.1076': attribute type 15 has an invalid length.
[  680.557110][ T9501] Bluetooth: hci4: command tx timeout
[  680.717088][ T6020] team0 (unregistering): Port device team_slave_1 removed
[  680.810399][ T6020] team0 (unregistering): Port device team_slave_0 removed
[  681.435288][T10039] loop2: detected capacity change from 0 to 1024
[  681.470450][T10039] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  681.486823][T10039] hfsplus: failed to load root directory
[  681.681762][T10041] input: syz1 as /devices/virtual/input/input18
[  681.929672][T10033] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1077'.
[  682.019150][ T9043] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  682.305944][ T9501] Bluetooth: hci5: command 0x0406 tx timeout
[  682.377432][ T9933] chnl_net:caif_netlink_parms(): no params data found
[  682.423272][T10048] loop7: detected capacity change from 0 to 1024
[  682.487602][T10048] EXT4-fs (loop7): couldn't mount as ext3 due to feature incompatibilities
[  682.626154][ T5831] Bluetooth: hci4: command tx timeout
[  683.410726][ T9933] bridge0: port 1(bridge_slave_0) entered blocking state
[  683.426127][ T9933] bridge0: port 1(bridge_slave_0) entered disabled state
[  683.443741][ T9933] bridge_slave_0: entered allmulticast mode
[  683.479656][ T9933] bridge_slave_0: entered promiscuous mode
[  683.791881][ T9933] bridge0: port 2(bridge_slave_1) entered blocking state
[  683.822097][ T9933] bridge0: port 2(bridge_slave_1) entered disabled state
[  683.838800][ T9933] bridge_slave_1: entered allmulticast mode
[  683.858730][ T9933] bridge_slave_1: entered promiscuous mode
[  683.933651][T10048] loop7: detected capacity change from 0 to 1024
[  684.554953][ T7248] hfsplus: b-tree write err: -5, ino 4
[  684.938708][ T5831] Bluetooth: hci4: command tx timeout
[  685.431432][ T9933] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  685.517388][T10088] netlink: 'syz.0.1088': attribute type 15 has an invalid length.
[  685.571449][ T9933] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  685.584846][T10091] binder_alloc: binder_alloc_mmap_handler: 10089 200000ffc000-200000ffd000 already mapped failed -16
[  685.722744][T10093] loop2: detected capacity change from 0 to 1024
[  686.570549][T10108] loop7: detected capacity change from 0 to 1024
[  686.588580][T10108] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  686.595321][T10108] hfsplus: failed to load root directory
[  687.061101][T10108] input: syz1 as /devices/virtual/input/input19
[  687.105960][ T9933] team0: Port device team_slave_0 added
[  687.144939][ T9933] team0: Port device team_slave_1 added
[  687.151399][T10002] chnl_net:caif_netlink_parms(): no params data found
[  689.498298][ T9933] batman_adv: batadv0: Adding interface: batadv_slave_0
[  689.519729][ T9933] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  689.653186][ T9933] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  689.666494][ T9933] batman_adv: batadv0: Adding interface: batadv_slave_1
[  689.673449][ T9933] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  689.818550][ T9933] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  690.296988][T10002] bridge0: port 1(bridge_slave_0) entered blocking state
[  690.313549][T10002] bridge0: port 1(bridge_slave_0) entered disabled state
[  690.334421][T10002] bridge_slave_0: entered allmulticast mode
[  690.342631][T10002] bridge_slave_0: entered promiscuous mode
[  690.390712][ T9933] hsr_slave_0: entered promiscuous mode
[  690.414349][ T9933] hsr_slave_1: entered promiscuous mode
[  690.421308][ T9933] debugfs: 'hsr0' already exists in 'hsr'
[  690.436986][ T9933] Cannot create hsr debugfs directory
[  690.471343][T10002] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.506216][T10002] bridge0: port 2(bridge_slave_1) entered disabled state
[  690.513477][T10002] bridge_slave_1: entered allmulticast mode
[  690.525074][T10141] netlink: 'syz.3.1102': attribute type 15 has an invalid length.
[  690.586386][T10002] bridge_slave_1: entered promiscuous mode
[  692.266878][T10002] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  692.319295][T10002] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  693.754568][T10169] 9pnet_fd: Insufficient options for proto=fd
[  694.370964][T10167] loop7: detected capacity change from 0 to 1024
[  694.416388][T10167] hfsplus: inconsistency in B*Tree (-1,0,1,1,0)
[  694.422757][T10167] hfsplus: failed to load root directory
[  694.645126][T10177] input: syz1 as /devices/virtual/input/input20
[  694.946660][T10002] team0: Port device team_slave_0 added
[  694.985831][T10002] team0: Port device team_slave_1 added
[  695.285163][T10002] batman_adv: batadv0: Adding interface: batadv_slave_0
[  695.328905][T10002] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  695.589787][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  695.596364][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  695.651855][T10002] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  696.369476][T10002] batman_adv: batadv0: Adding interface: batadv_slave_1
[  696.413639][T10002] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  696.484120][T10002] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  696.716975][T10187] netlink: 'syz.3.1114': attribute type 15 has an invalid length.
