last executing test programs:

1m45.766933379s ago: executing program 4 (id=346):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000007c0)='inet_sk_error_report\x00', r2}, 0x18)
connect$inet6(r1, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000480)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "7e25837b", "15d0db2c77179e1a"}, 0x38)
write$binfmt_script(r1, &(0x7f0000000700)={'#! ', './file0'}, 0xb)
close_range(r0, r1, 0x0)

1m45.197428115s ago: executing program 4 (id=349):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfb3, @loopback, 0x2000003}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed', 0x9)
shutdown(r0, 0x1)

1m44.561965782s ago: executing program 4 (id=352):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x24000040)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x18, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m43.517873401s ago: executing program 4 (id=354):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000240)="7e7adfde4dedf1850cc25a7560d7ff2758acf9ecdc9cc06e279356e5996dbbb95409be9a6f90738065939cb6f1c9e6b5955fea", 0x33, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendfile(r2, r1, 0x0, 0x7ffff088)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x40, 0x10, 0x76, 0x4, {{0x9, 0x4, 0x2, 0x1a, 0x24, 0x64, 0x0, 0x4, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x38}, @local, {[@noop, @generic={0x86, 0x5, "8fe3fb"}, @noop, @lsrr={0x83, 0x7, 0x6f, [@remote]}, @noop]}}}}})
r3 = epoll_create1(0x80000)
r4 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4]}, 0x8, 0x800)
ppoll(&(0x7f0000000180)=[{r3, 0x1003}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setgid(0xee01)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5", 0x0, 0x0, 0x0, 0x3}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a", 0x4}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r7, 0x0, 0xd3, &(0x7f0000000100)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x9, 0x201, 0x489c, 0x6}, 0x3c)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xc000000b})

1m40.885628535s ago: executing program 4 (id=358):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x3c, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1m40.157559868s ago: executing program 4 (id=360):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}, {{0x0, 0x0, &(0x7f0000007040)=[{&(0x7f0000006040)=""/4086, 0x1000}], 0x1}, 0x8000}], 0x3fffffffffffdfc, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000180)=0x2, 0x4)

1m38.743014947s ago: executing program 0 (id=364):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000700)=@newchain={0x24, 0x64, 0x200, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x8, 0x9}, {0x8, 0x7}, {0xe, 0xfff1}}}, 0x24}}, 0x24000040)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtaction={0x18, 0x30, 0x9e54f29ff072a93b, 0x0, 0x25dfdbfc, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1m38.312616331s ago: executing program 0 (id=366):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
write$tun(r0, &(0x7f00000006c0)={@val={0x0, 0x8100}, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}, @void, {@ipv4={0x800, @udp={{0x1a, 0x4, 0x0, 0x0, 0x70, 0x4000, 0xe000, 0x6, 0x2f, 0x0, @private=0xa010101, @empty, {[@cipso={0x86, 0x24, 0x0, [{0x0, 0xd, "2bf6bb31be15b2e99602c5"}, {0x5, 0x2}, {0x5, 0x3, 'W'}, {0x7, 0x8, "8973ceab4069"}, {0x5, 0x4, "96fb"}]}, @end, @noop, @cipso={0x86, 0xf, 0xffffffffffffffff, [{0x5, 0x9, "5da58cd8fdb3e6"}]}, @timestamp={0x44, 0x18, 0xae, 0x0, 0x7, [0x7, 0x8, 0x80, 0x8, 0x7]}, @ra={0x94, 0x4, 0x1}]}}, {0xa001, 0x880b, 0x8}}}}}}, 0x82)

1m37.621914071s ago: executing program 0 (id=368):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bbr', 0x3)
sendto$inet(r0, &(0x7f0000000240)="7e7adfde4dedf1850cc25a7560d7ff2758acf9ecdc9cc06e279356e5996dbbb95409be9a6f90738065939cb6f1c9e6b5955fea", 0x33, 0x0, 0x0, 0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000040)='/sys/kernel/notes', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendfile(r2, r1, 0x0, 0x7ffff088)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x40, 0x10, 0x76, 0x4, {{0x9, 0x4, 0x2, 0x1a, 0x24, 0x64, 0x0, 0x4, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x38}, @local, {[@noop, @generic={0x86, 0x5, "8fe3fb"}, @noop, @lsrr={0x83, 0x7, 0x6f, [@remote]}, @noop]}}}}})
r3 = epoll_create1(0x80000)
r4 = signalfd4(0xffffffffffffffff, &(0x7f00000000c0)={[0x4]}, 0x8, 0x800)
ppoll(&(0x7f0000000180)=[{r3, 0x1003}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
setgid(0xee01)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r8, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5", 0x0, 0x0, 0x0, 0x3}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r8, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a", 0x4}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r8, 0x0, 0xd3, &(0x7f0000000100)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x9, 0x201, 0x489c, 0x6}, 0x3c)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000100)={0xc000000b})

1m34.118667354s ago: executing program 0 (id=374):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000002c0)='./file0\x00', 0x10, &(0x7f0000000600), 0x1, 0x59d, &(0x7f0000001100)="$eJzs3c9vFGUfAPDvs7stlAItb97kfZGDTUiERG1pwWiMiRDx5sEfJJ5IrG0hhAUaWhNBjJDgf6B/gIk3E2M8EmOIevHqzcSriSESA714WzO7s2WB3f7cMsh8PsnQ55mnk+8zu3z7zDw7MxtAaY1l/1Qi9kbEfIoY6WirRd441vq9u3euzCzduTKTotF4568UKV/X/v2U/xzON94eEb/8kOI/1YfjLly6fHa6Xp+7mNcnFs/NTyxcuvz8mXPTp+dOz52fmnxx8oUjh6eOHOrLfu6KiJ/Gj9eun3pt3zczX+755LuvbqQ4Gjvz9s796JexGFt+TTplr+tL/Q5WkGq+P51vcaoV2CHWpf3+DUTE/2IkqnHvzRuJT98qtHPAlmqkiAZQUkn+Q0m1jwOy89/2UuwRCfCo3D7WmgC4m1pze0vL+V9rzQ3G9ubcwI6lFJ3TOiki+jEzl8WYfyaNZEts0Twc0N3VaxHx/27jf2rm5mhzFj/L/8p9+V+JiDfzn9n6tzcYf+yBuvyHR2cz+f9eR/6/v8H48h8AAAAAAAD65+axiHiu2+d/leXrf6LL9T/DEXG0D/FX//yvcqsPYYAubh+LeCUi2tf+LXXkf260mtd2Na8HGEinztTnDkXE7og4GAPbsvrkCjHG9v080LOt4/q/bMnit68FzPtxq7bt/m1mpxenN7PPQMvtaxFP1brlf1oe/1OX8T8b++fXGKNx/NUfe7Wtnv/AVml8EXGg6/h/78kVaeXnc0w0jwcm2kcFD/vo5I1ve8WX/1CcbPzfsXL+j6bO5/UsrD/Gx3/+ton87378P5hONB85M5iv+3B6cfHiZMRgeuPh9VPr7zM8idr50M6XLP8P7u9+/r/S8f9QRFxdY8wT379+vVeb8R+KM3QtYnZd4//6C/vf/fzvXvHXNv4faY7pB/M15v9gZWtN0KL7CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/RpWI2BmpMr5crlTGxyOGI+K/saNSv7Cw+OypCx+cn83amt//X2l/0+9Iq57a3/8/2lGfeqB+OCL2RMRn1aFmfXzmQn226J0HAAAAAAAAAAAAAAAAAACAx8Rwj/v/M39Ui+4dsOVqRXcAKIz8h/KS/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+UV7Xx9cmi+wAAAAAAAPTNnqdv/poi4urLQ80lM5i3DRTaM2CrHS26A0BhPOIHysulf1Beq53jmwOAJ19apX37hrcEAAAAAAAAAAAAAPrlwF73/0NZVYruAFCY3vf/ezIAPOnc/w/l5RwfcP8/AAAAAAAAAAAAADz+Fi5dPjtdr89d3Ghh2+Y2V1BYa+H33a3/s49Lf9ZfiNSHjHtEhaL/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3/BAAA//9r5fVk")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000300), 0x1, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x2007, 0x3a, '\r', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000000)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

1m32.729836158s ago: executing program 0 (id=379):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e40), 0x0, 0x40004)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

1m28.573758039s ago: executing program 0 (id=389):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000300)=""/104, 0x68)

1m25.549646856s ago: executing program 32 (id=389):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, &(0x7f0000000300)=""/104, 0x68)

1m24.583698941s ago: executing program 33 (id=360):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}, {{0x0, 0x0, &(0x7f0000007040)=[{&(0x7f0000006040)=""/4086, 0x1000}], 0x1}, 0x8000}], 0x3fffffffffffdfc, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000180)=0x2, 0x4)

15.045903099s ago: executing program 1 (id=490):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000500)={"34b30f02c5ccf6e3b71cda04b68b6891370cd0a442844b737a7254514f9ff20d0954650127067cd50d8f25db5fc9ccd4dbb2ecc29dc8dc51bcd2291a6a12912a3ce524ba851af6d1366d2b46f9f063dde6bea45fb0f4ab6a35088ea81c8a5ea6d0c3fbc6a89ae582119699a04f2be00b3aa3766c9f658af98e3122b00522a2ee14e3746ec2266e538c13710185ec5a7e4936e212c07483e1798957ffbb6311f2a13a7109d4293b216f78d59d41eb3af775e48d7a82a6c8f6476e2456a1a4288c672fbf1072ae9c51060f80707d1bc48eb1802a805df2ee990bcece5fe8b0ebba31c4d5efa47b3353aa02663aca26e817c88dc094d75330fbe2fea0037d4f92435d2eed5585bfaeddfdb50bb10bed6860313613f4a96d7d0b263cb0930f155ed09f2ff433f90d5065a376d43502ac8f17257c0fe5f448d9805a835286f2ff887e02e8a243902c124d3d52a1057f20a29ca1c012869a6d606e3440cc51cca66021bae0cf8c0a5af7a21c79481b1a31b98fe0c29fb5dfc5737442cdfad6421ec95345bd0165c6f6123e616873d97282e5098add56b95e805782aa67f237269b5b2b3e24edd1dc78f25130926496f5623ae306bc3d72d2b80f8939e60526330f873d00360441d906627f0183607151b1f03602050670984a3640871c2690496bbc8949fb63abd5033e508055dc0dd759913beba87e39e7af72170d622e2ecf9aeb4e479bbff8ad292a3a5bd70f8f433bc4b89be144ace57501f8f016868ed7dd8bab97f4f3feb242f4f620913c478058c036df363abbf7c239d340017c2de6b688e322c9b51c269aa110def3ad16337d197f3c452ac661bac7c0531c4d98618f99d750b0c3d8539051188a0f4583dd3538982e8a84121055cd721571ca98bb0c3ec3e446c4c7bc5c9b800367a859a00ef3a505327f9f2da247ce118a82deeb04ad22eeaf97dbd454518defd5adeb288a7842e9e2839ec587e3275abf3a812154080aa60182e60cb73b2020d2865551141ac1e077a3a3a764fff1b024346594f3a004197673c896069dc253f81dac7ca4e906bf2c0d241f59e4b8dad8549871e94b33755db2526223d1e290e300701a0a926033d515429f751f72a87f2eb0336cc72be75af2b75b82c70807718604aa9c6b3c2bc27551f1a0dcffc5eef025f86c13f1fbb426de372b15e4d6a63c4754cecd5071e25e8d6f5796830e7ef62b65c5c076ad2a9ab0850f97c5765ece5885caf0ca0d63a56c45d09c77553ba254983c05d7c722bd7e2061bb71e8e9a7cc444a24643ff32bb80f95ddf50455ed9b59288df68da87510cc3ff08521b39002fe8ea04ee30135324934c286cebc277a9189ac3322b96e8df8bd2a00a0a3da54b3dbe4e9cd46b762ac7f2c7ded1aa8c9741b675f7fe2dc699ab9a2615924fda6e879fc2ae27030d149ed88482945304447d8d027"})

14.210494678s ago: executing program 1 (id=494):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000002c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x1100)

11.956079544s ago: executing program 1 (id=497):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd09, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x3ff, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @multicast}, 0x14)

8.853439397s ago: executing program 5 (id=498):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.784968305s ago: executing program 1 (id=502):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c0000000306010200000000000000000a0000010500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

6.721961992s ago: executing program 2 (id=503):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r2, {0xffff, 0xc}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004004)

