last executing test programs:

3m32.473638296s ago: executing program 2 (id=7):
syz_usbip_server_init(0x4)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
syz_usbip_server_init(0x1)

3m31.215689409s ago: executing program 2 (id=8):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x4e00, 0x0, 0x730, 0xbdff, 0x90, "febbad541a00"})
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r1 = syz_open_pts(r0, 0x8182)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

3m30.055707496s ago: executing program 2 (id=11):
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x23c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x400}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}]}, @TIPC_NLA_PUBL={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x5}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x1}]}, @TIPC_NLA_NET={0x64, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xe179}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffffffff4f79}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7fffffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xed97}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80000001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA={0xec, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xa0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xd}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3116}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xc0000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x86}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xdd4a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}]}, @TIPC_NLA_SOCK={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4a}, @TIPC_NLA_SOCK_CON={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7f}]}, @TIPC_NLA_NET={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x872d}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7ff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5}]}, @TIPC_NLA_NODE={0x50, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "0837de9864e5a609f29631ef6ddbf2b8f937a5ac"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fffffff}]}]}, 0x23c}, 0x1, 0x0, 0x0, 0x44010}, 0xc010)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22, 0x0, @mcast2, 0x2}, 0x1c)
syz_usb_connect$hid(0x59c7271563034cba, 0x0, 0x0, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x5a, &(0x7f0000000580)=@string={0x5a, 0x3, "f34c2a690f9edebae6e528230fbc28a8648b019527eaa18106f93b2762db6c23ee51dd91b80c0423907b5013a6212e814d37637d351fcd98c90e4fdfaaf16079e116382e7c5d3d57b4e88f26024cfb18dce54317ef246ab9"}}]})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x189)
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

3m28.307685065s ago: executing program 2 (id=14):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f00000002c0)='autofs\x00', 0xa00000, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
open(&(0x7f00000000c0)='./file1\x00', 0x400, 0x40)

3m27.821260834s ago: executing program 2 (id=17):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ptrace(0x10, 0x0)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4008, 0x7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$SIOCAX25GETINFOOLD(r0, 0x89e9, &(0x7f0000000280))
connect$inet(0xffffffffffffffff, 0x0, 0x0)

3m26.651576718s ago: executing program 2 (id=22):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000000), 0x4)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

3m25.791072297s ago: executing program 32 (id=22):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000000), 0x4)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

21.644613184s ago: executing program 4 (id=378):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

20.400784726s ago: executing program 4 (id=379):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

19.305914544s ago: executing program 4 (id=382):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
r3 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)
ftruncate(r3, 0x2007ffc)
sendfile(r3, r3, 0x0, 0x800000009)

16.554095215s ago: executing program 3 (id=386):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
ioctl$SIOCRSSCAUSE(0xffffffffffffffff, 0x89e1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f000001af80)=@delchain={0x620, 0x65, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0xb}, {0xd, 0x7}, {0x6, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @filter_kind_options=@f_basic={{0xa}, {0x5e8, 0x2, [@TCA_BASIC_POLICE={0x458, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0xd39, 0x8000, 0x4, 0x1, 0x7fffffff, 0x80000007, 0x6, 0x7, 0xffff, 0x3896330b, 0x0, 0x10000, 0x2, 0x8, 0xf, 0x2, 0x2, 0x0, 0x9, 0x7, 0x10001, 0x5, 0xc3, 0x0, 0xe, 0xcd97, 0x5, 0xf, 0x9, 0xbac, 0x200, 0x5, 0x10, 0x200, 0x809fe, 0x2, 0xfffffffc, 0x0, 0xffffffc0, 0x7, 0x10000, 0x2, 0x7, 0x0, 0x5, 0x100, 0x0, 0x6, 0x3, 0x7ff, 0x4, 0x1000, 0x3, 0x7ff, 0x2, 0x8, 0x1ee, 0x200, 0x2, 0x3ff, 0x102000, 0xffffffdc, 0x0, 0x0, 0xfff, 0xfffffffa, 0x200, 0x9, 0x8, 0xfffffbff, 0x1, 0x19, 0x7, 0x0, 0x8, 0xffffffff, 0x7f, 0x8, 0x3, 0x3, 0x1000, 0x8, 0x2, 0xfffffffe, 0x0, 0x7fffffff, 0x8, 0x5, 0x8, 0x8, 0x3f, 0x81, 0x1, 0x1000, 0x0, 0x7, 0x7, 0x3, 0xcb, 0x5, 0x101, 0x400, 0x3ff, 0x8, 0x8d13, 0xff, 0x5, 0x4, 0x21ad, 0x2, 0x1, 0x8, 0x8001, 0x1, 0x80000001, 0x1ff, 0x10000, 0x5, 0x101, 0xb4b4, 0x3, 0x1, 0xc, 0x8, 0x2, 0x80000000, 0x8000, 0x8, 0x1, 0x9, 0x4, 0x0, 0x6, 0xc2c9, 0x7, 0x1e9, 0x4, 0x0, 0x4, 0xfffffffa, 0x80000001, 0xff, 0xfffffffb, 0x400, 0xb0d, 0x207, 0xffffb6f2, 0xe, 0x4, 0xe, 0x5, 0x80000000, 0x8a5, 0x2d8, 0x1, 0x6299, 0x7439, 0x1, 0xb, 0x6, 0x400, 0x0, 0x5, 0x9, 0x10000, 0xfffffff6, 0xf, 0xfffffffc, 0x38, 0x5, 0x0, 0x3, 0x5, 0xe, 0x0, 0x252d, 0xfffffffe, 0xfffffffd, 0x3, 0x200, 0x0, 0x4000000, 0x9, 0xfffffff7, 0x0, 0x2, 0xf, 0x1, 0x8, 0x3, 0x6, 0x1, 0x8, 0x4, 0x0, 0xfffffff7, 0x0, 0x7, 0x431e, 0x0, 0x8000000, 0x2, 0x831, 0x180000, 0x1, 0x18a1, 0x5, 0x9, 0x8, 0xffff8000, 0xffffc917, 0x9, 0x4, 0x5, 0x40, 0x80000000, 0xdc42, 0x0, 0x7, 0xffffff7d, 0xf805, 0x6, 0x45, 0x2, 0x0, 0x8, 0x200, 0x0, 0xfffff8fe, 0x1, 0x5, 0x2, 0xffffffff, 0x4, 0x4, 0x4, 0x10000, 0x0, 0x1, 0x0, 0xfff, 0x8, 0x81a, 0x45a, 0x3, 0x2, 0x7fdde78e, 0x7f, 0x1, 0x5, 0x3, 0x7, 0x80, 0x7993]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x80}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_TBF={0x3c, 0x1, {0x470, 0x7fffffffdffffffd, 0xbfc1, 0x7, 0x9, {0x8, 0x1, 0x0, 0x8, 0x1, 0x8}, {0x5, 0x0, 0x2a97, 0x3d, 0x1, 0x9356b6f}, 0x2, 0x1, 0x2}}]}, @TCA_BASIC_EMATCHES={0x4}, @TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x6}}, @TCA_BASIC_EMATCHES={0x180, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x50, 0x2, 0x0, 0x1, [@TCF_EM_META={0x38, 0x1, 0x0, 0x0, {{0x200, 0x4, 0xffff}, [@TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_RVALUE={0x21, 0x3, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xc, @TCF_META_TYPE_VAR="c5de7947856c9c8bf5"]}]}}, @TCF_EM_META={0x14, 0x1, 0x0, 0x0, {{0x9c73, 0x4, 0x9}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x4}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x11c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x5, 0x2, 0x8de6}, {0x7, 0x7, 0x0, "f98acd17f9034d"}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x7fff, 0x7, 0xa3}, {{0x1, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x7fff, 0x8, 0x48}, {0x0, 0x3, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x3, 0x8, 0x5}, {0x0, 0x2, 0x5}}}, @TCF_EM_IPT={0xcc, 0x2, 0x0, 0x0, {{0x3, 0x9, 0x7fd9}, [@TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_MATCH_DATA={0xa9, 0x5, "a5efb43a0faf4558a2df1cd0af06e254d830a78ee0860533a27d79d993008013cb715106643a5bee822c0060276b92d4879ab7fd690b663fda29e775a3a10e1347e289bc8dc9cb9b6eb8f1e5f98cbb12a6448493bf7af17644317ca878090a9bfd6e71000a4f53f66064a3e0fa5eedf9510d6385c210563e39a3cb33ac17214916feff3b2dde2c172b28f87021340c7305166d079f47c23d87519d712e5287175a556e68d5"}]}}]}]}]}}]}, 0x620}, 0x1, 0x0, 0x0, 0x4000}, 0xc050)

16.358005444s ago: executing program 1 (id=388):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)

16.342864384s ago: executing program 6 (id=389):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

14.706419618s ago: executing program 0 (id=390):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

13.790797362s ago: executing program 3 (id=392):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)

12.814987889s ago: executing program 6 (id=393):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

12.375649605s ago: executing program 1 (id=394):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

10.534465156s ago: executing program 3 (id=396):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)

10.506628092s ago: executing program 0 (id=397):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

9.793773413s ago: executing program 5 (id=398):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

9.766032677s ago: executing program 6 (id=399):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

9.645594487s ago: executing program 1 (id=400):
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0)
personality(0xfe47fef9f5ff7379)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x108, 0x0, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f00000007c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, 0x0, 0x0, 0x1)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x200000010, &(0x7f0000000040)=0x9, 0x65)
splice(r1, 0x0, r2, 0x0, 0xfffd, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @none, 0x4, 0x1}, 0xe)
accept4$bt_l2cap(r3, 0x0, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYRES16=0x0, @ANYRES64, @ANYBLOB="5333c923ead7d62a1aa7e1ad6926618430329b0ea6e6e24d7310d2249d89707d2a2ee55d187812e2a0109f36ed3b24151208962f1353f76d5dc207c8b61a67695d2e4632e520"], 0x1, 0x182, &(0x7f0000000200)="$eJzslT1PwkAYx/93RV6Mn8DFQRJxsLRFjQuJLE4OJr4QBxOJVIIWMdBBSBz8BO5uDn4PXf0QBl10wUnnml6P9jSAxkSJ8fkNj796zx3Xh+QPCIL4tzzcv3a8l/xjEsAE0kjI/z9pUQ9X+u+Sz6c3qyvF852r20RHT/U70/O+/vkxANcFDW649/3utPy7AR76JjhmpRfBoEvfBceWdBsM29IPFK/7/bq+X3Vsfa/ulH0x/GL6xfJL7uP9umcMZeV+TFlvttqHJcexGz8on82vW+DIK/dTv6/ebAxlfiY4TOk5MKxLX0KiN5tgJMr7T8ai87Vffn8SEpK/JlE+eZcMM0o+BVFyIX5qsm7tONtsteeqtVLFrthHlpVbNOYNY8HKiiAK6pD8S4l8GlfOHxvQG2dxnJRct2EGNXy2gtovcbnIP47MdPDsZ398cByLdSb3MWEZbUg7QRDEyJgCE5kpcrkny3LRC7HWRnxPgiAIgiAIgiAIgiC+z1sAAAD//9Zjb/k=")

8.945113169s ago: executing program 4 (id=401):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

8.22820641s ago: executing program 0 (id=402):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

8.18535967s ago: executing program 1 (id=403):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

7.920422537s ago: executing program 3 (id=404):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

