last executing test programs:

4m42.801437559s ago: executing program 3 (id=4):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000100)=0x80000)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r1, r1, r1}, &(0x7f0000001cc0)=""/199, 0xc7, &(0x7f00000000c0)={&(0x7f0000000000)={'sm3\x00'}})
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000180)={0x28, 0x4, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(0xffffffffffffffff, 0x0, 0x0)

4m27.377709117s ago: executing program 32 (id=4):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f0000000100)=0x80000)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r1, r1, r1}, &(0x7f0000001cc0)=""/199, 0xc7, &(0x7f00000000c0)={&(0x7f0000000000)={'sm3\x00'}})
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000180)={0x28, 0x4, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(0xffffffffffffffff, 0x0, 0x0)

4m1.272213494s ago: executing program 0 (id=73):
unshare(0x60600)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2008002, &(0x7f00000000c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1000}}, {@i_version}, {@quota}]}, 0x1, 0x558, &(0x7f0000000c00)="$eJzs3c9vI1cdAPDvTH52d9vsQg9QAbtAYUGrtTfedlX10nIBoaoSouKAOGxD4o3C2nGIndKESKR/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACbZA4GM14kriJw5rEsdn485Fm58ebme979s6852dnXgBj60ZE7ETEdES8GRFzxfakmOLVzpTt92h3e3Fvd3sxiXb7jb8leXq2LbqOyVwuzjkbEV/9UsQ3k+Nxm5tbDxdqtep6sV5u1dfKzc2t2yv1heXqcnW1Urk3f+/OS3dfrAysrNfrP3v/iyuvfe2Xv/j4e7/Z+fx3s2xdKdK6yzFInaJPHcTJTEbEa+cRbAQmivn0iPPB6aQR8aGI+FR+/c/FRP6/EwC4yNrtuWjPda8DABddmveBJWkpItK0aASUOn14z8altNZotm49aGysLnX6yq7GVPpgpVa9c23md9/Od55KsvX5PC1Pz9crR9bvRsS1iPjBzFP5emmxUVsaTZMHAMbe5e76PyL+OZOmpVJfh/b4Vg8AeGLMjjoDAMDQqf8BYPyo/wFg/PRR/xdf9u+ce14AgOHw+R8Axo/6HwDGj/ofAMbKV15/PZvae8Xzr5fe2tx42Hjr9lK1+bBU31gsLTbW10rLjcZy/sye+uPOV2s01uZfiI23y61qs1Vubm7drzc2Vlv38+d6369ODaVUAMB/c+36u79NImLn5afyKbrGclBXw8WWDnAv4MkycZaDNRDgiWa0LxhffVXheSPh1+eeF2A0ej7Me7bn4gf96H8I4ndG8H/l5kf77/83xjNcLHr2YXydrv//lYHnAxi+U/f//2Gw+QCGr91Ojo75P32QBABcSGf4CV/7e4NqhAAj9bjBvAfy/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcMFci4luRpKV8LPA0+zctlSKejoirMZU8WKlV70TEM3E9IqZmsvX5UWcaADij9C9JMf7XzbnnrxxNnU7+NZPPI+I7P37jh28vtFrr89n2vx9sn9kfPqxyeNwZxhUEAPr3p352yuvvSjHv+iD/aHd7cX86xzwe8/4XDgYfXdzb3c6nTspktNvtdsRs3pa49I8kJotjZiPiuYiYGED8nXci4iO9yp/kfSNXi5FPu+NHEfvpocZPPxA/zdM68+zl+/AA8gLj5t3s/vNqr+svjRv5vPf1P5vfoc4uv//NRuzf+/a64k8WkSZ6xM+u+Rv9xnjhV18+trE910l7J+K5yV7xk4P4yQnxn+8z/u8/9onvv3JCWvsnETejd/zuWOVWfa3c3Ny6vVJfWK4uV1crlXvz9+68dPfFSjnvoy7v91Qf99eXbz1zUt6y8l86IX7nnb98pPzTB8d+ps/y//Tfb37jk4erM0fjf+7Tvd//Z/N579c/qxM/22f8hUs/P3H47iz+0gnlf9z7f6vP+O/9eWupz10BgCFobm49XKjVqutnWsg+hQ7iPMcWsiz2t/N+c/FsQf8Y+cLhy5JEEoMuV9YY62fnqfN6Vc99YfKgrTjYM389O+OQi5MOvBSnWYirxcKjYQUd3T0JGI7Di37UOQEAAAAAAAAAAAAAAE4yjL9hGnUZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+EwAA//8GP8IF")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x2)

3m57.458653368s ago: executing program 0 (id=80):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000009)
r2 = socket(0x2, 0x3, 0xff)
r3 = syz_usb_connect(0x5, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f00000000c0)={0x1c, &(0x7f0000000080)={0x40, 0xf, 0x4, "237c1a73"}, 0x0, 0x0, 0x0, 0x0, 0x0})
futex_waitv(&(0x7f0000001c00), 0x0, 0x0, &(0x7f00000024c0), 0x1)
setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000000)=0x97b, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0xc0}, 0x1, 0x0, 0x0, 0x40c0}, 0xc4)
ioctl$TCGETS2(r1, 0x800455c9, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x0)

3m52.804165672s ago: executing program 0 (id=85):
openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000e8ffffffffffff05000000", @ANYRES32=0x1], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})

3m49.769404567s ago: executing program 0 (id=92):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x26, 0x0)

3m45.463612463s ago: executing program 0 (id=96):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x5c}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
getgid()
add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, 0x0)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

3m41.89504688s ago: executing program 0 (id=103):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$inet6(0xa, 0x1, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000005b80)={{{@in=@rand_addr=0x64010101, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x3, 0x0, 0x0, 0x5, 0x1}}, {{@in, 0x0, 0x6c}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xfe}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000001800)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x1, 0x7, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x400, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}})
openat$rtc(0xffffffffffffff9c, 0x0, 0x8040, 0x0)

3m26.371856234s ago: executing program 33 (id=103):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socket$inet6(0xa, 0x1, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000005b80)={{{@in=@rand_addr=0x64010101, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x3, 0x0, 0x0, 0x5, 0x1}}, {{@in, 0x0, 0x6c}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xfe}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000001800)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)
socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={<r8=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x1, 0x7, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x400, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}})
openat$rtc(0xffffffffffffff9c, 0x0, 0x8040, 0x0)

24.495738711s ago: executing program 2 (id=517):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00', 0x40})
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x2, r2})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r2, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
ioctl$FIGETBSZ(r0, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x10000)
close(r1)

18.13097525s ago: executing program 6 (id=531):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
listen(r5, 0x0)
accept4(r5, 0x0, 0x0, 0x0)

14.611349433s ago: executing program 4 (id=537):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
syz_usb_connect(0x2, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000043242108d81301006230010203010902120001000000000904"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x15, 0x7, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @generic={0xde}, @initr0]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xe1, &(0x7f0000000340)=""/225, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

14.429311033s ago: executing program 2 (id=539):
socket(0x10, 0x3, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000100)=ANY=[], 0x1, 0x6a7, &(0x7f00000007c0)="$eJzs3c9vHGf9B/D3rNeON98qX6dNaISKsBKpIEUkTqwUwgWDEMqhQlU5cLYSp7GycSrHRW6FwAUEJyQO/QMKkm+ckLgHhXO59epjJSQuEYeol0UzO2uvvevYjn8GXq9o/DyzzzPPfPYzz8x411ltgP9Zty6n+ThFbl1+e7lcX1udbq+tTp+qm9tJynojaXaLFAtJ8SSZKduLviV95YBP5m+++/nTtS+6a816qfqPPG+7IYb0XamXTNbjTQ7dcnS3u1ipw8srSW7X5WZjux1rU8cyaZfqEo5dZ8DKXjbfy3kLnDC9u1PRvW8OmEhOJxmvfw9IfXVoHF2Eh2NPVzkAAAB4SX328LgjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJdP/f3/Rb006jKTKXrf/z/We6yun0Azu+75+FDjAAAAAAAAAICj8fVneZblnOmtd4rqb/4Xq5Vz+bKT/F8+yKPMZTFXspzZLGUpi7mWZKJvoLHl2aWlxWvrW5aGb3l96JbXj+oZAwAAAAAAAMB/pV+ltfH3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAmKZKRbVMu5usxEGs1stGUl+UeSseOOdw+KYQ8+Pvo4AAAAYF/GX2Cb/3+WZ1nOmd56p6he83+ler08ng+ykKXMZyntzOVO/Rq6fNXfWFudbq+tTj8ol8Fxv/+vPYVRjVi/vzB8zxeqHq3czXz1yJXcroK5k0a1ZS4lF3rxDI/r4zKm4nu1XUbWrNNa7uwP272LcCD2+lbERBlcsp6RqTq2Mhtnuxkoqjdqkq2Z2PHoNLfuKY2Mru/pWhrr7/ycO4Scn67L8vn89lBzvlfrmWikysT13uwrz5nnZyL5xl///NN77YX79+4+unxyntIORrZ5fOucmO7LxOsvdSaae+w/VWXi/Pr6rfwoP8nlTOadLGY+P8tsljKXTt0+W8/n8ufE8zM1s2ntnZ0iGauPS/eY7Samyfywqs3mYrXtmcynyMPcyVzeqv5dz7V8OzdyIzf7jvD5beOunlt11je2nvW9I/23ocFf+mZdaSX5XV0O5GCL7WbnQele+8u8nu3La3fWP13vdbbvPJjqy9KrveyMDh38Ra6Nza/WlXIfv67Lk2GizkR5AvXuEr3oXutmolndiwbn+R875XZpL9xfvDf7/jbjr2xZf7Muy2m1+rXdRjn8UByscr68mvH6SrJ5dpRtr61fZc5uuquO1X9x6bY1BtrOV21F0TtTf5yH1QQYPFPH6t/hBke6XrW9PrRtumq70Ne26fetPEw7d44gfwDs00ROj7X+2fqs9WnrN617rbfHf3DqO6feGMvo30e/25waebPxRvGXfJpfbLz+BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtyjDz+6P9tuzy0OrzS2b9qhstPIWypF/YU+L7SvE1gZT7Lpkep7jo48jNbWMAYqnV8mR56f3pcIDu/z+7LSzG4GnNmpz8fHPhNOemUkwyfAMV+YgEN3denB+1cfffjRt+YfzL43997cwuiNGzenbt54a/rq3fn23FT353FHCRyGjZv+cUcCAAAAAAAAAAAA7NawDwZcfGWnD43s6jMe/mchAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCBuXU7zcYpcm7oyVa6vrU63y6VX3+jZTNJoJMXPk+JJMpPukom+4Yr86Uk6Q/bzyfzNdz9/uvbFxljNbv+kUZf7sFIvmUwyUpcHNd7tfY9X/Lv3DMuEfdnpdGb2Fx8cjP8EAAD//97S9ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.numa_stat\x00', 0x26e1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
write$cgroup_type(r1, &(0x7f0000000080), 0x11ffffce1)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @time}], 0x38)
write$sndseq(0xffffffffffffffff, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @quote={{}, 0xffff}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect={{0x4}}}], 0xc4)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)

14.379319497s ago: executing program 6 (id=540):
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
ppoll(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
getdents(r4, &(0x7f00000000c0)=""/39, 0x27)

12.068917714s ago: executing program 2 (id=542):
socket(0x10, 0x3, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x80800)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
readv(r0, &(0x7f0000000180)=[{&(0x7f0000000400)=""/147, 0x93}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={"e58b0f5f9483b6623103130250df2c17", 0x0, 0x0, {0xfffffffffffffffa, 0xf}, {0x2, 0x9}, 0xf, [0x3ff, 0x5, 0x0, 0x7, 0xc15, 0x7, 0xdca, 0x7470, 0xc8df, 0x5, 0x2, 0x40, 0x8e, 0xff, 0x5, 0x4]})
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$kcm(0x2, 0x200000000000001, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000780)='syscall\x00')
pread64(r3, &(0x7f0000000180)=""/116, 0x74, 0x3)
sendmsg$inet(r2, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x300048c1)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f0000000100), 0x4)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0})
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x33, 0x20, 0x4, 0x3}, &(0x7f0000000240)=0x18)
sendmsg$inet(r2, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

11.622897635s ago: executing program 1 (id=543):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f00000006c0)=""/250, 0xfa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socket$rds(0x15, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0xce9e1000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@datasec={0x4, 0x0, 0x0, 0x91, 0x3, [], '\x00\x00\x00'}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '*'}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x88)
ppoll(&(0x7f0000003840)=[{0xffffffffffffffff, 0x10}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)
bind$inet6(r1, 0x0, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @remote, 0x15, 0x3, 'wrr\x00', 0x1, 0x4, 0x75}, 0x2c)
request_key(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000280)='\',!-{$#^\\/!(%&%{*/\x00', 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e21, 0x3, 'lc\x00', 0xb, 0x323b, 0x3a}, {@rand_addr=0x64010102, 0x4e23, 0x0, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})

11.622472815s ago: executing program 7 (id=544):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x170}}], 0x1, 0x80)
recvmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/150, 0x96}], 0x5}, 0x0)

11.141127432s ago: executing program 6 (id=545):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

10.280223332s ago: executing program 5 (id=546):
flistxattr(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x1, 0xfa, 0x2043}}}, 0x7)
socket$rds(0x15, 0x5, 0x0)
mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8000, &(0x7f0000000100)=0xffffffffffffffff, 0xf8, 0x1)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x2000c12, &(0x7f0000000240)={[{@gid}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@check_relaxed}, {@map_acorn}, {@uid}, {@session={'session', 0x3d, 0x9}}, {@check_strict}, {@map_acorn}, {@block={'block', 0x3d, 0x800}}, {@cruft}, {@unhide}, {@cruft}]}, 0x4, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r0, 0xfffffffffffffffe, 0x29)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @value=r2}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
ppoll(&(0x7f0000003840)=[{0xffffffffffffffff, 0x10}], 0x1, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_triestat\x00')

10.204575058s ago: executing program 4 (id=547):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
mkdirat(r2, &(0x7f0000000080)='./file0\x00', 0x101)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000540)={0x0, 0x3}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x278, &(0x7f0000000200)="$eJzs3c9qE1EUx/HfnaRttKVO/4ggrqoFV9LWjbgpSN/AjStRmwjFUEErqKvqWnwA976CD+DSlbgW3LnyAbKL3DM3ZpJmMnFoOkn6/UBC0rln5tzMnd57ppQIwLl1b+/X59u//cNJFVUk3ZUiSTWpKumyrtReHR4dHDUb9WE7qliEfzglke5Em/3DxqBQH2cRQezfVbWU/hnGo/ZTx2XngPLZ1T9AJC2Eq9O21848s/E474PetdTSay2XnQcAoFxh/o/CPL8U1u9RJG2Gab93/p/yCbRVdgJj9jVne2r+tyqr7fz5vWSbuvWelXB+e9SpEovkMq9kZPUsMF1eVWm5RBeeHjQbt/afN+uR3ms3mOs2W7fnejJ0O9LZvju5640BtekQxfu+aH2Y833YSeefarJ2ukfM57657+6hi/VJ9X/rv2rb+dNkZyruO1NJ/lvZe7RezstaZfRyxQ5yNRwhGNrLijIqEnVG1Ip6bxDEeXla1GpfVNK77ZyotYFROzlR6/1R3dGcHTlu7qN74Db0R1+0l1r/R/7T3tQoV6ZvYy3DyBjan6q1jG0+CVfd8bWBLaOiPUIBH/REd7T88s3bZ4+bzcaLmX3hr8QJSGOiXnQGwaTkM7Mv/IdcytE7807x/ZT2mwlnqHvS/zOQv83MCr/uckn9l6pXtmyx5p/i3nX6Qjq2nbfz1B63M2qDVXu+mF3B9XB262Exu4Ibtea6flO6McoRE3HIc/LsFglye/qhR9z/BwAAAAAAAAAAAAAAAAAAmDan9y8HNWVtKruPAAAAAAAAAAAAAAAAAAAAAABMu4n7/t/7St7x/b/A2P0NAAD//1Bodro=")