6.592143195s ago: executing program 5 (id=504):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000500)={"34b30f02c5ccf6e3b71cda04b68b6891370cd0a442844b737a7254514f9ff20d0954650127067cd50d8f25db5fc9ccd4dbb2ecc29dc8dc51bcd2291a6a12912a3ce524ba851af6d1366d2b46f9f063dde6bea45fb0f4ab6a35088ea81c8a5ea6d0c3fbc6a89ae582119699a04f2be00b3aa3766c9f658af98e3122b00522a2ee14e3746ec2266e538c13710185ec5a7e4936e212c07483e1798957ffbb6311f2a13a7109d4293b216f78d59d41eb3af775e48d7a82a6c8f6476e2456a1a4288c672fbf1072ae9c51060f80707d1bc48eb1802a805df2ee990bcece5fe8b0ebba31c4d5efa47b3353aa02663aca26e817c88dc094d75330fbe2fea0037d4f92435d2eed5585bfaeddfdb50bb10bed6860313613f4a96d7d0b263cb0930f155ed09f2ff433f90d5065a376d43502ac8f17257c0fe5f448d9805a835286f2ff887e02e8a243902c124d3d52a1057f20a29ca1c012869a6d606e3440cc51cca66021bae0cf8c0a5af7a21c79481b1a31b98fe0c29fb5dfc5737442cdfad6421ec95345bd0165c6f6123e616873d97282e5098add56b95e805782aa67f237269b5b2b3e24edd1dc78f25130926496f5623ae306bc3d72d2b80f8939e60526330f873d00360441d906627f0183607151b1f03602050670984a3640871c2690496bbc8949fb63abd5033e508055dc0dd759913beba87e39e7af72170d622e2ecf9aeb4e479bbff8ad292a3a5bd70f8f433bc4b89be144ace57501f8f016868ed7dd8bab97f4f3feb242f4f620913c478058c036df363abbf7c239d340017c2de6b688e322c9b51c269aa110def3ad16337d197f3c452ac661bac7c0531c4d98618f99d750b0c3d8539051188a0f4583dd3538982e8a84121055cd721571ca98bb0c3ec3e446c4c7bc5c9b800367a859a00ef3a505327f9f2da247ce118a82deeb04ad22eeaf97dbd454518defd5adeb288a7842e9e2839ec587e3275abf3a812154080aa60182e60cb73b2020d2865551141ac1e077a3a3a764fff1b024346594f3a004197673c896069dc253f81dac7ca4e906bf2c0d241f59e4b8dad8549871e94b33755db2526223d1e290e300701a0a926033d515429f751f72a87f2eb0336cc72be75af2b75b82c70807718604aa9c6b3c2bc27551f1a0dcffc5eef025f86c13f1fbb426de372b15e4d6a63c4754cecd5071e25e8d6f5796830e7ef62b65c5c076ad2a9ab0850f97c5765ece5885caf0ca0d63a56c45d09c77553ba254983c05d7c722bd7e2061bb71e8e9a7cc444a24643ff32bb80f95ddf50455ed9b59288df68da87510cc3ff08521b39002fe8ea04ee30135324934c286cebc277a9189ac3322b96e8df8bd2a00a0a3da54b3dbe4e9cd46b762ac7f2c7ded1aa8c9741b675f7fe2dc699ab9a2615924fda6e879fc2ae27030d149ed88482945304447d8d027"})

6.490703065s ago: executing program 6 (id=505):
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = userfaultfd(0x801)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})

5.679940488s ago: executing program 5 (id=506):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x900, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0x1f00, 0x12)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = signalfd(0xffffffffffffffff, &(0x7f0000000140)={[0x157]}, 0x8)
r5 = syz_io_uring_setup(0x6934, &(0x7f0000000300)={0x0, 0xd615, 0x10100, 0xffffffff, 0x100000, 0x0, r4}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0xfffe}})
io_uring_enter(r5, 0x44fd, 0x3, 0x1, 0x0, 0x0)
exit(0x0)
r8 = epoll_create(0x20000000)
r9 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000180)={0x10000000})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffff7ffffffd]}, 0x0, 0x8)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x714000, 0x1000, 0x0, 0x3}, 0x20)

5.673841856s ago: executing program 1 (id=507):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000002c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x1100)

5.44740262s ago: executing program 3 (id=508):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0x7ff, 0x8, 0x8, 0x80, 0x8, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0xa, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0xff, 0x6, 0x5, 0x4, 0x0, 0x7, 0x3c57, 0x0, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x5, 0x7, 0x83, 0x9, 0x4c74, 0x0, 0x242, 0x2, 0xe, 0x0, 0x400, 0x7, 0x17, 0x21, 0x7, 0x5, 0x3e, 0x8f, 0x6, 0x6, 0x0, 0x85, 0x6, 0xffff8001, 0x2, 0x83, 0x0, 0x5, 0x6, 0x8, 0x4, 0xffffffff, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0x88, 0xf9, 0x388000, 0x2bb, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2b, 0xe, 0x312, 0x78, 0xea4, 0x0, 0xfff, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x4, 0x0, 0x1000ff, 0x5, 0x1000005, 0x5f31, 0xf, 0xd86, 0x2, 0x4, 0x8, 0x4, 0x9, 0x9, 0x9, 0x6, 0x47, 0xbc2, 0x1, 0xfe000000, 0x8, 0x2, 0x200004, 0x9, 0x3, 0x3, 0x9, 0x4, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x1, 0x4, 0x5, 0x71d, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x3, 0x5, 0x800000, 0x1ef, 0x8, 0x8, 0x86, 0x3, 0x3038, 0xff, 0xb, 0x2, 0x2, 0x2, 0x7, 0x20000008, 0x4, 0x16d01, 0x2, 0x8, 0x800003, 0x600, 0x80, 0xaf7, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0x4a9, 0x5, 0x6, 0xac8, 0x5, 0x7, 0x3, 0x7ff, 0x127, 0x4, 0x1, 0x542, 0x3, 0x5, 0x1b, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x80000000], [0x9, 0xbb33, 0xa, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x3, 0xfffd, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x7, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x10000016, 0xffffffff, 0x80000000, 0x5, 0xffffffff, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xae, 0x8, 0x6, 0x226, 0x3, 0x100, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x8, 0x4, 0x5, 0x40b1e, 0xd7, 0x200, 0xffff3441, 0x7ff]}, 0x45c)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000140), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x5, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f0000000280)=@mmap={0x0, 0x1, 0x4, 0x100004, 0x0, {0x77359400}, {0x7, 0xc, 0x0, 0x0, 0x0, 0x0, "37bb54f0"}})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

5.340760299s ago: executing program 2 (id=509):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0xfffffffffffffff3, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000800000000a5c000000060a0b040000000000000000"], 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a3200000000140000001100"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_MSG_GETRULE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="38000000070a010100000006000000000a0040010900010073797a3100000000090002"], 0x38}, 0x1, 0x0, 0x0, 0x200008d0}, 0x44054)

4.616482565s ago: executing program 6 (id=510):
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
openat$rdma_cm(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
pipe2$watch_queue(&(0x7f0000001100), 0x80)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

4.562277629s ago: executing program 1 (id=511):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='attr\x00')
getdents64(r3, &(0x7f0000002f40)=""/4097, 0x1001)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1000, &(0x7f0000002000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r3, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

4.159955558s ago: executing program 3 (id=512):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0x1, 0x2002, 0x1, 0x4, 0x2, 0xd09, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x2, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x3ff, 0x2, 0xc, 0x42, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f00000005c0)="ba", 0x1, 0x40, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @multicast}, 0x14)

3.679265516s ago: executing program 2 (id=513):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfb3, @loopback, 0x2000003}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed', 0x9)
shutdown(r0, 0x1)

3.426170038s ago: executing program 5 (id=514):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socket$packet(0x11, 0x2, 0x300)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @void}, 0x10)
creat(&(0x7f0000000080)='./bus\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')

2.657684632s ago: executing program 6 (id=515):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), r2)
getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a40)=@delchain={0x24, 0x2e, 0xf31, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0x1, 0x8}, {0xfff2, 0x1a}}}, 0x24}, 0x1, 0x0, 0x0, 0x20004001}, 0x0)

2.433791271s ago: executing program 2 (id=516):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000500)={"34b30f02c5ccf6e3b71cda04b68b6891370cd0a442844b737a7254514f9ff20d0954650127067cd50d8f25db5fc9ccd4dbb2ecc29dc8dc51bcd2291a6a12912a3ce524ba851af6d1366d2b46f9f063dde6bea45fb0f4ab6a35088ea81c8a5ea6d0c3fbc6a89ae582119699a04f2be00b3aa3766c9f658af98e3122b00522a2ee14e3746ec2266e538c13710185ec5a7e4936e212c07483e1798957ffbb6311f2a13a7109d4293b216f78d59d41eb3af775e48d7a82a6c8f6476e2456a1a4288c672fbf1072ae9c51060f80707d1bc48eb1802a805df2ee990bcece5fe8b0ebba31c4d5efa47b3353aa02663aca26e817c88dc094d75330fbe2fea0037d4f92435d2eed5585bfaeddfdb50bb10bed6860313613f4a96d7d0b263cb0930f155ed09f2ff433f90d5065a376d43502ac8f17257c0fe5f448d9805a835286f2ff887e02e8a243902c124d3d52a1057f20a29ca1c012869a6d606e3440cc51cca66021bae0cf8c0a5af7a21c79481b1a31b98fe0c29fb5dfc5737442cdfad6421ec95345bd0165c6f6123e616873d97282e5098add56b95e805782aa67f237269b5b2b3e24edd1dc78f25130926496f5623ae306bc3d72d2b80f8939e60526330f873d00360441d906627f0183607151b1f03602050670984a3640871c2690496bbc8949fb63abd5033e508055dc0dd759913beba87e39e7af72170d622e2ecf9aeb4e479bbff8ad292a3a5bd70f8f433bc4b89be144ace57501f8f016868ed7dd8bab97f4f3feb242f4f620913c478058c036df363abbf7c239d340017c2de6b688e322c9b51c269aa110def3ad16337d197f3c452ac661bac7c0531c4d98618f99d750b0c3d8539051188a0f4583dd3538982e8a84121055cd721571ca98bb0c3ec3e446c4c7bc5c9b800367a859a00ef3a505327f9f2da247ce118a82deeb04ad22eeaf97dbd454518defd5adeb288a7842e9e2839ec587e3275abf3a812154080aa60182e60cb73b2020d2865551141ac1e077a3a3a764fff1b024346594f3a004197673c896069dc253f81dac7ca4e906bf2c0d241f59e4b8dad8549871e94b33755db2526223d1e290e300701a0a926033d515429f751f72a87f2eb0336cc72be75af2b75b82c70807718604aa9c6b3c2bc27551f1a0dcffc5eef025f86c13f1fbb426de372b15e4d6a63c4754cecd5071e25e8d6f5796830e7ef62b65c5c076ad2a9ab0850f97c5765ece5885caf0ca0d63a56c45d09c77553ba254983c05d7c722bd7e2061bb71e8e9a7cc444a24643ff32bb80f95ddf50455ed9b59288df68da87510cc3ff08521b39002fe8ea04ee30135324934c286cebc277a9189ac3322b96e8df8bd2a00a0a3da54b3dbe4e9cd46b762ac7f2c7ded1aa8c9741b675f7fe2dc699ab9a2615924fda6e879fc2ae27030d149ed88482945304447d8d027"})

2.206023613s ago: executing program 3 (id=517):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r2, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r3, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[], 0xe4}}, 0x0)

1.872321832s ago: executing program 6 (id=518):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a310000000014000780050015000c00000008001240000000000500050002000000050004000000000010000300686173683a69702c6d61"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c0000000306010200000000000000000a0000010500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4004810}, 0x840)

1.398518678s ago: executing program 2 (id=519):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000002900)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000500)=""/251, 0xfb}], 0x1}, 0x7}], 0x1, 0xdb6b65853845894a, 0x0)

1.330343476s ago: executing program 3 (id=520):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x94, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x64, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x8, 0x2, 0x0, 0x1, [{0x4}]}]}}]}, 0x94}}, 0x0)

1.288467019s ago: executing program 5 (id=521):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})

758.548499ms ago: executing program 6 (id=522):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000002c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x1100)

680.848701ms ago: executing program 3 (id=523):
io_uring_setup(0x6668, &(0x7f0000000440)={0x0, 0x9759, 0x20000, 0x3, 0x115})