7.080442586s ago: executing program 5 (id=405):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f000001af80)=@delchain={0x620, 0x65, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0xb}, {0xd, 0x7}, {0x6, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @filter_kind_options=@f_basic={{0xa}, {0x5e8, 0x2, [@TCA_BASIC_POLICE={0x458, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0xd39, 0x8000, 0x4, 0x1, 0x7fffffff, 0x80000007, 0x6, 0x7, 0xffff, 0x3896330b, 0x0, 0x10000, 0x2, 0x8, 0xf, 0x2, 0x2, 0x0, 0x9, 0x7, 0x10001, 0x5, 0xc3, 0x0, 0xe, 0xcd97, 0x5, 0xf, 0x9, 0xbac, 0x200, 0x5, 0x10, 0x200, 0x809fe, 0x2, 0xfffffffc, 0x0, 0xffffffc0, 0x7, 0x10000, 0x2, 0x7, 0x0, 0x5, 0x100, 0x0, 0x6, 0x3, 0x7ff, 0x4, 0x1000, 0x3, 0x7ff, 0x2, 0x8, 0x1ee, 0x200, 0x2, 0x3ff, 0x102000, 0xffffffdc, 0x0, 0x0, 0xfff, 0xfffffffa, 0x200, 0x9, 0x8, 0xfffffbff, 0x1, 0x19, 0x7, 0x0, 0x8, 0xffffffff, 0x7f, 0x8, 0x3, 0x3, 0x1000, 0x8, 0x2, 0xfffffffe, 0x0, 0x7fffffff, 0x8, 0x5, 0x8, 0x8, 0x3f, 0x81, 0x1, 0x1000, 0x0, 0x7, 0x7, 0x3, 0xcb, 0x5, 0x101, 0x400, 0x3ff, 0x8, 0x8d13, 0xff, 0x5, 0x4, 0x21ad, 0x2, 0x1, 0x8, 0x8001, 0x1, 0x80000001, 0x1ff, 0x10000, 0x5, 0x101, 0xb4b4, 0x3, 0x1, 0xc, 0x8, 0x2, 0x80000000, 0x8000, 0x8, 0x1, 0x9, 0x4, 0x0, 0x6, 0xc2c9, 0x7, 0x1e9, 0x4, 0x0, 0x4, 0xfffffffa, 0x80000001, 0xff, 0xfffffffb, 0x400, 0xb0d, 0x207, 0xffffb6f2, 0xe, 0x4, 0xe, 0x5, 0x80000000, 0x8a5, 0x2d8, 0x1, 0x6299, 0x7439, 0x1, 0xb, 0x6, 0x400, 0x0, 0x5, 0x9, 0x10000, 0xfffffff6, 0xf, 0xfffffffc, 0x38, 0x5, 0x0, 0x3, 0x5, 0xe, 0x0, 0x252d, 0xfffffffe, 0xfffffffd, 0x3, 0x200, 0x0, 0x4000000, 0x9, 0xfffffff7, 0x0, 0x2, 0xf, 0x1, 0x8, 0x3, 0x6, 0x1, 0x8, 0x4, 0x0, 0xfffffff7, 0x0, 0x7, 0x431e, 0x0, 0x8000000, 0x2, 0x831, 0x180000, 0x1, 0x18a1, 0x5, 0x9, 0x8, 0xffff8000, 0xffffc917, 0x9, 0x4, 0x5, 0x40, 0x80000000, 0xdc42, 0x0, 0x7, 0xffffff7d, 0xf805, 0x6, 0x45, 0x2, 0x0, 0x8, 0x200, 0x0, 0xfffff8fe, 0x1, 0x5, 0x2, 0xffffffff, 0x4, 0x4, 0x4, 0x10000, 0x0, 0x1, 0x0, 0xfff, 0x8, 0x81a, 0x45a, 0x3, 0x2, 0x7fdde78e, 0x7f, 0x1, 0x5, 0x3, 0x7, 0x80, 0x7993]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x80}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_TBF={0x3c, 0x1, {0x470, 0x7fffffffdffffffd, 0xbfc1, 0x7, 0x9, {0x8, 0x1, 0x0, 0x8, 0x1, 0x8}, {0x5, 0x0, 0x2a97, 0x3d, 0x1, 0x9356b6f}, 0x2, 0x1, 0x2}}]}, @TCA_BASIC_EMATCHES={0x4}, @TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x6}}, @TCA_BASIC_EMATCHES={0x180, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x50, 0x2, 0x0, 0x1, [@TCF_EM_META={0x38, 0x1, 0x0, 0x0, {{0x200, 0x4, 0xffff}, [@TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_RVALUE={0x21, 0x3, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xc, @TCF_META_TYPE_VAR="c5de7947856c9c8bf5"]}]}}, @TCF_EM_META={0x14, 0x1, 0x0, 0x0, {{0x9c73, 0x4, 0x9}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x4}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x11c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x5, 0x2, 0x8de6}, {0x7, 0x7, 0x0, "f98acd17f9034d"}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x7fff, 0x7, 0xa3}, {{0x1, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x7fff, 0x8, 0x48}, {0x0, 0x3, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x3, 0x8, 0x5}, {0x0, 0x2, 0x5}}}, @TCF_EM_IPT={0xcc, 0x2, 0x0, 0x0, {{0x3, 0x9, 0x7fd9}, [@TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_MATCH_DATA={0xa9, 0x5, "a5efb43a0faf4558a2df1cd0af06e254d830a78ee0860533a27d79d993008013cb715106643a5bee822c0060276b92d4879ab7fd690b663fda29e775a3a10e1347e289bc8dc9cb9b6eb8f1e5f98cbb12a6448493bf7af17644317ca878090a9bfd6e71000a4f53f66064a3e0fa5eedf9510d6385c210563e39a3cb33ac17214916feff3b2dde2c172b28f87021340c7305166d079f47c23d87519d712e5287175a556e68d5"}]}}]}]}]}}]}, 0x620}, 0x1, 0x0, 0x0, 0x4000}, 0xc050)
recvmsg$can_raw(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000ac0)=""/4096, 0x1000}], 0x1}, 0x40)

6.375647583s ago: executing program 6 (id=406):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, 0x0, 0x0)
ioctl$SIOCRSSCAUSE(0xffffffffffffffff, 0x89e1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f000001af80)=@delchain={0x620, 0x65, 0x200, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xd, 0xb}, {0xd, 0x7}, {0x6, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}, @filter_kind_options=@f_basic={{0xa}, {0x5e8, 0x2, [@TCA_BASIC_POLICE={0x458, 0x4, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0xd39, 0x8000, 0x4, 0x1, 0x7fffffff, 0x80000007, 0x6, 0x7, 0xffff, 0x3896330b, 0x0, 0x10000, 0x2, 0x8, 0xf, 0x2, 0x2, 0x0, 0x9, 0x7, 0x10001, 0x5, 0xc3, 0x0, 0xe, 0xcd97, 0x5, 0xf, 0x9, 0xbac, 0x200, 0x5, 0x10, 0x200, 0x809fe, 0x2, 0xfffffffc, 0x0, 0xffffffc0, 0x7, 0x10000, 0x2, 0x7, 0x0, 0x5, 0x100, 0x0, 0x6, 0x3, 0x7ff, 0x4, 0x1000, 0x3, 0x7ff, 0x2, 0x8, 0x1ee, 0x200, 0x2, 0x3ff, 0x102000, 0xffffffdc, 0x0, 0x0, 0xfff, 0xfffffffa, 0x200, 0x9, 0x8, 0xfffffbff, 0x1, 0x19, 0x7, 0x0, 0x8, 0xffffffff, 0x7f, 0x8, 0x3, 0x3, 0x1000, 0x8, 0x2, 0xfffffffe, 0x0, 0x7fffffff, 0x8, 0x5, 0x8, 0x8, 0x3f, 0x81, 0x1, 0x1000, 0x0, 0x7, 0x7, 0x3, 0xcb, 0x5, 0x101, 0x400, 0x3ff, 0x8, 0x8d13, 0xff, 0x5, 0x4, 0x21ad, 0x2, 0x1, 0x8, 0x8001, 0x1, 0x80000001, 0x1ff, 0x10000, 0x5, 0x101, 0xb4b4, 0x3, 0x1, 0xc, 0x8, 0x2, 0x80000000, 0x8000, 0x8, 0x1, 0x9, 0x4, 0x0, 0x6, 0xc2c9, 0x7, 0x1e9, 0x4, 0x0, 0x4, 0xfffffffa, 0x80000001, 0xff, 0xfffffffb, 0x400, 0xb0d, 0x207, 0xffffb6f2, 0xe, 0x4, 0xe, 0x5, 0x80000000, 0x8a5, 0x2d8, 0x1, 0x6299, 0x7439, 0x1, 0xb, 0x6, 0x400, 0x0, 0x5, 0x9, 0x10000, 0xfffffff6, 0xf, 0xfffffffc, 0x38, 0x5, 0x0, 0x3, 0x5, 0xe, 0x0, 0x252d, 0xfffffffe, 0xfffffffd, 0x3, 0x200, 0x0, 0x4000000, 0x9, 0xfffffff7, 0x0, 0x2, 0xf, 0x1, 0x8, 0x3, 0x6, 0x1, 0x8, 0x4, 0x0, 0xfffffff7, 0x0, 0x7, 0x431e, 0x0, 0x8000000, 0x2, 0x831, 0x180000, 0x1, 0x18a1, 0x5, 0x9, 0x8, 0xffff8000, 0xffffc917, 0x9, 0x4, 0x5, 0x40, 0x80000000, 0xdc42, 0x0, 0x7, 0xffffff7d, 0xf805, 0x6, 0x45, 0x2, 0x0, 0x8, 0x200, 0x0, 0xfffff8fe, 0x1, 0x5, 0x2, 0xffffffff, 0x4, 0x4, 0x4, 0x10000, 0x0, 0x1, 0x0, 0xfff, 0x8, 0x81a, 0x45a, 0x3, 0x2, 0x7fdde78e, 0x7f, 0x1, 0x5, 0x3, 0x7, 0x80, 0x7993]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x80}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x7}, @TCA_POLICE_TBF={0x3c, 0x1, {0x470, 0x7fffffffdffffffd, 0xbfc1, 0x7, 0x9, {0x8, 0x1, 0x0, 0x8, 0x1, 0x8}, {0x5, 0x0, 0x2a97, 0x3d, 0x1, 0x9356b6f}, 0x2, 0x1, 0x2}}]}, @TCA_BASIC_EMATCHES={0x4}, @TCA_BASIC_CLASSID={0x8, 0x1, {0xb, 0x6}}, @TCA_BASIC_EMATCHES={0x180, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x50, 0x2, 0x0, 0x1, [@TCF_EM_META={0x38, 0x1, 0x0, 0x0, {{0x200, 0x4, 0xffff}, [@TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_RVALUE={0x21, 0x3, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_INT=0xc, @TCF_META_TYPE_VAR="c5de7947856c9c8bf5"]}]}}, @TCF_EM_META={0x14, 0x1, 0x0, 0x0, {{0x9c73, 0x4, 0x9}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x4}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x11c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x5, 0x2, 0x8de6}, {0x7, 0x7, 0x0, "f98acd17f9034d"}}}, @TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x7fff, 0x7, 0xa3}, {{0x1, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1}}}}, @TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x7fff, 0x8, 0x48}, {0x0, 0x3, 0x5}}}, @TCF_EM_IPSET={0x10, 0x3, 0x0, 0x0, {{0x3, 0x8, 0x5}, {0x0, 0x2, 0x5}}}, @TCF_EM_IPT={0xcc, 0x2, 0x0, 0x0, {{0x3, 0x9, 0x7fd9}, [@TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5}, @TCA_EM_IPT_MATCH_DATA={0xa9, 0x5, "a5efb43a0faf4558a2df1cd0af06e254d830a78ee0860533a27d79d993008013cb715106643a5bee822c0060276b92d4879ab7fd690b663fda29e775a3a10e1347e289bc8dc9cb9b6eb8f1e5f98cbb12a6448493bf7af17644317ca878090a9bfd6e71000a4f53f66064a3e0fa5eedf9510d6385c210563e39a3cb33ac17214916feff3b2dde2c172b28f87021340c7305166d079f47c23d87519d712e5287175a556e68d5"}]}}]}]}]}}]}, 0x620}, 0x1, 0x0, 0x0, 0x4000}, 0xc050)

5.463621502s ago: executing program 0 (id=407):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

5.3837279s ago: executing program 3 (id=408):
openat$comedi(0xffffff9c, &(0x7f0000000780)='/dev/comedi0\x00', 0x101001, 0x0)
ioctl$sock_qrtr_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000000)={'netpci0\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x5)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0)
waitid$P_PIDFD(0x3, r0, &(0x7f0000000380), 0x20000000, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$l2tp(0x2, 0x2, 0x73)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
getdents64(0xffffffffffffffff, &(0x7f0000001f00)=""/4111, 0x100f)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0))
pread64(r0, &(0x7f0000000100)=""/78, 0x4e, 0x0)

5.253680602s ago: executing program 1 (id=409):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x40800)
fanotify_mark(r1, 0x261, 0x4800003e, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r6, &(0x7f0000001fc0)=""/184, 0x20002078)

5.171673628s ago: executing program 4 (id=410):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)

4.215177553s ago: executing program 5 (id=411):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000280)={0x100, r2}, 0x0)
close(r1)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

3.543943845s ago: executing program 6 (id=412):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

3.542910625s ago: executing program 5 (id=413):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

3.484754645s ago: executing program 4 (id=414):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x5, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d1000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003100000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
r2 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x2840)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000100)=""/65)

3.180029119s ago: executing program 0 (id=415):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x60, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = timerfd_create(0x3, 0x100000)
clock_gettime(0x0, &(0x7f0000000080))
timerfd_settime(r1, 0x6, 0x0, &(0x7f0000000580))
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0), 0x0, 0x0, 0x0, 0x804c040}, 0xc851)
sendmmsg$inet_sctp(r3, &(0x7f0000000100), 0x0, 0x10)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000001c0), &(0x7f0000000080)=0x8)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[])
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, 0x0, 0x0)
ioctl$UFFDIO_COPY(r4, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3})

3.105396325s ago: executing program 3 (id=416):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x40800)
fanotify_mark(r1, 0x261, 0x4800003e, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0x20002078)

2.29081828s ago: executing program 0 (id=417):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
r0 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000b00)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8838, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x3, 0x800000000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]})
r1 = socket$netlink(0x10, 0x3, 0xc)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={0x0}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_clone3(&(0x7f0000000300)={0x110080000, 0x0, 0x0, 0x0, {0x21}, &(0x7f00000000c0)=""/81, 0x51, &(0x7f00000001c0)=""/36, 0x0}, 0x58)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000004380)=@newtaction={0xc0, 0x30, 0xffff, 0x0, 0x0, {}, [{0xac, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x3c, 0x2, 0x0, 0x0, {{0x9}, {0x10, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xc0}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x54}}, 0x0)
getdents(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

1.794459021s ago: executing program 5 (id=418):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

1.002420654s ago: executing program 6 (id=419):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioperm(0x0, 0x2, 0x7e)
r2 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$kcm(0x29, 0x5, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3e, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x503, 0x0, 0xfffff7fd}, 0x20}}, 0x8080)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000008c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

15.575811ms ago: executing program 5 (id=420):
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
add_key$user(0x0, &(0x7f0000000440), 0x0, 0x0, 0xfffffffffffffffd)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000280), &(0x7f00000000c0)=""/83, 0x53, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x1c3902, 0x0)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, 0x0)