10.203637901s ago: executing program 2 (id=548):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3b}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$evdev(&(0x7f0000000040), 0x6, 0x9c200)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x0, @rand_addr=0x64010100}, 0xb}}, 0x26)
sendmmsg$inet(r4, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

10.170910686s ago: executing program 6 (id=549):
syz_io_uring_setup(0x111, 0x0, &(0x7f0000000340)=<r0=>0x0, &(0x7f0000000280))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
fcntl$getflags(0xffffffffffffffff, 0x401)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000040)={0x1, @pix_mp={0x0, 0x0, 0x35315241}})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x15, 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0x23, 0x0, 0x4)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {}, 0x20000, 0x1, {0x0}})
close(r3)

9.827331174s ago: executing program 1 (id=550):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x1)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

9.551530367s ago: executing program 7 (id=551):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0x41, &(0x7f0000000000)={[{@norecovery}]}, 0x0, 0xebb, &(0x7f0000001e40)="$eJzs3UFsHNUZAOA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ6OGHogCMT0gKiGKFHGqOFBxoVRKkVoJVKmKemp7atVbT6gXKlWpFNRLIyWu4rxn7z57uuuxPWvvfp/079s3b3b+f7yRMzOefRuAodVYfjx6dLYI4f3PLz79+gvFb28ue2BljQPLj0XstUIIzbZ+kW3vi7jg+tXzJ9Zri3B4+TH1wzNXVl47GUJYDAfC5dAKn8wvfPXxB08d/PStibvePffSG9u0+yvy/QAAgEF06c8Lf3/kn396bObapf3Hw/jK8nR83or9yXjcfygeKKfj5Ubo7Bdt0W4sW28kRiNbbyRbbzTLM1qSr5ltp1my3liXfCNty9bbTwAAANiN0nltKxSNuY5+ozE3d+u8/6YvpseKuVdOL5w626dCAQAAgMr+c2H5plshhBBCCCGEEEIMcCxN9/sKBAAAADBs8vnC1ljc2pm6VrbW6i3/lScb678etkDd//7l3135P3rTbxwAAKob1KPJtF/pODrNY5DPIziSvW6jx/+NbDujG6yzbF7B3TLfYFmd+c91pyqrf6PvY7+U1Z/Ph7lTldWfz9O5U5XVP15zHVWV1T9Rcx1VldW/p+Y6qiqrf2/NdVRVVv9kzXVUVVb/VM11VFVW/20111FVWf37aq6jqrL6d8tttWX1t2quo6qy+mdqrqOqsvpvr7mOqsrqv6PmOqoqq//Omuvol/tjm34O+7Px9vPn/Jxut5zjAQAAwLD7r/n/hBBCCCGEEEKIgY8L/b4AAQAAAPRd+lxA+tT7UpTGR7qMj3YZb3YZH+syPt5lHAAAAAjhd2+fuue9YvVz/pudDy/NG5XmX9roPEb5fIQbzb/Zec82m3+3zFsGAADAcCm+d/nGo09/+OrMtUv7j7ed/d6I57tpHtAiXhv4LPbTfQFTWb9I59DHO/M0StbLrw/cVra9Zze5owAAADDE0vl7KxSNubbz7lZoNObmVs/HZ0OzOHV64eSh2E/fz/LH6eb4zeVP1Fw3AAAA0LvV8/31z//T9/jOhrFi7pXTC6fO3upPrSxvNtqvC0yvLi/arwu0suWHS5Yfif30/Z0/mN6zvHzuxA8XXtjqnQcAAIAhcfa1cy89v7Bw8kdb+qTYti174okndTzp928mAABgq3355cXmj49M/f7W5/9X579Ln/8/EPutOLffX+IK6T6B9DmANZ/Xf64zz3TZemc612tl643EGM/qnmjbTmibbzC9bqYsX6tzO2Ml+SazfFNZvnyegtFs/ZRvX7Y8n58wrTedLc/nYRzNchRZ/gcDAAAAlJt/9eUz82dfO/f46Zeff/HkiydfOXL42HePHTv0xHeemF++r3++/e5+AAAAYDdavem335UAAAAAAAAAAAAAAAAAAADA8Krj68T6vY8AAAAw7P59IYSwKIQQQgghhjlGdkANQgghtjeWlvJvmgcAAADYXtevnj/R3q6xWGxpvpWttW41N2Le1E49/reZm5FWu/Jk5/WSvVtaDcOu7n//8u+u/B+9ubX5J9KTnn//NTo3cLxa3ofnfznbnv/e0R7z5/v/bLX8B7P8D4fe8i99mOV/rlr+R7L8e3vMv2b/z1TL/2jMPxv7Bx/qNX/n+z8e27Qfe3rM/+1s/18IvebP9r/VY8LMYzE/AAyjRr8L2CbpKCEdR0/GftrfeLgZ8rsfNnr838i2M7rpyju3m46D7o79dLw0leVNNlr/ZLa92yrWmdstd5WU1b9V7+N2K6u/WXMdVZXVP1ZzHVWV1T9ecx1VldU/UXMdVZXV3+t5aL+V1b9briuX1T9Zcx1VldU/VXMdVZXVv9H/x/ulrP59NddRVVn90zXXUVVZ/RUvq9WurP6Zmuuoqqz+22uuo6qy+u+ouY6qyuq/s+Y6+uW+2JadD6fzz+k4lvqtrD++zs9yUK8tAAAAwG7zL/P/CSGEEEIIIYQQAx9LS/2+AkE/be+nmQHYqfz+H27e/+Hm/R9u3n/+n3QPf5H1k5Eu46Ndxptdxsey8fzf63iX8Tuy7S5FafzOLuNf6zK+r8v43V3GZ7uM39Nl/N4u4/d1GQcAAGA43BVb54cAAAAwuF7/1Wfv/Obh567OXLu0/3gYWzPv/KHYH49/W3879vN575Nm/Jv/T2L/F7H9Q2z/ka3v/hMAAADYful7Yvz9HwAAAAZX+p5S5/8AAAAwuGZi6/wfAAAABtftsXX+DwAAAAOsmFh/cWzTdYEHs/Fu8/oBADvf12N7f2z3x/aB2H4jtuk44KHYfrOm+gCArfPz7//02HvF6nz/R7Lx63F5atdYvHWloGh0zuS/J7Z7Y/utHuvJvw+g1/zJvh7zbFf+6U3mBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGR2P58ejR2SKE9z+/+PTPxt75681lD6yscWD5sYi9VgihufK6NLra/3Vc8frV8yfa2xuxLcLhUIRiZXl45spKpskQwmI4EC6HVvhkfuGrjz946uCnb03c9e65l97Yxh9Bx/4BAADAIPpfAAAA///0eRz5")
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)

9.033903351s ago: executing program 2 (id=552):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000940)={{}, 'syz0\x00', 0x40})
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000340)={0x48, 0x2, r2})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r2, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
ioctl$FIGETBSZ(r0, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x10000)
close(r1)

9.030218475s ago: executing program 5 (id=553):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, 0x0, 0x0, 0x8000)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000000300)={0x1, 0xd, 0x5837, 0x6, 0x0, 0x6, 0x5, 0x800, 0x4, 0x7, 0x4, 0x1})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x2f4})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32], 0x10)

8.272394368s ago: executing program 6 (id=554):
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
syz_open_dev$midi(0x0, 0x3, 0xa8cc2)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000140)={0x20, 0x0, 0x405, 0x70bd27, 0x25dfdbfc, {}, [{{0x8, 0x1, r2}, {0x4}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="040101000000000014000300766c616e30000000000000000000000008000a00", @ANYRES32=r4], 0x3c}}, 0x0)

8.084944767s ago: executing program 4 (id=555):
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @desc3}})
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340), &(0x7f0000000280))
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r3, 0x0, 0x0, 0x9, 0x0, [], [0xff, 0x0, 0x39a], [], [0x100000001]})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300))

7.995757313s ago: executing program 1 (id=556):
r0 = socket(0x27, 0x80000, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
getsockname$packet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x7)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000000)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x4, @loopback}, 0x1c)
r6 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r6, 0x0)
ftruncate(r6, 0x51a9497)
sendmmsg(r5, &(0x7f0000000480), 0x2e9, 0x0)

7.713240696s ago: executing program 5 (id=557):
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
ppoll(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x3, 0x0, &(0x7f0000000080))
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
getdents(r4, &(0x7f00000000c0)=""/39, 0x27)

7.57447605s ago: executing program 7 (id=558):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x4)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000000400000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

4.184167859s ago: executing program 1 (id=559):
fchdir(0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x7fffffff)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r2, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r2)

3.845616458s ago: executing program 4 (id=560):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SIGNAL_INFO(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3f2, 0x100, 0x70bd27, 0x25dfdbfc}, 0x10}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)

3.677462434s ago: executing program 5 (id=561):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x10000000)

3.675781901s ago: executing program 7 (id=562):
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
flistxattr(0xffffffffffffffff, &(0x7f00000006c0)=""/250, 0xfa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socket$rds(0x15, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x20051, 0xffffffffffffffff, 0xce9e1000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@datasec={0x4, 0x0, 0x0, 0x91, 0x3, [], '\x00\x00\x00'}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '*'}]}, {0x0, [0x0, 0x0, 0x0, 0x61]}}, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x88)
ppoll(&(0x7f0000003840)=[{0xffffffffffffffff, 0x10}], 0x1, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0)
bind$inet6(r1, 0x0, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @remote, 0x15, 0x3, 'wrr\x00', 0x1, 0x4, 0x75}, 0x2c)
request_key(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000280)='\',!-{$#^\\/!(%&%{*/\x00', 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @broadcast, 0x4e21, 0x3, 'lc\x00', 0xb, 0x323b, 0x3a}, {@rand_addr=0x64010102, 0x4e23, 0x0, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})

3.20788841s ago: executing program 1 (id=563):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000004c0)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000740)="7c220752098d1a03003fb4d50b17b9653538f559e8ca1a63dfa1a8f54135abe90913a7bb3930c14e8d1808268429578d92871b8681b42a7a264d4c578a7c26845616d98fc09729e3d8c0aa68e95af732c067f9dd1d9fdd4ee2008561e5a690de23248e60f4ab6390f520377d0a68cc822a17c773be19ee5b51b2428acd21725b17f5fadc10e18e574983e260010d619f74dd4c30", 0x94}], 0x1, &(0x7f0000000240)=ANY=[], 0x170}}], 0x1, 0x80)
recvmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/150, 0x96}], 0x5}, 0x0)

2.173641244s ago: executing program 2 (id=564):
flistxattr(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socket$rds(0x15, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
request_key(0x0, &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000007c0)=ANY=[], 0x0, 0x1600)

2.039291648s ago: executing program 7 (id=565):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3b}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x6, 0x9c200)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000007940)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x33f}, 0x1, 0x0, 0x0, 0xc0d0}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x0, @rand_addr=0x64010100}, 0xb}}, 0x26)
sendmmsg$inet(r5, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

2.018907042s ago: executing program 4 (id=566):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be", 0x1}], 0x1, &(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000000140000000000000000000000070000"], 0x38}, 0x0)

1.998234066s ago: executing program 5 (id=567):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
io_setup(0x4082, &(0x7f0000000380))
landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x108, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x1f, 0x14, &(0x7f0000000580)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}}, @printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2002, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close(0x3)
r5 = io_uring_setup(0x253c, &(0x7f0000000000)={0x0, 0x0, 0x1000, 0x3, 0x2})
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2f, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
socket(0x80000000000000a, 0x1, 0x0)

1.537342751s ago: executing program 6 (id=568):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x2, 0xb, [{}, {}, {}, {0xfffffffd}, {}, {0x0, 0x1000000}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x1)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x2, 0x6c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)

1.385232545s ago: executing program 1 (id=569):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
socket$inet6(0xa, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0x40186f40, 0x20000502)

268.79577ms ago: executing program 7 (id=570):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, 0x0, 0x0, 0x8000)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r4, 0xc0884113, &(0x7f0000000300)={0x1, 0xd, 0x5837, 0x6, 0x0, 0x6, 0x5, 0x800, 0x4, 0x7, 0x4, 0x1})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x0, 0x0, 0x2f4})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32], 0x10)

165.12217ms ago: executing program 4 (id=571):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x3, 0x5, 0x4, 0x18442, 0xffffffffffffffff, 0xffff8c2a, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x0, 0xa, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x7, &(0x7f00000001c0)=@raw=[@generic={0x9, 0x8, 0x4, 0x9, 0x5}, @generic={0x80, 0x6, 0x4, 0x0, 0x7}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @map_val={0x18, 0xa, 0x2, 0x0, r5, 0x0, 0x0, 0x0, 0x6}, @generic={0xd7, 0x6, 0x9, 0x8, 0x1}, @alu={0x3, 0x1, 0xa, 0x7, 0x3, 0x18, 0x10}], &(0x7f00000002c0)='syzkaller\x00', 0xffffffff, 0x97, &(0x7f00000003c0)=""/151, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000300)={0x2, 0xf, 0x2}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000340), &(0x7f0000000480)=[{0x2, 0x5, 0x3, 0x4}, {0x5, 0x3, 0xd}, {0x3, 0x1, 0xa, 0x9}, {0x4, 0x4, 0x2, 0x8}, {0x0, 0x1, 0xd, 0x8}, {0x3, 0x2, 0xd}], 0x10, 0x9, @void, @value}, 0x94)
connect$can_bcm(r4, &(0x7f00000000c0), 0x10)

0s ago: executing program 5 (id=572):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000001500), 0x0)
mknod(0x0, 0x100, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102384, 0x18ff0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000380)={0x0, 0x0, 0x9, 0x800001, 0x1, [<r2=>0x0], [0x9, 0x0, 0x0, 0x8], [0x5, 0x0, 0x100, 0xd], [0x7fffffffffffffff, 0x0, 0xfffffffffffffffd, 0x4]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={r2})
shutdown(0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x8, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x101000, 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
write$qrtrtun(r3, &(0x7f0000000600), 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1}}, 0x3c)

kernel console output (not intermixed with test programs):