555.742418ms ago: executing program 5 (id=524):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="6103020201603752ac9d03851923f701f3133308e71a8bc224292f88"], 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{}, 0x0, 0x0}, 0x20)

552.916631ms ago: executing program 2 (id=525):
syz_emit_ethernet(0xb4, &(0x7f0000000080)=ANY=[@ANYBLOB="5bb86bfbe4bbaaaaaaaaaa29080503032732697453e698e62a34bc00f12c556e67fb1cdeaa94391e0d372fc9c280cf3651ef8275c7aefd07da30ae420d371c6741fa2e6eb4097604ef4dcc4e9aa573b4e503e0cf7f5543361689ff2c3f46bf7496608057a5374711a50ad37aa3df04af508b5fe83a0938a75bdc922863a02a4b7b323ea2e38584e871830aeeb992e67165f06413d43ed391bdab8aef4011ddefaa488aa5aabe190de45eabffb8"], 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e24, @multicast1}, 0x2, 0x0, 0x4}}, 0x2e)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000500)="8564307533f69a6eadfedaf4cf4e654b664ff282dbe20223e8dcb4e3c9776796bcd986f31c6a34739ad35acbda3404c8c02161171181e3e78b8769bc50e94286eaddece71bee8e3e7bbc19c9c886ccd8f7608626985c4645249da799aadc91103720f8bb9d8d0a58995f7067e5485a9aba", 0x71}], 0x1, &(0x7f0000000e80)=ANY=[@ANYRESOCT=r0], 0x330}}], 0x1, 0x810)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000780)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000880)=""/117, 0x75}], 0x1, &(0x7f0000000800)=""/52, 0x34}, 0x10062)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000680)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="38000000101412012dbd7000ffdbdf2508004b0013000000080015000100000008004c000000000008004b001300000008001500040000001a8b41a57b2fb9c038b04510676dac076e9b66bd0d5676119d8c9bfa97cd52812e227d6c667da33983d01b031735f05c83dc1589ba88aa251b8483f138ef678b50a2d4e0c71d9ed240ae94110ba4fd14961769db905f30c594024ca74403f3234d160700000000000000633f8b368f3f0191344c12948ecbea97600657dcb1b2e0b681a0eac85bb606214828a5f09d98e314cfbe15dc49a35bd04891267fd84544262143098ee8c92187eadb33e76a02c8fbb8c83a9c618ffeb0d33bc1e88ba0cc3beaf5cf81fcfe30157a9e45a3abd6abe48f43ac830bb2be9c66"], 0x38}, 0x1, 0x0, 0x0, 0x20000014}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000580), 0x72d880, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000010000100000000000000001e9c02d4d3326a3f00000a05000000000000000000050000000900010073797a30000000000000000000000000050000000900010073797a30000000000900030073797a300000000078000000060a010400000000000000000500000008000b40000021db3a000050000480020000000b00010074756e2e656c0000140002800800014000000001080002dcd6fd03725f40000000092800018008000100667764001c0002800800024000000017080003400000000a170e4022f38ad7c2f708000140000000090900010073797a300000000014000000110001000000000000001711a42b2ec898426a031b1757adcc84cdb2f6e1b0"], 0xec}}, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

46.526099ms ago: executing program 3 (id=526):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfb3, @loopback, 0x2000003}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='highspeed', 0x9)
shutdown(r0, 0x1)

0s ago: executing program 6 (id=527):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/20, @ANYRES32, @ANYBLOB="57bbc35498d536f1db270f000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYRES16=r1], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0xd, &(0x7f0000000500)=ANY=[@ANYBLOB="2e8cb8d1f4a08b", @ANYRES32, @ANYBLOB="0000000000000000b70800c7ee9e74007b8af8ff00000000bfa200000000000007020000"], &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x52aa, 0x400, 0x1, 0x8000096}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000040)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r1, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r4, 0x3516, 0x3e44, 0x8, 0x0, 0x0)
dup(r0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xf)
semget(0x0, 0x1, 0x281)
setuid(0xee01)
getuid()