0s ago: executing program 1 (id=421):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcmda12\x00', [0x4f27, 0x5, 0x7, 0x4, 0x5, 0xcc9, 0xf, 0x7, 0xe, 0xe8aa, 0x2, 0x1, 0xfffffffd, 0x1, 0x6, 0x8000, 0x0, 0x1a449, 0x3, 0x40000003, 0x99, 0xcaa7, 0x0, 0x20001e58, 0x7, 0xe69, 0x3c, 0x7fffffff, 0x2, 0x3, 0xfffffff8]})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts.
[   82.578410][ T5843] cgroup: Unknown subsys name 'net'
[   82.753925][ T5843] cgroup: Unknown subsys name 'cpuset'
[   82.764424][ T5843] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.300221][ T5843] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   89.161951][ T5866] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   89.171214][ T5866] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   89.179290][ T5866] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   89.187441][ T5866] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   89.196598][ T5866] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   89.204531][ T5866] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   89.213131][ T5866] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   89.221074][ T5866] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   89.230206][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   89.238035][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   89.262146][ T5877] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   89.280294][ T5877] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   89.288174][ T5878] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   89.294783][ T5866] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   89.297522][ T5878] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   89.303728][ T5866] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   89.309884][ T5877] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   89.316514][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   89.333329][ T5866] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   89.335352][ T5877] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   89.341152][ T5866] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   89.356260][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   89.356383][ T5877] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   89.364344][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   89.371819][ T5877] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   89.380144][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   89.385357][ T5877] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   89.394257][ T5880] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   89.400398][ T5877] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   89.407420][ T5880] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   90.167205][ T5855] chnl_net:caif_netlink_parms(): no params data found
[   90.291768][ T5854] chnl_net:caif_netlink_parms(): no params data found
[   90.398395][ T5856] chnl_net:caif_netlink_parms(): no params data found
[   90.548664][ T5857] chnl_net:caif_netlink_parms(): no params data found
[   90.667350][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   90.700144][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.707434][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.715956][ T5855] bridge_slave_0: entered allmulticast mode
[   90.724128][ T5855] bridge_slave_0: entered promiscuous mode
[   90.769548][ T5861] chnl_net:caif_netlink_parms(): no params data found
[   90.783272][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.791424][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.798619][ T5855] bridge_slave_1: entered allmulticast mode
[   90.806334][ T5855] bridge_slave_1: entered promiscuous mode
[   90.896924][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.904920][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.913273][ T5854] bridge_slave_0: entered allmulticast mode
[   90.921378][ T5854] bridge_slave_0: entered promiscuous mode
[   91.009076][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.016947][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.024585][ T5854] bridge_slave_1: entered allmulticast mode
[   91.033588][ T5854] bridge_slave_1: entered promiscuous mode
[   91.081184][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.135908][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.144587][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.152356][ T5856] bridge_slave_0: entered allmulticast mode
[   91.160755][ T5856] bridge_slave_0: entered promiscuous mode
[   91.178587][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.243120][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.250502][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.257813][ T5856] bridge_slave_1: entered allmulticast mode
[   91.266528][ T5856] bridge_slave_1: entered promiscuous mode
[   91.296111][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.304413][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.305879][    T9] cfg80211: failed to load regulatory.db
[   91.312855][ T5857] bridge_slave_0: entered allmulticast mode
[   91.327724][ T5857] bridge_slave_0: entered promiscuous mode
[   91.338853][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.383717][ T5862] Bluetooth: hci0: command tx timeout
[   91.403453][ T5855] team0: Port device team_slave_0 added
[   91.411785][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.418942][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.428014][ T5857] bridge_slave_1: entered allmulticast mode
[   91.435646][ T5857] bridge_slave_1: entered promiscuous mode
[   91.460390][ T5877] Bluetooth: hci4: command tx timeout
[   91.460635][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.466075][ T5862] Bluetooth: hci3: command tx timeout
[   91.481392][ T5877] Bluetooth: hci2: command tx timeout
[   91.481563][ T5876] Bluetooth: hci1: command tx timeout
[   91.492932][ T5880] Bluetooth: hci5: command tx timeout
[   91.517404][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.524929][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.532394][ T5858] bridge_slave_0: entered allmulticast mode
[   91.540787][ T5858] bridge_slave_0: entered promiscuous mode
[   91.578963][ T5855] team0: Port device team_slave_1 added
[   91.635074][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.642839][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.650843][ T5858] bridge_slave_1: entered allmulticast mode
[   91.658378][ T5858] bridge_slave_1: entered promiscuous mode
[   91.668495][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.681715][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.724553][ T5857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.737641][ T5857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.750846][ T5854] team0: Port device team_slave_0 added
[   91.786637][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.794263][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.802216][ T5861] bridge_slave_0: entered allmulticast mode
[   91.816478][ T5861] bridge_slave_0: entered promiscuous mode
[   91.826549][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.834386][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.860651][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.890993][ T5854] team0: Port device team_slave_1 added
[   91.926367][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.933833][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.941707][ T5861] bridge_slave_1: entered allmulticast mode
[   91.949232][ T5861] bridge_slave_1: entered promiscuous mode
[   91.957880][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.965654][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.991808][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.041287][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.053966][ T5856] team0: Port device team_slave_0 added
[   92.085899][ T5857] team0: Port device team_slave_0 added
[   92.095487][ T5857] team0: Port device team_slave_1 added
[   92.120491][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.150388][ T5856] team0: Port device team_slave_1 added
[   92.180567][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.207135][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.214226][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.240534][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.253484][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.260634][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.287281][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.342846][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.392636][ T5858] team0: Port device team_slave_0 added
[   92.448270][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.455368][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.481386][ T5857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.493826][ T5857] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.500897][ T5857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.527592][ T5857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.542236][ T5858] team0: Port device team_slave_1 added
[   92.555905][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.562959][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.589834][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.603196][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.610589][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.636880][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.672306][ T5855] hsr_slave_0: entered promiscuous mode
[   92.679006][ T5855] hsr_slave_1: entered promiscuous mode
[   92.687823][ T5861] team0: Port device team_slave_0 added
[   92.741978][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.748962][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.776119][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.798568][ T5861] team0: Port device team_slave_1 added
[   92.838788][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.846048][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.872965][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.928646][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.935930][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.962126][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.996687][ T5854] hsr_slave_0: entered promiscuous mode
[   93.004293][ T5854] hsr_slave_1: entered promiscuous mode
[   93.010907][ T5854] debugfs: 'hsr0' already exists in 'hsr'
[   93.017191][ T5854] Cannot create hsr debugfs directory
[   93.089133][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.096652][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.122962][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.208572][ T5856] hsr_slave_0: entered promiscuous mode
[   93.216815][ T5856] hsr_slave_1: entered promiscuous mode
[   93.223664][ T5856] debugfs: 'hsr0' already exists in 'hsr'
[   93.229515][ T5856] Cannot create hsr debugfs directory
[   93.265768][ T5857] hsr_slave_0: entered promiscuous mode
[   93.272680][ T5857] hsr_slave_1: entered promiscuous mode
[   93.279789][ T5857] debugfs: 'hsr0' already exists in 'hsr'
[   93.285911][ T5857] Cannot create hsr debugfs directory
[   93.317873][ T5858] hsr_slave_0: entered promiscuous mode
[   93.325270][ T5858] hsr_slave_1: entered promiscuous mode
[   93.331927][ T5858] debugfs: 'hsr0' already exists in 'hsr'
[   93.337719][ T5858] Cannot create hsr debugfs directory
[   93.459820][ T5880] Bluetooth: hci0: command tx timeout
[   93.514145][ T5861] hsr_slave_0: entered promiscuous mode
[   93.520825][ T5861] hsr_slave_1: entered promiscuous mode
[   93.527106][ T5861] debugfs: 'hsr0' already exists in 'hsr'
[   93.532986][ T5861] Cannot create hsr debugfs directory
[   93.539638][ T5876] Bluetooth: hci1: command tx timeout
[   93.539979][ T5877] Bluetooth: hci2: command tx timeout
[   93.545117][ T5876] Bluetooth: hci4: command tx timeout
[   93.551134][ T5862] Bluetooth: hci3: command tx timeout
[   93.556127][ T5880] Bluetooth: hci5: command tx timeout
[   94.194676][ T5855] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   94.208729][ T5855] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   94.221075][ T5855] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   94.242164][ T5855] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   94.308360][ T5854] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.322932][ T5854] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.336447][ T5854] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.350497][ T5854] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   94.456528][ T5857] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   94.467965][ T5857] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   94.483419][ T5857] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   94.513406][ T5857] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   94.634459][ T5858] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   94.676129][ T5858] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   94.687670][ T5858] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   94.719100][ T5858] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   94.751275][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.846976][ T5855] 8021q: adding VLAN 0 to HW filter on device team0
[   94.867952][ T5861] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   94.882976][ T5861] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   94.895604][ T5861] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   94.908631][ T5861] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   95.004053][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.011412][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.062203][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.069501][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.086279][ T5857] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.109075][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.141915][ T5856] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   95.187329][ T5856] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   95.211722][ T5857] 8021q: adding VLAN 0 to HW filter on device team0
[   95.232429][ T5856] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   95.247593][ T5856] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   95.274370][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.281680][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.311446][ T5854] 8021q: adding VLAN 0 to HW filter on device team0
[   95.354932][  T984] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.362110][  T984] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.374519][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.381708][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.432537][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.439996][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.522826][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.539848][ T5876] Bluetooth: hci0: command tx timeout
[   95.620203][ T5880] Bluetooth: hci2: command tx timeout
[   95.620267][ T5877] Bluetooth: hci1: command tx timeout
[   95.626006][ T5880] Bluetooth: hci5: command tx timeout
[   95.632931][ T5862] Bluetooth: hci4: command tx timeout
[   95.637481][ T5876] Bluetooth: hci3: command tx timeout
[   95.707434][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   95.775587][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.818831][  T984] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.826027][  T984] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.880648][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.887845][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.027361][ T5861] 8021q: adding VLAN 0 to HW filter on device team0
[   96.075783][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0
[   96.145671][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.152899][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.164773][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.171924][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.229191][ T5856] 8021q: adding VLAN 0 to HW filter on device team0
[   96.271023][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.368511][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.376093][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.397939][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.405246][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.428600][ T5857] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.527437][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.733024][ T5857] veth0_vlan: entered promiscuous mode
[   96.872168][ T5857] veth1_vlan: entered promiscuous mode
[   96.919379][ T5854] veth0_vlan: entered promiscuous mode