[drm] Initialized udl on minor 2
[  117.874108][  T117] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  117.916846][  T117] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  117.989651][  T117] usb 3-1: USB disconnect, device number 3
[  117.995623][ T5891] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  118.071916][ T5891] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  120.063425][ T6085] loop2: detected capacity change from 0 to 1024
[  120.280462][ T6085] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  120.430437][ T1198] usb 6-1: USB disconnect, device number 2
[  120.939667][ T5829] UDF-fs: warning (device loop2): udf_evict_inode: Inode 861 (mode 100000) has inode size 25769818178 different from extent length 25769818624. Filesystem need not be standards compliant.
[  121.265014][ T5891] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  121.944915][ T5891] usb 6-1: Using ep0 maxpacket: 16
[  122.302070][ T5891] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.343801][ T5891] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.412265][ T5891] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  122.562061][ T5891] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  122.911825][ T5891] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.824128][ T5891] usb 6-1: config 0 descriptor??
[  124.001809][ T5891] usbhid 6-1:0.0: can't add hid device: -71
[  124.007884][ T5891] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  124.107635][ T5891] usb 6-1: USB disconnect, device number 3
[  124.116227][ T5853] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  124.126898][ T5853] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  124.135677][ T5853] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  124.144169][ T5853] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  124.159548][ T5853] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  124.167161][ T5853] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  125.744886][ T6116] netlink: 'syz.0.41': attribute type 10 has an invalid length.
[  126.735422][ T5853] Bluetooth: hci6: command tx timeout
[  126.977494][ T6131] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  127.012254][   T47] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  127.541854][   T47] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.590017][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  127.590041][   T29] audit: type=1326 audit(1737475394.534:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  127.601777][   T47] usb 2-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00
[  127.654255][   T29] audit: type=1326 audit(1737475394.564:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  127.696667][ T6116] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.770890][   T29] audit: type=1326 audit(1737475394.584:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  127.914430][ T6136] loop4: detected capacity change from 0 to 1024
[  127.947952][   T29] audit: type=1326 audit(1737475394.584:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  128.821888][ T5853] Bluetooth: hci6: command tx timeout
[  128.912571][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.000186][   T47] usb 2-1: config 0 descriptor??
[  129.010603][   T29] audit: type=1326 audit(1737475394.584:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.011141][   T47] usb 2-1: can't set config #0, error -71
[  129.070783][ T6136] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.074860][   T47] usb 2-1: USB disconnect, device number 2
[  129.098864][ T6145] loop5: detected capacity change from 0 to 512
[  129.184067][   T29] audit: type=1326 audit(1737475394.584:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.370430][   T29] audit: type=1326 audit(1737475394.584:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.392985][   T29] audit: type=1326 audit(1737475394.584:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.415311][   T29] audit: type=1326 audit(1737475394.594:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.437594][   T29] audit: type=1326 audit(1737475394.594:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6133 comm="syz.2.46" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  129.481051][ T6145] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.643584][ T6145] ext4 filesystem being mounted at /5/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.734943][ T6156] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  129.750546][ T6156] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  129.763487][ T6156] EXT4-fs (loop4): This should not happen!! Data will be lost
[  129.763487][ T6156] 
[  129.773873][ T6156] EXT4-fs (loop4): Total free blocks count 0
[  129.779959][ T6156] EXT4-fs (loop4): Free/Dirty block details
[  129.786041][ T6156] EXT4-fs (loop4): free_blocks=68451041280
[  129.792080][ T6156] EXT4-fs (loop4): dirty_blocks=16
[  129.797284][ T6156] EXT4-fs (loop4): Block reservation details
[  129.803496][ T6156] EXT4-fs (loop4): i_reserved_data_blocks=1
[  130.903223][ T5853] Bluetooth: hci6: command tx timeout
[  131.460809][ T3003] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 65 with error 28
[  131.504893][ T6145] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #2: comm syz.5.51: corrupted inode contents
[  131.537163][ T6145] EXT4-fs error (device loop5): ext4_dirty_inode:6042: inode #2: comm syz.5.51: mark_inode_dirty error
[  131.558774][ T6145] EXT4-fs error (device loop5): ext4_do_update_inode:5154: inode #2: comm syz.5.51: corrupted inode contents
[  131.627223][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.682080][ T6145] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #2: comm syz.5.51: mark_inode_dirty error
[  131.791312][ T6145] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #2: block 3: comm syz.5.51: lblock 8 mapped to illegal pblock 3 (length 26)
[  132.115641][ T6160] ipvlan2: entered promiscuous mode
[  133.002025][ T5853] Bluetooth: hci6: command tx timeout
[  133.009036][ T6167] loop1: detected capacity change from 0 to 128
[  133.068738][ T6167] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  133.094370][ T6167] EXT4-fs (loop1): group descriptors corrupted!
[  133.104767][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.506064][ T6167] loop1: detected capacity change from 0 to 32768
[  133.632791][ T6171] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  133.656799][ T6167] JBD2: Ignoring recovery information on journal
[  133.667960][ T6167] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  133.676561][ T6167] JBD2: bad block at offset 64
[  133.699072][ T6167] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  133.724415][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.468518][   T29] kauditd_printk_skb: 35 callbacks suppressed
[  134.468543][   T29] audit: type=1804 audit(1737475401.414:61): pid=6178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.54" name="/newroot/14/file1/bus" dev="loop1" ino=16946 res=1 errno=0
[  135.922636][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.134759][ T5830] ocfs2: Unmounting device (7,1) on (node local)
[  136.216972][ T6111] chnl_net:caif_netlink_parms(): no params data found
[  137.598892][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  137.605831][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  137.806369][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.009201][ T6209] loop5: detected capacity change from 0 to 2048
[  141.031161][ T6111] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.047719][ T6209] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.065695][ T6209] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.088418][ T6111] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.099306][ T6214] loop4: detected capacity change from 0 to 2048
[  141.151931][ T6214] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  141.243663][ T6111] bridge_slave_0: entered allmulticast mode
[  141.281905][ T6111] bridge_slave_0: entered promiscuous mode
[  141.364689][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.553795][ T6221] hub 2-0:1.0: USB hub found
[  141.559558][ T6221] hub 2-0:1.0: 1 port detected
[  142.475043][ T6111] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.500804][ T6111] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.544818][ T6111] bridge_slave_1: entered allmulticast mode
[  142.586735][ T6111] bridge_slave_1: entered promiscuous mode
[  144.039551][ T6223] loop1: detected capacity change from 0 to 4096
[  144.382500][ T6223] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  144.723745][ T6238] loop0: detected capacity change from 0 to 1024
[  144.978648][ T6223] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  145.003356][   T12] bridge_slave_1: left allmulticast mode
[  145.009271][   T12] bridge_slave_1: left promiscuous mode
[  145.025028][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.193068][   T12] bridge_slave_0: left allmulticast mode
[  145.231821][   T12] bridge_slave_0: left promiscuous mode
[  145.283139][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.938171][ T5830] ntfs3(loop1): ino=1a, ntfs_sync_fs failed, -22.
[  145.988789][   T63] hfsplus: b-tree write err: -5, ino 4
[  146.970431][ T6251] loop0: detected capacity change from 0 to 512
[  146.996297][ T6247] loop5: detected capacity change from 0 to 2048
[  147.021245][ T6251] EXT4-fs: Ignoring removed i_version option
[  147.132677][ T6251] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.172889][ T6259] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  147.197324][ T6251] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  147.480052][ T6251] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.73: corrupted inode contents
[  149.441311][ T6251] EXT4-fs error (device loop0): ext4_dirty_inode:6042: inode #2: comm syz.0.73: mark_inode_dirty error
[  149.515904][ T6251] EXT4-fs error (device loop0): ext4_do_update_inode:5154: inode #2: comm syz.0.73: corrupted inode contents
[  149.583913][ T6251] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #2: comm syz.0.73: mark_inode_dirty error
[  149.729936][ T6251] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.087765][ T5993] Bluetooth: hci3: Frame reassembly failed (-84)
[  151.642429][   T47] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  152.131811][ T5837] Bluetooth: hci3: command 0xfc11 tx timeout
[  152.138684][ T5853] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  152.174442][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  152.199716][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  152.419534][   T12] bond0 (unregistering): Released all slaves
[  152.442070][   T47] usb 1-1: Using ep0 maxpacket: 16
[  152.511968][   T47] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  152.525636][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.580871][   T47] usb 1-1: Product: syz
[  152.605260][   T47] usb 1-1: Manufacturer: syz
[  152.635233][   T47] usb 1-1: SerialNumber: syz
[  152.681135][   T47] r8152-cfgselector 1-1: Unknown version 0x0000
[  152.740622][   T47] r8152-cfgselector 1-1: config 0 descriptor??
[  152.851262][ T6111] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  153.203810][ T6250] 8021q: adding VLAN 0 to HW filter on device batadv1
[  153.232646][ T6250] team0: Device batadv1 is up. Set it down before adding it as a team port
[  153.436625][   T47] r8152-cfgselector 1-1: Unknown version 0x0000
[  153.443138][   T47] r8152-cfgselector 1-1: bad CDC descriptors
[  153.510454][   T47] r8152-cfgselector 1-1: USB disconnect, device number 2
[  154.534215][ T6111] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.519709][ T6294] loop1: detected capacity change from 0 to 512
[  155.598196][ T6294] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  157.141412][ T6299] tty tty23: ldisc open failed (-12), clearing slot 22
[  157.149068][ T6300] tty tty23: ldisc open failed (-12), clearing slot 22
[  157.159049][ T6301] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  157.204881][ T6111] team0: Port device team_slave_0 added
[  157.502534][ T6111] team0: Port device team_slave_1 added
[  160.195525][ T6322] loop5: detected capacity change from 0 to 1764
[  161.510505][ T6330] input: syz0 as /devices/virtual/input/input5
[  162.355447][ T6325] netlink: 12 bytes leftover after parsing attributes in process `syz.2.89'.
[  163.345018][ T6111] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.437615][ T6111] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.994222][ T6111] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  164.852541][ T6111] batman_adv: batadv0: Adding interface: batadv_slave_1
[  164.861708][ T6111] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  164.991726][ T6111] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  166.027099][    T9] IPVS: starting estimator thread 0...
[  166.088633][   T12] hsr_slave_0: left promiscuous mode
[  166.187697][ T6365] IPVS: using max 17 ests per chain, 40800 per kthread
[  166.769714][   T12] hsr_slave_1: left promiscuous mode
[  167.011108][ T6358] fuse: Bad value for 'fd'
[  167.019321][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.033557][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  167.639744][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.691918][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  167.816942][   T12] veth1_macvtap: left promiscuous mode
[  167.842090][   T12] veth0_macvtap: left promiscuous mode
[  167.847747][   T12] veth1_vlan: left promiscuous mode
[  167.853755][ T6371] loop4: detected capacity change from 0 to 8192
[  167.884474][   T12] veth0_vlan: left promiscuous mode
[  168.252120][ T6371] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  171.091865][ T6387] overlay: Unknown parameter '/'
[  177.230412][  T117] IPVS: starting estimator thread 0...
[  177.764457][ T6439] loop2: detected capacity change from 0 to 512
[  177.776364][ T6439] EXT4-fs: Ignoring removed orlov option
[  177.782939][ T6439] ext4: Unknown parameter 'debug.subj_type'
[  178.633927][ T6433] IPVS: using max 15 ests per chain, 36000 per kthread
[  178.887774][   T12] team0 (unregistering): Port device team_slave_1 removed
[  179.393577][   T12] team0 (unregistering): Port device team_slave_0 removed
[  182.503396][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  182.537056][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  182.545705][ T5837] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  182.569190][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  182.577269][ T5841] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  182.591985][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  182.601167][ T5841] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  182.602335][ T6466] netlink: 12 bytes leftover after parsing attributes in process `syz.4.127'.
[  182.619791][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  182.647480][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  182.656657][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  182.674805][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  182.692565][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  182.831814][ T5891] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  183.033372][ T5891] usb 3-1: Using ep0 maxpacket: 8
[  183.075731][ T5891] usb 3-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  183.091683][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.122605][ T5891] usb 3-1: Product: syz
[  183.141779][ T5891] usb 3-1: Manufacturer: syz
[  183.170289][ T5891] usb 3-1: SerialNumber: syz
[  183.187486][ T5891] usb 3-1: config 0 descriptor??
[  183.203264][ T5891] gspca_main: se401-2.14.0 probing 047d:5003
[  183.261804][ T6470] loop5: detected capacity change from 0 to 2048
[  183.410958][ T6471] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  183.623687][ T5891] gspca_se401: Bayer format not supported!
[  183.627829][ T6474] loop1: detected capacity change from 0 to 16
[  183.697952][ T6474] erofs (device loop1): mounted with root inode @ nid 36.
[  183.725192][ T6479] fuse: Bad value for 'fd'
[  183.861467][   T47] usb 3-1: USB disconnect, device number 4
[  184.324250][ T6488] syz.1.130: attempt to access beyond end of device
[  184.324250][ T6488] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  184.363375][ T6488] syz.1.130: attempt to access beyond end of device
[  184.363375][ T6488] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  184.395117][ T6488] syz.1.130: attempt to access beyond end of device
[  184.395117][ T6488] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[  184.862523][ T5840] Bluetooth: hci3: command tx timeout
[  184.868453][ T5840] Bluetooth: hci4: command tx timeout
[  186.903087][ T5840] Bluetooth: hci3: command tx timeout
[  186.910163][ T5837] Bluetooth: hci4: command tx timeout
[  187.426679][ T6465] chnl_net:caif_netlink_parms(): no params data found
[  188.981939][ T5840] Bluetooth: hci3: command tx timeout
[  188.994873][ T5837] Bluetooth: hci4: command tx timeout
[  189.778346][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.082038][ T5837] Bluetooth: hci4: command tx timeout
[  191.082161][ T5840] Bluetooth: hci3: command tx timeout
[  192.783102][ T6462] chnl_net:caif_netlink_parms(): no params data found
[  193.563188][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.667542][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.852336][ T6564] netlink: 12 bytes leftover after parsing attributes in process `syz.5.153'.
[  196.023281][ T6465] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.233141][ T6465] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.279444][ T6465] bridge_slave_0: entered allmulticast mode
[  196.451950][ T6465] bridge_slave_0: entered promiscuous mode
[  196.886768][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  197.130920][ T6465] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.161419][ T6465] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.235436][ T6465] bridge_slave_1: entered allmulticast mode
[  197.285956][ T6465] bridge_slave_1: entered promiscuous mode
[  197.930661][ T6577] loop5: detected capacity change from 0 to 1024
[  198.496658][ T6462] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.563911][ T6462] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.661919][ T6462] bridge_slave_0: entered allmulticast mode
[  198.668899][ T6577] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.749473][ T6462] bridge_slave_0: entered promiscuous mode