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.209' (ED25519) to the list of known hosts.
[  172.920233][ T5787] cgroup: Unknown subsys name 'net'
[  173.062197][ T5787] cgroup: Unknown subsys name 'cpuset'
[  173.076119][ T5787] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  178.676634][ T5787] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  183.125620][ T5099] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  183.144406][ T5099] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  183.154760][ T5099] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  183.167797][ T5099] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  183.179106][ T5099] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  183.187395][ T5099] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  183.198508][ T5099] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  183.209439][   T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  183.219664][ T5099] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  183.258032][ T5809] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  183.274009][ T5809] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  183.282853][ T5813] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  183.293195][ T5809] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  183.304851][ T5809] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  183.316489][ T5809] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  183.471987][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  183.476987][ T5806] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  183.481254][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  183.489789][ T5806] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  183.496682][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  183.503142][ T5806] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  183.522799][ T5806] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  183.523725][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  183.541058][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  183.544035][ T5806] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  184.990491][ T5811] chnl_net:caif_netlink_parms(): no params data found
[  185.276586][ T5809] Bluetooth: hci0: command tx timeout
[  185.283663][ T5804] chnl_net:caif_netlink_parms(): no params data found
[  185.308660][ T5816] chnl_net:caif_netlink_parms(): no params data found
[  185.353074][ T5809] Bluetooth: hci1: command tx timeout
[  185.436211][ T5808] chnl_net:caif_netlink_parms(): no params data found
[  185.438277][ T5809] Bluetooth: hci2: command tx timeout
[  185.607911][ T5809] Bluetooth: hci4: command tx timeout
[  185.613657][ T5806] Bluetooth: hci3: command tx timeout
[  185.786408][ T5811] bridge0: port 1(bridge_slave_0) entered blocking state
[  185.796498][ T5811] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.804301][ T5811] bridge_slave_0: entered allmulticast mode
[  185.814073][ T5811] bridge_slave_0: entered promiscuous mode
[  185.945387][ T5811] bridge0: port 2(bridge_slave_1) entered blocking state
[  185.953420][ T5811] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.960980][ T5811] bridge_slave_1: entered allmulticast mode
[  185.970486][ T5811] bridge_slave_1: entered promiscuous mode
[  185.982352][ T5817] chnl_net:caif_netlink_parms(): no params data found
[  186.220623][ T5811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.314026][ T5811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.546846][ T5811] team0: Port device team_slave_0 added
[  186.553147][ T5816] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.560513][ T5816] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.570973][ T5816] bridge_slave_0: entered allmulticast mode
[  186.580783][ T5816] bridge_slave_0: entered promiscuous mode
[  186.708917][ T5811] team0: Port device team_slave_1 added
[  186.715831][ T5816] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.723429][ T5816] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.730887][ T5816] bridge_slave_1: entered allmulticast mode
[  186.740043][ T5816] bridge_slave_1: entered promiscuous mode
[  186.784828][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.792321][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.800085][ T5804] bridge_slave_0: entered allmulticast mode
[  186.808394][ T5804] bridge_slave_0: entered promiscuous mode
[  186.824601][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.832088][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.840123][ T5804] bridge_slave_1: entered allmulticast mode
[  186.849664][ T5804] bridge_slave_1: entered promiscuous mode
[  186.948965][ T5808] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.959178][ T5808] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.966973][ T5808] bridge_slave_0: entered allmulticast mode
[  186.975172][ T5808] bridge_slave_0: entered promiscuous mode
[  187.085183][ T5808] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.094746][ T5808] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.102174][ T5808] bridge_slave_1: entered allmulticast mode
[  187.111608][ T5808] bridge_slave_1: entered promiscuous mode
[  187.156921][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.164273][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  187.190623][ T5811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.215114][ T5816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.232002][ T5811] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.239340][ T5811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  187.265878][ T5811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.353929][ T5806] Bluetooth: hci0: command tx timeout
[  187.377716][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.413583][ T5816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.433284][ T5806] Bluetooth: hci1: command tx timeout
[  187.493979][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.513635][ T5808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.523351][ T5806] Bluetooth: hci2: command tx timeout
[  187.566292][ T5817] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.574038][ T5817] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.581551][ T5817] bridge_slave_0: entered allmulticast mode
[  187.590473][ T5817] bridge_slave_0: entered promiscuous mode
[  187.636423][ T5808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.673265][ T5806] Bluetooth: hci3: command tx timeout
[  187.678902][ T5809] Bluetooth: hci4: command tx timeout
[  187.697965][ T5804] team0: Port device team_slave_0 added
[  187.732057][ T5817] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.741795][ T5817] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.749536][ T5817] bridge_slave_1: entered allmulticast mode
[  187.757794][ T5817] bridge_slave_1: entered promiscuous mode
[  187.829572][ T5804] team0: Port device team_slave_1 added
[  187.844916][ T5816] team0: Port device team_slave_0 added
[  187.979270][ T5816] team0: Port device team_slave_1 added
[  188.057530][ T5808] team0: Port device team_slave_0 added
[  188.073338][ T5817] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.094628][ T5811] hsr_slave_0: entered promiscuous mode
[  188.103606][ T5811] hsr_slave_1: entered promiscuous mode
[  188.156273][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.163644][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.190102][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.210020][ T5808] team0: Port device team_slave_1 added
[  188.224466][ T5817] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.268961][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.276167][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.302333][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.375315][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.382425][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.409007][ T5816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.528561][ T5816] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.536353][ T5816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.563766][ T5816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.580683][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.587907][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.614915][ T5808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.650370][ T5817] team0: Port device team_slave_0 added
[  188.668898][ T5817] team0: Port device team_slave_1 added
[  188.728672][ T5808] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.735905][ T5808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.762057][ T5808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.954123][ T5804] hsr_slave_0: entered promiscuous mode
[  188.964095][ T5804] hsr_slave_1: entered promiscuous mode
[  188.974288][ T5804] debugfs: 'hsr0' already exists in 'hsr'
[  188.980189][ T5804] Cannot create hsr debugfs directory
[  188.989939][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.997150][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  189.023399][ T5817] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.052766][ T5817] batman_adv: batadv0: Adding interface: batadv_slave_1
[  189.059873][ T5817] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  189.086219][ T5817] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  189.262231][ T5816] hsr_slave_0: entered promiscuous mode
[  189.272435][ T5816] hsr_slave_1: entered promiscuous mode
[  189.281226][ T5816] debugfs: 'hsr0' already exists in 'hsr'
[  189.287628][ T5816] Cannot create hsr debugfs directory
[  189.369466][ T5808] hsr_slave_0: entered promiscuous mode
[  189.379593][ T5808] hsr_slave_1: entered promiscuous mode
[  189.388424][ T5808] debugfs: 'hsr0' already exists in 'hsr'
[  189.394498][ T5808] Cannot create hsr debugfs directory
[  189.434359][ T5809] Bluetooth: hci0: command tx timeout
[  189.513131][ T5809] Bluetooth: hci1: command tx timeout
[  189.603325][ T5809] Bluetooth: hci2: command tx timeout
[  189.665250][ T5817] hsr_slave_0: entered promiscuous mode
[  189.675402][ T5817] hsr_slave_1: entered promiscuous mode
[  189.686605][ T5817] debugfs: 'hsr0' already exists in 'hsr'
[  189.692495][ T5817] Cannot create hsr debugfs directory
[  189.753131][ T5809] Bluetooth: hci3: command tx timeout
[  189.758724][ T5809] Bluetooth: hci4: command tx timeout
[  190.667384][ T5811] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  190.685690][ T5811] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  190.770042][ T5811] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  190.829322][ T5811] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  190.937676][ T5804] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  191.044296][ T5804] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  191.097784][ T5804] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  191.147576][ T5804] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  191.200333][ T5816] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  191.273877][ T5816] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  191.326041][ T5816] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  191.367164][ T5816] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  191.462173][ T5808] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  191.506111][ T5808] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  191.515630][ T5806] Bluetooth: hci0: command tx timeout
[  191.556415][ T5808] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  191.592874][ T5806] Bluetooth: hci1: command tx timeout
[  191.628205][ T5808] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  191.690145][ T5806] Bluetooth: hci2: command tx timeout
[  191.833690][ T5806] Bluetooth: hci4: command tx timeout
[  191.839357][ T5809] Bluetooth: hci3: command tx timeout
[  191.898502][ T5817] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  191.926963][ T5817] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  191.984417][ T5817] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  192.045662][ T5811] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.089995][ T5817] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  192.237319][ T5811] 8021q: adding VLAN 0 to HW filter on device team0
[  192.339347][ T3518] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.346962][ T3518] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.442075][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.474451][ T4530] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.481828][ T4530] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.710635][ T5804] 8021q: adding VLAN 0 to HW filter on device team0
[  192.730871][ T5816] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.802652][ T3948] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.810131][ T3948] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.854803][ T5808] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.961872][ T3948] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.969605][ T3948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.084021][ T5816] 8021q: adding VLAN 0 to HW filter on device team0
[  193.229605][ T5808] 8021q: adding VLAN 0 to HW filter on device team0
[  193.259592][ T3948] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.267189][ T3948] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.290781][ T3948] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.298605][ T3948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.461279][ T5817] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.524988][ T3948] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.532462][ T3948] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.552823][ T3948] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.560320][ T3948] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.849496][ T5817] 8021q: adding VLAN 0 to HW filter on device team0
[  193.971925][ T5089] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.979497][ T5089] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.112262][ T5089] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.119883][ T5089] bridge0: port 2(bridge_slave_1) entered forwarding state
[  194.327382][ T5817] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  194.468708][ T5811] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.023177][ T5811] veth0_vlan: entered promiscuous mode
[  195.140798][ T5811] veth1_vlan: entered promiscuous mode
[  195.457594][ T5811] veth0_macvtap: entered promiscuous mode
[  195.548170][ T5811] veth1_macvtap: entered promiscuous mode
[  195.667621][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.739106][ T5808] 8021q: adding VLAN 0 to HW filter on device batadv0
[  195.775040][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.895781][ T5811] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.933718][ T5816] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.030977][ T4304] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.071233][ T4304] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  196.115601][ T4304] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  196.191946][ T5817] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.204001][ T4304] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.429494][ T5804] veth0_vlan: entered promiscuous mode
[  196.541838][ T5804] veth1_vlan: entered promiscuous mode
[  196.639426][ T5816] veth0_vlan: entered promiscuous mode
[  196.780156][ T5816] veth1_vlan: entered promiscuous mode
[  196.797562][ T5817] veth0_vlan: entered promiscuous mode
[  196.911743][ T5817] veth1_vlan: entered promiscuous mode
[  196.960884][ T5804] veth0_macvtap: entered promiscuous mode
[  197.063651][ T5804] veth1_macvtap: entered promiscuous mode
[  197.211147][ T5817] veth0_macvtap: entered promiscuous mode
[  197.223174][ T5816] veth0_macvtap: entered promiscuous mode
[  197.300085][ T5817] veth1_macvtap: entered promiscuous mode
[  197.369248][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.412706][ T5816] veth1_macvtap: entered promiscuous mode
[  197.485175][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.534658][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.596608][ T4304] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.630713][ T3626] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.683247][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.690723][ T3626] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.715536][ T5817] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.769371][ T3626] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.826983][ T5816] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.843071][ T4304] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.852082][ T4304] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.903854][ T3792] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.961129][ T3792] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.030487][ T3792] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  198.077091][ T3835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  198.123871][ T3835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  198.163262][ T3835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  198.731759][ T5808] veth0_vlan: entered promiscuous mode
[  198.839554][ T5808] veth1_vlan: entered promiscuous mode
[  199.246385][ T5808] veth0_macvtap: entered promiscuous mode
[  199.314029][ T5808] veth1_macvtap: entered promiscuous mode
[  199.474247][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.545578][ T5808] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.637746][ T3518] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.694637][ T3518] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.759816][ T3518] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.814306][ T4304] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.653087][ T4329] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.661289][ T4329] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  202.908761][ T4530] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  202.919840][ T4530] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  203.336697][ T5811] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  203.732976][ T3518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  203.741011][ T3518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.119471][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.127593][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.283178][ T3835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.291287][ T3835] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.292720][ T3518] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.307135][ T3518] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.344581][ T3626] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.353412][ T3626] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.611700][ T3626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  204.620020][ T3626] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  204.956301][ T5992] loop0: detected capacity change from 0 to 1024
[  205.129476][ T5992] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.6: bad orphan inode 134217728
