last executing test programs:

21.075733362s ago: executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0)
pread64(r8, 0x0, 0x0, 0x0)
getdents(r7, &(0x7f0000000380)=""/24, 0x18)
getdents64(r7, 0xffffffffffffffff, 0x43)
socket$nl_rdma(0x10, 0x3, 0x14)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0)

20.457415366s ago: executing program 4:
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000006c0)={@val, @void, @eth={@broadcast, @random="91d6e8bc19e3", @void, {@ipv4={0x800, @udp={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}, {0x0, 0x0, 0x8}}}}}}, 0x2e)

19.613729817s ago: executing program 0:
fstat(0xffffffffffffffff, 0x0)
setreuid(0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
memfd_create(0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000004f00), 0x2, 0x0)
fgetxattr(0xffffffffffffffff, &(0x7f0000000080)=@known='trusted.overlay.redirect\x00', 0x0, 0x0)
r1 = socket(0x1, 0x3, 0x0)
recvmsg$inet_nvme(r1, &(0x7f00000014c0)={&(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0xd1, 0x0}, 0x0)
close(r2)
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0x5450, 0x0)

18.366541112s ago: executing program 0:
r0 = memfd_create(0x0, 0x6)
fallocate(r0, 0x0, 0x0, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ioprio_set$pid(0x0, 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x101040, 0x0)
preadv(r1, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}, {0x0}], 0x2, 0x0, 0x0)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$reiserfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0xa0c003, &(0x7f0000000300)={[{@conv}, {@usrjquota}, {@barrier_flush}, {@acl}, {@data_writeback}, {@barrier_none}, {@nouser_xattr}, {@noattrs}, {@balloc_hashed_reloc}, {@balloc_no_unhash_reloc}, {@jqfmt_vfsv0}, {@tails_small}, {@tails_off}, {@jdev={'jdev', 0x3d, './cgroup'}}, {@grpquota}, {@usrjquota_file}]}, 0xfd, 0x1125, &(0x7f0000000b80)="$eJzs2L1qFFEUB/D/ncmHViOTfghoKcGw9pJCwcbC2kZCKq2ylZLCR/AhrHwD30G0sbCLD5AUAfuVGWeQXYMiWcXi94PZvefMnftRnhMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADobWT3rCQ7VdJOuSpJSbruw2YfdlP+xvu6Ssnjo4fz+8ezB/Mk9TC99E//Vf9Z2v2bbTtrZ+1+e3fn4FY7f/Hy2dO3z4+Ox2VKupxenBzm0flar1LG8/xs0SzHw7Vyfa27AwAAwP9rcWXN6pLbGdoKo62pJD9b3rde1/4AAADA7/zt/gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn2inQZWkjOPNV+kum3ztnx0LAAAAuKKSKk+apdQiny+beTufmjK0Bab2wNetfnwnbxrdAAAAAPiV16uJL/dWEtVQa5ePU7wx1N8Za/DdbGRv73s8/uX8IKmT7R9rvBt+Ty9ODqenDO/rtd8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBv7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAnBQAA//9KT9o6")
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0x40309410, 0x0)
socket(0x2a, 0x802, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
getdents64(0xffffffffffffffff, 0xffffffffffffffff, 0x43)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f00000001c0)=0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)

18.223123064s ago: executing program 4:
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x0, 0xa, 0x3ff, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
sendmmsg(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)="86a8", 0x2}, {0x0}], 0x2}}], 0x1, 0x0)

17.323423146s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r6, &(0x7f0000000100)='reno\x00', 0x5)
write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0)

16.547255666s ago: executing program 0:
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="01"], 0x1c}}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7)

15.951519883s ago: executing program 0:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
arch_prctl$ARCH_GET_GS(0x1004, 0x0)