[  198.983727][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  198.993196][ T6465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.136987][ T6465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.454846][ T6592] sctp: failed to load transform for md5: -2
[  199.822067][   T29] audit: type=1800 audit(1737475466.634:62): pid=6594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.156" name="file1" dev="loop5" ino=15 res=0 errno=0
[  199.879883][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.937254][ T6462] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.001874][ T6462] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.010321][ T6462] bridge_slave_1: entered allmulticast mode
[  200.019424][ T6602] loop1: detected capacity change from 0 to 2048
[  200.069419][ T6462] bridge_slave_1: entered promiscuous mode
[  200.687200][ T6602] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.705818][ T6602] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.859600][ T6616] loop5: detected capacity change from 0 to 512
[  200.883303][ T6602] fs-verity: sha512 using implementation "sha512-avx2"
[  200.949156][ T6616] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  200.985577][ T6616] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.995858][ T6462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.475524][ T6621] loop4: detected capacity change from 0 to 1024
[  201.490161][ T6465] team0: Port device team_slave_0 added
[  201.522939][ T6462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.526839][ T6621] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  202.179996][ T6465] team0: Port device team_slave_1 added
[  202.199384][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.595113][ T6462] team0: Port device team_slave_0 added
[  203.636837][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  203.698624][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.715992][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.061807][ T6465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.190279][   T12] bridge_slave_1: left allmulticast mode
[  204.284375][   T12] bridge_slave_1: left promiscuous mode
[  204.376013][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.478404][   T12] bridge_slave_0: left allmulticast mode
[  204.491780][   T12] bridge_slave_0: left promiscuous mode
[  204.502197][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.528253][ T6654] loop5: detected capacity change from 0 to 1024
[  204.579329][   T12] bridge_slave_1: left allmulticast mode
[  204.595447][   T12] bridge_slave_1: left promiscuous mode
[  204.621817][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.674401][   T12] bridge_slave_0: left allmulticast mode
[  204.692662][   T12] bridge_slave_0: left promiscuous mode
[  204.735194][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.744638][ T6654] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.594220][ T6665] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  206.807112][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.439762][ T6680] loop5: detected capacity change from 0 to 1024
[  208.213037][ T6680] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  209.469003][ T6688] netlink: 8 bytes leftover after parsing attributes in process `syz.5.184'.
[  209.503371][ T6688] netlink: 12 bytes leftover after parsing attributes in process `syz.5.184'.
[  209.760405][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.572425][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.656605][   T12] bond0 (unregistering): Released all slaves
[  211.182373][ T6704] netlink: 48 bytes leftover after parsing attributes in process `syz.1.189'.
[  211.192067][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  211.200796][ T6704] netlink: 48 bytes leftover after parsing attributes in process `syz.1.189'.
[  211.272449][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  211.325215][   T12] bond0 (unregistering): Released all slaves
[  211.365592][ T6462] team0: Port device team_slave_1 added
[  211.386538][ T6706] loop2: detected capacity change from 0 to 1024
[  211.436782][ T6706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.489684][ T6465] batman_adv: batadv0: Adding interface: batadv_slave_1
[  211.502071][ T6465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  211.619916][ T6465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  212.687787][ T6465] hsr_slave_0: entered promiscuous mode
[  212.713448][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.734517][ T6465] hsr_slave_1: entered promiscuous mode
[  213.980166][ T6465] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  214.058660][ T6465] Cannot create hsr debugfs directory
[  214.112059][ T6462] batman_adv: batadv0: Adding interface: batadv_slave_0
[  214.170142][ T6462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.170192][ T6462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  214.320230][ T6462] batman_adv: batadv0: Adding interface: batadv_slave_1
[  214.369654][ T6462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  214.594307][ T6462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  215.906375][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.982918][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.146083][ T6736] loop4: detected capacity change from 0 to 2048
[  216.162777][   T12] hsr_slave_0: left promiscuous mode
[  216.209664][   T12] hsr_slave_1: left promiscuous mode
[  216.268998][ T6736] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.381908][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.455213][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.519811][ T5138] Bluetooth: hci1: command 0x0406 tx timeout
[  216.526922][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  216.536610][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[  216.542897][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  216.844158][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.942481][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.951718][ T6750] fuse: Bad value for 'fd'
[  217.285181][   T12] veth1_macvtap: left promiscuous mode
[  217.290759][   T12] veth0_macvtap: left promiscuous mode
[  217.571986][   T12] veth1_vlan: left promiscuous mode
[  217.577834][   T12] veth0_vlan: left promiscuous mode
[  218.592392][ T6766] loop2: detected capacity change from 0 to 1024
[  218.655622][ T6769] loop4: detected capacity change from 0 to 128
[  218.678339][ T6766] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.068573][ T6773] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  219.078109][ T6774] loop1: detected capacity change from 0 to 40427
[  219.093937][ T6774] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  219.101898][ T6774] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  219.130015][ T6774] F2FS-fs (loop1): invalid crc value
[  219.198782][ T6778] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  219.211252][ T6778] EXT4-fs (loop2): This should not happen!! Data will be lost
[  219.211252][ T6778] 
[  219.221119][ T6778] EXT4-fs (loop2): Total free blocks count 0
[  219.227297][ T6778] EXT4-fs (loop2): Free/Dirty block details
[  219.233372][ T6778] EXT4-fs (loop2): free_blocks=68451041280
[  219.239272][ T6778] EXT4-fs (loop2): dirty_blocks=16
[  219.244530][ T6778] EXT4-fs (loop2): Block reservation details
[  219.250636][ T6778] EXT4-fs (loop2): i_reserved_data_blocks=1
[  219.308346][ T6774] F2FS-fs (loop1): Found nat_bits in checkpoint
[  219.500955][ T6774] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  219.508423][ T6774] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  219.702162][ T6769] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  219.833483][ T6769] EXT4-fs (loop4): group descriptors corrupted!
[  219.870700][ T6781] syz.1.206: attempt to access beyond end of device
[  219.870700][ T6781] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  219.903021][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.117960][   T12] team0 (unregistering): Port device team_slave_1 removed
[  220.160721][   T12] team0 (unregistering): Port device team_slave_0 removed
[  221.214918][ T6788] loop1: detected capacity change from 0 to 1024
[  221.339421][ T6788] hfsplus: xattr searching failed
[  221.348577][ T6769] loop4: detected capacity change from 0 to 32768
[  221.393973][   T12] team0 (unregistering): Port device team_slave_1 removed
[  221.424566][ T6792] hfsplus: xattr searching failed
[  221.532982][ T6769] JBD2: Ignoring recovery information on journal
[  221.558003][ T6769] jbd2_journal_bmap: journal block not found at offset 64 on loop4-27
[  221.619544][ T6769] JBD2: bad block at offset 64
[  221.633550][   T12] team0 (unregistering): Port device team_slave_0 removed
[  221.659996][ T6769] JBD2: journal reset failed
[  221.733499][ T6769] (syz.4.203,6769,0):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  221.772416][ T6769] (syz.4.203,6769,0):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[  223.212407][ T6808] fuse: Bad value for 'fd'
[  223.605136][ T6809] loop4: detected capacity change from 0 to 2048
[  223.714242][ T6809] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  223.762180][ T6462] hsr_slave_0: entered promiscuous mode
[  223.802720][ T6462] hsr_slave_1: entered promiscuous mode
[  223.804499][ T6811] loop2: detected capacity change from 0 to 128
[  223.817033][ T6462] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  223.825353][ T6811] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  223.835029][ T6462] Cannot create hsr debugfs directory
[  223.894418][ T6811] EXT4-fs (loop2): group descriptors corrupted!
[  224.259000][ T6811] loop2: detected capacity change from 0 to 32768
[  224.331715][ T6811] JBD2: Ignoring recovery information on journal
[  224.342281][ T6811] jbd2_journal_bmap: journal block not found at offset 64 on loop2-27
[  224.350561][ T6811] JBD2: bad block at offset 64
[  224.360381][ T6811] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  224.481165][   T29] audit: type=1804 audit(1737475491.424:63): pid=6814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.216" name="/newroot/61/file1/bus" dev="loop2" ino=16946 res=1 errno=0
[  225.064182][   T35] hfsplus: b-tree write err: -5, ino 3
[  225.083755][ T5829] ocfs2: Unmounting device (7,2) on (node local)
[  226.171129][ T6833] loop1: detected capacity change from 0 to 128
[  226.189774][ T6829] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  226.213013][ T6833] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  226.238092][ T6833] EXT4-fs (loop1): group descriptors corrupted!
[  226.460500][ T6465] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  226.873984][ T6465] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  227.294464][ T6465] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  227.597524][ T6465] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  228.723104][ T6462] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  228.772586][ T6462] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  228.834958][ T6850] loop5: detected capacity change from 0 to 2048
[  228.869709][ T6850] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  228.874699][ T6462] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  228.916620][ T6462] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  229.039017][ T6833] loop1: detected capacity change from 0 to 32768
[  229.104131][ T6833] JBD2: Ignoring recovery information on journal
[  229.114035][ T6833] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  229.151351][ T6855] loop4: detected capacity change from 0 to 128
[  229.159421][ T6833] JBD2: bad block at offset 64
[  229.166998][ T6855] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  229.178803][ T6855] EXT4-fs (loop4): group descriptors corrupted!
[  229.185716][ T6833] JBD2: journal reset failed
[  229.191265][ T6833] (syz.1.223,6833,1):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  229.202760][ T6833] (syz.1.223,6833,0):ocfs2_check_volume:2428 ERROR: ocfs2 journal load failed! -4
[  229.409773][ T6465] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.568112][ T6855] loop4: detected capacity change from 0 to 32768
[  229.626121][ T6855] JBD2: Ignoring recovery information on journal
[  229.636357][ T6855] jbd2_journal_bmap: journal block not found at offset 64 on loop4-27
[  229.644715][ T6855] JBD2: bad block at offset 64
[  229.656072][ T6855] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  229.708358][ T6462] 8021q: adding VLAN 0 to HW filter on device bond0
[  229.815853][ T6863] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  229.824014][ T6863] F2FS-fs (loop11): Can't find valid F2FS filesystem in 1th superblock
[  229.833024][ T6863] F2FS-fs (loop11): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  229.840950][ T6863] F2FS-fs (loop11): Can't find valid F2FS filesystem in 2th superblock
[  230.241344][ T6462] 8021q: adding VLAN 0 to HW filter on device team0
[  230.326475][ T6465] 8021q: adding VLAN 0 to HW filter on device team0
[  230.539809][ T2958] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.547230][ T2958] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.627929][ T2958] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.635299][ T2958] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.740631][ T2958] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.747974][ T2958] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.812876][ T2958] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.820238][ T2958] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.178500][ T5834] ocfs2: Unmounting device (7,4) on (node local)
[  231.219947][ T6465] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  231.274304][ T6465] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  231.816299][ T6873] loop1: detected capacity change from 0 to 1024
[  232.151690][ T6873] hfsplus: xattr searching failed
[  232.222784][ T6883] hfsplus: xattr searching failed
[  232.455713][ T6892] loop4: detected capacity change from 0 to 512
[  232.496370][ T6892] EXT4-fs: Ignoring removed i_version option
[  232.541814][ T6892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.547506][ T6462] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.568003][ T6465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.570512][ T6892] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  232.649938][ T6892] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.235: corrupted inode contents
[  232.664598][ T6892] EXT4-fs error (device loop4): ext4_dirty_inode:6042: inode #2: comm syz.4.235: mark_inode_dirty error
[  232.679128][ T6892] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.235: corrupted inode contents
[  232.704804][ T6892] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.235: mark_inode_dirty error
[  233.624800][ T5834] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.859932][ T6465] veth0_vlan: entered promiscuous mode
[  237.951011][ T6465] veth1_vlan: entered promiscuous mode
[  238.194557][ T6462] veth0_vlan: entered promiscuous mode
[  238.250840][ T6465] veth0_macvtap: entered promiscuous mode
[  238.306128][ T6462] veth1_vlan: entered promiscuous mode
[  238.338345][ T6465] veth1_macvtap: entered promiscuous mode
[  238.434160][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.469780][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.500093][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.541549][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.576341][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.605913][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.639594][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.678051][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.721314][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.869653][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.907553][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.949791][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.989410][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.025058][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.048736][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.077892][ T6465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.124742][ T6465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.164731][ T6465] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.218580][ T6462] veth0_macvtap: entered promiscuous mode
[  239.269897][ T6465] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.290637][ T6465] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.322942][ T6465] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.348566][ T6465] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.388807][ T6462] veth1_macvtap: entered promiscuous mode
[  239.396021][ T6961] loop4: detected capacity change from 0 to 1024
[  239.417138][ T6961] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  239.559873][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.638437][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.664517][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.697788][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.727172][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.761698][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.771598][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.800650][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.017572][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  240.801764][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  240.843202][ T6462] batman_adv: batadv0: Interface activated: batadv_slave_0
[  240.908060][ T5992] hfsplus: b-tree write err: -5, ino 3
[  241.022919][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  241.122789][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.158240][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  241.169833][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.179841][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  241.190342][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.200208][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  241.218992][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.229270][ T6462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  241.257937][ T6462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.282868][ T6462] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.372260][ T6994] loop5: detected capacity change from 0 to 512
[  242.431402][ T6994] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  242.521679][ T6994] EXT4-fs (loop5): invalid journal inode
[  242.527471][ T6994] EXT4-fs (loop5): can't get journal size
[  242.823707][ T6994] EXT4-fs (loop5): 1 truncate cleaned up