[  699.217107][T10002] hsr_slave_0: entered promiscuous mode
[  699.248925][T10002] hsr_slave_1: entered promiscuous mode
[  699.264816][T10002] debugfs: 'hsr0' already exists in 'hsr'
[  699.270571][T10002] Cannot create hsr debugfs directory
[  699.303048][ T6020] bridge_slave_1: left allmulticast mode
[  699.323810][ T6020] bridge_slave_1: left promiscuous mode
[  699.329664][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.428725][ T6020] bridge_slave_0: left allmulticast mode
[  699.473852][ T6020] bridge_slave_0: left promiscuous mode
[  699.503342][ T6020] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.603717][T10197] loop7: detected capacity change from 0 to 1024
[  699.604898][ T6020] bridge_slave_1: left allmulticast mode
[  699.697863][T10197] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  699.711071][ T6020] bridge_slave_1: left promiscuous mode
[  699.773275][ T6020] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.948155][ T6020] bridge_slave_0: left allmulticast mode
[  699.968276][ T6020] bridge_slave_0: left promiscuous mode
[  699.985651][ T6020] bridge0: port 1(bridge_slave_0) entered disabled state
[  700.009486][ T9043] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  703.701149][T10223] netlink: 'syz.0.1127': attribute type 15 has an invalid length.
[  703.742536][T10225] loop7: detected capacity change from 0 to 128
[  703.776577][T10225] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  703.836823][T10225] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  704.063962][ T5961] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  704.095378][ T9043] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  704.244362][ T5961] usb 3-1: Using ep0 maxpacket: 8
[  704.264659][ T5961] usb 3-1: unable to get BOS descriptor or descriptor too short
[  704.285773][ T5961] usb 3-1: config 219 has an invalid interface number: 107 but max is 0
[  704.314134][ T5961] usb 3-1: config 219 has no interface number 0
[  704.334044][ T5961] usb 3-1: config 219 interface 107 has no altsetting 0
[  704.348484][T10234] loop7: detected capacity change from 0 to 256
[  704.361940][ T5961] usb 3-1: New USB device found, idVendor=0451, idProduct=5416, bcdDevice= 1.00
[  704.387235][ T5961] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  704.397571][ T5961] usb 3-1: Product: syz
[  704.402923][ T5961] usb 3-1: Manufacturer: syz
[  704.412875][ T5961] usb 3-1: SerialNumber: syz
[  704.420035][T10234] exFAT-fs (loop7): failed to load upcase table (idx : 0x00011bf5, chksum : 0xdfba1b89, utbl_chksum : 0xe619d30d)
[  704.432650][T10234] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  704.455019][T10234] exFAT-fs (loop7): failed to load alloc-bitmap
[  704.488979][T10234] exFAT-fs (loop7): failed to recognize exfat type
[  704.663407][ T5961] usb-storage 3-1:219.107: USB Mass Storage device detected
[  704.690558][ T6020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  704.708431][ T5961] usb-storage 3-1:219.107: Quirks match for vid 0451 pid 5416: 2
[  704.722462][ T6020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  704.761311][ T6020] bond0 (unregistering): Released all slaves
[  704.914780][ T5961] usb 3-1: USB disconnect, device number 14
[  705.039643][T10238] loop7: detected capacity change from 0 to 512
[  705.055887][T10238] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  705.128760][T10238] FAT-fs (loop7): Invalid FSINFO signature: 0x41000000, 0x61417272 (sector = 1)
[  705.559875][T10240] loop2: detected capacity change from 0 to 128
[  705.567950][T10240] vfat: Unknown parameter 'uni_xl%PB^¯°cwiet'
[  706.904543][ T6020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  706.958228][ T6020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  707.057532][ T6020] bond0 (unregistering): Released all slaves
[  707.519253][T10255] loop7: detected capacity change from 0 to 164
[  708.105250][ T6020] hsr_slave_0: left promiscuous mode
[  708.118779][T10260] netlink: 'syz.0.1140': attribute type 15 has an invalid length.
[  708.138189][ T6020] hsr_slave_1: left promiscuous mode
[  708.195274][ T6020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  708.202690][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_0
[  708.228682][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_1
[  708.296283][ T6020] hsr_slave_0: left promiscuous mode
[  708.311118][ T6020] hsr_slave_1: left promiscuous mode
[  708.329459][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_0
[  709.994902][ T6020] batman_adv: batadv0: Removing interface: batadv_slave_1
[  710.044584][ T9043] VFS: Busy inodes after unmount of loop7 (iso9660)
[  710.045037][ T9043] ------------[ cut here ]------------
[  710.058103][ T9043] kernel BUG at fs/super.c:650!