[   96.968246][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.988488][ T5854] veth1_vlan: entered promiscuous mode
[   97.143598][ T5854] veth0_macvtap: entered promiscuous mode
[   97.179019][ T5854] veth1_macvtap: entered promiscuous mode
[   97.214768][ T5857] veth0_macvtap: entered promiscuous mode
[   97.241610][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.256515][ T5857] veth1_macvtap: entered promiscuous mode
[   97.291609][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.315636][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.367554][ T5858] veth0_vlan: entered promiscuous mode
[   97.392205][ T5855] veth0_vlan: entered promiscuous mode
[   97.401210][   T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.425176][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.442812][   T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.453010][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.476396][   T59] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.490258][ T5855] veth1_vlan: entered promiscuous mode
[   97.506666][ T5857] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.536094][ T5858] veth1_vlan: entered promiscuous mode
[   97.547979][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.606458][   T59] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.621141][ T5876] Bluetooth: hci0: command tx timeout
[   97.645438][   T59] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.700238][ T5876] Bluetooth: hci3: command tx timeout
[   97.705711][ T5876] Bluetooth: hci5: command tx timeout
[   97.711501][ T5880] Bluetooth: hci2: command tx timeout
[   97.711524][ T5862] Bluetooth: hci4: command tx timeout
[   97.716904][ T5880] Bluetooth: hci1: command tx timeout
[   97.746438][   T59] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.755660][   T59] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.864697][ T5855] veth0_macvtap: entered promiscuous mode
[   97.875709][ T5858] veth0_macvtap: entered promiscuous mode
[   97.882051][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.902046][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.932944][ T5858] veth1_macvtap: entered promiscuous mode
[   97.957324][ T5856] veth0_vlan: entered promiscuous mode
[   97.991752][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.003582][ T5855] veth1_macvtap: entered promiscuous mode
[   98.018915][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.036510][ T5856] veth1_vlan: entered promiscuous mode
[   98.080583][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.115058][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.138824][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.155823][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.157300][ T5854] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   98.192919][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.222116][ T1328] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.237087][ T1328] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.275240][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.313176][ T5861] veth0_vlan: entered promiscuous mode
[   98.321145][ T1328] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.387355][ T1328] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.396939][ T1328] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.416098][ T5856] veth0_macvtap: entered promiscuous mode
[   98.433913][   T59] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.449121][ T5861] veth1_vlan: entered promiscuous mode
[   98.474303][   T59] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.484112][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.498563][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.507198][   T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.551067][ T5856] veth1_macvtap: entered promiscuous mode
[   98.676759][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.728687][ T5861] veth0_macvtap: entered promiscuous mode
[   98.848592][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.873650][ T5861] veth1_macvtap: entered promiscuous mode
[   98.910798][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.912080][ T5975] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.918649][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.941461][   T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.960441][ T5975] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.021752][   T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.072309][ T6011] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[   99.073926][ T6006] loop0: detected capacity change from 0 to 40427
[   99.078985][ T6011] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   99.118001][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.126641][ T6011] vhci_hcd vhci_hcd.0: Device attached
[   99.142003][ T6014] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   99.146150][ T6006] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   99.151863][   T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.176253][ T6006] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   99.178336][ T1328] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.193388][ T6011] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   99.194279][ T6011] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   99.234181][ T5975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.259481][ T5975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.273497][ T6011] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   99.288121][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.306109][ T6014] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(14)
[   99.312756][ T6014] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   99.320323][ T6003] vhci_hcd: vhci_device speed not set
[   99.340264][ T6014] vhci_hcd vhci_hcd.0: Device attached
[   99.383369][ T6011] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   99.436132][ T6006] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.445076][ T5975] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.452423][ T6003] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[   99.467897][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.467941][ T6011] vhci_hcd vhci_hcd.0: pdev(2) rhport(7) sockfd(16)
[   99.483239][ T6011] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   99.493972][ T5975] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.516130][ T6014] vhci_hcd vhci_hcd.0: port 0 already used
[   99.522309][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.531911][ T6011] vhci_hcd vhci_hcd.0: Device attached
[   99.534848][ T6006] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   99.553962][ T6020] vhci_hcd: connection closed
[   99.556795][   T49] vhci_hcd: stop threads
[   99.563660][ T6006] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   99.571218][ T6018] vhci_hcd: connection closed
[   99.574727][   T49] vhci_hcd: release socket
[   99.594417][ T6012] vhci_hcd: connection reset by peer
[   99.601177][   T49] vhci_hcd: disconnect device
[   99.609004][  T984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.625632][  T984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.631809][   T49] vhci_hcd: stop threads
[   99.640731][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.653159][   T49] vhci_hcd: release socket
[   99.668976][   T49] vhci_hcd: disconnect device
[   99.678550][   T49] vhci_hcd: stop threads
[   99.688365][   T49] vhci_hcd: release socket
[   99.691934][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.698583][   T49] vhci_hcd: disconnect device
[   99.847432][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.857167][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.935325][ T6029] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6'.
[   99.965505][  T984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.007002][  T984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.149542][ T6032] netlink: 2 bytes leftover after parsing attributes in process `syz.5.6'.
[  100.175386][ T1328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.216025][ T1328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.402937][ T6036] loop2: detected capacity change from 0 to 512
[  100.498708][ T6036] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  100.610371][ T6036] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  100.734121][ T6036] EXT4-fs (loop2): 1 truncate cleaned up
[  100.751470][ T6036] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.048623][ T6026] loop3: detected capacity change from 0 to 32768
[  101.119597][ T5863] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  101.285907][ T6026] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  101.296924][ T6038] loop5: detected capacity change from 0 to 32768
[  101.305247][ T5863] usb 5-1: Using ep0 maxpacket: 32
[  101.315012][ T5863] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  101.388167][ T5863] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  101.413050][ T6038] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.9 (6038)
[  101.426750][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.455159][ T5863] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  101.507007][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.575314][ T6038] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  101.601577][ T5863] usb 5-1: config 0 descriptor??
[  101.621196][ T6043] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  101.673449][ T6038] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  101.702561][ T5863] hub 5-1:0.0: USB hub found
[  101.773673][ T5858] (syz-executor,5858,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  101.828596][ T5858] ocfs2: Unmounting device (7,3) on (node local)
[  101.852068][ T6051] loop6: detected capacity change from 0 to 7
[  101.853929][ T6034] loop1: detected capacity change from 0 to 32768
[  101.875208][ T5863] hub 5-1:0.0: 1 port detected
[  101.895746][ T6034] =======================================================
[  101.895746][ T6034] WARNING: The mand mount option has been deprecated and
[  101.895746][ T6034]          and is ignored by this kernel. Remove the mand
[  101.895746][ T6034]          option from the mount to silence this warning.
[  101.895746][ T6034] =======================================================
[  101.918896][ T6051]  loop6: [POWERTEC] p1 p2 p3 p4
[  102.079836][ T6034] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  102.133268][ T6051] loop6: p1 size 786432 extends beyond EOD, truncated
[  102.169973][ T6038] BTRFS info (device loop5): enabling ssd optimizations
[  102.215495][ T6051] loop6: p2 start 327681 is beyond EOD, truncated
[  102.235463][ T6038] BTRFS info (device loop5): enabling free space tree
[  102.261652][ T6051] loop6: p3 start 2532444582 is beyond EOD, truncated
[  102.340960][ T6051] loop6: p4 start 32767 is beyond EOD, truncated
[  102.385894][ T6034] XFS (loop1): Ending clean mount
[  102.466395][ T6034] XFS (loop1): Quotacheck needed: Please wait.
[  102.479529][ T5937] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  102.624507][ T5869] udevd[5869]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  102.645521][ T6034] XFS (loop1): Quotacheck: Done.
[  102.692920][ T5937] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  102.768688][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  102.815364][ T6047] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  102.846478][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  102.893446][ T5937] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  102.928650][   T30] audit: type=1800 audit(1756060823.854:2): pid=6034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  102.984678][ T5855] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.023331][ T5937] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  103.038418][ T5937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.046936][   T30] audit: type=1800 audit(1756060823.954:3): pid=6078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  103.074993][ T5937] usb 4-1: config 0 descriptor??
[  103.162111][ T5950] hub 5-1:0.0: hub_ext_port_status failed (err = -71)
[  103.162431][ T5930] usb 5-1: USB disconnect, device number 2
[  103.169198][ T5950] usb 5-1-port1: connect-debounce failed
[  103.540945][ T5856] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  103.570891][ T5937] plantronics 0003:047F:FFFF.0001: ignoring exceeding usage max
[  103.721554][ T5937] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  103.949220][ T6094] syz_tun: entered allmulticast mode
[  104.007986][ T6093] syz_tun: left allmulticast mode
[  104.129574][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  104.139469][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  104.440155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.450534][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  104.517281][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  104.527813][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  104.537034][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  104.545891][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  104.555066][    T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!!
[  104.564204][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  104.573076][ T6003] vhci_hcd: vhci_device speed not set
[  104.975353][ T6109] sctp: [Deprecated]: syz.0.21 (pid 6109) Use of int in maxseg socket option.
[  104.975353][ T6109] Use struct sctp_assoc_value instead
[  105.118887][   T59] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.677029][ T5950] usb 4-1: USB disconnect, device number 2
[  105.734946][   T59] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.603294][ T6124] loop3: detected capacity change from 0 to 32768
[  106.620694][ T6124] btrfs: Deprecated parameter 'usebackuproot'
[  106.627082][ T6124] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  106.687656][   T59] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.759968][ T6124] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.24 (6124)
[  106.777263][ T6124] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  106.787518][ T6124] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  107.121948][ T5880] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  107.139748][ T5880] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  107.151512][ T5880] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  107.160720][ T5880] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  107.168965][ T5880] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  107.240621][ T6124] BTRFS info (device loop3): rebuilding free space tree
[  107.263880][ T6124] BTRFS info (device loop3): enabling ssd optimizations
[  107.270996][ T6124] BTRFS info (device loop3): using spread ssd allocation scheme
[  107.278695][ T6124] BTRFS info (device loop3): enabling free space tree
[  107.285812][ T6124] BTRFS info (device loop3): force clearing of disk cache
[  107.293065][ T6124] BTRFS info (device loop3): enabling auto defrag
[  107.307372][ T6124] BTRFS info (device loop3): doing ref verification
[  107.316352][ T6124] BTRFS info (device loop3): trying to use backup root at mount time
[  107.324588][ T6124] BTRFS info (device loop3): max_inline set to 4096
[  107.812480][ T6150] BTRFS info (device loop3): space_info DATA+METADATA (sub-group id 0) has 159744 free, is not full
[  107.824672][ T6150] BTRFS info (device loop3): space_info total=3276800, used=49152, pinned=12288, reserved=12288, may_use=3043328, readonly=0 zone_unusable=0
[  107.839234][ T6150] BTRFS info (device loop3): global_block_rsv: size 1441792 reserved 1441792
[  107.848372][ T6150] BTRFS info (device loop3): trans_block_rsv: size 0 reserved 0
[  107.856297][ T6150] BTRFS info (device loop3): chunk_block_rsv: size 0 reserved 0
[  107.864301][ T6150] BTRFS info (device loop3): delayed_block_rsv: size 0 reserved 0
[  107.872181][ T6150] BTRFS info (device loop3): delayed_refs_rsv: size 688128 reserved 688128
[  108.327034][ T6144] loop1: detected capacity change from 0 to 47
[  108.360023][ T5858] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  108.575651][ T6153] loop5: detected capacity change from 0 to 4096
[  108.627249][   T59] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.735715][ T6156] loop0: detected capacity change from 0 to 128
[  108.886488][ T6156] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  108.933307][ T6156] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  109.021461][ T6156] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  109.127134][ T6156] fscrypt: loop0: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13
[  109.177337][   T30] audit: type=1804 audit(1756060830.104:4): pid=6153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.30" name="/newroot/5/file0/bus" dev="loop5" ino=33 res=1 errno=0
[  109.224059][ T5876] Bluetooth: hci3: command tx timeout