[  242.830525][ T6994] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.849953][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.180069][ T7018] loop2: detected capacity change from 0 to 512
[  245.542443][ T7018] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  246.092108][ T7018] EXT4-fs (loop2): invalid journal inode
[  246.116154][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  246.127361][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  246.136003][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  246.144175][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  246.153212][ T5841] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  246.157039][ T7018] EXT4-fs (loop2): can't get journal size
[  246.179272][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  246.236331][ T7018] EXT4-fs (loop2): 1 truncate cleaned up
[  246.253154][ T7018] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.424160][ T6409] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.679792][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.754359][ T5837] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  247.763686][ T5837] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  247.775181][ T5837] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  247.786499][ T5837] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  247.794879][ T5837] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  247.802448][ T5837] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  247.878622][ T6409] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.901527][ T7047] 9pnet_fd: Insufficient options for proto=fd
[  248.272220][ T5841] Bluetooth: hci3: command tx timeout
[  249.657936][ T6409] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.861886][ T5841] Bluetooth: hci4: command tx timeout
[  249.975495][ T7065] loop1: detected capacity change from 0 to 32768
[  250.113727][ T7065] JBD2: Ignoring recovery information on journal
[  250.123333][ T7065] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  250.132143][ T7065] JBD2: bad block at offset 64
[  250.354059][ T5841] Bluetooth: hci3: command tx timeout
[  250.466524][ T7065] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  250.812290][ T6409] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.003595][ T5841] Bluetooth: hci4: command tx timeout
[  252.155113][ T5830] ocfs2: Unmounting device (7,1) on (node local)
[  252.456876][ T5841] Bluetooth: hci3: command tx timeout
[  252.957897][ T7025] chnl_net:caif_netlink_parms(): no params data found
[  254.026064][ T5841] Bluetooth: hci4: command tx timeout
[  254.039357][ T6409] bridge_slave_1: left allmulticast mode
[  254.093339][ T6409] bridge_slave_1: left promiscuous mode
[  254.123254][ T6409] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.165370][ T6409] bridge_slave_0: left allmulticast mode
[  254.179388][ T6409] bridge_slave_0: left promiscuous mode
[  254.206399][ T6409] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.395875][ T7114] 9pnet_fd: Insufficient options for proto=fd
[  254.503570][ T5841] Bluetooth: hci3: command tx timeout
[  255.378367][ T7126] loop6: detected capacity change from 0 to 524287999
[  256.111903][ T5841] Bluetooth: hci4: command tx timeout
[  256.525093][ T7146] fuse: Bad value for 'fd'
[  257.505580][ T6409] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.680503][ T6409] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.714466][ T6409] bond0 (unregistering): Released all slaves
[  257.954518][ T7151] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  258.576742][ T7102] ip6tnl1: entered allmulticast mode
[  258.656129][ T7107] Zero length message leads to an empty skb
[  258.872252][ T5898] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  258.937923][ T7025] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.958268][ T7025] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.978654][ T7025] bridge_slave_0: entered allmulticast mode
[  258.996441][ T7025] bridge_slave_0: entered promiscuous mode
[  259.012128][ T7166] 9pnet_fd: Insufficient options for proto=fd
[  259.048763][ T6409] hsr_slave_0: left promiscuous mode
[  259.061982][ T5898] usb 6-1: Using ep0 maxpacket: 8
[  259.078601][ T5898] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  259.089828][ T6409] hsr_slave_1: left promiscuous mode
[  259.102559][ T5898] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  259.121797][ T5898] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  259.136178][ T6409] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.145059][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.161932][ T5898] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  259.176750][ T6409] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.192512][ T5898] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  259.202150][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.226299][ T5898] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.256123][ T6409] veth1_macvtap: left promiscuous mode
[  259.265759][ T6409] veth0_macvtap: left promiscuous mode
[  259.271411][ T6409] veth1_vlan: left promiscuous mode
[  259.280118][ T6409] veth0_vlan: left promiscuous mode
[  259.495652][ T5898] usb 6-1: GET_CAPABILITIES returned 0
[  259.583300][ T5898] usbtmc 6-1:16.0: can't read capabilities
[  260.439316][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  260.570781][ T5898] usb 6-1: USB disconnect, device number 4
[  263.342680][ T7192] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  264.044575][ T6409] team0 (unregistering): Port device team_slave_1 removed
[  264.224437][ T6409] team0 (unregistering): Port device team_slave_0 removed
[  267.228858][ T7215] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  269.945959][ T7229] input: syz0 as /devices/virtual/input/input9
[  271.343274][ T7236] loop6: detected capacity change from 0 to 524287999
[  271.407079][ T7232] loop5: detected capacity change from 0 to 8192
[  271.476142][ T7232] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  272.237331][ T7250] loop1: detected capacity change from 0 to 1024
[  272.675822][ T7250] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  273.095950][ T7025] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.546831][ T7025] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.375906][ T7025] bridge_slave_1: entered allmulticast mode
[  274.389805][ T7258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  274.571897][ T7025] bridge_slave_1: entered promiscuous mode
[  275.145319][ T7260] loop1: detected capacity change from 0 to 128
[  275.159735][ T7260] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  275.170197][ T7260] EXT4-fs (loop1): group descriptors corrupted!
[  275.510962][ T7260] loop1: detected capacity change from 0 to 32768
[  275.600687][ T7260] JBD2: Ignoring recovery information on journal
[  275.609969][ T7260] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  275.618198][ T7260] JBD2: bad block at offset 64
[  275.646730][ T7043] chnl_net:caif_netlink_parms(): no params data found
[  275.720629][ T7260] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  276.250356][ T7025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.253619][   T29] audit: type=1804 audit(1737475543.174:64): pid=7267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.326" name="/newroot/74/file1/bus" dev="loop1" ino=16946 res=1 errno=0
[  276.359729][ T7025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  276.667425][ T5830] ocfs2: Unmounting device (7,1) on (node local)
[  276.745936][ T7025] team0: Port device team_slave_0 added
[  276.784960][ T7025] team0: Port device team_slave_1 added
[  277.063262][ T7274] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  277.712731][ T7280] loop6: detected capacity change from 0 to 524287999
[  277.923662][ T7025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  277.953906][ T7025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.003506][ T7288] loop2: detected capacity change from 0 to 2048
[  278.041741][ T7025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.078412][ T7288] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.084572][ T7025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.107743][ T7025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.211414][ T7025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.230246][ T7297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.337'.
[  278.241453][ T7297] netlink: 12 bytes leftover after parsing attributes in process `syz.1.337'.
[  278.873964][ T7301] loop4: detected capacity change from 0 to 64
[  278.989604][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.109374][ T7043] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.151810][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.312120][ T7043] bridge_slave_0: entered allmulticast mode
[  279.325478][ T7307] loop2: detected capacity change from 0 to 1024
[  279.646540][ T7043] bridge_slave_0: entered promiscuous mode
[  280.214758][ T7307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.295683][ T7325] loop6: detected capacity change from 0 to 524287999
[  281.338362][ T7307] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  281.353385][ T7307] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  281.365626][ T7307] EXT4-fs (loop2): This should not happen!! Data will be lost
[  281.365626][ T7307] 
[  281.375314][ T7307] EXT4-fs (loop2): Total free blocks count 0
[  281.381305][ T7307] EXT4-fs (loop2): Free/Dirty block details
[  281.387287][ T7307] EXT4-fs (loop2): free_blocks=68451041280
[  281.393220][ T7307] EXT4-fs (loop2): dirty_blocks=16
[  281.398342][ T7307] EXT4-fs (loop2): Block reservation details
[  281.404368][ T7307] EXT4-fs (loop2): i_reserved_data_blocks=1
[  281.481574][ T7043] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.506245][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.542163][ T7043] bridge_slave_1: entered allmulticast mode
[  281.557701][ T7043] bridge_slave_1: entered promiscuous mode
[  281.781687][   T29] audit: type=1326 audit(1737475548.714:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  281.931749][   T29] audit: type=1326 audit(1737475548.714:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  282.018776][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.053578][ T7025] hsr_slave_0: entered promiscuous mode
[  282.061806][   T29] audit: type=1326 audit(1737475548.714:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  282.128794][   T29] audit: type=1326 audit(1737475548.714:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  282.315626][ T7025] hsr_slave_1: entered promiscuous mode
[  282.322357][   T29] audit: type=1326 audit(1737475548.714:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  282.623325][ T7025] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.739007][ T7025] Cannot create hsr debugfs directory
[  282.759940][   T29] audit: type=1326 audit(1737475548.714:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  283.002000][ T7336] 9pnet_fd: Insufficient options for proto=fd
[  283.015628][ T7043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  283.036649][   T29] audit: type=1326 audit(1737475548.714:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  283.106694][   T29] audit: type=1326 audit(1737475548.714:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  283.129281][   T29] audit: type=1326 audit(1737475548.714:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  283.161756][   T29] audit: type=1326 audit(1737475548.714:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7327 comm="syz.5.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85a9385d29 code=0x7ffc0000
[  283.318806][ T7043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  283.534678][ T7344] loop2: detected capacity change from 0 to 512
[  283.636971][ T7344] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  283.668927][ T7348] loop5: detected capacity change from 0 to 64
[  283.790559][ T7344] EXT4-fs (loop2): invalid journal inode
[  283.814902][ T7344] EXT4-fs (loop2): can't get journal size
[  283.905293][  T117] IPVS: starting estimator thread 0...
[  283.988311][ T7344] EXT4-fs (loop2): 1 truncate cleaned up
[  284.034929][ T7344] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.092394][ T7350] IPVS: using max 21 ests per chain, 50400 per kthread
[  284.327378][ T7043] team0: Port device team_slave_0 added
[  285.240446][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.366022][ T7366] loop6: detected capacity change from 0 to 524287999
[  286.375546][ T7043] team0: Port device team_slave_1 added
[  288.236191][ T7376] loop1: detected capacity change from 0 to 40427
[  288.250691][ T7376] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  288.251353][ T7043] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.258495][ T7376] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  288.282371][ T7376] F2FS-fs (loop1): invalid crc value
[  288.513846][ T7380] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  288.891801][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  288.891826][   T29] audit: type=1326 audit(1737475555.364:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  288.961972][ T7043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.971026][ T7376] F2FS-fs (loop1): Found nat_bits in checkpoint
[  289.062553][   T29] audit: type=1326 audit(1737475555.364:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.069371][ T7043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.103179][ T7376] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  289.110248][ T7376] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  289.119840][ T7043] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.344301][ T7376] syz.1.358: attempt to access beyond end of device
[  289.344301][ T7376] loop1: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  289.493817][   T29] audit: type=1326 audit(1737475555.374:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.536647][ T7043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.542911][ T7391] fuse: Bad value for 'fd'
[  289.577420][   T29] audit: type=1326 audit(1737475555.374:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.616354][ T7043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.661832][   T29] audit: type=1326 audit(1737475555.374:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.701956][   T29] audit: type=1326 audit(1737475555.384:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.740432][ T7395] 9pnet_fd: Insufficient options for proto=fd
[  289.752419][   T29] audit: type=1326 audit(1737475555.384:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.849852][   T29] audit: type=1326 audit(1737475555.384:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.908712][ T6409] bridge_slave_1: left allmulticast mode
[  289.917878][ T6409] bridge_slave_1: left promiscuous mode
[  289.928031][   T29] audit: type=1326 audit(1737475555.394:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  289.970684][ T6409] bridge0: port 2(bridge_slave_1) entered disabled state
[  290.001220][ T6409] bridge_slave_0: left allmulticast mode
[  290.022052][ T6409] bridge_slave_0: left promiscuous mode
[  290.031949][   T29] audit: type=1326 audit(1737475555.394:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7377 comm="syz.2.359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  290.071899][ T6409] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.595433][ T7419] loop1: detected capacity change from 0 to 128
[  293.642236][ T7419] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  293.680129][ T7419] EXT4-fs (loop1): group descriptors corrupted!
[  293.786450][ T7421] loop6: detected capacity change from 0 to 524287999
[  294.138791][ T7419] loop1: detected capacity change from 0 to 32768
[  294.258540][ T7424] input: syz0 as /devices/virtual/input/input10
[  294.692151][ T7419] JBD2: Ignoring recovery information on journal
[  294.701307][ T7419] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  294.709579][ T7419] JBD2: bad block at offset 64
[  294.724679][ T7419] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  295.606499][ T7430] loop4: detected capacity change from 0 to 40427
[  295.635863][ T7430] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  295.643785][ T7430] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  295.669692][ T7430] F2FS-fs (loop4): invalid crc value
[  295.678492][ T7430] F2FS-fs (loop4): Found nat_bits in checkpoint
[  295.725340][ T7430] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  295.732511][ T7430] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  295.765719][ T5830] ocfs2: Unmounting device (7,1) on (node local)
[  295.810914][ T7435] syz.4.373: attempt to access beyond end of device
[  295.810914][ T7435] loop4: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  295.880330][ T6409] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  295.900530][ T6409] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  295.913861][ T6409] bond0 (unregistering): Released all slaves
[  295.989570][ T7043] hsr_slave_0: entered promiscuous mode
[  296.032327][ T7043] hsr_slave_1: entered promiscuous mode
[  296.079749][ T7043] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.094956][ T7043] Cannot create hsr debugfs directory
[  296.248457][ T6409] hsr_slave_0: left promiscuous mode
[  296.513734][ T6409] hsr_slave_1: left promiscuous mode
[  296.531015][ T6409] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.780208][ T7443] loop1: detected capacity change from 0 to 512
[  296.790495][ T7443] EXT4-fs: Ignoring removed orlov option
[  296.796502][ T7443] ext4: Unknown parameter 'debug.subj_type'
[  296.882219][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.090561][ T6409] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.198072][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.474593][ T7445] netlink: 8 bytes leftover after parsing attributes in process `syz.2.377'.
[  297.484712][ T7445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.377'.
[  297.969955][ T6409] veth1_macvtap: left promiscuous mode
[  297.976171][ T6409] veth0_macvtap: left promiscuous mode
[  297.983583][ T6409] veth1_vlan: left promiscuous mode
[  297.988982][ T6409] veth0_vlan: left promiscuous mode
[  298.086050][ T7447] loop6: detected capacity change from 0 to 524287999
[  298.096141][ T7447] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  298.106421][ T7447] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  298.115720][ T7447] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  298.125308][ T7447] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  298.876165][ T7456] 9pnet_fd: Insufficient options for proto=fd