11.889874538s ago: executing program 0:
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x0, 0x0, 0xb3, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1}, 0x48)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmmsg(0xffffffffffffffff, &(0x7f0000001800), 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='./bus\x00', 0xa10002, &(0x7f00000003c0)=ANY=[], 0x21, 0x150c, &(0x7f0000003040)="$eJzs3AuYT1XbMPD7Xmtthib9m+QwrLXuzT8NliFJDgk5JEnySJJTQmiSJCExzpKGJOQ4SQ5DSA7TmDTO50POSZI0SRISQtZ3zfP0fD3P0/O+fb1v3+f63rl/17Wv/7r/e99rrzX3zPz32nPt+bbXmHot6tduRkTw34J/e0kGgBgAGAEANwBAAACV4irF5ezPJzH5v3cS9ud6OO1aj4BdS1z/3I3rn7tx/XM3rn/uxvXP3bj+uRvXP3fj+jOWm+2cV/RG3nLvxvf/czP+/P8fJLvc1C83l7u59x9I4frnblz/3I3rn7tx/XM3rn/uxvXP3bj+uRvXn7Hc7L9+75j/dvA/YbvW33+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKHi/5XCgD+3r7W42KMMcYYY4wxxtifx+e91iNgjDHGGGOMMcbY/30IAiQoCCAP5IUYyAf54TqIheuhANwAEbgR4uAmKAg3QyEoDEWgKMRDMSgOGgxYIAihBJSEKNwCpeBWSIDSUAbKgoNykAjloQLcBhXhdqgEd0BluBOqQFWoBtXhLqgBd0NNqAW14R6oA3WhHtSHe6EB3AcN4X5oBA9AY3gQmsBD0BT+As3gYWgOj0ALeBRawmPQClpDG2gL7f5L+S9CP3gJ+sMASIaBMAgGwxAYCsNgOIyAl2EkvAKj4FVIgdEwBl6DsfA6jIM3YDxMgInwJkyCyTAFpsI0mA6p8BbMgLdhJrwDs2A2zIG5kAbzYD68CwtgISyC92AxvA9LYCksg+WQDh9ABqyATPgQVsJHkAWrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww7YCR/DLtgNe2Av7IP9cAA+gYPwKRyCz+AwfP4H8y/8S35vBAQUKFChwjyYB2MwBvNjfozFWCyABTCCEYzDOCyIBbEQFsIiWATjMR6LY3E0aJCQsASWwChGsRSWwgRMwDJYBh06TMRErIC3YUWsiJWwElbGylgFq2JVrI7VsQbWwJpYE2tjbayDdbAe1sN78V68DxtiQ2yEjbAxNsYm2ASbYlNshs2wOTbHFtgCW2JLbIWtsA22wXbYDttje+yAHbATdsLO2Bm7YldMwiTsht2wO3bHHtgDe2JP7IW9sDf2wT74Ir6IL+FLOADriIE4CAfhEByCw3A4DseXcSS+gq/gq5iCo3EMvoav4es4Ds/jeJyAE3Ei1hCTcQpORRLTMRVTcQbOwJk4E2fhbJyNczEN5+F8nI8LcCEuxPdwMb6P7+NSXIrLMR3TMQNXYCZm4kq8gFm4ClfjGlyL63AtbsCNuAE34xbcjNtwG+7AHfgxfoy7cTfuxb24HxUAfoKf4qeYgofxMB7BI3gUj+IxPIbZmI3H8TiewBN4Ek/iKTyFp/EMnsUzeA7P4Xm8gBfxIl7CS3gFn4//uvn+0ptSQORQQok8Io+IETEiv8gvYkWsKCAKiIiIiDgRJwqKgqKQKCSKiCIiXsSL4qK4MMIIEqEoIUqIqIiKUqKUSBAJoowoI5xwIlEkigqigqgoKopK4g5RWdwpqoiqoqOrLqqLGqKTqylqidqitqgj6op6or6oLxqIBqKhaCgaiUaisWgsmoiHRFMxEIfhwyKnMi3EaGwpxmAr0Vq0EW3F6/i4aC/GYQfRUXQST4oJOB67ivYuSTwtuokp2F08