[  109.417033][ T6138] chnl_net:caif_netlink_parms(): no params data found
[  109.433506][ T5854] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  109.639524][ T5863] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  109.791431][ T6178] syz.3.35 uses obsolete (PF_INET,SOCK_PACKET)
[  109.849478][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.939761][ T5863] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.969988][   T59] bridge_slave_1: left allmulticast mode
[  109.995245][ T5863] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  110.025246][   T59] bridge_slave_1: left promiscuous mode
[  110.053206][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.063943][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.131255][ T5863] usb 2-1: config 0 descriptor??
[  110.345540][   T59] bridge_slave_0: left allmulticast mode
[  111.020950][   T59] bridge_slave_0: left promiscuous mode
[  111.026936][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  111.077038][ T5863] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  111.129697][ T5863] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  111.184168][ T5863] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0002/input/input5
[  111.299825][ T5876] Bluetooth: hci3: command tx timeout
[  111.373563][ T6170] loop5: detected capacity change from 0 to 32768
[  111.406500][ T5863] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[  111.440206][ T6170] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.34 (6170)
[  111.537214][ T5863] usb 2-1: USB disconnect, device number 2
[  111.564941][ T6170] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  111.610215][ T6170] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  111.897518][ T6170] BTRFS info (device loop5): enabling ssd optimizations
[  111.940886][ T6170] BTRFS info (device loop5): enabling free space tree
[  112.114250][   T30] audit: type=1800 audit(1756060833.044:5): pid=6170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.34" name="file1" dev="loop5" ino=263 res=0 errno=0
[  112.386034][ T5855] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  112.959440][   T10] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  113.147426][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.178221][   T10] usb 5-1: config index 0 descriptor too short (expected 63524, got 36)
[  113.201348][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.218501][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  113.291973][   T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  113.300639][   T59] bond0 (unregistering): Released all slaves
[  113.311632][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.356430][   T10] usb 5-1: Product: syz
[  113.369480][   T10] usb 5-1: Manufacturer: syz
[  113.379860][ T5876] Bluetooth: hci3: command tx timeout
[  113.388219][   T10] usb 5-1: SerialNumber: syz
[  113.400221][   T10] usb 5-1: config 0 descriptor??
[  113.437773][   T10] usb 5-1: 0:0 : invalid sync pipe. bmAttributes 00, bLength 9, bSynchAddress 00
[  113.603339][ T6225] loop1: detected capacity change from 0 to 32768
[  113.760252][ T6225] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.236407][ T6225] XFS (loop1): Ending clean mount
[  114.281785][ T6225] XFS (loop1): Quotacheck needed: Please wait.
[  114.673554][ T6234] loop5: detected capacity change from 0 to 32768
[  114.682824][ T6225] XFS (loop1): Quotacheck: Done.
[  114.755060][ T6234] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.42 (6234)
[  115.013153][ T6234] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.057209][ T6234] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  115.469761][ T5876] Bluetooth: hci3: command tx timeout
[  115.665597][ T6234] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  115.667927][ T6234] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  115.807513][ T5856] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.880039][ T6234] BTRFS error (device loop5): open_ctree failed: -12
[  116.074706][ T6138] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.119457][ T6138] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.189572][ T6138] bridge_slave_0: entered allmulticast mode
[  116.220961][ T6138] bridge_slave_0: entered promiscuous mode
[  116.294358][ T6138] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.352406][ T6138] bridge0: port 2(bridge_slave_1) entered disabled state
[  116.426386][ T6138] bridge_slave_1: entered allmulticast mode
[  116.464204][ T6138] bridge_slave_1: entered promiscuous mode
[  117.469715][ T6007] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  117.577088][ T6232] syz.4.43 (6232): drop_caches: 2
[  117.729517][ T6007] usb 1-1: Using ep0 maxpacket: 32
[  117.798655][ T6007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.822243][ T6138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.865216][ T6007] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.905248][ T6007] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  117.949159][ T6138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.965009][ T6288] netlink: 4 bytes leftover after parsing attributes in process `syz.5.50'.
[  117.977365][ T6007] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.156839][ T6007] usb 1-1: config 0 descriptor??
[  118.175997][   T59] hsr_slave_0: left promiscuous mode
[  118.202570][ T6007] hub 1-1:0.0: USB hub found
[  118.238848][   T10] usb 5-1: USB disconnect, device number 3
[  118.332173][   T59] hsr_slave_1: left promiscuous mode
[  118.382897][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  118.397262][ T6007] hub 1-1:0.0: 1 port detected
[  118.482690][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  118.567901][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  118.628206][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  118.690765][ T5875] udevd[5875]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  118.990089][   T59] veth1_macvtap: left promiscuous mode
[  119.028722][   T59] veth0_macvtap: left promiscuous mode
[  119.040544][   T59] veth1_vlan: left promiscuous mode
[  119.046334][   T59] veth0_vlan: left promiscuous mode
[  119.083772][ T6007] hub 1-1:0.0: activate --> -90
[  119.542838][ T6003] usb 1-1: USB disconnect, device number 2
[  121.678155][ T6323] loop0: detected capacity change from 0 to 2048
[  121.773879][ T6323] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.922099][ T6337] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.029748][ T1328] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  122.132455][ T1328] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  122.203977][ T1328] EXT4-fs (loop0): This should not happen!! Data will be lost
[  122.203977][ T1328] 
[  122.288686][ T1328] EXT4-fs (loop0): Total free blocks count 0
[  122.367340][ T1328] EXT4-fs (loop0): Free/Dirty block details
[  122.436820][ T1328] EXT4-fs (loop0): free_blocks=4096
[  122.490959][ T1328] EXT4-fs (loop0): dirty_blocks=16
[  122.496175][ T1328] EXT4-fs (loop0): Block reservation details
[  122.530036][ T1328] EXT4-fs (loop0): i_reserved_data_blocks=1
[  122.560857][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.815479][ T6344] Bluetooth: MGMT ver 1.23
[  122.842760][ T6341] Bluetooth: hci0: Opcode 0x0401 failed: -112
[  123.136222][   T59] team0 (unregistering): Port device team_slave_1 removed
[  123.650278][   T59] team0 (unregistering): Port device team_slave_0 removed
[  124.052873][   T30] audit: type=1800 audit(1756060844.994:6): pid=6362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.63" name="/" dev="9p" ino=2 res=0 errno=0
[  124.820506][ T5880] Bluetooth: hci0: command 0x0401 tx timeout
[  124.828762][ T5876] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  125.137002][ T6376] loop5: detected capacity change from 0 to 128
[  125.225873][ T6376] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  125.272484][ T6381] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  125.315061][ T6138] team0: Port device team_slave_0 added
[  125.376943][ T6382] loop3: detected capacity change from 0 to 764
[  125.442992][ T6376] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.698400][ T6138] team0: Port device team_slave_1 added
[  126.026962][ T6376] syz.5.65 (pid 6376) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  126.296428][ T6138] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.389454][ T6138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.481852][ T6376] fscrypt (loop5, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  126.565355][ T6138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.586859][ T6138] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.602987][ T6138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.668100][ T6376] fscrypt (loop5, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  126.789532][ T6138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  126.899740][ T5876] Bluetooth: hci0: command 0x0401 tx timeout
[  127.046677][ T6401] netlink: 'syz.3.70': attribute type 1 has an invalid length.
[  127.063668][ T5855] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  127.576614][ T6138] hsr_slave_0: entered promiscuous mode
[  127.687990][ T6138] hsr_slave_1: entered promiscuous mode
[  127.752189][ T6138] debugfs: 'hsr0' already exists in 'hsr'
[  127.758020][ T6138] Cannot create hsr debugfs directory
[  127.911531][ T6408] pim6reg1: entered promiscuous mode
[  127.931890][ T6408] pim6reg1: entered allmulticast mode
[  128.785587][ T6434] loop5: detected capacity change from 0 to 1024
[  129.644451][ T6434] hfsplus: xattr searching failed
[  129.735071][ T6434] hfsplus: xattr searching failed
[  129.803705][ T6447] loop3: detected capacity change from 0 to 256
[  129.832748][ T6434] hfsplus: xattr searching failed
[  129.906236][ T6444] loop4: detected capacity change from 0 to 1024
[  131.048676][ T5975] hfsplus: b-tree write err: -5, ino 3
[  131.278950][ T6444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.453216][   T30] audit: type=1800 audit(1756060852.394:7): pid=6444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.78" name="bus" dev="loop4" ino=18 res=0 errno=0
[  131.508812][ T6444] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.78: Allocating blocks 385-513 which overlap fs metadata
[  131.701589][ T6465] EXT4-fs (loop4): pa ffff88802fa33ae0: logic 16, phys. 129, len 24
[  131.710545][ T6465] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  132.029961][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.5.81'.
[  132.653427][ T6465] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 2 with max blocks 3 with error 1
[  132.701628][ T6138] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  132.734699][ T6465] EXT4-fs (loop4): This should not happen!! Data will be lost
[  132.734699][ T6465] 
[  132.776427][ T6138] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  132.897020][ T6138] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  133.028344][ T6138] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  133.086008][ T5861] Trying to write to read-only block-device loop4
[  133.113354][ T6473] binder: 6470:6473 ioctl c0306201 200000004a40 returned -22
[  133.137414][ T5861] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.283465][ T6485] netlink: 60 bytes leftover after parsing attributes in process `syz.5.84'.
[  133.645612][ T6138] 8021q: adding VLAN 0 to HW filter on device bond0
[  133.777920][ T6138] 8021q: adding VLAN 0 to HW filter on device team0
[  133.815969][ T6495] loop0: detected capacity change from 0 to 512
[  133.857726][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.864946][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  133.930457][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.937751][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.104006][ T6495] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.192728][ T6495] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  134.231866][ T6138] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  134.245905][ T6138] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  134.401530][ T6512] loop5: detected capacity change from 0 to 128
[  134.491234][ T6512] EXT4-fs (loop5): Test dummy encryption mode enabled
[  134.669700][ T5930] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  134.817939][ T6512] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  134.961927][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  134.967818][ T6512] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  135.008113][ T5930] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  135.045744][ T5930] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  135.055317][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  135.083517][ T5930] usb 4-1: Product: syz
[  135.094196][ T5930] usb 4-1: Manufacturer: syz
[  135.119165][ T6512] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  135.127428][ T5930] usb 4-1: SerialNumber: syz
[  135.157172][ T5930] usb 4-1: config 0 descriptor??
[  135.187556][ T6513] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  135.328612][ T6138] 8021q: adding VLAN 0 to HW filter on device batadv0
[  135.611576][ T5855] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  136.017534][ T6003] usb 4-1: USB disconnect, device number 3
[  136.233250][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.223925][ T6543] loop1: detected capacity change from 0 to 2048
[  137.386052][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  137.404717][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  137.443672][ T6543] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  137.868009][ T6549] syzkaller0: entered promiscuous mode
[  137.909527][ T6549] syzkaller0: entered allmulticast mode
[  138.678948][ T6566] program syz.0.103 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  139.211923][ T6578] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.105'.
[  141.142945][ T6593] loop1: detected capacity change from 0 to 1024
[  141.322599][   T30] audit: type=1800 audit(1756060862.244:8): pid=6593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.109" name="file1" dev="loop1" ino=2 res=0 errno=0
[  142.836685][ T6003] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  143.394658][ T6003] usb 2-1: Using ep0 maxpacket: 32
[  143.762132][ T6003] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  143.803396][ T6003] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  143.836949][ T6003] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  143.918160][ T6003] usb 2-1: Product: syz
[  143.923046][ T6003] usb 2-1: Manufacturer: syz
[  143.927897][ T6003] usb 2-1: SerialNumber: syz
[  143.980260][ T6003] usb 2-1: config 0 descriptor??
[  143.986120][ T6600] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  144.258587][ T5950] usb 2-1: USB disconnect, device number 3
[  147.134311][ T6138] veth0_vlan: entered promiscuous mode
[  147.178828][ T6138] veth1_vlan: entered promiscuous mode
[  147.296875][ T6636] loop3: detected capacity change from 0 to 16
[  147.333022][ T6636] erofs (device loop3): mounted with root inode @ nid 36.
[  147.391975][ T6138] veth0_macvtap: entered promiscuous mode
[  147.462273][ T6138] veth1_macvtap: entered promiscuous mode
[  147.652498][ T6138] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.742149][ T6138] batman_adv: batadv0: Interface activated: batadv_slave_1
[  148.019941][ T6647] loop3: detected capacity change from 0 to 32768
[  148.079162][ T6429] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.166374][   T49] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.249024][ T6647] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  148.249050][ T6647]   allowing incompatible features above 0.0: (unknown version)
[  148.249061][ T6647]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  148.271714][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.301816][ T6647] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  148.310237][ T6647] bcachefs (loop3): initializing new filesystem
[  148.323309][ T6647] bcachefs (loop3): going read-write
[  148.381437][ T6647] bcachefs (loop3): marking superblocks
[  148.399967][ T6647] bcachefs (loop3): initializing freespace
[  148.410208][ T6647] bcachefs (loop3): done initializing freespace
[  148.419760][ T6647] bcachefs (loop3): reading snapshots table
[  148.425763][ T6647] bcachefs (loop3): reading snapshots done
[  148.487178][ T6647] bcachefs (loop3): done starting filesystem
[  148.527595][   T49] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.562481][   T36] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  148.669138][ T6647] syz.3.122 (6647) used greatest stack depth: 15320 bytes left
[  148.961752][ T5858] bcachefs (loop3): shutting down
[  148.967236][ T5858] bcachefs (loop3): going read-only
[  149.009879][ T5858] bcachefs (loop3): finished waiting for writes to stop