[  299.144716][ T6409] team0 (unregistering): Port device team_slave_1 removed
[  299.279428][ T6409] team0 (unregistering): Port device team_slave_0 removed
[  299.287856][ T7459] loop1: detected capacity change from 0 to 512
[  299.309304][ T7459] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  299.323621][ T7459] EXT4-fs (loop1): invalid journal inode
[  299.329445][ T7459] EXT4-fs (loop1): can't get journal size
[  299.350989][ T7459] EXT4-fs (loop1): 1 truncate cleaned up
[  299.361148][ T7459] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.435004][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.496047][ T7470] loop6: detected capacity change from 0 to 524287999
[  302.313016][ T7478] loop4: detected capacity change from 0 to 128
[  302.469237][ T7478] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  302.522046][ T7478] EXT4-fs (loop4): group descriptors corrupted!
[  303.219499][ T7478] loop4: detected capacity change from 0 to 32768
[  303.288804][ T7478] JBD2: Ignoring recovery information on journal
[  303.298325][ T7478] jbd2_journal_bmap: journal block not found at offset 64 on loop4-27
[  303.308252][ T7478] JBD2: bad block at offset 64
[  303.371819][ T7478] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  303.419277][   T29] audit: type=1326 audit(1737475570.364:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  303.491768][   T29] audit: type=1326 audit(1737475570.364:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  303.555005][   T29] audit: type=1326 audit(1737475570.394:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  303.578052][ T5841] Bluetooth: unknown link type 133
[  303.583651][ T5841] Bluetooth: hci2: connection err: -111
[  303.639399][   T29] audit: type=1326 audit(1737475570.394:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  303.881833][   T29] audit: type=1326 audit(1737475570.394:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  303.989138][   T29] audit: type=1326 audit(1737475570.394:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  304.602868][   T29] audit: type=1326 audit(1737475570.394:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  304.691723][   T29] audit: type=1326 audit(1737475570.394:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  304.803947][ T5834] ocfs2: Unmounting device (7,4) on (node local)
[  304.854297][   T29] audit: type=1326 audit(1737475570.394:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  304.904490][ T7494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  305.021742][   T29] audit: type=1326 audit(1737475570.394:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.1.388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0a9785d29 code=0x7ffc0000
[  305.426337][ T5837] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  305.436844][ T5837] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  305.447058][ T5837] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  305.456586][ T5837] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  305.464717][ T5837] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  305.472175][ T5837] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  305.570655][ T7506] overlayfs: failed to resolve './file2': -2
[  306.264210][ T5841] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  306.274924][ T5841] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  306.283662][ T5841] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  306.291834][ T5841] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  306.322392][ T5841] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  306.332450][ T5841] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  306.726338][ T7514] loop6: detected capacity change from 0 to 524287999
[  306.944029][ T7520] loop1: detected capacity change from 0 to 512
[  306.962396][ T7520] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  307.019743][ T7520] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.397: invalid block
[  307.380461][ T7520] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.397: invalid indirect mapped block 4294967295 (level 1)
[  307.615698][ T7520] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #11: comm syz.1.397: invalid indirect mapped block 4294967295 (level 1)
[  307.986519][    T9] IPVS: starting estimator thread 0...
[  308.015296][ T5841] Bluetooth: hci6: command tx timeout
[  308.046450][ T7520] EXT4-fs (loop1): 2 truncates cleaned up
[  308.106907][ T7520] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.152645][ T7533] IPVS: using max 16 ests per chain, 38400 per kthread
[  308.274113][ T7520] EXT4-fs error (device loop1): ext4_validate_block_bitmap:431: comm syz.1.397: bg 0: block 5: invalid block bitmap
[  308.370355][ T7520] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  308.431777][ T5841] Bluetooth: hci7: command tx timeout
[  308.585400][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.5.402'.
[  308.594890][ T7540] netlink: 12 bytes leftover after parsing attributes in process `syz.5.402'.
[  308.631953][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  308.632018][   T29] audit: type=1326 audit(1737475575.554:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  308.756294][ T6409] bridge_slave_1: left allmulticast mode
[  308.768423][ T6409] bridge_slave_1: left promiscuous mode
[  308.886215][   T29] audit: type=1326 audit(1737475575.564:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  308.905148][ T7543] loop4: detected capacity change from 0 to 128
[  308.966962][ T6409] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.004374][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.013907][   T29] audit: type=1326 audit(1737475575.864:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  309.020486][ T7543] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  309.045417][   T29] audit: type=1326 audit(1737475575.864:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  309.154805][ T6409] bridge_slave_0: left allmulticast mode
[  309.161692][ T6409] bridge_slave_0: left promiscuous mode
[  309.172833][ T6409] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.187519][ T7543] EXT4-fs (loop4): group descriptors corrupted!
[  309.223816][ T6409] bridge_slave_1: left allmulticast mode
[  309.229589][ T6409] bridge_slave_1: left promiscuous mode
[  309.241817][   T29] audit: type=1326 audit(1737475575.864:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  309.475713][ T6409] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.510554][ T6409] bridge_slave_0: left allmulticast mode
[  309.845534][ T7543] loop4: detected capacity change from 0 to 32768
[  309.892241][   T29] audit: type=1326 audit(1737475575.964:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  309.917817][ T7543] JBD2: Ignoring recovery information on journal
[  309.927896][ T7543] jbd2_journal_bmap: journal block not found at offset 64 on loop4-27
[  309.936153][ T7543] JBD2: bad block at offset 64
[  309.951750][ T6409] bridge_slave_0: left promiscuous mode
[  309.958792][ T7543] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  310.101824][ T5841] Bluetooth: hci6: command tx timeout
[  310.109066][ T6409] bridge0: port 1(bridge_slave_0) entered disabled state
[  310.148443][   T29] audit: type=1326 audit(1737475575.964:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  310.304626][   T29] audit: type=1326 audit(1737475575.964:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  310.349959][   T29] audit: type=1326 audit(1737475576.134:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  310.376812][   T29] audit: type=1326 audit(1737475576.134:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7537 comm="syz.2.400" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7134785d29 code=0x7ffc0000
[  310.501895][ T5841] Bluetooth: hci7: command tx timeout
[  310.838416][ T5834] ocfs2: Unmounting device (7,4) on (node local)
[  310.866129][ T6409] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  310.887876][ T6409] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  310.911115][ T6409] bond0 (unregistering): Released all slaves
[  310.940286][ T6409] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  310.960783][ T6409] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  310.980182][ T6409] bond0 (unregistering): Released all slaves
[  311.047597][ T7500] chnl_net:caif_netlink_parms(): no params data found
[  311.507498][ T7503] chnl_net:caif_netlink_parms(): no params data found
[  312.192205][ T5841] Bluetooth: hci6: command tx timeout
[  312.202327][ T6409] hsr_slave_0: left promiscuous mode
[  312.436285][ T7566] input: syz0 as /devices/virtual/input/input11
[  312.498162][ T6409] hsr_slave_1: left promiscuous mode
[  312.717183][ T5841] Bluetooth: hci7: command tx timeout
[  312.951545][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_0
[  312.992724][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.085986][ T6409] hsr_slave_0: left promiscuous mode
[  313.184650][ T6409] hsr_slave_1: left promiscuous mode
[  313.385888][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_0
[  313.443352][ T6409] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.787222][ T7580] overlayfs: failed to resolve './file2': -2
[  314.341862][ T5841] Bluetooth: hci6: command tx timeout
[  314.618828][ T5841] Bluetooth: hci2: unexpected event for opcode 0x2043
[  314.741925][ T5841] Bluetooth: hci7: command tx timeout
[  314.971032][ T7578] loop5: detected capacity change from 0 to 1764
[  317.591436][ T7595] loop5: detected capacity change from 0 to 1024
[  317.813788][ T7599] netlink: 8 bytes leftover after parsing attributes in process `syz.4.418'.
[  317.822960][ T7599] netlink: 12 bytes leftover after parsing attributes in process `syz.4.418'.
[  318.284398][ T6409] team0 (unregistering): Port device team_slave_1 removed
[  319.018358][ T6409] team0 (unregistering): Port device team_slave_0 removed
[  319.531407][ T7605] loop2: detected capacity change from 0 to 2048
[  319.659540][ T7605] mmap: syz.2.419 (7605) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  320.288364][ T7606] hfsplus: xattr searching failed
[  320.898825][ T7606] hfsplus: b-tree write err: -5, ino 3
[  321.021438][ T7613] loop1: detected capacity change from 0 to 64
[  321.864390][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  322.389436][ T6409] team0 (unregistering): Port device team_slave_1 removed
[  322.453308][ T6409] team0 (unregistering): Port device team_slave_0 removed
[  323.162486][ T7626] loop2: detected capacity change from 0 to 1024
[  323.331491][ T7626] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.388014][ T7626] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  323.408495][ T7626] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  323.420775][ T7626] EXT4-fs (loop2): This should not happen!! Data will be lost
[  323.420775][ T7626] 
[  323.448998][ T7626] EXT4-fs (loop2): Total free blocks count 0
[  323.465610][ T7626] EXT4-fs (loop2): Free/Dirty block details
[  323.508276][ T7626] EXT4-fs (loop2): free_blocks=68451041280
[  323.514809][ T7626] EXT4-fs (loop2): dirty_blocks=16
[  323.519960][ T7626] EXT4-fs (loop2): Block reservation details
[  323.526236][ T7626] EXT4-fs (loop2): i_reserved_data_blocks=1
[  323.886958][ T7643] overlayfs: failed to resolve './file0': -2
[  324.807090][ T7500] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.842089][ T7500] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.850672][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.860176][ T7500] bridge_slave_0: entered allmulticast mode
[  324.861494][ T7500] bridge_slave_0: entered promiscuous mode
[  324.879426][ T7646] loop4: detected capacity change from 0 to 1024
[  324.910440][ T7646] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  325.001851][ T7500] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.008997][ T7500] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.115482][ T7500] bridge_slave_1: entered allmulticast mode
[  325.223713][ T7500] bridge_slave_1: entered promiscuous mode
[  325.413118][ T7503] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.421250][ T7503] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.747554][ T7503] bridge_slave_0: entered allmulticast mode
[  325.773264][ T7503] bridge_slave_0: entered promiscuous mode
[  325.806272][ T7503] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.831943][ T7503] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.853584][ T7503] bridge_slave_1: entered allmulticast mode
[  325.861498][ T7503] bridge_slave_1: entered promiscuous mode
[  326.730279][ T7503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  326.743683][ T7503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.389414][ T7500] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.434539][ T7500] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.404713][ T7667] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  329.024032][ T7503] team0: Port device team_slave_0 added
[  329.040395][ T7673] binder: 7670:7673 ioctl c0306201 0 returned -14
[  329.048714][ T7673] binder: BINDER_SET_CONTEXT_MGR already set
[  329.055798][ T7673] binder: 7670:7673 ioctl 4018620d 200002c0 returned -16
[  329.076592][ T7500] team0: Port device team_slave_0 added
[  329.098054][ T7503] team0: Port device team_slave_1 added
[  329.184867][ T7500] team0: Port device team_slave_1 added
[  329.346848][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.365051][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.399394][ T7500] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.412466][ T7503] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.420873][ T7503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.467308][ T7503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.487121][ T7503] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.494282][ T7503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.521145][ T7503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.533425][ T7500] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.541281][ T7500] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.727925][ T7500] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.330998][ T7503] hsr_slave_0: entered promiscuous mode
[  330.384519][ T7503] hsr_slave_1: entered promiscuous mode
[  330.429173][ T7503] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  330.441530][ T7503] Cannot create hsr debugfs directory
[  331.058208][ T7689] loop5: detected capacity change from 0 to 65536
[  331.353510][ T7689] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  331.792018][ T7689] XFS (loop5): Internal error !xlog_verify_bno(log, 0, nbblks) at line 81 of file fs/xfs/xfs_log_recover.c.  Caller xlog_alloc_buffer+0x152/0x200
[  331.807242][ T7689] CPU: 0 UID: 0 PID: 7689 Comm: syz.5.445 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  331.817522][ T7689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  331.827607][ T7689] Call Trace:
[  331.830905][ T7689]  <TASK>
[  331.833858][ T7689]  dump_stack_lvl+0x16c/0x1f0
[  331.838607][ T7689]  xfs_corruption_error+0x12f/0x150
[  331.843848][ T7689]  ? xlog_alloc_buffer+0x152/0x200
[  331.849021][ T7689]  xlog_alloc_buffer+0x199/0x200
[  331.854099][ T7689]  ? xlog_alloc_buffer+0x152/0x200
[  331.859270][ T7689]  xlog_do_recovery_pass+0x382/0xd80
[  331.864619][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.870307][ T7689]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  331.876198][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.882046][ T7689]  xlog_verify_head+0x193/0x530
[  331.886944][ T7689]  ? __pfx_xlog_verify_head+0x10/0x10
[  331.892358][ T7689]  ? __entry_text_end+0x1020c5/0x1020c9
[  331.897935][ T7689]  ? xlog_check_unmount_rec+0x1fd/0x550
[  331.903699][ T7689]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  331.909632][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.915295][ T7689]  ? __kvmalloc_node_noprof+0x7c/0x1a0
[  331.920789][ T7689]  xlog_find_tail+0x85d/0xf00
[  331.925521][ T7689]  ? __pfx_xlog_find_tail+0x10/0x10
[  331.930764][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.936426][ T7689]  ? mark_held_locks+0x9f/0xe0
[  331.941224][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.946885][ T7689]  ? lockdep_hardirqs_on+0x7c/0x110
[  331.952126][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.957791][ T7689]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  331.963644][ T7689]  xlog_recover+0x8f/0x4e0
[  331.968102][ T7689]  ? __pfx_xlog_recover+0x10/0x10
[  331.973216][ T7689]  xfs_log_mount+0x234/0x460
[  331.977838][ T7689]  xfs_mountfs+0x1220/0x2230
[  331.982482][ T7689]  ? __pfx_xfs_mountfs+0x10/0x10
[  331.987489][ T7689]  ? do_init_timer+0xc9/0x110
[  331.992191][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.997854][ T7689]  ? xfs_mru_cache_create+0x4be/0x5d0
[  332.003251][ T7689]  ? __pfx_xfs_fstrm_free_func+0x10/0x10
[  332.008927][ T7689]  xfs_fs_fill_super+0x1557/0x1f50
[  332.014083][ T7689]  get_tree_bdev_flags+0x38e/0x620
[  332.019242][ T7689]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  332.024736][ T7689]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  332.030413][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.036077][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.041741][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.047412][ T7689]  vfs_get_tree+0x92/0x380
[  332.051957][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.057621][ T7689]  path_mount+0x14e6/0x1f10
[  332.062187][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.067848][ T7689]  ? kmem_cache_free+0x152/0x4c0
[  332.072816][ T7689]  ? __pfx_path_mount+0x10/0x10
[  332.077697][ T7689]  ? srso_alias_return_thunk+0x5/0xfbef5
[  332.083359][ T7689]  ? putname+0x13c/0x180
[  332.087635][ T7689]  __x64_sys_mount+0x28f/0x310
[  332.092423][ T7689]  ? __pfx___x64_sys_mount+0x10/0x10
[  332.097731][ T7689]  ? do_user_addr_fault+0x83d/0x13f0
[  332.103056][ T7689]  do_syscall_64+0xcd/0x250
[  332.107587][ T7689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.113507][ T7689] RIP: 0033:0x7f85a93874ca
[  332.117948][ T7689] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.137581][ T7689] RSP: 002b:00007f85aa12be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  332.146016][ T7689] RAX: ffffffffffffffda RBX: 00007f85aa12bef0 RCX: 00007f85a93874ca
[  332.154002][ T7689] RDX: 0000000020000800 RSI: 0000000020000000 RDI: 00007f85aa12beb0
[  332.161988][ T7689] RBP: 0000000020000800 R08: 00007f85aa12bef0 R09: 0000000003000010