[  205.180165][ T5992] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.367075][   T30] audit: type=1800 audit(1767958650.947:2): pid=5992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.6" name="bus" dev="loop0" ino=18 res=0 errno=0
[  205.404820][ T6002] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3'.
[  205.432194][ T6002] vlan2: entered promiscuous mode
[  205.441321][ T6002] gretap0: entered promiscuous mode
[  205.519785][   T30] audit: type=1804 audit(1767958651.097:3): pid=5992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.6" name="/newroot/1/bus/bus" dev="loop0" ino=18 res=1 errno=0
[  205.626013][   T30] audit: type=1326 audit(1767958651.187:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.648523][   T30] audit: type=1326 audit(1767958651.187:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.671176][   T30] audit: type=1326 audit(1767958651.197:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.695580][   T30] audit: type=1326 audit(1767958651.197:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.726160][   T30] audit: type=1326 audit(1767958651.197:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.752781][   T30] audit: type=1326 audit(1767958651.197:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.775190][   T30] audit: type=1326 audit(1767958651.337:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  205.797758][   T30] audit: type=1326 audit(1767958651.337:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6001 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f168818f749 code=0x7ffc0000
[  206.000207][ T6003] Zero length message leads to an empty skb
[  206.025269][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.040739][ T4304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.048966][ T4304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.098762][ T6003] sg_write: data in/out 178/8 bytes for SCSI command 0xfe-- guessing data in;
[  206.098762][ T6003]    program syz.3.4 not setting count and/or reply_len properly
[  206.346648][ T3948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.355240][ T3948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.116074][ T6014] loop3: detected capacity change from 0 to 512
[  207.277837][ T6014] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.11: bg 0: block 393: padding at end of block bitmap is not set
[  207.335358][ T6014] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  207.379267][ T6014] EXT4-fs (loop3): 2 truncates cleaned up
[  207.387768][ T6014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.249382][ T6014] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.407870][ T6035] loop0: detected capacity change from 0 to 512
[  208.418301][ T6035] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  208.433754][ T6035] EXT4-fs: error: could not find journal device path
[  210.802900][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  210.802976][   T30] audit: type=1326 audit(1767958656.367:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  210.834493][   T30] audit: type=1326 audit(1767958656.377:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  210.968224][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  211.339402][   T30] audit: type=1326 audit(1767958656.447:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.363998][   T30] audit: type=1326 audit(1767958656.447:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.387011][   T30] audit: type=1326 audit(1767958656.447:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.409793][   T30] audit: type=1326 audit(1767958656.447:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.432357][   T30] audit: type=1326 audit(1767958656.447:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.457388][   T30] audit: type=1326 audit(1767958656.507:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.480799][   T30] audit: type=1326 audit(1767958656.507:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  211.503365][   T30] audit: type=1326 audit(1767958656.527:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz.1.20" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd12bb8f749 code=0x7ffc0000
[  212.111175][ T6052] netlink: 'syz.1.23': attribute type 30 has an invalid length.
[  212.183804][ T4190] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  212.231597][ T4190] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  212.282994][ T4190] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  212.297222][ T4190] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  212.413383][ T6052] loop1: detected capacity change from 0 to 256
[  212.445634][ T6052] vfat: Unknown parameter 'codepag��s���]�e'
[  212.574550][ T6060] capability: warning: `syz.4.25' uses deprecated v2 capabilities in a way that may be insecure
[  212.713513][ T6065] loop4: detected capacity change from 0 to 512
[  212.831877][ T6052] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  212.842771][ T6052] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.022027][ T6065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.036774][ T6065] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  213.121289][ T6052] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.121476][ T6052] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.413600][ T6052] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.413783][ T6052] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.578826][ T6075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.30'.
[  213.619491][ T6052] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  213.619680][ T6052] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.977830][ T3518] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  213.978003][ T3518] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.025186][ T3948] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  214.025363][ T3948] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.145525][ T1150] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  214.145702][ T1150] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.192198][ T3948] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  214.192376][ T3948] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.315732][    T9] hid-generic 0002:0004:1000000.0001: unknown main item tag 0x0
[  214.315919][    T9] hid-generic 0002:0004:1000000.0001: unknown main item tag 0x0
[  214.316095][    T9] hid-generic 0002:0004:1000000.0001: unknown main item tag 0x0
[  214.356099][ T6084] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  214.364794][    T9] hid-generic 0002:0004:1000000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  214.390235][ T6084] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  215.057215][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.149257][ T6086] fido_id[6086]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  215.671634][ T6099] loop1: detected capacity change from 0 to 1024
[  215.931396][ T6103] netlink: 2 bytes leftover after parsing attributes in process `syz.3.40'.
[  215.943912][ T6103] netlink: 2 bytes leftover after parsing attributes in process `syz.3.40'.
[  216.078087][ T6099] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  216.224300][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.2.41'.
[  217.172960][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  217.665971][ T6119] loop3: detected capacity change from 0 to 512
[  217.747319][ T6119] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  217.776506][ T6122] netlink: 'syz.2.48': attribute type 30 has an invalid length.
[  217.916211][ T3909] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  217.930322][ T6124] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.938189][ T6124] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.970432][ T6119] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.44: couldn't read orphan inode 26 (err -116)
[  218.005647][ T6127] loop2: detected capacity change from 0 to 256
[  218.037933][ T6124] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  218.039429][ T6119] EXT4-fs (loop3): Remounting filesystem read-only
[  218.045779][ T6124] batman_adv: batadv0: Removing interface: batadv_slave_1
[  218.063568][ T6119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.070063][ T6127] vfat: Unknown parameter 'codepag��s���]�e'
[  218.076707][ T6119] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.221141][ T6133] netlink: 'syz.0.50': attribute type 10 has an invalid length.
[  218.266043][ T3909] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  218.323433][ T6133] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.332377][ T6133] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.441584][ T6133] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.449282][ T6133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  218.458436][ T6133] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.466107][ T6133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  218.468092][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.486872][ T6133] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  218.511627][ T3909] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  218.526347][ T3909] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  218.712393][ T6122] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.726934][ T6122] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.044760][ T6122] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  219.055873][ T6122] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.401488][ T6122] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  219.412412][ T6122] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.729076][ T6122] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  219.744326][ T6122] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.971856][ T6145] netlink: 'syz.0.55': attribute type 1 has an invalid length.
[  220.063613][ T6150] rdma_op ffff8880516b5580 conn xmit_rdma 0000000000000000
[  220.094760][ T6151] loop4: detected capacity change from 0 to 1024
[  220.153849][ T3594] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  220.162717][ T3594] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.221827][ T6151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  220.281134][ T3689] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  220.290202][ T3689] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.385134][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  220.385206][   T30] audit: type=1800 audit(1767958665.967:108): pid=6147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.57" name="file2" dev="loop4" ino=16 res=0 errno=0
[  220.525426][ T3909] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  220.534128][ T3909] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.631618][ T3909] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  220.645800][ T3909] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  220.810490][ T6159] loop1: detected capacity change from 0 to 512
[  220.904668][ T6159] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.59: error while reading EA inode 32 err=-116
[  220.932979][ T6159] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  220.946820][ T6159] EXT4-fs error (device loop1): ext4_xattr_inode_iget:446: comm syz.1.59: error while reading EA inode 32 err=-116
[  220.997385][ T6159] EXT4-fs (loop1): 1 orphan inode deleted
[  221.005727][ T6159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.145937][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  221.789970][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.824066][ T6167] loop0: detected capacity change from 0 to 512
[  221.834885][ T6167] /dev/loop0: Can't open blockdev
[  222.813350][ T6172] loop3: detected capacity change from 0 to 512
[  222.833575][ T6172] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  222.862911][ T6172] EXT4-fs: error: could not find journal device path
[  224.006764][ T6176] loop2: detected capacity change from 0 to 512
[  224.060553][ T6176] EXT4-fs: Mount option(s) incompatible with ext3
[  224.500428][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  224.507324][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  225.202414][ T6184] loop4: detected capacity change from 0 to 128
[  225.294434][ T6186] syz.0.69 uses obsolete (PF_INET,SOCK_PACKET)
[  225.369457][ T6184] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  225.419978][ T6184] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  225.833989][ T6193] loop3: detected capacity change from 0 to 1024
[  225.891014][ T6193] =======================================================
[  225.891014][ T6193] WARNING: The mand mount option has been deprecated and
[  225.891014][ T6193]          and is ignored by this kernel. Remove the mand
[  225.891014][ T6193]          option from the mount to silence this warning.
[  225.891014][ T6193] =======================================================
[  225.929410][ T6193] EXT4-fs: Ignoring removed nobh option
[  225.972124][ T6195] netlink: 'syz.1.73': attribute type 30 has an invalid length.
[  226.034179][ T6193] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  226.076689][ T5808] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  226.183568][ T6195] loop1: detected capacity change from 0 to 256
[  226.191589][ T6193] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.72: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  226.290519][ T6195] vfat: Unknown parameter 'codepag��s���]�e'
[  226.323609][ T6193] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.72: couldn't read orphan inode 11 (err -117)
[  226.466594][ T6193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.756000][ T6193] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.72: Invalid block bitmap block 0 in block_group 0
[  226.940353][ T6193] Quota error (device loop3): write_blk: dquota write failed
[  226.948351][ T6193] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  226.958969][ T6193] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.72: Failed to acquire dquot type 0
[  227.019844][ T6202] loop0: detected capacity change from 0 to 1024
[  227.174410][ T6202] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  227.473208][   T30] audit: type=1800 audit(1767958673.037:109): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.74" name="file2" dev="loop0" ino=16 res=0 errno=0
[  227.586437][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.633861][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  230.007882][ T6218] loop4: detected capacity change from 0 to 512
[  230.243663][ T6218] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.79: couldn't read orphan inode 26 (err -116)
[  230.321502][ T6218] EXT4-fs (loop4): Remounting filesystem read-only
[  230.330551][ T6218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.343847][ T6218] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.927583][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.297108][ T6237] netlink: 2 bytes leftover after parsing attributes in process `syz.0.87'.
[  232.310231][ T6237] netlink: 2 bytes leftover after parsing attributes in process `syz.0.87'.
[  232.835506][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.847145][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.856492][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.864295][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.872005][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x2
[  232.879900][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.887831][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.895587][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.903352][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  232.911032][   T42] hid-generic 0003:0000:0000.0002: unknown main item tag 0x0
[  233.395570][ T6234] loop4: detected capacity change from 0 to 8192
[  233.541400][   T42] hid-generic 0003:0000:0000.0002: hidraw0: USB HID v0.00 Device [syz1] on syz1
[  233.790890][ T6244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.90'.
[  233.910213][ T6245] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  234.036565][   T30] audit: type=1804 audit(1767958679.527:110): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.85" name="/newroot/13/file1/bus" dev="loop4" ino=1048605 res=1 errno=0
[  234.902277][ T6247] fido_id[6247]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  235.448550][ T6244] syz.0.90 (6244) used greatest stack depth: 2344 bytes left
[  236.419067][ T6264] blktrace: Concurrent blktraces are not allowed on loop6
[  236.674553][ T6265] loop3: detected capacity change from 0 to 512
[  236.950599][ T6265] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.95: couldn't read orphan inode 26 (err -116)
[  237.071611][ T6265] EXT4-fs (loop3): Remounting filesystem read-only
[  237.081863][ T6265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.095165][ T6265] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.333664][ T6268] loop1: detected capacity change from 0 to 512
[  237.497505][ T6268] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  237.513541][ T6268] ext4 filesystem being mounted at /20/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.745063][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.799549][ T6283] netlink: 2 bytes leftover after parsing attributes in process `syz.0.100'.
[  237.809252][ T6283] netlink: 2 bytes leftover after parsing attributes in process `syz.0.100'.
[  238.186784][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.694896][ T6296] 9pnet_fd: Insufficient options for proto=fd
[  238.999815][ T6302] process 'syz.1.108' launched '/dev/fd/5' with NULL argv: empty string added
[  239.201952][ T6304] loop2: detected capacity change from 0 to 512
[  239.358784][ T6304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.373412][ T6304] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.453699][ T6304] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  239.469674][ T6304] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 16 with error 28
[  239.482374][ T6304] EXT4-fs (loop2): This should not happen!! Data will be lost
[  239.482374][ T6304] 
[  239.498814][ T6304] EXT4-fs (loop2): Total free blocks count 0
[  239.507887][ T6304] EXT4-fs (loop2): Free/Dirty block details
[  239.514088][ T6304] EXT4-fs (loop2): free_blocks=65280
[  239.519552][ T6304] EXT4-fs (loop2): dirty_blocks=16
[  239.525032][ T6304] EXT4-fs (loop2): Block reservation details
[  239.531173][ T6304] EXT4-fs (loop2): i_reserved_data_blocks=16
[  239.682257][ T6313] loop1: detected capacity change from 0 to 512
[  239.887693][ T6313] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.112: couldn't read orphan inode 26 (err -116)
[  239.959029][ T6313] EXT4-fs (loop1): Remounting filesystem read-only
[  239.971191][ T6313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.984792][ T6313] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.034770][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.194517][ T6319] loop3: detected capacity change from 0 to 512
[  240.341430][ T6319] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.358128][ T6319] ext4 filesystem being mounted at /25/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.400941][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.451520][ T6329] netlink: 2 bytes leftover after parsing attributes in process `syz.2.116'.
[  240.460870][ T6329] netlink: 2 bytes leftover after parsing attributes in process `syz.2.116'.