[  149.064369][ T5858] bcachefs (loop3): flushing journal and stopping allocators, journal seq 4
[  149.137272][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.194077][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.347597][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.401942][ T5858] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  149.403593][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.485932][ T5858] bcachefs (loop3): clean shutdown complete, journal seq 5
[  149.497900][ T6642] loop5: detected capacity change from 0 to 32768
[  149.520849][ T5858] bcachefs (loop3): marking filesystem clean
[  149.619295][ T6642] 
[  149.619295][ T6642]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  149.619295][ T6642] 
[  149.788059][ T5858] bcachefs (loop3): shutdown complete
[  149.991315][ T5855] 
[  149.991315][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  149.991315][ T5855] 
[  150.103648][ T5855] 
[  150.103648][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  150.103648][ T5855] 
[  152.211638][ T6689] loop1: detected capacity change from 0 to 512
[  152.312612][ T6689] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  152.352942][ T6689] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[  152.374529][ T6689] System zones: 1-12
[  152.378862][ T6689] EXT4-fs (loop1): orphan cleanup on readonly fs
[  152.393211][ T6689] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.131: invalid indirect mapped block 12 (level 1)
[  152.425271][ T6696] loop6: detected capacity change from 0 to 64
[  152.477334][ T6689] EXT4-fs (loop1): Remounting filesystem read-only
[  152.486145][ T6689] EXT4-fs (loop1): 1 truncate cleaned up
[  152.497502][ T6689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  153.294981][ T5856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  153.417755][ T6704] loop4: detected capacity change from 0 to 128
[  153.749629][ T5930] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  154.200472][ T5930] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.538542][ T5930] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  154.547699][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.995556][ T5930] usb 1-1: config 0 descriptor??
[  155.022540][ T5930] pwc: Askey VC010 type 2 USB webcam detected.
[  156.530841][ T5930] pwc: recv_control_msg error -32 req 02 val 2b00
[  156.629776][ T5930] pwc: recv_control_msg error -32 req 02 val 2700
[  156.659838][ T5930] pwc: recv_control_msg error -32 req 02 val 2c00
[  156.680301][ T5930] pwc: recv_control_msg error -32 req 04 val 1000
[  156.719916][ T5930] pwc: recv_control_msg error -32 req 04 val 1300
[  156.740706][ T5930] pwc: recv_control_msg error -32 req 04 val 1400
[  156.796741][ T5930] pwc: recv_control_msg error -32 req 02 val 2000
[  156.822852][ T5930] pwc: recv_control_msg error -32 req 02 val 2100
[  157.077236][ T5930] pwc: recv_control_msg error -71 req 02 val 2500
[  157.094411][ T6742] loop3: detected capacity change from 0 to 512
[  157.096376][ T5937] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  157.114474][ T5930] pwc: recv_control_msg error -71 req 02 val 2400
[  157.116935][ T6742] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  157.272023][ T5930] pwc: recv_control_msg error -71 req 02 val 2600
[  157.346328][ T6742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.520887][ T6742] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.124: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  157.572492][ T6742] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.124: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  158.023984][ T5930] pwc: recv_control_msg error -71 req 02 val 2900
[  158.040917][ T5930] pwc: recv_control_msg error -71 req 02 val 2800
[  158.048708][ T5930] pwc: recv_control_msg error -71 req 04 val 1100
[  158.056135][ T5930] pwc: recv_control_msg error -71 req 04 val 1200
[  158.072543][ T5858] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  158.091227][ T5930] pwc: Registered as video103.
[  158.109501][ T5937] usb 7-1: Using ep0 maxpacket: 8
[  158.123280][ T5937] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  158.139426][ T5937] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.147464][ T5937] usb 7-1: Product: syz
[  158.193589][ T5937] usb 7-1: Manufacturer: syz
[  158.198259][ T5937] usb 7-1: SerialNumber: syz
[  158.234496][ T5930] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  158.248857][ T5858] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.261853][ T5937] usb 7-1: config 0 descriptor??
[  158.436641][ T6755] ufs: You didn't specify the type of your ufs filesystem
[  158.436641][ T6755] 
[  158.436641][ T6755] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  158.436641][ T6755] 
[  158.436641][ T6755] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  158.469554][ T6755] ufs: ufstype=old is supported read-only
[  158.500960][ T6755] ufs: ufs_fill_super(): bad magic number
[  159.006268][ T5937] usb 7-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  159.040260][ T5930] usb 1-1: USB disconnect, device number 3
[  159.250328][ T6769] loop3: detected capacity change from 0 to 256
[  159.352462][ T6769] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  159.690886][ T5930] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  160.494981][ T5930] usb 1-1: Using ep0 maxpacket: 16
[  161.128384][ T5930] usb 1-1: config 0 has no interfaces?
[  161.169452][ T5930] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  161.201539][ T5930] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.262868][ T5930] usb 1-1: config 0 descriptor??
[  162.227044][ T5930] usb 1-1: can't set config #0, error -71
[  162.249099][ T5937] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  162.291525][ T5930] usb 1-1: USB disconnect, device number 4
[  162.745005][ T5937] usb 7-1: USB disconnect, device number 2
[  165.722839][ T6812] loop1: detected capacity change from 0 to 512
[  165.845914][ T6812] EXT4-fs: inline encryption not supported
[  165.902006][ T6812] EXT4-fs: Ignoring removed nobh option
[  166.117575][ T6812] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  167.076907][ T6812] EXT4-fs (loop1): DAX unsupported by block device.
[  168.210834][ T6832] loop0: detected capacity change from 0 to 2048
[  168.501562][ T6832] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.651095][ T6826] netlink: 'syz.0.165': attribute type 4 has an invalid length.
[  168.662179][ T6826] ext4: Unknown parameter '��������������18446744073709551615�����@�LqE�:��� �艞�t}�0��$�'
[  168.919791][ T5868] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  169.009024][ T6845] Device name cannot be null; rc = [-22]
[  169.370610][ T5868] usb 1-1: Using ep0 maxpacket: 16
[  169.399834][ T5868] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.413554][ T5868] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  169.435243][ T5868] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  169.478406][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.514557][ T5868] usb 1-1: config 0 descriptor??
[  169.946042][ T5950] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  170.109588][ T5950] usb 6-1: Using ep0 maxpacket: 32
[  170.128446][ T5950] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  170.229262][ T5950] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  170.258389][ T5950] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  170.292672][ T5950] usb 6-1: Product: syz
[  170.302754][ T5950] usb 6-1: Manufacturer: syz
[  170.319502][ T5950] usb 6-1: SerialNumber: syz
[  170.647224][ T5950] usb 6-1: config 0 descriptor??
[  170.978411][ T6851] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  171.279527][ T6007] usb 6-1: USB disconnect, device number 2
[  172.512185][ T5868] usbhid 1-1:0.0: can't add hid device: -71
[  172.518256][ T5868] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  172.587649][ T5854] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.608160][ T5868] usb 1-1: USB disconnect, device number 5
[  172.617369][ T6873] loop1: detected capacity change from 0 to 1024
[  172.778347][ T6875] loop6: detected capacity change from 0 to 256
[  172.875163][ T6873] hfsplus: request for non-existent node 33423360 in B*Tree
[  172.920283][ T6873] hfsplus: request for non-existent node 33423360 in B*Tree
[  173.225658][ T6881] hfsplus: request for non-existent node 33423360 in B*Tree
[  173.246682][ T6875] exFAT-fs (loop6): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  173.482891][ T6881] hfsplus: request for non-existent node 33423360 in B*Tree
[  174.525237][ T6879] hfsplus: request for non-existent node 33423360 in B*Tree
[  174.631016][ T6879] hfsplus: request for non-existent node 33423360 in B*Tree
[  175.187605][ T6902] netlink: 'syz.0.178': attribute type 6 has an invalid length.
[  175.342844][ T6873] hfsplus: request for non-existent node 33423360 in B*Tree
[  176.279863][ T6873] hfsplus: request for non-existent node 33423360 in B*Tree
[  176.308175][ T6890] hfsplus: request for non-existent node 33423360 in B*Tree
[  176.439620][ T6890] hfsplus: request for non-existent node 33423360 in B*Tree
[  177.762059][ T6893] hfsplus: request for non-existent node 33423360 in B*Tree
[  177.839627][ T6893] hfsplus: request for non-existent node 33423360 in B*Tree
[  178.158423][ T6928] hub 6-0:1.0: USB hub found
[  178.166829][ T6928] hub 6-0:1.0: 1 port detected
[  179.056582][ T5937] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  179.302538][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  179.338591][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.379458][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.439625][ T5937] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  179.496592][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.558564][ T5937] usb 5-1: config 0 descriptor??
[  179.576879][ T6939] loop6: detected capacity change from 0 to 764
[  180.124044][ T5937] usb 5-1: can't set config #0, error -71
[  180.169171][ T5937] usb 5-1: USB disconnect, device number 4
[  180.974264][ T6959] netlink: 'syz.6.193': attribute type 21 has an invalid length.
[  180.991622][ T5937] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  181.418250][ T5937] usb 2-1: Using ep0 maxpacket: 32
[  181.531249][ T5937] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  181.569798][ T5937] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.636439][ T5937] usb 2-1: Product: syz
[  181.665569][ T5937] usb 2-1: Manufacturer: syz
[  181.764947][ T5937] usb 2-1: SerialNumber: syz
[  181.922491][ T5937] usb 2-1: config 0 descriptor??
[  182.015178][ T5937] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  183.486682][ T6980] loop5: detected capacity change from 0 to 512
[  183.496369][ T6978] loop6: detected capacity change from 0 to 1024
[  183.563261][ T6978] EXT4-fs: Ignoring removed bh option
[  183.577503][ T6980] journal_path: Non-blockdev passed as './file0'
[  183.636089][ T6980] EXT4-fs: error: could not find journal device path
[  183.761553][ T6978] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  184.170700][ T6978] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.379568][   T30] audit: type=1800 audit(1756060905.314:9): pid=6978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.198" name="file1" dev="loop6" ino=15 res=0 errno=0
[  184.891986][ T6992] loop0: detected capacity change from 0 to 16
[  185.341685][ T5937] gspca_stk1135: reg_w 0x352 err -71
[  185.348056][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  185.366122][ T5937] gspca_stk1135: Sensor write failed
[  185.391709][ T6992] erofs (device loop0): mounted with root inode @ nid 36.
[  185.412111][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  185.418532][ T5937] gspca_stk1135: Sensor write failed
[  185.441165][ T6138] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.502258][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  185.596195][ T5937] gspca_stk1135: Sensor read failed
[  185.609541][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  185.615916][ T5937] gspca_stk1135: Sensor read failed
[  185.675307][ T5937] gspca_stk1135: Detected sensor type unknown (0x0)
[  185.719479][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  185.795666][ T5937] gspca_stk1135: Sensor read failed
[  186.060042][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  186.066536][ T5937] gspca_stk1135: Sensor read failed
[  186.073833][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  186.089489][ T5937] gspca_stk1135: Sensor write failed
[  186.096472][ T5937] gspca_stk1135: serial bus timeout: status=0x00
[  186.104213][ T5937] gspca_stk1135: Sensor write failed
[  186.309970][ T5937] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71
[  186.398609][ T5937] usb 2-1: USB disconnect, device number 4
[  186.889555][ T6007] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  187.079781][ T6007] usb 7-1: Using ep0 maxpacket: 8
[  187.124430][ T6007] usb 7-1: config 12 has an invalid interface number: 212 but max is 0
[  187.155860][ T6007] usb 7-1: config 12 has no interface number 0
[  187.210086][ T6007] usb 7-1: New USB device found, idVendor=0fe9, idProduct=db98, bcdDevice=30.0c
[  187.239519][ T6007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.279107][ T6007] usb 7-1: Product: syz
[  187.280356][ T7011] netlink: 32 bytes leftover after parsing attributes in process `syz.4.204'.
[  187.295265][ T6007] usb 7-1: Manufacturer: syz
[  187.298440][ T7011] netlink: 32 bytes leftover after parsing attributes in process `syz.4.204'.
[  187.312011][ T6007] usb 7-1: SerialNumber: syz
[  187.335051][ T6007] dvb-usb: found a 'DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2)' in warm state.
[  188.104292][ T7011] loop4: detected capacity change from 0 to 131072
[  188.683194][ T6007] dvb-usb: bulk message failed: -22 (2/0)
[  188.758597][ T6007] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  188.806169][ T6007] dvbdev: DVB: registering new adapter (DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2))
[  188.885791][ T6007] usb 7-1: media controller created
[  189.019187][ T6007] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  190.354434][ T6007] cxusb: set interface failed
[  190.384140][ T6007] dvb-usb: bulk message failed: -22 (1/0)
[  190.425335][ T6007] dvb-usb: bulk message failed: -22 (3/0)
[  190.450447][ T6007] usb 7-1: bluebird_gpio_write failed.
[  191.379587][ T6007] dvb-usb: bulk message failed: -22 (3/0)
[  191.387603][ T6007] usb 7-1: bluebird_gpio_write failed.
[  191.640680][ T7027] loop6: detected capacity change from 0 to 40427
[  191.698016][ T7027] F2FS-fs (loop6): invalid crc value
[  191.949618][ T6007] DVB: Unable to find symbol dib7000p_attach()
[  192.035230][ T6007] dvb-usb: no frontend was attached by 'DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2)'
[  192.770298][ T7027] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  192.782771][ T7027] F2FS-fs (loop6): Start checkpoint disabled!
[  192.828365][ T7027] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  193.072283][   T30] audit: type=1800 audit(1756060913.984:10): pid=7040 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.207" name="bus" dev="loop6" ino=10 res=0 errno=0
[  193.117849][ T7040] syz.6.207: attempt to access beyond end of device
[  193.117849][ T7040] loop6: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  193.138865][ T7040] syz.6.207: attempt to access beyond end of device
[  193.138865][ T7040] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.155858][ T7040] syz.6.207: attempt to access beyond end of device
[  193.155858][ T7040] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.171492][ T7040] syz.6.207: attempt to access beyond end of device
[  193.171492][ T7040] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.188839][ T7040] syz.6.207: attempt to access beyond end of device
[  193.188839][ T7040] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.208024][ T7040] syz.6.207: attempt to access beyond end of device
[  193.208024][ T7040] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  193.226910][ T7040] syz.6.207: attempt to access beyond end of device
[  193.226910][ T7040] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  193.242654][ T7040] syz.6.207: attempt to access beyond end of device
[  193.242654][ T7040] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  193.258583][ T7040] syz.6.207: attempt to access beyond end of device
[  193.258583][ T7040] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  193.274686][ T7040] syz.6.207: attempt to access beyond end of device
[  193.274686][ T7040] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  194.538160][ T6007] rc_core: IR keymap rc-dvico-mce not found
[  194.544765][ T6007] Registered IR keymap rc-empty
[  194.551671][ T6007] rc rc0: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0