[  332.169970][ T7689] R10: 0000000003000010 R11: 0000000000000246 R12: 0000000020000000
[  332.177955][ T7689] R13: 00007f85aa12beb0 R14: 000000000000b967 R15: 00000000200002c0
[  332.185962][ T7689]  </TASK>
[  332.195133][ T7689] XFS (loop5): Corruption detected. Unmount and run xfs_repair
[  332.204869][ T7689] XFS (loop5): Invalid block length (0x20040) for buffer
[  332.214316][ T7689] XFS (loop5): failed to locate log tail
[  332.220064][ T7689] XFS (loop5): log mount/recovery failed: error -12
[  332.301859][ T7706] loop2: detected capacity change from 0 to 4096
[  332.323859][ T7689] XFS (loop5): log mount failed
[  332.572333][ T7706] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  332.796170][ T7500] hsr_slave_0: entered promiscuous mode
[  332.894387][ T7500] hsr_slave_1: entered promiscuous mode
[  333.032613][   T29] kauditd_printk_skb: 17 callbacks suppressed
[  333.032637][   T29] audit: type=1804 audit(1737475599.974:140): pid=7706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.448" name="/newroot/122/file0/file1" dev="loop2" ino=30 res=1 errno=0
[  333.095456][ T7709] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  333.113475][ T7708] ntfs3(loop2): ino=1e, "file1" attr_set_size
[  333.121499][ T7500] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.137646][ T7705] ntfs3(loop2): ino=1e, "file1" attr_set_size
[  333.151161][ T7500] Cannot create hsr debugfs directory
[  333.513227][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.5.451'.
[  333.522466][ T7716] netlink: 12 bytes leftover after parsing attributes in process `syz.5.451'.
[  334.611033][ T7723] binder: 7722:7723 ioctl c0306201 0 returned -14
[  335.094396][ T5898] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  335.543716][ T5898] usb 5-1: Using ep0 maxpacket: 8
[  335.554915][ T5898] usb 5-1: config index 0 descriptor too short (expected 6427, got 27)
[  335.567784][ T5898] usb 5-1: config 0 has an invalid interface number: 21 but max is 0
[  335.609619][ T5898] usb 5-1: config 0 has no interface number 0
[  335.634282][ T5898] usb 5-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  335.663326][ T5898] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  335.692021][ T5898] usb 5-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  335.715629][ T5898] usb 5-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  335.742053][ T5898] usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  335.764277][ T5898] usb 5-1: Product: syz
[  335.856557][ T5898] usb 5-1: config 0 descriptor??
[  335.987389][ T7727] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  336.446170][ T7735] loop5: detected capacity change from 0 to 32768
[  336.491003][ T7735] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.460 (7735)
[  336.520959][ T7735] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  336.531654][ T7735] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  336.540130][ T7735] BTRFS info (device loop5): using free-space-tree
[  336.979526][ T5898] usb 5-1: USB disconnect, device number 2
[  337.003230][ T7735] syz.5.460 (7735) used greatest stack depth: 20672 bytes left
[  337.011025][ T7500] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  337.040259][ T7500] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  337.142403][ T5841] Bluetooth: hci1: unexpected event for opcode 0x2043
[  337.186303][ T7757] loop2: detected capacity change from 0 to 1764
[  337.202212][ T7500] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  337.229174][ T7758] loop1: detected capacity change from 0 to 1764
[  337.272739][ T5831] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  337.298490][ T7500] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  338.260476][ T7766] 9pnet_fd: Insufficient options for proto=fd
[  338.874546][ T7762] loop2: detected capacity change from 0 to 65536
[  339.069388][ T7500] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.192817][ T7762] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  339.269515][ T7500] 8021q: adding VLAN 0 to HW filter on device team0
[  339.269782][ T7762] XFS (loop2): Internal error !xlog_verify_bno(log, 0, nbblks) at line 81 of file fs/xfs/xfs_log_recover.c.  Caller xlog_alloc_buffer+0x152/0x200
[  339.292168][ T7762] CPU: 0 UID: 0 PID: 7762 Comm: syz.2.464 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  339.302449][ T7762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  339.312791][ T7762] Call Trace:
[  339.316077][ T7762]  <TASK>
[  339.319018][ T7762]  dump_stack_lvl+0x16c/0x1f0
[  339.323745][ T7762]  xfs_corruption_error+0x12f/0x150
[  339.328969][ T7762]  ? xlog_alloc_buffer+0x152/0x200
[  339.334124][ T7762]  xlog_alloc_buffer+0x199/0x200
[  339.339097][ T7762]  ? xlog_alloc_buffer+0x152/0x200
[  339.344263][ T7762]  xlog_do_recovery_pass+0x382/0xd80
[  339.349606][ T7762]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  339.355461][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.361125][ T7762]  ? mark_held_locks+0x9f/0xe0
[  339.365940][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.371620][ T7762]  xlog_verify_head+0x193/0x530
[  339.376535][ T7762]  ? __pfx_xlog_verify_head+0x10/0x10
[  339.381961][ T7762]  ? __entry_text_end+0x1020c5/0x1020c9
[  339.387536][ T7762]  ? xlog_check_unmount_rec+0x1fd/0x550
[  339.393121][ T7762]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  339.399160][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.404825][ T7762]  ? __kvmalloc_node_noprof+0x7c/0x1a0
[  339.410318][ T7762]  xlog_find_tail+0x85d/0xf00
[  339.415051][ T7762]  ? __pfx_xlog_find_tail+0x10/0x10
[  339.420296][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.425960][ T7762]  ? mark_held_locks+0x9f/0xe0
[  339.430754][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.436421][ T7762]  ? lockdep_hardirqs_on+0x7c/0x110
[  339.441663][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.447324][ T7762]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  339.453183][ T7762]  xlog_recover+0x8f/0x4e0
[  339.457641][ T7762]  ? __pfx_xlog_recover+0x10/0x10
[  339.462722][ T7762]  xfs_log_mount+0x234/0x460
[  339.467345][ T7762]  xfs_mountfs+0x1220/0x2230
[  339.471998][ T7762]  ? __pfx_xfs_mountfs+0x10/0x10
[  339.476977][ T7762]  ? do_init_timer+0xc9/0x110
[  339.481678][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.487348][ T7762]  ? xfs_mru_cache_create+0x4be/0x5d0
[  339.492744][ T7762]  ? __pfx_xfs_fstrm_free_func+0x10/0x10
[  339.498421][ T7762]  xfs_fs_fill_super+0x1557/0x1f50
[  339.503576][ T7762]  get_tree_bdev_flags+0x38e/0x620
[  339.508729][ T7762]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  339.514225][ T7762]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  339.519989][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.525655][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.531315][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.536983][ T7762]  vfs_get_tree+0x92/0x380
[  339.541438][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.547101][ T7762]  path_mount+0x14e6/0x1f10
[  339.551634][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.557304][ T7762]  ? kmem_cache_free+0x152/0x4c0
[  339.562271][ T7762]  ? __pfx_path_mount+0x10/0x10
[  339.567154][ T7762]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.572818][ T7762]  ? putname+0x13c/0x180
[  339.577097][ T7762]  __x64_sys_mount+0x28f/0x310
[  339.581894][ T7762]  ? __pfx___x64_sys_mount+0x10/0x10
[  339.587207][ T7762]  ? do_user_addr_fault+0x83d/0x13f0
[  339.592527][ T7762]  do_syscall_64+0xcd/0x250
[  339.597056][ T7762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.602973][ T7762] RIP: 0033:0x7f71347874ca
[  339.607407][ T7762] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.627036][ T7762] RSP: 002b:00007f713552be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  339.635471][ T7762] RAX: ffffffffffffffda RBX: 00007f713552bef0 RCX: 00007f71347874ca
[  339.643457][ T7762] RDX: 0000000020000800 RSI: 0000000020000000 RDI: 00007f713552beb0
[  339.651439][ T7762] RBP: 0000000020000800 R08: 00007f713552bef0 R09: 0000000003000010
[  339.659426][ T7762] R10: 0000000003000010 R11: 0000000000000246 R12: 0000000020000000
[  339.667416][ T7762] R13: 00007f713552beb0 R14: 000000000000b967 R15: 00000000200002c0
[  339.675431][ T7762]  </TASK>
[  339.680298][ T7762] XFS (loop2): Corruption detected. Unmount and run xfs_repair
[  339.687915][ T7762] XFS (loop2): Invalid block length (0x20040) for buffer
[  339.696030][ T7762] XFS (loop2): failed to locate log tail
[  339.701804][ T7762] XFS (loop2): log mount/recovery failed: error -12
[  339.728800][ T7782] binder: BINDER_SET_CONTEXT_MGR already set
[  339.734932][ T7782] binder: 7781:7782 ioctl 4018620d 200002c0 returned -16
[  339.752381][ T7762] XFS (loop2): log mount failed
[  339.755792][ T2958] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.764413][ T2958] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.813577][ T2958] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.820759][ T2958] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.908710][ T7500] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  340.079663][ T7503] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  340.127336][ T7503] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  340.355563][ T7503] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  340.878123][ T7503] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  341.159449][ T7503] 8021q: adding VLAN 0 to HW filter on device bond0
[  341.184176][ T7503] 8021q: adding VLAN 0 to HW filter on device team0
[  341.496914][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.504090][ T6027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.999557][ T7801] loop4: detected capacity change from 0 to 32768
[  343.232579][ T7801] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.473 (7801)
[  343.323300][ T5993] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.330483][ T5993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  344.172215][ T7801] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  344.183164][ T7801] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  344.191705][ T7801] BTRFS info (device loop4): using free-space-tree
[  344.474278][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  344.475587][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  344.484848][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  344.494544][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  344.504066][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  344.512921][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  344.522478][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  344.532482][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  344.542461][ T7801] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  344.752754][ T7801] BTRFS error (device loop4): open_ctree failed: -12
[  344.956689][ T7500] 8021q: adding VLAN 0 to HW filter on device batadv0
[  345.234514][ T7832] netlink: 12 bytes leftover after parsing attributes in process `syz.2.477'.
[  345.637706][ T7836] loop1: detected capacity change from 0 to 4096
[  345.727104][ T7836] NILFS (loop1): invalid segment: Checksum error in segment payload
[  345.776890][ T7836] NILFS (loop1): trying rollback from an earlier position
[  345.980129][ T5841] Bluetooth: hci5: unexpected event for opcode 0x2043
[  346.062543][ T7836] NILFS (loop1): norecovery option specified, skipping roll-forward recovery
[  346.089850][ T7503] 8021q: adding VLAN 0 to HW filter on device batadv0
[  346.223880][ T7843] loop4: detected capacity change from 0 to 1764
[  347.053853][ T7500] veth0_vlan: entered promiscuous mode
[  347.091563][ T7500] veth1_vlan: entered promiscuous mode
[  347.243883][ T7500] veth0_macvtap: entered promiscuous mode
[  347.416967][ T7500] veth1_macvtap: entered promiscuous mode
[  347.836239][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  347.895952][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  347.915102][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.151927][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.186536][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.238682][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.259538][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  348.356455][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  348.446743][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.512514][ T7872] input: syz0 as /devices/virtual/input/input13
[  348.708257][ T7877] netlink: 8 bytes leftover after parsing attributes in process `syz.5.487'.
[  348.719042][ T7877] netlink: 12 bytes leftover after parsing attributes in process `syz.5.487'.
[  349.252217][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.270056][ T7880] loop4: detected capacity change from 0 to 2048
[  349.281735][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  349.531723][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  349.552417][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.432301][ T7884] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  350.441666][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.481705][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  350.511174][ T7500] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  350.851705][ T5841] Bluetooth: hci2: unexpected event for opcode 0x2043
[  351.352761][ T7500] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  351.363949][ T7500] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.379999][ T7889] loop5: detected capacity change from 0 to 1764
[  351.413953][ T7500] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.439709][ T7500] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.604344][ T7500] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.672465][ T7500] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  352.396654][ T7503] veth0_vlan: entered promiscuous mode
[  352.465054][ T7503] veth1_vlan: entered promiscuous mode
[  352.605234][ T6341] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.658592][ T6341] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.123287][ T7903] netlink: 8 bytes leftover after parsing attributes in process `syz.5.494'.
[  353.133366][ T7903] netlink: 12 bytes leftover after parsing attributes in process `syz.5.494'.
[  353.685278][ T1099] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.724466][ T1099] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.756047][ T7503] veth0_macvtap: entered promiscuous mode
[  353.802031][ T7503] veth1_macvtap: entered promiscuous mode
[  353.873688][ T7905] loop5: detected capacity change from 0 to 1024
[  353.900936][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  353.944407][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  353.969455][ T7905] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.973061][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.055612][ T7905] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  354.101850][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.194258][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.205068][ T7905] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  354.232527][ T7905] EXT4-fs (loop5): This should not happen!! Data will be lost
[  354.232527][ T7905] 
[  354.250159][ T7917] ubi0: attaching mtd0
[  354.270178][ T7905] EXT4-fs (loop5): Total free blocks count 0
[  354.284360][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  354.354947][ T7905] EXT4-fs (loop5): Free/Dirty block details
[  354.366760][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  354.835238][ T7919] loop4: detected capacity change from 0 to 65536
[  354.902365][ T7917] ubi0: scanning is finished
[  354.971034][ T7917] ubi0: empty MTD device detected
[  354.981240][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.067153][ T7905] EXT4-fs (loop5): free_blocks=68451041280
[  355.133289][ T7919] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  355.152252][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  355.161867][ T7905] EXT4-fs (loop5): dirty_blocks=16
[  355.207520][ T7905] EXT4-fs (loop5): Block reservation details
[  355.214040][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  355.257583][ T7905] EXT4-fs (loop5): i_reserved_data_blocks=1
[  355.407506][ T7503] batman_adv: batadv0: Interface activated: batadv_slave_0
[  355.445219][ T7919] XFS (loop4): Internal error !xlog_verify_bno(log, 0, nbblks) at line 81 of file fs/xfs/xfs_log_recover.c.  Caller xlog_alloc_buffer+0x152/0x200
[  355.461293][ T7919] CPU: 0 UID: 0 PID: 7919 Comm: syz.4.499 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  355.471572][ T7919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  355.481654][ T7919] Call Trace:
[  355.484947][ T7919]  <TASK>
[  355.487882][ T7919]  dump_stack_lvl+0x16c/0x1f0
[  355.492594][ T7919]  xfs_corruption_error+0x12f/0x150
[  355.497807][ T7919]  ? xlog_alloc_buffer+0x152/0x200
[  355.502950][ T7919]  xlog_alloc_buffer+0x199/0x200
[  355.507910][ T7919]  ? xlog_alloc_buffer+0x152/0x200
[  355.513049][ T7919]  xlog_do_recovery_pass+0x382/0xd80
[  355.518379][ T7919]  ? __pfx_xlog_do_recovery_pass+0x10/0x10
[  355.524216][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.529865][ T7919]  ? mark_held_locks+0x9f/0xe0
[  355.534665][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.540325][ T7919]  xlog_verify_head+0x193/0x530
[  355.545214][ T7919]  ? __pfx_xlog_verify_head+0x10/0x10
[  355.550617][ T7919]  ? __entry_text_end+0x1020c5/0x1020c9
[  355.556189][ T7919]  ? xlog_check_unmount_rec+0x1fd/0x550
[  355.561781][ T7919]  ? __pfx_xlog_check_unmount_rec+0x10/0x10
[  355.567730][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.573392][ T7919]  ? __kvmalloc_node_noprof+0x7c/0x1a0
[  355.578892][ T7919]  xlog_find_tail+0x85d/0xf00
[  355.583619][ T7919]  ? __pfx_xlog_find_tail+0x10/0x10
[  355.588847][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.594498][ T7919]  ? mark_held_locks+0x9f/0xe0
[  355.599282][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.604931][ T7919]  ? lockdep_hardirqs_on+0x7c/0x110
[  355.610158][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.615849][ T7919]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  355.621702][ T7919]  xlog_recover+0x8f/0x4e0
[  355.626158][ T7919]  ? __pfx_xlog_recover+0x10/0x10
[  355.631228][ T7919]  xfs_log_mount+0x234/0x460
[  355.635839][ T7919]  xfs_mountfs+0x1220/0x2230
[  355.640469][ T7919]  ? __pfx_xfs_mountfs+0x10/0x10
[  355.645439][ T7919]  ? do_init_timer+0xc9/0x110
[  355.650129][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.655782][ T7919]  ? xfs_mru_cache_create+0x4be/0x5d0