[  241.076627][ T5816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.137898][ T6336] netlink: 'syz.1.117': attribute type 30 has an invalid length.
[  241.297782][ T6336] loop1: detected capacity change from 0 to 256
[  241.442833][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  241.545189][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  241.648049][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  241.852943][ T6338] loop2: detected capacity change from 0 to 32768
[  241.854096][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  241.886396][ T6336] vfat: Unknown parameter 'codepag��s���]�e'
[  241.936061][ T6338] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.119 (6338)
[  241.963052][ T6338] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  241.973591][ T6338] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  242.046742][ T6342] 9pnet_fd: Insufficient options for proto=fd
[  242.129299][ T6338] BTRFS info (device loop2): enabling ssd optimizations
[  242.136684][ T6338] BTRFS info (device loop2): turning on async discard
[  242.144015][ T6338] BTRFS info (device loop2): enabling free space tree
[  242.659568][ T6339] loop0: detected capacity change from 0 to 256
[  242.671753][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  242.716963][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  242.874944][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  242.877602][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  243.383073][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  243.385085][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  243.396360][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  244.997855][ T6339] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  245.315871][ T5817] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  246.023608][ T6364] loop3: detected capacity change from 0 to 1024
[  246.090875][ T6364] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  246.108162][   T42] IPVS: starting estimator thread 0...
[  246.287221][ T6364] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  246.324292][ T6374] IPVS: using max 192 ests per chain, 9600 per kthread
[  246.399798][ T6364] EXT4-fs (loop3): orphan cleanup on readonly fs
[  246.431050][    T9] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  246.556092][ T6364] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  246.575176][ T6364] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  246.587787][ T6364] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.123: Failed to acquire dquot type 0
[  246.750667][    T9] usb 2-1: config 6 has too many interfaces: 65, using maximum allowed: 32
[  246.760074][    T9] usb 2-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  246.776222][    T9] usb 2-1: config 6 has 1 interface, different from the descriptor's value: 65
[  246.787403][    T9] usb 2-1: config 6 has no interface number 0
[  246.793998][    T9] usb 2-1: config 6 interface 15 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  246.844762][ T6364] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  246.855554][ T6364] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  246.870349][ T6364] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.123: Failed to acquire dquot type 0
[  247.227088][ T6364] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.123: Freeing blocks not in datazone - block = 0, count = 4096
[  247.369207][ T6364] Quota error (device loop3): do_check_range: Getting dqdh_entries 512 out of range 0-14
[  247.384801][ T6364] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  247.396203][ T6364] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.123: Failed to acquire dquot type 0
[  247.526696][ T6379] blktrace: Concurrent blktraces are not allowed on loop8
[  247.774681][ T6364] EXT4-fs (loop3): 1 orphan inode deleted
[  247.842238][ T6379] loop4: detected capacity change from 0 to 512
[  247.853185][ T6364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  248.149026][ T6364] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.204169][ T6379] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.127: couldn't read orphan inode 26 (err -116)
[  248.336842][ T6379] EXT4-fs (loop4): Remounting filesystem read-only
[  248.346012][ T6379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.359575][ T6379] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.828728][    T9] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  248.838499][    T9] usb 2-1: New USB device strings: Mfr=17, Product=10, SerialNumber=3
[  248.847072][    T9] usb 2-1: Product: syz
[  248.851424][    T9] usb 2-1: Manufacturer: syz
[  248.856673][    T9] usb 2-1: SerialNumber: syz
[  249.106744][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.515464][    T9] usb 2-1: can't set config #6, error -71
[  249.566945][    T9] usb 2-1: USB disconnect, device number 2
[  250.853645][ T6407] netlink: 'syz.1.136': attribute type 30 has an invalid length.
[  251.050765][ T6407] loop1: detected capacity change from 0 to 256
[  251.094049][ T6407] vfat: Unknown parameter 'codepag��s���]�e'
[  251.476441][ T6407] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  251.487588][ T6407] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.906066][ T6407] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  251.916962][ T6407] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.871942][ T6407] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  252.882254][ T6407] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.108554][ T6423] blktrace: Concurrent blktraces are not allowed on loop8
[  253.312076][ T6407] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  253.327459][ T6407] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.459848][ T6423] loop4: detected capacity change from 0 to 512
[  253.613835][ T6423] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.141: couldn't read orphan inode 26 (err -116)
[  253.811804][ T6423] EXT4-fs (loop4): Remounting filesystem read-only
[  253.820866][ T6423] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.837036][ T6423] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.008720][ T6428] loop0: detected capacity change from 0 to 2048
[  254.061093][ T6428] EXT4-fs: Ignoring removed mblk_io_submit option
[  254.181499][ T6428] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.237242][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.388536][ T6428] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.142: bg 0: block 234: padding at end of block bitmap is not set
[  254.478960][ T5089] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  254.487640][ T5089] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.505651][ T6428] EXT4-fs (loop0): Remounting filesystem read-only
[  254.679961][ T3571] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  254.689447][ T3571] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.832355][ T5089] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  254.842002][ T5089] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.913907][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.982012][ T5089] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  254.991141][ T5089] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.909011][ T6459] loop0: detected capacity change from 0 to 1024
[  256.160033][ T6463] blktrace: Concurrent blktraces are not allowed on loop6
[  258.635718][ T6469] netlink: 4 bytes leftover after parsing attributes in process `syz.4.157'.
[  260.604650][ T6480] netlink: 'syz.4.162': attribute type 30 has an invalid length.
[  260.646315][   T14] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  260.726896][ T1150] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  260.766412][ T1150] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  260.809232][ T6484] loop4: detected capacity change from 0 to 256
[  260.820716][ T1150] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  260.875446][ T6484] vfat: Unknown parameter 'codepag��s���]�e'
[  261.282410][ T6480] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  261.294771][ T6480] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.622291][ T6480] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  261.633282][ T6480] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.753170][ T6480] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  261.764069][ T6480] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.107788][ T6480] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  262.118605][ T6480] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.185827][   T14] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  263.194696][   T14] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.267650][ T4329] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  263.276880][ T4329] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.375396][ T4329] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  263.384319][ T4329] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.471962][ T4190] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  263.480892][ T4190] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.512260][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.172'.
[  263.934720][ T6520] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  266.564110][ T6569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.187'.
[  266.602045][ T6568] netlink: 'syz.4.188': attribute type 30 has an invalid length.
[  266.720257][ T6568] loop4: detected capacity change from 0 to 256
[  266.772235][ T6568] vfat: Unknown parameter 'codepag��s���]�e'
[  267.095627][ T6568] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.107806][ T6568] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.289676][ T6568] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.301037][ T6568] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.399646][ T6576] netlink: 'syz.2.191': attribute type 10 has an invalid length.
[  267.408530][ T6576] netlink: 40 bytes leftover after parsing attributes in process `syz.2.191'.
[  267.430745][ T6568] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.442298][ T6568] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.519155][ T6576] batadv0: entered promiscuous mode
[  267.524937][ T6576] batadv0: entered allmulticast mode
[  267.534432][ T6576] bridge0: port 3(batadv0) entered blocking state
[  267.541371][ T6576] bridge0: port 3(batadv0) entered disabled state
[  267.559192][ T6576] bridge0: port 3(batadv0) entered blocking state
[  267.566403][ T6576] bridge0: port 3(batadv0) entered forwarding state
[  267.631124][ T6568] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.642448][ T6568] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.683910][ T3571] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  267.693426][ T3571] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  267.907558][ T6582] fuse: Bad value for 'fd'
[  268.171705][ T6584] netlink: 'syz.0.194': attribute type 16 has an invalid length.
[  268.179918][ T6584] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.194'.
[  268.414411][ T4190] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  268.423330][ T4190] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  270.308690][ T4190] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  270.323049][ T4190] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  270.566316][ T4190] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  270.575591][ T4190] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  270.773667][ T4190] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  270.782229][ T4190] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.487355][ T6622] netlink: 4 bytes leftover after parsing attributes in process `syz.3.203'.
[  275.003249][ T6626] netlink: 'syz.4.208': attribute type 16 has an invalid length.
[  275.011351][ T6626] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.208'.
[  275.380436][ T6627] netlink: 'syz.2.209': attribute type 30 has an invalid length.
[  275.884466][ T6627] loop2: detected capacity change from 0 to 256
[  276.045176][ T6627] vfat: Unknown parameter 'codepag��s���]�e'
[  276.735981][   T30] audit: type=1326 audit(1767958722.317:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6629 comm="syz.1.210" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd12bb8f749 code=0x0
[  276.859360][ T6627] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  276.873009][ T6627] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  276.927021][ T6631] netlink: 3 bytes leftover after parsing attributes in process `syz.1.210'.
[  276.946260][ T6631] 0�X���: renamed from caif0
[  277.031549][ T6631] 0�X���: entered allmulticast mode
[  277.037462][ T6631] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  277.084102][ T6627] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  277.094315][ T6627] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.301727][ T6627] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  277.312433][ T6627] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.428976][ T6627] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  277.442018][ T6627] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.228467][ T3518] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  278.237359][ T3518] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.354659][ T1150] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  278.363887][ T1150] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.572769][ T1150] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  278.581321][ T1150] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.693329][ T5089] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  278.701945][ T5089] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  283.025291][ T6673] netlink: 'syz.0.221': attribute type 16 has an invalid length.
[  283.033632][ T6673] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.221'.
[  283.076891][ T6674] syz_tun: entered allmulticast mode
[  283.120759][ T6674] dvmrp6: entered allmulticast mode
[  283.171654][ T6675] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  283.304203][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.222'.
[  283.577557][   T30] audit: type=1326 audit(1767958729.137:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.225" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa7ca78f749 code=0x0
[  283.648357][ T6679] netlink: 3 bytes leftover after parsing attributes in process `syz.0.225'.
[  283.657991][ T6679] 0�X���: renamed from caif0
[  283.747154][ T6679] 0�X���: entered allmulticast mode
[  283.753378][ T6679] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  284.783753][ T6699] netlink: 'syz.1.232': attribute type 30 has an invalid length.
[  284.944650][ T6705] loop1: detected capacity change from 0 to 256
[  284.977704][ T6705] vfat: Unknown parameter 'codepag��s���]�e'
[  285.357225][ T6699] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  285.371319][ T6699] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.642710][ T6699] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  285.652893][ T6699] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.936579][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  286.075856][ T6699] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  286.094103][ T6699] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.453938][ T6699] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  286.464181][ T6699] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  286.686049][    T9] hid_parser_main: 21 callbacks suppressed
[  286.686146][    T9] hid-generic 0000:0D17:0000.0003: unknown main item tag 0x0
[  286.707179][    T9] hid-generic 0000:0D17:0000.0003: unknown main item tag 0x0
[  286.918661][    T9] hid-generic 0000:0D17:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  287.990102][ T6718] fido_id[6718]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  287.998701][ T3518] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  288.012459][ T3518] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.158180][ T3626] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  288.166952][ T3626] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  288.297001][ T3518] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  288.305948][ T3518] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  288.438819][ T3518] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  288.451133][ T3518] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.171569][ T6740] loop0: detected capacity change from 0 to 4096
[  290.262214][ T6740] EXT4-fs: Ignoring removed mblk_io_submit option
[  290.307155][ T6740] EXT4-fs (loop0): Test dummy encryption mode enabled
[  290.364352][ T6740] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.565342][ T6755] netlink: 4 bytes leftover after parsing attributes in process `syz.2.248'.
[  291.576826][ T6759] overlayfs: failed to decode file handle (len=6, type=0, flags=0, err=-22)
[  291.763599][ T6758] loop1: detected capacity change from 0 to 2048
[  292.732058][    T9] IPVS: starting estimator thread 0...
[  292.823170][ T6764] IPVS: using max 240 ests per chain, 12000 per kthread
[  293.914199][ T5811] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.034482][ T6793] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[  295.806327][ T6803] netlink: 12 bytes leftover after parsing attributes in process `syz.0.267'.
[  295.989067][ T6808] netlink: 12 bytes leftover after parsing attributes in process `syz.0.267'.
[  297.262071][ T6828] netlink: 'syz.4.275': attribute type 16 has an invalid length.
[  297.270444][ T6828] netlink: 63370 bytes leftover after parsing attributes in process `syz.4.275'.
[  298.050772][ T6841] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'.
[  298.871577][ T6852] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  301.278584][ T6863] netlink: 'syz.3.287': attribute type 16 has an invalid length.
[  301.286815][ T6863] netlink: 63370 bytes leftover after parsing attributes in process `syz.3.287'.
[  301.938616][ T6867] netlink: 'syz.0.289': attribute type 10 has an invalid length.
[  301.947450][ T6867] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.957615][ T6867] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.994560][ T5806] Bluetooth: hci5: command 0x1003 tx timeout
[  302.001222][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  302.643446][ T6871] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.651156][ T6871] batman_adv: batadv0: Removing interface: batadv_slave_0
[  302.715386][ T6871] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.723217][ T6871] batman_adv: batadv0: Removing interface: batadv_slave_1
[  302.805877][ T6871] bridge0: port 3(batadv0) entered disabled state
[  302.883101][ T6871] bridge0: port 3(batadv0) entered disabled state
[  304.325834][ T6891] loop2: detected capacity change from 0 to 128
[  304.493993][ T6891] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  304.510218][ T6891] ext4 filesystem being mounted at /57/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  304.564583][ T6894] netlink: 'syz.3.300': attribute type 16 has an invalid length.
[  304.572830][ T6894] netlink: 63370 bytes leftover after parsing attributes in process `syz.3.300'.