[  194.566593][ T6007] input: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0/input8
[  194.603224][ T6007] dvb-usb: schedule remote query interval to 100 msecs.
[  194.616041][ T6905] CPU: 0 UID: 0 PID: 6905 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full) 
[  194.616076][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  194.616093][ T6905] Workqueue: writeback wb_workfn (flush-7:6)
[  194.616129][ T6905] Call Trace:
[  194.616139][ T6905]  <TASK>
[  194.616149][ T6905]  dump_stack_lvl+0x189/0x250
[  194.616188][ T6905]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.616219][ T6905]  ? __pfx_queue_work_on+0x10/0x10
[  194.616256][ T6905]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  194.616293][ T6905]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  194.616344][ T6905]  f2fs_handle_critical_error+0x37c/0x540
[  194.616394][ T6905]  f2fs_write_end_io+0x886/0xb60
[  194.616445][ T6905]  __submit_merged_bio+0x27a/0x6a0
[  194.616492][ T6905]  __submit_merged_write_cond+0x255/0x530
[  194.616538][ T6905]  f2fs_write_data_pages+0x261d/0x3000
[  194.616629][ T6905]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  194.616689][ T6905]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  194.616714][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.616794][ T6905]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  194.616852][ T6905]  ? trace_f2fs_writepages+0x7f/0x200
[  194.616890][ T6905]  ? f2fs_write_node_pages+0x478/0x6e0
[  194.616932][ T6905]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  194.616977][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617014][ T6905]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  194.617055][ T6905]  do_writepages+0x32e/0x550
[  194.617098][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617125][ T6905]  ? reacquire_held_locks+0x127/0x1d0
[  194.617151][ T6905]  ? writeback_sb_inodes+0x384/0x1010
[  194.617198][ T6905]  __writeback_single_inode+0x145/0xff0
[  194.617231][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617263][ T6905]  ? do_raw_spin_unlock+0x122/0x240
[  194.617301][ T6905]  writeback_sb_inodes+0x6c7/0x1010
[  194.617373][ T6905]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  194.617467][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617495][ T6905]  ? rcu_is_watching+0x15/0xb0
[  194.617520][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617560][ T6905]  wb_writeback+0x43b/0xaf0
[  194.617605][ T6905]  ? queue_io+0x3b1/0x590
[  194.617642][ T6905]  ? __pfx_wb_writeback+0x10/0x10
[  194.617688][ T6905]  ? _raw_spin_unlock_irq+0x23/0x50
[  194.617729][ T6905]  wb_workfn+0x409/0xef0
[  194.617780][ T6905]  ? __pfx_wb_workfn+0x10/0x10
[  194.617813][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617840][ T6905]  ? __lock_acquire+0xab9/0xd20
[  194.617894][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617926][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.617960][ T6905]  ? _raw_spin_unlock_irq+0x23/0x50
[  194.617990][ T6905]  ? process_scheduled_works+0x9ef/0x17b0
[  194.618014][ T6905]  ? process_scheduled_works+0x9ef/0x17b0
[  194.618041][ T6905]  process_scheduled_works+0xae1/0x17b0
[  194.618111][ T6905]  ? __pfx_process_scheduled_works+0x10/0x10
[  194.618148][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.618189][ T6905]  worker_thread+0x8a0/0xda0
[  194.618220][ T6905]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  194.618271][ T6905]  ? __kthread_parkme+0x7b/0x200
[  194.618315][ T6905]  kthread+0x711/0x8a0
[  194.618351][ T6905]  ? __pfx_worker_thread+0x10/0x10
[  194.618376][ T6905]  ? __pfx_kthread+0x10/0x10
[  194.618403][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.618436][ T6905]  ? _raw_spin_unlock_irq+0x23/0x50
[  194.618467][ T6905]  ? srso_alias_return_thunk+0x5/0xfbef5
[  194.618494][ T6905]  ? lockdep_hardirqs_on+0x9c/0x150
[  194.618527][ T6905]  ? __pfx_kthread+0x10/0x10
[  194.618560][ T6905]  ret_from_fork+0x3fc/0x770
[  194.618592][ T6905]  ? __pfx_ret_from_fork+0x10/0x10
[  194.618628][ T6905]  ? __switch_to_asm+0x39/0x70
[  194.618659][ T6905]  ? __switch_to_asm+0x33/0x70
[  194.618689][ T6905]  ? __pfx_kthread+0x10/0x10
[  194.618723][ T6905]  ret_from_fork_asm+0x1a/0x30
[  194.618781][ T6905]  </TASK>
[  194.618791][ T6905] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  195.258221][ T7049] loop5: detected capacity change from 0 to 2048
[  195.579434][ T6007] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 4 (rev 2) successfully initialized and connected.
[  195.599870][ T6007] usb 7-1: USB disconnect, device number 3
[  195.649694][ T7049] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  196.542830][ T7049] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  196.608962][ T7046] UDF-fs: error (device loop5): udf_verify_fi: directory (ino 1376) has entry at pos 0 with unaligned length of impUse field
[  196.696673][ T6007] dvb-usb: DViCO FusionHDTV DVB-T Dual Digital 4 ( successfully deinitialized and disconnected.
[  198.860655][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  198.877281][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  199.697521][ T7085] overlayfs: failed to resolve './bus': -2
[  204.906050][ T7118] process 'syz.1.229' launched './file0' with NULL argv: empty string added
[  208.039615][ T7146] loop1: detected capacity change from 0 to 16
[  208.164126][ T7146] erofs (device loop1): mounted with root inode @ nid 36.
[  208.651137][ T7151] loop4: detected capacity change from 0 to 164
[  209.424239][ T7157] Zero length message leads to an empty skb
[  210.286184][ T5876] Bluetooth: hci3: link tx timeout
[  210.291883][ T5876] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  210.312596][ T5880] Bluetooth: hci3: link tx timeout
[  210.317792][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  211.119591][ T5880] Bluetooth: hci3: link tx timeout
[  211.129109][ T5880] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  213.140940][ T5876] Bluetooth: hci3: command 0x0406 tx timeout
[  214.109428][ T7180] netlink: 8 bytes leftover after parsing attributes in process `syz.4.248'.
[  215.169295][ T7190] loop5: detected capacity change from 0 to 64
[  215.762244][ T7193] loop6: detected capacity change from 0 to 2048
[  216.812824][ T5877] Bluetooth: hci5: command 0x0406 tx timeout
[  216.819433][ T5872] Bluetooth: hci2: command 0x0406 tx timeout
[  216.827193][ T5872] Bluetooth: hci0: command 0x0401 tx timeout
[  216.827586][ T5877] Bluetooth: hci4: command 0x0406 tx timeout
[  216.842591][ T5175] Bluetooth: hci1: command 0x0406 tx timeout
[  217.149259][ T7193] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.310126][ T7193] netlink: 'syz.6.253': attribute type 4 has an invalid length.
[  217.420514][ T7193] ext4: Unknown parameter '��������������18446744073709551615�����@�LqE�:��� �艞�t}�0��$�'
[  217.459663][  T974] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  218.015524][  T974] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  218.197382][  T974] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.207550][  T974] usb 4-1: Product: syz
[  218.213150][  T974] usb 4-1: Manufacturer: syz
[  218.217756][  T974] usb 4-1: SerialNumber: syz
[  218.234429][  T974] usb 4-1: config 0 descriptor??
[  218.338768][ T6003] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  219.523715][  T974] cx82310_eth 4-1:0.0: probe with driver cx82310_eth failed with error -22
[  219.554618][ T6138] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.650343][   T30] audit: type=1326 audit(1756060940.584:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7214 comm="syz.4.258" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7ca678ebe9 code=0x0
[  220.295905][  T974] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  220.439828][  T974] usb 4-1: USB disconnect, device number 4
[  220.731396][ T7220] binder: 7219:7220 ioctl c0306201 200000000080 returned -14
[  221.836567][ T7229] loop6: detected capacity change from 0 to 1024
[  222.156026][ T7229] EXT4-fs: Ignoring removed orlov option
[  222.176767][ T7229] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[  222.208410][ T7229] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  222.431997][ T7229] EXT4-fs (loop6): invalid journal inode
[  222.437749][ T7229] EXT4-fs (loop6): can't get journal size
[  222.487052][ T7235] netlink: 'syz.1.264': attribute type 4 has an invalid length.
[  222.524149][ T7229] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  225.518755][ T7246] loop3: detected capacity change from 0 to 32768
[  225.545821][ T7247] 9pnet_fd: p9_fd_create_tcp (7247): problem connecting socket to 127.0.0.1
[  225.600301][ T7246] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section replicas: no devices in entry sb: 33/0 []
[  225.600301][ T7246] replicas (size 24):
[  225.600301][ T7246] btree: 0/1 [2] sb: 33/0 [] (unknown data_type 144): 56/184 [0 0 0 0 0 0 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 0 5 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 2 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 3 5 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 6 0 0 0 0 11 0 0 0 0 0 0 3 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 0 0 0 0 0 0 0 0 2 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 16 0]
[  225.600301][ T7246] 
[  225.659769][ T7246] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  225.912285][ T6138] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.473753][ T7249] loop5: detected capacity change from 0 to 1024
[  227.767474][ T5975] hfsplus: b-tree write err: -5, ino 4
[  227.841206][   T51] Bluetooth: hci5: unexpected event for opcode 0x0062
[  227.999926][ T7269] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  228.007714][ T7269] IPv6: NLM_F_CREATE should be set when creating new route
[  228.092640][ T7275] lo: entered allmulticast mode
[  228.107130][ T7275] tunl0: entered allmulticast mode
[  228.118305][ T7275] gre0: entered allmulticast mode
[  228.121634][ T7274] loop5: detected capacity change from 0 to 512
[  228.126201][ T7277] comedi comedi2: c6xdigio: I/O port conflict (0x3c4,3)
[  228.183174][ T7274] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  228.198472][ T7275] gretap0: entered allmulticast mode
[  228.292163][ T7274] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.272: corrupted in-inode xattr: e_value size too large
[  228.311687][ T7274] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.272: couldn't read orphan inode 15 (err -117)
[  228.328671][ T7275] erspan0: entered allmulticast mode
[  228.337545][ T7275] ip_vti0: entered allmulticast mode
[  228.352334][ T7275] ip6_vti0: entered allmulticast mode
[  228.366399][ T7275] sit0: entered allmulticast mode
[  228.384781][ T7275] ip6tnl0: entered allmulticast mode
[  228.396226][ T7275] ip6gre0: entered allmulticast mode
[  228.411565][ T7275] syz_tun: entered allmulticast mode
[  228.480519][ T7274] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.481325][ T7275] ip6gretap0: entered allmulticast mode
[  228.513321][ T7275] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.522327][ T7275] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.533614][ T7275] bridge0: entered allmulticast mode
[  228.788432][ T7275] vcan0: entered allmulticast mode
[  229.210221][ T7284] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.272: corrupted in-inode xattr: e_value size too large
[  229.593255][ T5855] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.612559][ T7275] bond0: entered allmulticast mode
[  229.617782][ T7275] bond_slave_0: entered allmulticast mode
[  229.803334][ T7275] bond_slave_1: entered allmulticast mode
[  229.882915][ T7275] team0: entered allmulticast mode
[  229.905611][ T7275] team_slave_0: entered allmulticast mode
[  229.939675][ T7275] team_slave_1: entered allmulticast mode
[  229.974734][ T7275] dummy0: entered allmulticast mode
[  231.020305][ T7275] nlmon0: entered allmulticast mode
[  231.027183][ T7275] caif0: entered allmulticast mode
[  231.094522][ T7275] batadv0: entered allmulticast mode
[  231.114604][ T7275] vxcan0: entered allmulticast mode
[  231.128325][ T7275] vxcan1: entered allmulticast mode
[  231.142493][ T7275] veth0: entered allmulticast mode
[  231.152355][ T7275] veth1: entered allmulticast mode
[  231.187814][ T7275] wg0: entered allmulticast mode
[  231.218619][ T7275] wg1: entered allmulticast mode
[  231.498309][ T7275] wg2: entered allmulticast mode
[  231.506759][ T7275] veth0_to_bridge: entered allmulticast mode
[  232.269146][   T51] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  232.278324][   T51] Bluetooth: hci5: Injecting HCI hardware error event
[  232.287593][ T5874] Bluetooth: hci5: hardware error 0x00
[  232.473578][ T7275] veth1_to_bridge: entered allmulticast mode
[  232.527066][ T7275] veth0_to_bond: entered allmulticast mode
[  232.753604][ T7275] veth1_to_bond: entered allmulticast mode
[  233.643931][ T7275] veth0_to_team: entered allmulticast mode
[  233.728381][ T7317] loop6: detected capacity change from 0 to 256
[  233.930178][ T7275] veth1_to_team: entered allmulticast mode
[  234.691897][ T5874] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  234.918599][ T7322] exFAT-fs (loop6): start_clu is invalid cluster(0x400)
[  235.254257][ T7275] veth0_to_batadv: entered allmulticast mode
[  235.292375][ T7275] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.323666][ T7275] batadv_slave_0: entered allmulticast mode
[  235.350432][ T7275] veth1_to_batadv: entered allmulticast mode
[  235.392232][ T7275] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.454650][ T7275] batadv_slave_1: entered allmulticast mode
[  235.473632][ T7323] loop1: detected capacity change from 0 to 4096
[  235.527392][ T7275] xfrm0: entered allmulticast mode
[  235.620918][ T7275] veth0_to_hsr: entered allmulticast mode
[  235.657525][ T7275] hsr_slave_0: entered allmulticast mode
[  235.736448][ T7275] veth1_to_hsr: entered allmulticast mode
[  235.805857][ T7275] hsr_slave_1: entered allmulticast mode
[  235.888362][ T7275] hsr0: entered allmulticast mode
[  235.942695][ T7275] veth1_virt_wifi: entered allmulticast mode
[  236.204409][ T7275] veth0_virt_wifi: entered allmulticast mode
[  236.275385][ T7275] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  236.310711][ T7275] veth1_vlan: entered allmulticast mode
[  236.382655][ T7275] veth0_vlan: entered allmulticast mode
[  237.035881][ T7275] vlan0: entered allmulticast mode
[  237.066454][ T7275] vlan1: entered allmulticast mode
[  237.111643][ T7275] macvlan0: entered allmulticast mode
[  237.268410][ T7275] macvlan1: entered allmulticast mode
[  237.354507][ T7275] ipvlan0: entered allmulticast mode
[  237.404011][ T7275] ipvlan1: entered allmulticast mode
[  237.442973][ T7275] veth1_macvtap: entered allmulticast mode
[  237.466627][ T7275] veth0_macvtap: entered allmulticast mode
[  238.001076][ T7337] loop4: detected capacity change from 0 to 64
[  238.053424][ T7275] macvtap0: entered allmulticast mode
[  238.085160][ T7275] macsec0: entered allmulticast mode
[  238.546368][ T7340] loop4: detected capacity change from 0 to 64
[  238.991699][ T7275] geneve0: entered allmulticast mode
[  239.095670][ T7275] geneve1: entered allmulticast mode
[  239.170198][ T7275] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  239.214295][ T7344] loop5: detected capacity change from 0 to 1024
[  239.258235][ T7344] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.270534][ T7344] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  239.298316][ T7275] netdevsim netdevsim3 netdevsim1: entered allmulticast mode
[  239.479039][ T7275] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  239.582676][ T7344] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.290: bg 0: block 393: padding at end of block bitmap is not set
[  239.620877][ T7344] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  239.633897][ T7344] EXT4-fs (loop5): This should not happen!! Data will be lost
[  239.633897][ T7344] 
[  239.927605][ T7275] netdevsim netdevsim3 netdevsim3: entered allmulticast mode
[  240.428079][ T7275] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode
[  240.515496][ T7275] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  240.546748][ T5855] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.564513][  T984] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  240.578558][ T7339] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  240.588061][ T7339] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  240.597787][ T7339] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  240.659726][   T30] audit: type=1800 audit(1756060961.514:12): pid=7339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.288" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  240.713593][  T984] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  240.726558][  T984] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  240.735705][  T984] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  245.748185][ T7392] loop5: detected capacity change from 0 to 128