[  710.077118][ T9043] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  710.083567][ T9043] CPU: 1 UID: 0 PID: 9043 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  710.093048][ T9043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  710.103109][ T9043] RIP: 0010:generic_shutdown_super+0x2e9/0x390
[  710.109293][ T9043] Code: 28 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 9a 00 00 00 48 8b 55 00 48 8d b3 68 06 00 00 48 c7 c7 60 88 9f 8b e8 08 03 64 ff 90 <0f> 0b e8 b0 41 ed ff e9 3c fd ff ff 4c 89 ef e8 a3 41 ed ff e9 d0
[  710.128913][ T9043] RSP: 0018:ffffc90004a9fd88 EFLAGS: 00010282
[  710.135077][ T9043] RAX: 0000000000000031 RBX: ffff88803107e000 RCX: ffffffff819acb09
[  710.143053][ T9043] RDX: 0000000000000000 RSI: ffffffff819b4636 RDI: 0000000000000005
[  710.151032][ T9043] RBP: ffffffff8e703c40 R08: 0000000000000005 R09: 0000000000000000
[  710.159008][ T9043] R10: 0000000080000000 R11: 0000000000000000 R12: ffff88803107e780
[  710.166980][ T9043] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88803083b380
[  710.174959][ T9043] FS:  000055556bd56500(0000) GS:ffff888124ade000(0000) knlGS:0000000000000000
[  710.183896][ T9043] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  710.190485][ T9043] CR2: 00007fff56d96b68 CR3: 00000000356ac000 CR4: 0000000000350ef0
[  710.198462][ T9043] Call Trace:
[  710.201736][ T9043]  <TASK>
[  710.204663][ T9043]  kill_block_super+0x3b/0x90
[  710.209366][ T9043]  deactivate_locked_super+0xc1/0x1a0
[  710.214760][ T9043]  deactivate_super+0xde/0x100
[  710.219545][ T9043]  cleanup_mnt+0x225/0x450
[  710.223991][ T9043]  task_work_run+0x150/0x240
[  710.228594][ T9043]  ? __pfx_task_work_run+0x10/0x10
[  710.233714][ T9043]  ? srso_alias_return_thunk+0x5/0xfbef5
[  710.239369][ T9043]  ? __pfx___x64_sys_umount+0x10/0x10
[  710.244778][ T9043]  exit_to_user_mode_loop+0xec/0x130
[  710.250075][ T9043]  do_syscall_64+0x426/0xfa0
[  710.254687][ T9043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.260600][ T9043] RIP: 0033:0x7f69de7901f7
[  710.265015][ T9043] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  710.284628][ T9043] RSP: 002b:00007ffe6d1d3c88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  710.293058][ T9043] RAX: 0000000000000000 RBX: 00007f69de811d7d RCX: 00007f69de7901f7
[  710.301041][ T9043] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6d1d3d40
[  710.309025][ T9043] RBP: 00007ffe6d1d3d40 R08: 0000000000000000 R09: 0000000000000000
[  710.316997][ T9043] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6d1d4dd0
[  710.324966][ T9043] R13: 00007f69de811d7d R14: 00000000000acedb R15: 00007ffe6d1d4e10
[  710.332955][ T9043]  </TASK>
[  710.335964][ T9043] Modules linked in:
[  710.340675][ T9043] ---[ end trace 0000000000000000 ]---
[  710.364495][ T9043] RIP: 0010:generic_shutdown_super+0x2e9/0x390
[  710.370752][ T9043] Code: 28 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 9a 00 00 00 48 8b 55 00 48 8d b3 68 06 00 00 48 c7 c7 60 88 9f 8b e8 08 03 64 ff 90 <0f> 0b e8 b0 41 ed ff e9 3c fd ff ff 4c 89 ef e8 a3 41 ed ff e9 d0
[  710.400158][ T9043] RSP: 0018:ffffc90004a9fd88 EFLAGS: 00010282
[  710.406346][ T9043] RAX: 0000000000000031 RBX: ffff88803107e000 RCX: ffffffff819acb09
[  710.414779][ T9043] RDX: 0000000000000000 RSI: ffffffff819b4636 RDI: 0000000000000005
[  710.423614][ T9043] RBP: ffffffff8e703c40 R08: 0000000000000005 R09: 0000000000000000
[  710.439033][ T9043] R10: 0000000080000000 R11: 0000000000000000 R12: ffff88803107e780
[  710.448012][ T9043] R13: 0000000000000000 R14: 0000000000000000 R15: ffff88803083b380
[  710.456633][ T9043] FS:  000055556bd56500(0000) GS:ffff8881249de000(0000) knlGS:0000000000000000
[  710.467064][ T9043] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  710.483808][ T9043] CR2: 00007fcaaabb3ad8 CR3: 00000000356ac000 CR4: 0000000000350ef0
[  710.491807][ T9043] Kernel panic - not syncing: Fatal exception
[  710.498108][ T9043] Kernel Offset: disabled
[  710.502426][ T9043] Rebooting in 86400 seconds..