[  304.680282][ T6896] EXT4-fs (loop2): shut down requested (1)
[  305.229470][ T5817] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  305.932443][ T6905] netlink: 'syz.4.304': attribute type 10 has an invalid length.
[  305.941947][ T6905] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.951836][ T6905] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.985820][ T6905] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.993643][ T6905] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.002332][ T6905] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.010328][ T6905] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.030886][ T6905] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  306.870685][ T6915] loop4: detected capacity change from 0 to 1024
[  307.035568][ T6915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  307.190068][   T30] audit: type=1800 audit(1767958752.767:113): pid=6915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.308" name="file2" dev="loop4" ino=16 res=0 errno=0
[  307.403432][ T5808] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  307.754429][ T6926] netlink: 'syz.0.313': attribute type 16 has an invalid length.
[  307.762363][ T6926] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.313'.
[  308.478020][ T5813] Bluetooth: hci2: command 0x0406 tx timeout
[  308.488029][ T5806] Bluetooth: hci0: command 0x0406 tx timeout
[  308.496268][ T5813] Bluetooth: hci3: command 0x0406 tx timeout
[  308.504382][ T5813] Bluetooth: hci4: command 0x0406 tx timeout
[  308.514590][ T5806] Bluetooth: hci1: command 0x0406 tx timeout
[  308.568643][ T6939] netlink: 'syz.3.318': attribute type 10 has an invalid length.
[  308.577599][ T6939] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.587400][ T6939] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.617241][ T6939] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.625079][ T6939] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.633935][ T6939] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.641492][ T6939] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.663719][ T6939] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  309.728920][ T6949] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.736686][ T6949] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.790486][ T6949] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.798226][ T6949] batman_adv: batadv0: Removing interface: batadv_slave_1
[  313.009741][ T6980] netlink: 16 bytes leftover after parsing attributes in process `syz.2.332'.
[  319.357832][ T7034] loop4: detected capacity change from 0 to 512
[  319.376526][ T7034] journal_path: Lookup failure for './file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  319.391797][ T7034] EXT4-fs: error: could not find journal device path
[  329.984655][ T7110] netlink: 'syz.3.369': attribute type 16 has an invalid length.
[  329.992820][ T7110] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.369'.
[  333.157106][ T7126] loop0: detected capacity change from 0 to 1024
[  333.223435][ T7126] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  333.233236][ T7126] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  333.243478][ T7126] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.374: Failed to acquire dquot type 0
[  333.277948][ T7126] EXT4-fs error (device loop0): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  333.300460][ T7126] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #13: comm syz.0.374: corrupted inode contents
[  333.363534][ T7126] EXT4-fs error (device loop0): ext4_dirty_inode:6502: inode #13: comm syz.0.374: mark_inode_dirty error
[  333.381962][ T7126] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #13: comm syz.0.374: corrupted inode contents
[  333.412031][ T7126] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.374: mark_inode_dirty error
[  333.425684][ T7126] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #13: comm syz.0.374: corrupted inode contents
[  333.446035][ T7126] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  333.457066][ T7126] EXT4-fs error (device loop0): ext4_do_update_inode:5617: inode #13: comm syz.0.374: corrupted inode contents
[  333.472345][ T7126] EXT4-fs error (device loop0): ext4_truncate:4635: inode #13: comm syz.0.374: mark_inode_dirty error
[  333.491241][ T7126] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  333.539823][ T7126] EXT4-fs (loop0): 1 truncate cleaned up
[  333.548264][ T7126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.627039][ T7126] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  333.697895][ T7126] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  333.745492][ T7126] Quota error (device loop0): do_check_range: Getting block 64 out of range 1-5
[  333.755479][ T7126] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  333.765381][ T7126] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.374: Failed to acquire dquot type 0
[  333.883868][ T7126] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  334.160276][ T5811] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 74: comm syz-executor: path /78/file0/lost+found: bad entry in directory: directory entry overrun - offset=768, inode=0, rec_len=1024, size=1024 fake=0
[  334.211387][ T5811] EXT4-fs error (device loop0): ext4_empty_dir:3118: inode #11: block 74: comm syz-executor: bad entry in directory: directory entry overrun - offset=11008, inode=0, rec_len=1024, size=1024 fake=0
[  334.301023][ T5811] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 74: comm syz-executor: path /78/file0/lost+found: bad entry in directory: directory entry overrun - offset=768, inode=0, rec_len=1024, size=1024 fake=0
[  334.384163][ T5811] EXT4-fs error (device loop0): ext4_empty_dir:3118: inode #11: block 74: comm syz-executor: bad entry in directory: directory entry overrun - offset=11008, inode=0, rec_len=1024, size=1024 fake=0
[  334.400946][ T7138] netlink: 'syz.3.380': attribute type 16 has an invalid length.
[  334.411898][ T7138] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.380'.
[  334.437066][ T5811] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 74: comm syz-executor: path /78/file0/lost+found: bad entry in directory: directory entry overrun - offset=768, inode=0, rec_len=1024, size=1024 fake=0
[  334.503858][ T5811] EXT4-fs error (device loop0): ext4_empty_dir:3118: inode #11: block 74: comm syz-executor: bad entry in directory: directory entry overrun - offset=11008, inode=0, rec_len=1024, size=1024 fake=0
[  334.584508][ T5811] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 74: comm syz-executor: path /78/file0/lost+found: bad entry in directory: directory entry overrun - offset=768, inode=0, rec_len=1024, size=1024 fake=0
[  334.715824][ T5811] EXT4-fs error (device loop0): ext4_empty_dir:3118: inode #11: block 74: comm syz-executor: bad entry in directory: directory entry overrun - offset=11008, inode=0, rec_len=1024, size=1024 fake=0
[  334.869968][ T5811] EXT4-fs error (device loop0): ext4_readdir:264: inode #11: block 74: comm syz-executor: path /78/file0/lost+found: bad entry in directory: directory entry overrun - offset=768, inode=0, rec_len=1024, size=1024 fake=0
[  335.391538][ T7144] netlink: 'syz.2.383': attribute type 10 has an invalid length.
[  335.400260][ T7144] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.410076][ T7144] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.656024][ T7144] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.663696][ T7144] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.672392][ T7144] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.680738][ T7144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.701688][ T7144] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  336.585081][ T7152] ip6tnl1: entered promiscuous mode
[  336.590495][ T7152] ip6tnl1: entered allmulticast mode
[  337.396281][ T7157] loop1: detected capacity change from 0 to 128
[  337.406957][ T7157] zonefs: Unknown parameter '&Ph�v�d���
[  337.406957][ T7157] ��ڬR>^��_
[  337.406957][ T7157] `��������>���p�Ն�'��u?
��>'wQpdev/infiniband/rdma_cm'
[  338.212293][ T3948] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.508263][ T3948] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.728828][ T3948] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.932111][ T3948] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.733796][ T3948] bridge_slave_1: left allmulticast mode
[  339.739656][ T3948] bridge_slave_1: left promiscuous mode
[  339.758948][ T3948] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.865360][ T3948] bridge_slave_0: left allmulticast mode
[  339.871218][ T3948] bridge_slave_0: left promiscuous mode
[  339.878837][ T3948] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.501380][ T3948] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  340.624344][ T3948] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  340.697436][ T3948] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.718318][ T3948] bond0 (unregistering): Released all slaves
[  341.288947][ T3948] hsr_slave_0: left promiscuous mode
[  341.297221][ T3948] hsr_slave_1: left promiscuous mode
[  341.363291][ T3948] veth1_macvtap: left promiscuous mode
[  341.369013][ T3948] veth0_macvtap: left promiscuous mode
[  341.376026][ T3948] veth1_vlan: left promiscuous mode
[  341.383637][ T3948] veth0_vlan: left promiscuous mode
[  341.777136][ T7182] netlink: 'syz.1.392': attribute type 16 has an invalid length.
[  341.787315][ T7182] netlink: 64138 bytes leftover after parsing attributes in process `syz.1.392'.
[  342.688548][ T3948] team0 (unregistering): Port device team_slave_1 removed
[  342.923909][ T3948] team0 (unregistering): Port device team_slave_0 removed
[  343.233693][ T5810] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  343.243214][ T5810] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  343.253978][ T5810] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  343.269147][ T5810] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  343.281044][ T5810] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  344.339399][ T5810] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  344.354779][ T5810] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  344.385869][ T5810] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  344.400833][ T5810] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  344.422014][ T5810] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  345.356762][ T5810] Bluetooth: hci2: command tx timeout
[  346.628665][ T5810] Bluetooth: hci5: command tx timeout
[  347.390709][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  347.434563][ T5810] Bluetooth: hci2: command tx timeout
[  347.612070][ T7188] Set syz1 is full, maxelem 65536 reached
[  348.192069][ T3948] IPVS: stop unused estimator thread 0...
[  348.610050][ T7210] loop2: detected capacity change from 0 to 1024
[  348.727497][ T5810] Bluetooth: hci5: command tx timeout
[  348.815461][ T7210] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  349.330856][ T7217] loop1: detected capacity change from 0 to 4096
[  349.341875][ T7217] EXT4-fs: Ignoring removed mblk_io_submit option
[  349.453331][ T7217] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  349.513278][ T5810] Bluetooth: hci2: command tx timeout
[  349.554243][ T7217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.883734][ T7219] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.400: missing EA_INODE flag
[  350.023994][ T7199] chnl_net:caif_netlink_parms(): no params data found
[  350.218520][ T7219] EXT4-fs (loop2): Remounting filesystem read-only
[  350.256019][ T7193] chnl_net:caif_netlink_parms(): no params data found
[  350.792785][ T5810] Bluetooth: hci5: command tx timeout
[  351.349664][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.524305][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.593153][ T5810] Bluetooth: hci2: command tx timeout
[  352.228710][ T7237] loop2: detected capacity change from 0 to 1024
[  352.391154][ T7193] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.399137][ T7193] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.405686][ T7237] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5
[  352.409432][ T7193] bridge_slave_0: entered allmulticast mode
[  352.415861][ T7237] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  352.425101][ T7193] bridge_slave_0: entered promiscuous mode
[  352.431145][ T7237] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.403: Failed to acquire dquot type 0
[  352.516944][ T7237] EXT4-fs error (device loop2): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  352.532112][ T7237] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.403: corrupted inode contents
[  352.606803][ T7193] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.618639][ T7193] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.626542][ T7193] bridge_slave_1: entered allmulticast mode
[  352.636214][ T7193] bridge_slave_1: entered promiscuous mode
[  352.704866][ T7237] EXT4-fs error (device loop2): ext4_dirty_inode:6502: inode #13: comm syz.2.403: mark_inode_dirty error
[  352.765762][ T7237] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.403: corrupted inode contents
[  352.781595][ T7199] bridge0: port 1(bridge_slave_0) entered blocking state
[  352.789377][ T7199] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.797278][ T7199] bridge_slave_0: entered allmulticast mode
[  352.806933][ T7199] bridge_slave_0: entered promiscuous mode
[  352.853020][ T7237] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #13: comm syz.2.403: mark_inode_dirty error
[  352.873902][ T5810] Bluetooth: hci5: command tx timeout
[  352.903900][ T7199] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.911537][ T7199] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.919446][ T7199] bridge_slave_1: entered allmulticast mode
[  352.929192][ T7199] bridge_slave_1: entered promiscuous mode
[  352.936457][ T7237] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.403: corrupted inode contents
[  352.964366][ T7193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.033404][ T7237] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  353.074184][ T7237] EXT4-fs error (device loop2): ext4_do_update_inode:5617: inode #13: comm syz.2.403: corrupted inode contents
[  353.164962][ T7193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  353.199674][ T7237] EXT4-fs error (device loop2): ext4_truncate:4635: inode #13: comm syz.2.403: mark_inode_dirty error
[  353.243367][ T7237] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  353.285420][ T7237] EXT4-fs (loop2): 1 truncate cleaned up
[  353.293685][ T7237] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.377227][ T7199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  353.446641][ T7199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  353.475797][ T7250] netlink: 64 bytes leftover after parsing attributes in process `syz.3.406'.
[  353.497833][ T7237] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  353.595289][ T7237] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  353.618329][ T7193] team0: Port device team_slave_0 added
[  353.639883][ T7193] team0: Port device team_slave_1 added
[  353.654893][ T7237] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  353.905154][ T7199] team0: Port device team_slave_0 added
[  353.936131][ T7199] team0: Port device team_slave_1 added
[  354.112171][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.130899][ T7193] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.138208][ T7193] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.165410][ T7193] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.247808][ T7199] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.255112][ T7199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.282209][ T7199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.337235][ T7193] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.345525][ T7193] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.373071][ T7193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.509586][ T7199] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.522086][ T7199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.548512][ T7199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.498307][ T7199] hsr_slave_0: entered promiscuous mode
[  355.508960][ T7199] hsr_slave_1: entered promiscuous mode
[  356.163207][ T7269] loop2: detected capacity change from 0 to 1024
[  356.324337][ T7267] netlink: 2 bytes leftover after parsing attributes in process `syz.3.412'.
[  356.336513][ T7267] netlink: 2 bytes leftover after parsing attributes in process `syz.3.412'.
[  356.363595][ T7193] hsr_slave_0: entered promiscuous mode
[  356.373981][ T7193] hsr_slave_1: entered promiscuous mode
[  356.382912][ T7193] debugfs: 'hsr0' already exists in 'hsr'
[  356.388802][ T7193] Cannot create hsr debugfs directory
[  356.468488][ T7269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.766916][ T7275] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.411: missing EA_INODE flag
[  356.970396][ T7275] EXT4-fs (loop2): Remounting filesystem read-only
[  357.529297][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.622228][ T7199] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  358.661665][ T7289] loop1: detected capacity change from 0 to 1024
[  358.733759][ T7293] kvm: vcpu 0: requested 2 ns lapic timer period limited to 200000 ns
[  358.742134][ T7293] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer.
[  358.766375][ T7294] overlayfs: failed to resolve './cgroup': -2
[  358.835101][ T7199] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  358.888443][ T7289] Quota error (device loop1): do_check_range: Getting block 64 out of range 1-5
[  358.902275][ T7289] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  358.914513][ T7289] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.416: Failed to acquire dquot type 0
[  358.961120][ T7193] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  358.977199][ T7289] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  358.992969][ T7289] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #13: comm syz.1.416: corrupted inode contents
[  359.046189][ T7199] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  359.065054][ T7289] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #13: comm syz.1.416: mark_inode_dirty error
[  359.068246][ T7193] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  359.103740][ T7199] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  359.126285][ T7193] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  359.155253][ T7289] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #13: comm syz.1.416: corrupted inode contents
[  359.177992][ T7193] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  359.242996][ T7289] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #13: comm syz.1.416: mark_inode_dirty error
[  359.305306][ T7289] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #13: comm syz.1.416: corrupted inode contents
[  359.365698][ T7289] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  359.405507][ T7289] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #13: comm syz.1.416: corrupted inode contents
[  359.494820][ T7289] EXT4-fs error (device loop1): ext4_truncate:4635: inode #13: comm syz.1.416: mark_inode_dirty error