[  246.144573][ T7392] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.287135][ T7400] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9
[  246.396031][ T7392] ext4 filesystem being mounted at /50/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  248.471410][ T5855] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  249.874847][ T7422] loop1: detected capacity change from 0 to 128
[  250.494646][ T7422] vfat: Unknown parameter '�b��8;�00000000000000000003��������18446744073709551615'
[  252.004441][ T7434] loop6: detected capacity change from 0 to 128
[  252.898942][ T7434] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  253.040010][ T7434] ext4 filesystem being mounted at /33/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  253.386901][ T6138] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  254.529600][ T7461] loop1: detected capacity change from 0 to 128
[  254.757124][ T7461] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  254.798215][ T7461] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  256.606708][ T5856] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.831160][   T10] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  259.605155][ T7490] input: syz0 as /devices/virtual/input/input10
[  260.268334][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  260.280637][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  261.389792][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[  261.516427][   T10] usb 4-1: unable to read config index 0 descriptor/start: -71
[  261.545883][   T10] usb 4-1: can't read configurations, error -71
[  263.799741][ T7515] loop1: detected capacity change from 0 to 128
[  263.884383][ T7515] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  263.941948][ T7515] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  265.107241][   T30] audit: type=1326 audit(1756060985.914:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  265.664542][   T30] audit: type=1326 audit(1756060985.914:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  265.762970][   T30] audit: type=1326 audit(1756060985.924:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.334316][   T30] audit: type=1326 audit(1756060985.924:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.359622][   T30] audit: type=1326 audit(1756060985.924:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.381903][   T30] audit: type=1326 audit(1756060985.934:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.449988][   T30] audit: type=1326 audit(1756060985.934:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.472465][   T30] audit: type=1326 audit(1756060985.944:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.494675][   T30] audit: type=1326 audit(1756060985.944:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  266.525016][   T30] audit: type=1326 audit(1756060985.944:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7523 comm="syz.0.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f517cb8ebe9 code=0x7ffc0000
[  267.606531][ T5856] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  274.834834][ T7602] loop6: detected capacity change from 0 to 64
[  277.476038][ T7620] 9pnet_fd: Insufficient options for proto=fd
[  278.257075][ T7622] loop6: detected capacity change from 0 to 128
[  278.357037][ T7622] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  278.449862][ T7627] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  278.590329][ T7622] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  280.551135][ T6138] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  282.020230][ T7657] loop6: detected capacity change from 0 to 128
[  282.684511][ T7657] EXT4-fs (loop6): Test dummy encryption mode enabled
[  282.708792][ T7657] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  282.721954][ T7657] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  283.210494][ T6138] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  283.729670][ T7662] loop0: detected capacity change from 0 to 16
[  283.784402][ T7662] erofs (device loop0): mounted with root inode @ nid 36.
[  285.791695][ T7680] netlink: 16 bytes leftover after parsing attributes in process `syz.5.369'.
[  287.991885][ T7700] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  288.342260][ T7699] loop4: detected capacity change from 0 to 64
[  289.920660][ T7720] netlink: 'syz.0.377': attribute type 12 has an invalid length.
[  294.825161][ T7745] loop1: detected capacity change from 0 to 16
[  294.893197][ T7745] erofs (device loop1): mounted with root inode @ nid 36.
[  296.294033][ T7759] loop0: detected capacity change from 0 to 4096
[  302.686185][ T7807] loop1: detected capacity change from 0 to 16
[  302.696310][ T7807] erofs (device loop1): mounted with root inode @ nid 36.
[  306.816076][ T7846] loop1: detected capacity change from 0 to 64
[  309.005212][ T7869] loop3: detected capacity change from 0 to 64
[  309.892493][ T7873] loop0: detected capacity change from 0 to 512
[  310.630661][ T7873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.608590][ T7890] ==================================================================
[  311.616889][ T7890] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x3d/0x70
[  311.624903][ T7890] Read of size 8 at addr ffff888032895830 by task syz.1.421/7890
[  311.632641][ T7890] 
[  311.634986][ T7890] CPU: 1 UID: 0 PID: 7890 Comm: syz.1.421 Not tainted syzkaller #0 PREEMPT(full) 
[  311.635020][ T7890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.635036][ T7890] Call Trace:
[  311.635047][ T7890]  <TASK>
[  311.635059][ T7890]  dump_stack_lvl+0x189/0x250
[  311.635093][ T7890]  ? __kasan_check_byte+0x12/0x40
[  311.635129][ T7890]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.635157][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635185][ T7890]  ? lock_release+0x4b/0x3e0
[  311.635224][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635251][ T7890]  ? __virt_addr_valid+0x4a5/0x5c0
[  311.635284][ T7890]  print_report+0xca/0x240
[  311.635307][ T7890]  ? sysfs_remove_file_ns+0x3d/0x70
[  311.635343][ T7890]  kasan_report+0x118/0x150
[  311.635390][ T7890]  ? do_raw_spin_lock+0x121/0x290
[  311.635420][ T7890]  ? sysfs_remove_file_ns+0x3d/0x70
[  311.635463][ T7890]  sysfs_remove_file_ns+0x3d/0x70
[  311.635500][ T7890]  bus_remove_driver+0x198/0x2f0
[  311.635539][ T7890]  comedi_device_detach_locked+0x178/0x750
[  311.635580][ T7890]  comedi_unlocked_ioctl+0xcde/0x1020
[  311.635606][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635640][ T7890]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  311.635692][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635719][ T7890]  ? __lock_acquire+0xab9/0xd20
[  311.635766][ T7890]  ? __fget_files+0x2a/0x420
[  311.635804][ T7890]  ? __fget_files+0x2a/0x420
[  311.635838][ T7890]  ? __fget_files+0x3a0/0x420
[  311.635873][ T7890]  ? __fget_files+0x2a/0x420
[  311.635910][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635937][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.635965][ T7890]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  311.635992][ T7890]  __se_sys_ioctl+0xfc/0x170
[  311.636023][ T7890]  do_syscall_64+0xfa/0x3b0
[  311.636060][ T7890]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.636093][ T7890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.636115][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.636142][ T7890]  ? exc_page_fault+0x9f/0xf0
[  311.636176][ T7890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.636200][ T7890] RIP: 0033:0x7f7ed3d8ebe9
[  311.636221][ T7890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.636240][ T7890] RSP: 002b:00007f7ed1ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.636265][ T7890] RAX: ffffffffffffffda RBX: 00007f7ed3fb5fa0 RCX: 00007f7ed3d8ebe9
[  311.636284][ T7890] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000003
[  311.636299][ T7890] RBP: 00007f7ed3e11e19 R08: 0000000000000000 R09: 0000000000000000
[  311.636314][ T7890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.636328][ T7890] R13: 00007f7ed3fb6038 R14: 00007f7ed3fb5fa0 R15: 00007ffdc1985218
[  311.636356][ T7890]  </TASK>
[  311.636365][ T7890] 
[  311.914775][ T7890] Allocated by task 7501:
[  311.919086][ T7890]  kasan_save_track+0x3e/0x80
[  311.923764][ T7890]  __kasan_kmalloc+0x93/0xb0
[  311.928350][ T7890]  __kmalloc_noprof+0x27a/0x4f0
[  311.933199][ T7890]  iter_file_splice_write+0x1c6/0x10e0
[  311.938675][ T7890]  direct_splice_actor+0x101/0x160
[  311.943791][ T7890]  splice_direct_to_actor+0x5a8/0xcc0
[  311.949162][ T7890]  do_splice_direct+0x181/0x270
[  311.954015][ T7890]  do_sendfile+0x4da/0x7e0
[  311.958427][ T7890]  __se_sys_sendfile64+0x13e/0x190
[  311.963584][ T7890]  do_syscall_64+0xfa/0x3b0
[  311.968119][ T7890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.974027][ T7890] 
[  311.976337][ T7890] Freed by task 7501:
[  311.980311][ T7890]  kasan_save_track+0x3e/0x80
[  311.984988][ T7890]  kasan_save_free_info+0x46/0x50
[  311.990020][ T7890]  __kasan_slab_free+0x5b/0x80
[  311.994789][ T7890]  kfree+0x18e/0x440
[  311.998680][ T7890]  iter_file_splice_write+0xf48/0x10e0
[  312.004145][ T7890]  direct_splice_actor+0x101/0x160
[  312.009266][ T7890]  splice_direct_to_actor+0x5a8/0xcc0
[  312.014664][ T7890]  do_splice_direct+0x181/0x270
[  312.019528][ T7890]  do_sendfile+0x4da/0x7e0
[  312.023941][ T7890]  __se_sys_sendfile64+0x13e/0x190
[  312.029170][ T7890]  do_syscall_64+0xfa/0x3b0
[  312.033677][ T7890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.039564][ T7890] 
[  312.041890][ T7890] The buggy address belongs to the object at ffff888032895800
[  312.041890][ T7890]  which belongs to the cache kmalloc-256 of size 256
[  312.056143][ T7890] The buggy address is located 48 bytes inside of
[  312.056143][ T7890]  freed 256-byte region [ffff888032895800, ffff888032895900)
[  312.069863][ T7890] 
[  312.072356][ T7890] The buggy address belongs to the physical page:
[  312.078769][ T7890] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888032895200 pfn:0x32894
[  312.088835][ T7890] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  312.097541][ T7890] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  312.106044][ T7890] page_type: f5(slab)
[  312.110030][ T7890] raw: 00fff00000000240 ffff88801a441b40 ffffea0000cae790 ffffea0001e02010
[  312.118623][ T7890] raw: ffff888032895200 000000000010000a 00000000f5000000 0000000000000000
[  312.127237][ T7890] head: 00fff00000000240 ffff88801a441b40 ffffea0000cae790 ffffea0001e02010
[  312.135934][ T7890] head: ffff888032895200 000000000010000a 00000000f5000000 0000000000000000
[  312.144734][ T7890] head: 00fff00000000001 ffffea0000ca2501 00000000ffffffff 00000000ffffffff
[  312.153416][ T7890] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  312.162165][ T7890] page dumped because: kasan: bad access detected
[  312.168579][ T7890] page_owner tracks the page as allocated
[  312.174279][ T7890] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5855, tgid 5855 (syz-executor), ts 98461101383, free_ts 98455097183
[  312.195746][ T7890]  post_alloc_hook+0x240/0x2a0
[  312.200563][ T7890]  get_page_from_freelist+0x21e4/0x22c0
[  312.206188][ T7890]  __alloc_frozen_pages_noprof+0x181/0x370
[  312.212004][ T7890]  alloc_pages_mpol+0x232/0x4a0
[  312.216897][ T7890]  allocate_slab+0x8a/0x370
[  312.221409][ T7890]  ___slab_alloc+0xbeb/0x1410
[  312.226184][ T7890]  __kmalloc_noprof+0x305/0x4f0
[  312.231063][ T7890]  fib_create_info+0x1728/0x3210
[  312.236047][ T7890]  fib_table_insert+0xc6/0x1b50
[  312.240897][ T7890]  fib_magic+0x2c4/0x390
[  312.245140][ T7890]  fib_add_ifaddr+0x38d/0x5f0
[  312.249956][ T7890]  fib_netdev_event+0x382/0x490
[  312.254824][ T7890]  notifier_call_chain+0x1b6/0x3e0
[  312.259932][ T7890]  __dev_notify_flags+0x18d/0x2e0
[  312.265040][ T7890]  netif_change_flags+0xe8/0x1a0
[  312.270077][ T7890]  do_setlink+0xc55/0x41c0
[  312.274537][ T7890] page last free pid 15 tgid 15 stack trace:
[  312.280537][ T7890]  __free_frozen_pages+0xbc4/0xd30
[  312.285665][ T7890]  rcu_core+0xcab/0x1770
[  312.289934][ T7890]  handle_softirqs+0x286/0x870
[  312.294717][ T7890]  run_ksoftirqd+0x9b/0x100
[  312.299226][ T7890]  smpboot_thread_fn+0x542/0xa60
[  312.304178][ T7890]  kthread+0x711/0x8a0
[  312.308369][ T7890]  ret_from_fork+0x3fc/0x770
[  312.313013][ T7890]  ret_from_fork_asm+0x1a/0x30
[  312.317793][ T7890] 
[  312.320111][ T7890] Memory state around the buggy address:
[  312.325732][ T7890]  ffff888032895700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  312.333788][ T7890]  ffff888032895780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  312.341978][ T7890] >ffff888032895800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  312.350286][ T7890]                                      ^
[  312.355913][ T7890]  ffff888032895880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  312.364120][ T7890]  ffff888032895900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  312.372283][ T7890] ==================================================================
[  312.385605][ T7890] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  312.392920][ T7890] CPU: 0 UID: 0 PID: 7890 Comm: syz.1.421 Not tainted syzkaller #0 PREEMPT(full) 
[  312.402324][ T7890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.413313][ T7890] Call Trace:
[  312.416950][ T7890]  <TASK>
[  312.420351][ T7890]  dump_stack_lvl+0x99/0x250
[  312.425955][ T7890]  ? __asan_memcpy+0x40/0x70
[  312.433188][ T7890]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.439657][ T7890]  ? __pfx__printk+0x10/0x10
[  312.444285][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.449936][ T7890]  vpanic+0x281/0x750
[  312.453940][ T7890]  ? preempt_schedule+0xae/0xc0
[  312.458797][ T7890]  ? __pfx_vpanic+0x10/0x10
[  312.463470][ T7890]  ? preempt_schedule_common+0x83/0xd0
[  312.468944][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.474614][ T7890]  ? preempt_schedule+0xae/0xc0
[  312.479561][ T7890]  ? __pfx_preempt_schedule+0x10/0x10
[  312.485055][ T7890]  panic+0xb9/0xc0
[  312.488889][ T7890]  ? __pfx_panic+0x10/0x10
[  312.493359][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.499034][ T7890]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  312.504962][ T7890]  ? sysfs_remove_file_ns+0x3d/0x70
[  312.510220][ T7890]  check_panic_on_warn+0x89/0xb0
[  312.515195][ T7890]  ? sysfs_remove_file_ns+0x3d/0x70
[  312.520576][ T7890]  end_report+0x78/0x160
[  312.524832][ T7890]  kasan_report+0x129/0x150
[  312.529377][ T7890]  ? do_raw_spin_lock+0x121/0x290
[  312.534463][ T7890]  ? sysfs_remove_file_ns+0x3d/0x70
[  312.539703][ T7890]  sysfs_remove_file_ns+0x3d/0x70
[  312.544835][ T7890]  bus_remove_driver+0x198/0x2f0
[  312.549791][ T7890]  comedi_device_detach_locked+0x178/0x750
[  312.555598][ T7890]  comedi_unlocked_ioctl+0xcde/0x1020
[  312.560978][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.566631][ T7890]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  312.572449][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.578088][ T7890]  ? __lock_acquire+0xab9/0xd20
[  312.582965][ T7890]  ? __fget_files+0x2a/0x420
[  312.587575][ T7890]  ? __fget_files+0x2a/0x420
[  312.592170][ T7890]  ? __fget_files+0x3a0/0x420
[  312.596974][ T7890]  ? __fget_files+0x2a/0x420
[  312.601680][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.607324][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.612975][ T7890]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  312.618783][ T7890]  __se_sys_ioctl+0xfc/0x170
[  312.623392][ T7890]  do_syscall_64+0xfa/0x3b0
[  312.628098][ T7890]  ? lockdep_hardirqs_on+0x9c/0x150
[  312.633334][ T7890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.639405][ T7890]  ? srso_alias_return_thunk+0x5/0xfbef5
[  312.645074][ T7890]  ? exc_page_fault+0x9f/0xf0
[  312.649751][ T7890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  312.655663][ T7890] RIP: 0033:0x7f7ed3d8ebe9
[  312.660067][ T7890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  312.679667][ T7890] RSP: 002b:00007f7ed1ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  312.688079][ T7890] RAX: ffffffffffffffda RBX: 00007f7ed3fb5fa0 RCX: 00007f7ed3d8ebe9
[  312.696181][ T7890] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000003
[  312.704154][ T7890] RBP: 00007f7ed3e11e19 R08: 0000000000000000 R09: 0000000000000000
[  312.712303][ T7890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  312.720292][ T7890] R13: 00007f7ed3fb6038 R14: 00007f7ed3fb5fa0 R15: 00007ffdc1985218
[  312.728265][ T7890]  </TASK>
[  312.731565][ T7890] Kernel Offset: disabled
[  312.735880][ T7890] Rebooting in 86400 seconds..