[  355.661164][ T7919]  ? __pfx_xfs_fstrm_free_func+0x10/0x10
[  355.666829][ T7919]  xfs_fs_fill_super+0x1557/0x1f50
[  355.671970][ T7919]  get_tree_bdev_flags+0x38e/0x620
[  355.677111][ T7919]  ? __pfx_xfs_fs_fill_super+0x10/0x10
[  355.682593][ T7919]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  355.688258][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.693912][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.699564][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.705225][ T7919]  vfs_get_tree+0x92/0x380
[  355.709667][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.715328][ T7919]  path_mount+0x14e6/0x1f10
[  355.719847][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.725499][ T7919]  ? kmem_cache_free+0x152/0x4c0
[  355.730449][ T7919]  ? __pfx_path_mount+0x10/0x10
[  355.735318][ T7919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.740970][ T7919]  ? putname+0x13c/0x180
[  355.745238][ T7919]  __x64_sys_mount+0x28f/0x310
[  355.750020][ T7919]  ? __pfx___x64_sys_mount+0x10/0x10
[  355.755325][ T7919]  ? do_user_addr_fault+0x83d/0x13f0
[  355.760636][ T7919]  do_syscall_64+0xcd/0x250
[  355.765160][ T7919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.771071][ T7919] RIP: 0033:0x7fc5c2f874ca
[  355.775494][ T7919] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.795131][ T7919] RSP: 002b:00007fc5c3e1fe68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  355.803561][ T7919] RAX: ffffffffffffffda RBX: 00007fc5c3e1fef0 RCX: 00007fc5c2f874ca
[  355.811541][ T7919] RDX: 0000000020000800 RSI: 0000000020000000 RDI: 00007fc5c3e1feb0
[  355.819529][ T7919] RBP: 0000000020000800 R08: 00007fc5c3e1fef0 R09: 0000000003000010
[  355.827604][ T7919] R10: 0000000003000010 R11: 0000000000000246 R12: 0000000020000000
[  355.835672][ T7919] R13: 00007fc5c3e1feb0 R14: 000000000000b967 R15: 00000000200002c0
[  355.843678][ T7919]  </TASK>
[  355.849903][ T7919] XFS (loop4): Corruption detected. Unmount and run xfs_repair
[  355.858262][ T7919] XFS (loop4): Invalid block length (0x20040) for buffer
[  355.866242][ T7919] XFS (loop4): failed to locate log tail
[  355.871930][ T7919] XFS (loop4): log mount/recovery failed: error -12
[  355.895897][ T7919] XFS (loop4): log mount failed
[  355.924408][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.153336][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.171870][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.238248][ T7917] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  356.250009][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.262543][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.301778][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.331717][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.361688][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.400494][ T7503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  356.421368][ T7503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  356.506801][ T7935] netlink: 8 bytes leftover after parsing attributes in process `syz.4.502'.
[  356.516006][ T7935] netlink: 12 bytes leftover after parsing attributes in process `syz.4.502'.
[  356.614288][ T7503] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.616777][ T5831] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.094054][ T7503] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  357.153456][ T7503] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  357.248233][ T7503] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  357.421688][ T7503] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.136505][ T7946] loop4: detected capacity change from 0 to 2048
[  358.289958][ T7947] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  358.364603][ T6409] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  358.412694][ T6409] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.080895][ T6409] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  359.143274][ T6409] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.389808][ T7955] loop2: detected capacity change from 0 to 512
[  359.517003][ T7955] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  359.597500][ T7955] EXT4-fs (loop2): invalid journal inode
[  359.639314][ T7955] EXT4-fs (loop2): can't get journal size
[  359.720815][ T7955] EXT4-fs (loop2): 1 truncate cleaned up
[  359.786231][ T7955] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.148368][ T7960] loop1: detected capacity change from 0 to 2048
[  360.305687][ T7968] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  360.332136][ T7960] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=32, inode=11, rec_len=1024, name_len=6
[  360.352105][ T7960] Remounting filesystem read-only
[  360.451701][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.955236][ T7978] input: syz0 as /devices/virtual/input/input14
[  362.515070][ T7981] loop7: detected capacity change from 0 to 1024
[  362.603934][ T7987] netlink: 12 bytes leftover after parsing attributes in process `syz.5.515'.
[  362.639590][ T7981] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.679169][ T7990] loop2: detected capacity change from 0 to 64
[  362.704411][ T7981] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  362.732207][ T7981] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  362.769162][ T7981] EXT4-fs (loop7): This should not happen!! Data will be lost
[  362.769162][ T7981] 
[  362.803192][ T7981] EXT4-fs (loop7): Total free blocks count 0
[  362.858676][ T7981] EXT4-fs (loop7): Free/Dirty block details
[  362.890957][ T7981] EXT4-fs (loop7): free_blocks=68451041280
[  362.927929][ T7981] EXT4-fs (loop7): dirty_blocks=16
[  362.941778][ T7981] EXT4-fs (loop7): Block reservation details
[  362.947809][ T7981] EXT4-fs (loop7): i_reserved_data_blocks=1
[  362.980606][ T7993] loop1: detected capacity change from 0 to 128
[  362.996438][ T7993] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (60234!=39978)
[  363.018326][ T7993] EXT4-fs (loop1): group descriptors corrupted!
[  363.312351][ T7993] loop1: detected capacity change from 0 to 32768
[  363.394879][ T7997] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  363.450340][ T7993] JBD2: Ignoring recovery information on journal
[  363.460642][ T7993] jbd2_journal_bmap: journal block not found at offset 64 on loop1-27
[  363.469257][ T7993] JBD2: bad block at offset 64
[  363.575264][ T7993] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  363.617503][ T7503] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.756085][ T5830] ocfs2: Unmounting device (7,1) on (node local)
[  363.837647][ T7996] loop4: detected capacity change from 0 to 8192
[  363.867036][ T7996] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  365.570726][ T8011] loop4: detected capacity change from 0 to 4096
[  365.581567][ T8011] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  367.881037][ T8026] netlink: 8 bytes leftover after parsing attributes in process `syz.4.528'.
[  367.890297][ T8026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'.
[  368.431879][  T117] IPVS: starting estimator thread 0...
[  368.522314][ T8028] IPVS: using max 21 ests per chain, 50400 per kthread
[  368.557967][ T8027] fuse: Bad value for 'fd'
[  368.988541][ T5841] Bluetooth: hci2: unexpected event for opcode 0x2043
[  369.039468][ T8034] loop5: detected capacity change from 0 to 1764
[  369.765781][ T8038] loop4: detected capacity change from 0 to 64
[  369.873415][ T8041] netlink: 8 bytes leftover after parsing attributes in process `syz.7.532'.
[  369.882597][ T8041] netlink: 12 bytes leftover after parsing attributes in process `syz.7.532'.
[  372.935672][ T8058] capability: warning: `syz.4.537' uses deprecated v2 capabilities in a way that may be insecure
[  373.284742][  T117] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  374.273126][ T8063] loop2: detected capacity change from 0 to 1024
[  374.298102][  T117] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  374.329459][  T117] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.353057][  T117] usb 5-1: Product: syz
[  374.363646][  T117] usb 5-1: Manufacturer: syz
[  374.374378][  T117] usb 5-1: SerialNumber: syz
[  374.394225][ T8063] hfsplus: xattr searching failed
[  374.410370][  T117] usb 5-1: config 0 descriptor??
[  374.475657][ T8063] hfsplus: xattr searching failed
[  375.119121][  T117] usb 5-1: selecting invalid altsetting 3
[  375.158782][  T117] comedi comedi0: could not set alternate setting 3 in high speed
[  375.170997][   T46] hfsplus: b-tree write err: -5, ino 3
[  375.199553][  T117] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device.
[  375.224801][  T117] usbdux 5-1:0.0: probe with driver usbdux failed with error -22
[  375.368663][ T5913] usb 5-1: USB disconnect, device number 3
[  376.981292][ T8078] fuse: Bad value for 'fd'
[  377.100524][ T5841] Bluetooth: hci2: unexpected event for opcode 0x2043
[  377.205319][ T8088] loop5: detected capacity change from 0 to 1764
[  378.353641][ T8095] loop4: detected capacity change from 0 to 64
[  379.208635][ T8108] loop7: detected capacity change from 0 to 4096
[  379.242421][ T8111] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  379.352687][ T8108] NILFS (loop7): invalid segment: Checksum error in segment payload
[  379.369167][ T8108] NILFS (loop7): trying rollback from an earlier position
[  379.494546][ T8108] NILFS (loop7): norecovery option specified, skipping roll-forward recovery
[  379.547835][ T8115] bridge_slave_0: left allmulticast mode
[  379.578971][ T8115] bridge_slave_0: left promiscuous mode
[  379.600131][ T8115] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.642286][ T8115] bridge_slave_1: left allmulticast mode
[  379.670239][ T8115] bridge_slave_1: left promiscuous mode
[  379.701662][ T8115] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.437298][ T8115] bond0: (slave bond_slave_0): Releasing backup interface
[  381.957348][ T8115] bond0: (slave bond_slave_1): Releasing backup interface
[  383.293429][ T8135] loop1: detected capacity change from 0 to 512
[  383.317236][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  383.344912][ T8135] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  383.368965][ T8135] EXT4-fs (loop1): invalid journal inode
[  383.412425][ T8135] EXT4-fs (loop1): can't get journal size
[  383.580676][ T8135] EXT4-fs (loop1): 1 truncate cleaned up
[  383.596430][ T8115] team0: Port device team_slave_0 removed
[  383.597529][ T8135] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  383.877540][ T8115] team0: Port device team_slave_1 removed
[  384.107666][ T8115] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  384.145429][ T8115] batman_adv: batadv0: Removing interface: batadv_slave_0
[  384.195542][  T117] IPVS: starting estimator thread 0...
[  384.664812][ T8146] fuse: Bad value for 'fd'
[  384.894320][ T8148] IPVS: using max 21 ests per chain, 50400 per kthread
[  384.914274][ T5830] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.927427][ T8115] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  384.971814][ T8115] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.153667][ T8118] vlan0: entered promiscuous mode
[  385.197426][ T8118] team0: Port device vlan0 added
[  385.511924][ T8163] fuse: Bad value for 'fd'
[  387.524794][ T8178] ubi0: attaching mtd0
[  387.552138][ T8178] ubi0: scanning is finished
[  387.575084][ T8178] ------------[ cut here ]------------
[  387.580838][ T8178] notifier callback ubi_wl_reboot_notifier already registered
[  387.581175][ T8178] WARNING: CPU: 0 PID: 8178 at kernel/notifier.c:23 notifier_chain_register+0x157/0x420
[  387.599995][ T8178] Modules linked in:
[  387.605643][ T8178] CPU: 0 UID: 0 PID: 8178 Comm: syz.1.569 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  387.616084][ T8178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  387.626266][ T8178] RIP: 0010:notifier_chain_register+0x157/0x420
[  387.633122][ T8178] Code: 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 c2 02 00 00 49 8b 75 00 48 c7 c7 a0 17 6c 8b e8 1a 5e f4 ff 90 <0f> 0b 90 90 bb ef ff ff ff e8 2b 35 34 00 89 d8 48 83 c4 18 5b 5d
[  387.653062][ T8178] RSP: 0018:ffffc90004287a60 EFLAGS: 00010286
[  387.659261][ T8178] RAX: 0000000000000000 RBX: ffff8880786658c8 RCX: ffffc9000f70c000
[  387.667400][ T8178] RDX: 0000000000080000 RSI: ffffffff815a60a6 RDI: 0000000000000001
[  387.675602][ T8178] RBP: 000000007fffffff R08: 0000000000000001 R09: 0000000000000000
[  387.684489][ T8178] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000001
[  387.692822][ T8178] R13: ffff8880786658c8 R14: ffffffff8fa43a28 R15: dffffc0000000000
[  387.700916][ T8178] FS:  00007ff0aa5396c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  387.712831][ T8178] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  387.719477][ T8178] CR2: 000000110c2fe6a0 CR3: 000000004cd5a000 CR4: 0000000000350ef0
[  387.727684][ T8178] Call Trace:
[  387.731092][ T8178]  <TASK>
[  387.734293][ T8178]  ? __warn+0xea/0x3c0
[  387.738448][ T8178]  ? notifier_chain_register+0x157/0x420
[  387.744335][ T8178]  ? report_bug+0x3c0/0x580
[  387.749001][ T8178]  ? handle_bug+0x54/0xa0
[  387.753579][ T8178]  ? exc_invalid_op+0x17/0x50
[  387.758344][ T8178]  ? asm_exc_invalid_op+0x1a/0x20
[  387.763665][ T8178]  ? __warn_printk+0x1a6/0x350
[  387.768531][ T8178]  ? notifier_chain_register+0x157/0x420
[  387.774528][ T8178]  blocking_notifier_chain_register+0x76/0xd0
[  387.780724][ T8178]  ubi_wl_init+0x1018/0x17b0
[  387.788604][ T8178]  ubi_attach+0x1b92/0x4c00
[  387.793445][ T8178]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  387.799885][ T8178]  ? __pfx_ubi_attach+0x10/0x10
[  387.808381][ T8178]  ? srso_alias_return_thunk+0x5/0xfbef5
[  387.814306][ T8178]  ? ubi_attach_mtd_dev+0x1543/0x3590
[  387.819827][ T8178]  ubi_attach_mtd_dev+0x158f/0x3590
[  387.825277][ T8178]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  387.830915][ T8178]  ? __pfx_get_mtd_device+0x10/0x10
[  387.836389][ T8178]  ? srso_alias_return_thunk+0x5/0xfbef5
[  387.842231][ T8178]  ctrl_cdev_ioctl+0x339/0x3d0
[  387.847089][ T8178]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  387.852638][ T8178]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  387.858059][ T8178]  __x64_sys_ioctl+0x193/0x200
[  387.863096][ T8178]  do_syscall_64+0xcd/0x250
[  387.867711][ T8178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  387.873877][ T8178] RIP: 0033:0x7ff0a9785d29
[  387.878389][ T8178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  387.899716][ T8178] RSP: 002b:00007ff0aa539038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.911686][ T8178] RAX: ffffffffffffffda RBX: 00007ff0a9976080 RCX: 00007ff0a9785d29
[  387.919744][ T8178] RDX: 0000000020000502 RSI: 0000000040186f40 RDI: 0000000000000006
[  387.927917][ T8178] RBP: 00007ff0a9801b08 R08: 0000000000000000 R09: 0000000000000000
[  387.936135][ T8178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  387.944370][ T8178] R13: 0000000000000000 R14: 00007ff0a9976080 R15: 00007fffd67327b8
[  387.952708][ T8178]  </TASK>
[  387.955806][ T8178] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  387.963095][ T8178] CPU: 0 UID: 0 PID: 8178 Comm: syz.1.569 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0
[  387.973342][ T8178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  387.983400][ T8178] Call Trace:
[  387.986678][ T8178]  <TASK>
[  387.989611][ T8178]  dump_stack_lvl+0x3d/0x1f0
[  387.994236][ T8178]  panic+0x71d/0x800
[  387.998136][ T8178]  ? __pfx_panic+0x10/0x10
[  388.002557][ T8178]  ? show_trace_log_lvl+0x29d/0x3d0
[  388.007780][ T8178]  ? notifier_chain_register+0x157/0x420
[  388.013443][ T8178]  check_panic_on_warn+0xab/0xb0
[  388.018410][ T8178]  __warn+0xf6/0x3c0
[  388.022323][ T8178]  ? notifier_chain_register+0x157/0x420
[  388.027998][ T8178]  report_bug+0x3c0/0x580
[  388.032375][ T8178]  handle_bug+0x54/0xa0
[  388.036554][ T8178]  exc_invalid_op+0x17/0x50
[  388.041078][ T8178]  asm_exc_invalid_op+0x1a/0x20
[  388.045952][ T8178] RIP: 0010:notifier_chain_register+0x157/0x420
[  388.052239][ T8178] Code: 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 c2 02 00 00 49 8b 75 00 48 c7 c7 a0 17 6c 8b e8 1a 5e f4 ff 90 <0f> 0b 90 90 bb ef ff ff ff e8 2b 35 34 00 89 d8 48 83 c4 18 5b 5d
[  388.071867][ T8178] RSP: 0018:ffffc90004287a60 EFLAGS: 00010286
[  388.077955][ T8178] RAX: 0000000000000000 RBX: ffff8880786658c8 RCX: ffffc9000f70c000
[  388.085940][ T8178] RDX: 0000000000080000 RSI: ffffffff815a60a6 RDI: 0000000000000001
[  388.093922][ T8178] RBP: 000000007fffffff R08: 0000000000000001 R09: 0000000000000000
[  388.101904][ T8178] R10: 0000000000000001 R11: 0000000000000002 R12: 0000000000000001
[  388.109891][ T8178] R13: ffff8880786658c8 R14: ffffffff8fa43a28 R15: dffffc0000000000
[  388.117892][ T8178]  ? __warn_printk+0x1a6/0x350
[  388.122714][ T8178]  blocking_notifier_chain_register+0x76/0xd0
[  388.128825][ T8178]  ubi_wl_init+0x1018/0x17b0
[  388.133462][ T8178]  ubi_attach+0x1b92/0x4c00
[  388.138014][ T8178]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  388.144369][ T8178]  ? __pfx_ubi_attach+0x10/0x10
[  388.149248][ T8178]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.154915][ T8178]  ? ubi_attach_mtd_dev+0x1543/0x3590
[  388.160329][ T8178]  ubi_attach_mtd_dev+0x158f/0x3590
[  388.165580][ T8178]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  388.171160][ T8178]  ? __pfx_get_mtd_device+0x10/0x10
[  388.176383][ T8178]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.182054][ T8178]  ctrl_cdev_ioctl+0x339/0x3d0
[  388.186851][ T8178]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  388.192181][ T8178]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  388.197506][ T8178]  __x64_sys_ioctl+0x193/0x200
[  388.202309][ T8178]  do_syscall_64+0xcd/0x250
[  388.206835][ T8178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.212750][ T8178] RIP: 0033:0x7ff0a9785d29
[  388.217181][ T8178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.236816][ T8178] RSP: 002b:00007ff0aa539038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  388.245257][ T8178] RAX: ffffffffffffffda RBX: 00007ff0a9976080 RCX: 00007ff0a9785d29
[  388.253241][ T8178] RDX: 0000000020000502 RSI: 0000000040186f40 RDI: 0000000000000006
[  388.261228][ T8178] RBP: 00007ff0a9801b08 R08: 0000000000000000 R09: 0000000000000000
[  388.269331][ T8178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  388.277330][ T8178] R13: 0000000000000000 R14: 00007ff0a9976080 R15: 00007fffd67327b8
[  388.285348][ T8178]  </TASK>
[  388.288989][ T8178] Kernel Offset: disabled
[  388.293382][ T8178] Rebooting in 86400 seconds..