[  359.576386][ T7289] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  359.687398][ T7289] EXT4-fs (loop1): 1 truncate cleaned up
[  359.695944][ T7289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.927134][ T7307] loop2: detected capacity change from 0 to 1024
[  359.967951][ T7289] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  359.992281][ T7307] EXT4-fs: inline encryption not supported
[  360.043770][ T7309] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  360.070262][ T7309] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  360.226285][ T7307] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  360.425992][ T7199] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.628565][ T7199] 8021q: adding VLAN 0 to HW filter on device team0
[  360.695544][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.711836][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.751749][ T7193] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.813147][ T4007] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.820766][ T4007] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.964259][ T4007] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.971766][ T4007] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.086715][ T7193] 8021q: adding VLAN 0 to HW filter on device team0
[  361.334547][ T7320] netlink: 2 bytes leftover after parsing attributes in process `syz.1.421'.
[  361.343836][ T7320] netlink: 2 bytes leftover after parsing attributes in process `syz.1.421'.
[  361.424475][ T4007] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.431987][ T4007] bridge0: port 1(bridge_slave_0) entered forwarding state
[  361.448803][ T4007] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.456394][ T4007] bridge0: port 2(bridge_slave_1) entered forwarding state
[  362.162337][ T7324] xt_hashlimit: max too large, truncated to 1048576
[  362.176073][ T7324] No such timeout policy "syz1"
[  362.400869][ T7199] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  362.891348][ T7193] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  362.902890][ T7193] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  363.897265][ T7327] loop1: detected capacity change from 0 to 2048
[  364.228852][ T7327] EXT4-fs: Ignoring removed mblk_io_submit option
[  364.561012][ T7327] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.280357][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.797049][ T7193] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.840733][ T7199] 8021q: adding VLAN 0 to HW filter on device batadv0
[  368.475027][ T7366] netlink: 2 bytes leftover after parsing attributes in process `syz.1.432'.
[  368.484522][ T7366] netlink: 2 bytes leftover after parsing attributes in process `syz.1.432'.
[  369.051615][ T7373] loop2: detected capacity change from 0 to 1024
[  369.268162][ T7373] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.000728][ T5817] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.004121][ T5857] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  371.026981][ T7199] veth0_vlan: entered promiscuous mode
[  371.117190][ T7193] veth0_vlan: entered promiscuous mode
[  371.172282][ T7199] veth1_vlan: entered promiscuous mode
[  371.218391][ T5857] usb 2-1: Using ep0 maxpacket: 8
[  371.243553][ T7193] veth1_vlan: entered promiscuous mode
[  371.267701][ T5857] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  371.279989][ T5857] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  371.292157][ T5857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.471303][ T5857] usb 2-1: config 0 descriptor??
[  371.653996][ T7199] veth0_macvtap: entered promiscuous mode
[  371.713708][ T7193] veth0_macvtap: entered promiscuous mode
[  371.791725][ T5857] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  371.856343][ T7193] veth1_macvtap: entered promiscuous mode
[  371.865606][ T7408] netlink: 'syz.3.441': attribute type 16 has an invalid length.
[  371.873994][ T7408] netlink: 63370 bytes leftover after parsing attributes in process `syz.3.441'.
[  371.893207][ T7199] veth1_macvtap: entered promiscuous mode
[  372.061327][ T7409] tipc: Started in network mode
[  372.068584][ T7409] tipc: Node identity c21b7a3247af, cluster identity 4711
[  372.077702][ T7409] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  372.654718][ T7193] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.966064][ T5456] usb 2-1: USB disconnect, device number 3
[  373.097082][ T7199] batman_adv: batadv0: Interface activated: batadv_slave_0
[  373.205657][    T9] tipc: Node number set to 2243197490
[  373.225148][ T7193] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.268901][ T7405] tipc: Disabling bearer <eth:syzkaller0>
[  373.446122][ T7199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  373.556849][ T3689] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.647481][ T3689] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.805142][ T3689] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.903489][ T3689] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.019012][ T3689] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  374.183458][ T3689] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  374.284793][ T3689] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  374.395063][ T3689] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.569339][ T7087] syz_tun (unregistering): left allmulticast mode
[  378.754196][ T3909] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  378.770503][ T3909] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.947855][ T3909] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  378.958112][ T3909] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.127899][ T3909] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  379.138068][ T3909] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.351142][ T3909] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  379.362931][ T3909] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.962985][ T3909] bridge_slave_1: left allmulticast mode
[  379.968847][ T3909] bridge_slave_1: left promiscuous mode
[  379.975809][ T3909] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.168782][ T3909] bridge_slave_0: left allmulticast mode
[  380.175009][ T3909] bridge_slave_0: left promiscuous mode
[  380.181700][ T3909] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.855571][ T7474] random: crng reseeded on system resumption
[  381.227726][ T7469] Can't find ip_set type hash:i
[  381.764222][ T3909] dvmrp6 (unregistering): left allmulticast mode
[  382.306812][ T7480] netlink: 'syz.3.454': attribute type 30 has an invalid length.
[  382.776236][ T3909] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  382.867387][ T3909] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.838189][ T3909] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.853726][ T3909] bond0 (unregistering): Released all slaves
[  384.386283][ T7473] infiniband syz2: set down
[  384.393155][ T7473] infiniband syz2: added ipvlan0
[  384.401894][ T7473] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  384.412223][ T7473] infiniband syz2: Couldn't open port 1
[  384.457784][ T7473] RDS/IB: syz2: added
[  384.462006][ T7473] smc: adding ib device syz2 with port count 1
[  384.468554][ T7473] smc:    ib device syz2 port 1 has no pnetid
[  385.061507][   T14] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  385.254768][   T14] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  385.370216][   T14] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  385.555547][ T7481] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.498395][ T7481] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.509213][ T7481] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.788363][ T7481] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.801596][ T7481] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.108152][ T7481] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.118861][ T7481] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.576419][ T7500] syzkaller0: entered promiscuous mode
[  389.582213][ T7500] syzkaller0: entered allmulticast mode
[  389.757066][ T3909] hsr_slave_0: left promiscuous mode
[  389.778644][ T3909] hsr_slave_1: left promiscuous mode
[  389.822050][ T3909] veth1_macvtap: left promiscuous mode
[  389.828760][ T3909] veth0_macvtap: left promiscuous mode
[  389.838407][ T3909] veth1_vlan: left promiscuous mode
[  389.844217][ T3909] veth0_vlan: left promiscuous mode
[  390.735111][ T3909] team0 (unregistering): Port device team_slave_1 removed
[  390.793984][ T3909] team0 (unregistering): Port device team_slave_0 removed
[  391.375785][ T3518] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  391.385133][ T3518] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  391.545044][ T7485] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  391.554692][ T7485] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  391.612137][ T3948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.620530][ T3948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.812000][ T3909] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  391.820831][ T3909] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  391.870932][ T4007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.879724][ T4007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  391.908085][ T3909] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  391.920007][ T3909] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.158128][ T3948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  392.167157][ T3948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  393.013172][ T7524] Can't find ip_set type hash:i
[  393.777958][ T7532] loop5: detected capacity change from 0 to 2048
[  394.188568][ T7525] trusted_key: syz.2.462 sent an empty control message without MSG_MORE.
[  394.269189][ T5089] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  394.277510][ T5089] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  394.440733][ T7532] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.453629][ T7532] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.674889][ T7532] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.391: bg 0: block 345: padding at end of block bitmap is not set
[  394.757429][ T7532] EXT4-fs (loop5): Remounting filesystem read-only
[  394.994187][ T7551] netlink: 8 bytes leftover after parsing attributes in process `syz.3.465'.
[  395.122351][ T7193] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.207058][ T7553] netlink: 'syz.6.396': attribute type 10 has an invalid length.
[  395.216016][ T7553] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.225593][ T7553] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.254382][ T7553] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.261847][ T7553] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.270168][ T7553] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.277700][ T7553] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.293710][ T7553] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  396.962895][ T7575] netlink: 360 bytes leftover after parsing attributes in process `syz.6.470'.
[  398.037027][ T7580] netlink: 'syz.3.471': attribute type 30 has an invalid length.
[  399.639253][ T7580] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  399.653369][ T7580] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.952436][ T7580] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  399.965927][ T7580] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.255285][ T7580] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  400.288097][ T7580] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.599115][ T7580] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  400.609842][ T7580] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  400.781379][ T7591] syz.6.473 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  402.833142][ T4037] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  402.841613][ T4037] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.101865][ T4304] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  403.110630][ T4304] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  403.290414][ T5089] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  403.299133][ T5089] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  403.313623][ T5456] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  403.407477][ T3626] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  403.416487][ T3626] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  403.475069][ T5456] usb 6-1: Using ep0 maxpacket: 8
[  403.522915][ T5456] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  403.532195][ T5456] usb 6-1: config 179 has no interface number 0
[  403.545905][ T5456] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  403.559575][ T5456] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  403.571354][ T5456] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  403.581937][ T5456] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  403.595959][ T5456] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  403.605481][ T5456] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.769966][ T7601] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  404.056314][ T5863] usb 6-1: USB disconnect, device number 2
[  404.498758][ T7615] netlink: 'syz.3.480': attribute type 10 has an invalid length.
[  404.508199][ T7615] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.516826][ T7615] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.981988][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  409.034722][ T7624] syzkaller0: entered promiscuous mode
[  409.040397][ T7624] syzkaller0: entered allmulticast mode
[  413.824364][ T5456] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  414.330118][ T5456] usb 3-1: Using ep0 maxpacket: 8
[  414.458166][ T5456] usb 3-1: unable to get BOS descriptor or descriptor too short
[  414.549516][ T5456] usb 3-1: config 0 has an invalid interface number: 88 but max is 0
[  414.560603][ T5456] usb 3-1: config 0 has no interface number 0
[  414.567459][ T5456] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  414.579625][ T5456] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  414.592382][ T5456] usb 3-1: config 0 interface 88 has no altsetting 0
[  414.841978][ T5456] usb 3-1: language id specifier not provided by device, defaulting to English
[  414.973080][ T5456] usb 3-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  414.983492][ T5456] usb 3-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  414.991834][ T5456] usb 3-1: Product: syz
[  414.996588][ T5456] usb 3-1: SerialNumber: syz
[  415.178767][ T5456] usb 3-1: config 0 descriptor??
[  418.825132][ T5456] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.88/input/input5
[  419.155029][ T5456] usb 3-1: USB disconnect, device number 2
[  419.197037][ T7686] syzkaller0: entered promiscuous mode
[  419.214710][ T7686] syzkaller0: entered allmulticast mode
[  422.352376][ T7734] netlink: 12 bytes leftover after parsing attributes in process `syz.2.509'.
[  424.910787][ T7768] netlink: 156 bytes leftover after parsing attributes in process `syz.3.517'.
[  424.978566][ T7768] netlink: 156 bytes leftover after parsing attributes in process `syz.3.517'.
[  426.922019][ T3626] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x60
[  426.930450][ T3626] =====================================================
[  426.937836][ T3626] BUG: KMSAN: uninit-value in nci_ntf_packet+0x26b2/0x46c0
[  426.945323][ T3626]  nci_ntf_packet+0x26b2/0x46c0
[  426.950321][ T3626]  nci_rx_work+0x403/0x750
[  426.955029][ T3626]  process_scheduled_works+0xb91/0x1d80
[  426.960714][ T3626]  worker_thread+0xedf/0x1590
[  426.965648][ T3626]  kthread+0xd5c/0xf00
[  426.969811][ T3626]  ret_from_fork+0x208/0x710
[  426.974719][ T3626]  ret_from_fork_asm+0x1a/0x30
[  426.979690][ T3626] 
[  426.982170][ T3626] Uninit was created at:
[  426.991268][ T3626]  kmem_cache_alloc_node_noprof+0x9e7/0x17a0
[  426.998722][ T3626]  kmalloc_reserve+0x13c/0x4b0
[  427.003676][ T3626]  __alloc_skb+0x805/0x1040
[  427.008257][ T3626]  virtual_ncidev_write+0x6b/0x430
[  427.013532][ T3626]  vfs_write+0x48a/0x15d0
[  427.017948][ T3626]  __x64_sys_write+0x1fb/0x4d0
[  427.022902][ T3626]  x64_sys_call+0x30ab/0x3e70
[  427.027766][ T3626]  do_syscall_64+0xd3/0xf80
[  427.032362][ T3626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  427.038506][ T3626] 
[  427.040898][ T3626] CPU: 0 UID: 0 PID: 3626 Comm: kworker/u8:16 Not tainted syzkaller #0 PREEMPT(none) 
[  427.050581][ T3626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.060785][ T3626] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  427.066524][ T3626] =====================================================
[  427.073586][ T3626] Disabling lock debugging due to kernel taint
[  427.079808][ T3626] Kernel panic - not syncing: kmsan.panic set ...
[  427.086307][ T3626] CPU: 0 UID: 0 PID: 3626 Comm: kworker/u8:16 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  427.097614][ T3626] Tainted: [B]=BAD_PAGE
[  427.101848][ T3626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.112020][ T3626] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  427.117695][ T3626] Call Trace:
[  427.121014][ T3626]  <TASK>
[  427.123997][ T3626]  __dump_stack+0x26/0x30
[  427.128423][ T3626]  dump_stack_lvl+0x50/0x1c0
[  427.133095][ T3626]  ? dump_stack+0x12/0x25
[  427.137513][ T3626]  dump_stack+0x1e/0x25
[  427.141754][ T3626]  vpanic+0x435/0xd30
[  427.145858][ T3626]  panic+0x15d/0x160
[  427.149887][ T3626]  kmsan_report+0x31c/0x320
[  427.154510][ T3626]  ? __msan_warning+0x1b/0x30
[  427.159287][ T3626]  ? nci_ntf_packet+0x26b2/0x46c0
[  427.164468][ T3626]  ? nci_rx_work+0x403/0x750
[  427.169152][ T3626]  ? process_scheduled_works+0xb91/0x1d80
[  427.175081][ T3626]  ? worker_thread+0xedf/0x1590
[  427.180089][ T3626]  ? kthread+0xd5c/0xf00
[  427.184466][ T3626]  ? ret_from_fork+0x208/0x710
[  427.189364][ T3626]  ? ret_from_fork_asm+0x1a/0x30
[  427.194442][ T3626]  ? ret_from_fork_asm+0x1a/0x30
[  427.199525][ T3626]  ? vprintk_emit+0xb5e/0xb70
[  427.204502][ T3626]  ? vprintk_default+0x3f/0x50
[  427.209377][ T3626]  ? vprintk+0x36/0x50
[  427.213522][ T3626]  ? _printk+0x17e/0x1b0
[  427.217890][ T3626]  ? kmsan_get_metadata+0xfb/0x160
[  427.223215][ T3626]  __msan_warning+0x1b/0x30
[  427.227823][ T3626]  nci_ntf_packet+0x26b2/0x46c0
[  427.232807][ T3626]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  427.239014][ T3626]  ? sk_skb_reason_drop+0x13f/0x440
[  427.244338][ T3626]  nci_rx_work+0x403/0x750
[  427.248866][ T3626]  ? __pfx_nci_rx_work+0x10/0x10
[  427.253909][ T3626]  process_scheduled_works+0xb91/0x1d80
[  427.259681][ T3626]  worker_thread+0xedf/0x1590
[  427.264459][ T3626]  kthread+0xd5c/0xf00
[  427.268699][ T3626]  ? __pfx_worker_thread+0x10/0x10
[  427.273963][ T3626]  ? __pfx_kthread+0x10/0x10
[  427.278705][ T3626]  ret_from_fork+0x208/0x710
[  427.283447][ T3626]  ? __switch_to+0x53d/0x790
[  427.288142][ T3626]  ? __pfx_kthread+0x10/0x10
[  427.292854][ T3626]  ret_from_fork_asm+0x1a/0x30
[  427.297781][ T3626]  </TASK>
[  427.301336][ T3626] Kernel Offset: disabled
[  427.305731][ T3626] Rebooting in 86400 seconds..