K6bic6KnmI69xAuit+gj+ooXRT/RwfUXA8QsHCgGibk4RAwVw8RwsQDripyK1ROvihQxWowRr4nl+LoYJ94Q48UEMVG8KSaJyWKKmCqmiekiVbwlZoi3xUzxjpglZos5Yq5IE/PEfPGuWCAWikXiPbFYvC+WiKVimVgu0sUHIkOsEJniQ7FSfCSyxCqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQO8XHYpfYLfaIvWKf2C8OiE/EQfGpOCQ+E4fF5+KI+EIcFV+KY+IrkS2+FsfFN+KE+FacFN+JU+J7cVqcEWfFD+Kc+FGcFxfERfGTuCQuiyviZ3FVeAESpZBSKhnIPDKvjJH5ZH55nYyV18sC8gYZkTfKOHmTLChvloVkYVlEFpXxspgsLrU00kqSoSwhS8qovEWWkrfKBFlalpFlpZPlZKIsLyvI22RFebusJO+QleWdsoqsKqvJ6vIuWUPeLWvKWrK2vEfWkXVlPVlf3isbyPtkQ3m/bCQfkI3lg7KJfEg2lX+RzeTDsrl8RLaQj8qW8jHZSraWbWRb2U4+LtvLJ2QH2VF2kk/KzrKL7CqfkknyadlNPiO7y2dlj3wge8rnZS/5guwt+8i+8md5VXrZXw6QyXKgHCQHyyFyqBwmh8sR8mU5Ur4iR8lXZYocLcfI1+RY+bocJ9+Q4+UEOVG+KSfJyXKKnCqnyekyVb4lZ8i35Uz5jpwlZ8s5cq5Mk/PksF96WvR/kP/2v8kf9dez75A75cdyl9wt98i9cp/cLw/IA/KgPCgPyUPysDwsj8gj8qg8Ko/JYzJbZsvj8rg8IU/Ik/KkPCVPydPyjPxJ/iDPyR/leXlBXpA/yUvykrzyy9cAFCqhpFIqUHlUXhWj8qn86joVq65XBdQNKqJuVHHqJlVQ3awKqcKqiCqq4lUxVVxpZZRVpEJVQpVUUXUL/nJBocqossqpcipRlf8j+aqUulUlqNL/lP9742un2qn2qr3qoDqoTqqT6qw6q66qq0pSSaqb6qa6q+6qh+qheqqeqpfqpXqr3qqv6qv6qX6qv+qvklWyGqQGqyFqqBqmhqsR6mU1Uo1Uo9QolaJS1Bg1Ro1VY9U4NU6NV+PVRDVRTVKT1BQ1RU1T01SqSlUz1Aw1U81Us9QsNUfNUWkqTc1X89UCtUAtUovUYrVYLVFL1DK1TKWrdJWhMlSmylQr1UqVpVapVWqNWqPWqXVqg9qgNqlNaovaorapbSpL7VQ71S61S+1Re9Q+tU8dUAfUQXVQHVKH1GF1WB1RR9RRdVQdU8dUtspWx9VxdUKdUCfVSXVKnVKn1Wl1Vp1V59Q5dV6dVxfVRXVJXVJX1BV1VV3NuewLRCACFaggT5AniAligvxB/iA2iA0KBAWCSBAJ4oK4oGBwc1AoKBwUCYoG8UGxoHigAxPYgIIwKBGUDKLBLUGp4NYgISgdlAnKBi4oFyQG5YPLwW1BxeD2oFJwR1A5uDOoElQNqgXVg7uCGsHdQc2gVlA7uCeoE9QN6gX1g3uDBsF9QcPg/qBR8EDQOHgwaBI8FDQN/hI0Cx4OmgePBC2CR4OWwWNBq6B10CZoG7T7U/v3/nzhJ1x/PUAn64F6kB6sh+ihepgerkfol/VI/YoepV/VKXq0HqNf02P163qcfkOP1xP0RP2mnqQn6yl6qp6mp+tU/Zaeod/WM/U7epaerefouTpNz9Pz9bt6gV6oF+n39GL9vl6il+plerlO1x/oDL1CZ+oP9Ur9kc7Sq/RqvUav1ev0er1Bb9Sb9Ga9RW/V2/R2vUPv1B/rXXq33qP36n16vz6gP9EH9af6kP5MH9af6yP6C31Uf6mP6a90tv5aH9ff6BP6W31Sf6dP6e/1aX1Gn9U/6HP6R31eX9AX9U/6kr6sr+if9VXtcy7ucz7ejTLK5DF5TIyJMflNfhNrYk0BU8BETMTEmThT0BQ0hUwhU8QUMfEm3hQ3xU0OMmRKmBImaqKmlCllEkyCKWPKGGecSTSJpoKpYCqaiqaSqWQqm8qmiqliqplq5i5zl7nb3G1qmVrmHnOPqWvqmvqmvmlgGpiGpqFpZBqZxqaxaWKamKamqWlmmpnmprlpYVqYlqalaWVamTamjWln2pn2pr3pYDqYTqaT6Ww6m66mq0kySaab6Wa6m+6mh+lhepqeppfpZXqb3qav6Wv6mX6mv+lvkk2yGWQGmSFmiBlmhpkRZoQZaUaaUWaUSTEpZowZY8aasWacGWfGmwlmonnTTDKTzRQz1Uwz002qSTUzzAwz08w0s8wsM8fMMWkmzcw3880Cs8AsMovMYrPYLDFLzDKzzKSbdJNhMkymyTQrzUqTZbLMarParDVrzXqz3mw0G81ms9lsNVvNdrPd7DQ7zS6zy+wxe8w+s88cMAfMQXPQHDKHzGFz2BwxRzwCmGPmmMk22ea4OW5OmBPmpDlpTplT5rQ5bc6as+acOWfOm/PmorloLpnL5or52Vw13sTYfDa/vc7G2uttAXuD/de4iC1q420xW9xqW8gW/qfYWGsTbGlb5u9LTFveJsTkvJa1zpaziba8rWKr2mq2ur3L1rB325q/iRvY+2xDe79tZB+w9e29/xQ3tg/aJvZR29Q+ZpvZ1ra5bWtb2EdtS/uYbWVb2za2re1su9iu9imbZJ+23ewzv4kz7Aq70W6ym+0We9B+ai/an+wJ+629ZC/b/naAHWFftiPtK3aUfdWm2NG/iSfaN+0kO9lOsVPtNDv9N/EcO9em2Xl2vn3XLrALfxOn2w/sYptpl9ildpld/tc4Z0yZ9kO70n5ks+wqu9qusWvtOrvebvjfY11jt9ntdoc9YD+xu+xuu8futfvs/r/GOfM4ZD+zh+3n9rj9xh61X9pj9qTNtl//Nc6Z30n7nT1lv7en7Rl71v5gz9kf7Xl7IWf+PmfuP9if7VXrLRCSIEmKAspDeSmG8lF+uo5i6XoqQDdQhG6kOLqJCtLNVIgKUxEqSvFUjIqTJkOWiEIqQSUpSrdQKbqVEqg0laGy5KgcJVJ5qkC3UUW6nSrRHVSZ7qQqVJWqUXW6i2rQ3VSTalFtuofqUF2qR/XpXmpA91FDup8a0QPUmB6kJvQQNaW/UDN6mJrTI9SCHqWW9Bi1otbUhtpSO3qc2tMT1IE6Uid6kjpTF+pKT1ESPU3d6BnqTs9SD3qOetLz1IteoN7Uh/rSi9SPXqL+NICSaSANosE0hIbSMBpOI+hlGkmv0Ch6lVJoNI2h12gsvU7j6A0aTxNoIr1Jk2gyTaGpNI2mUyq9RTPobZpJ79Asmk1zaC6l0TyaT+/SAlpIi+g9Wkzv0xJaSstoOaXTB5RBKyiTPqSV9BFl0SpaTWtoLa2j9bSBNtIm2kxbaCtto+20g3bSx7SLdtMe2kv7aD8doE/oIOX75QfuczpCX9BR+pKO0VeUTV/TcfqGTtC3dJK+o1P0PZ2mM3SWfqBz9COdpwt0kX6iS3SZrtDPdJU8QYihCGWowiDME+YNY8J8Yf7wujA2vD4sEN4QRsIbw7jwprBgeHNYKCwcFgmLhvFhsbB4qEMT2pDCMCwRlgyj4S1hqfDWMCEsHZYJy4YuLBcmhuXDCuFtYcXw9rBSeEdYObwzrBJWDR99oHp4V1gjvDusGdYKa4f3hHXCumG9sH54b9ggvC9sGN4fNgofCCuGD4ZNwodC+OV5lebhI2GL8NGwZfhY2CpsHbYJ24btwsfD9uETYYewY9gpfDLsHHYJu4ZPhUnh02G38Jnf3Z8cDgwHhYPDwaH398tl0eXR9OgH0Yzoimhm9MPoyuhH0azoqujq6Jro2ui66ProhujG6Kbo5uiW6Nbotuj26I6o9/XzgkMnnHTKBS6Py+tiXD6X313nYt31roC7wUXcjS7O3eQKuptdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucaXcrS7BlXZlXFnnXDmX6Nq6dq6da++ecB1cR9fJPemedF1cF/eUe8o97bq5Z1x396zr4Z5zPd3z7nn3guvt+ri+7kXXz73k+rsBLtklu0FukBvihrhhbpgb4Ua4kW6kG+VGuRSX4sa4MW6sG+vGuXFuvBvvJrqJbpKb5Ka4KW6am+ZSXaqb4Wa4mW6mCwBgjpvj0lyam+/muwVugVvkFrnFCYvdErfELXPLXLpLdxkuw2W6TLfSrXRZLsutdqvdWrfWrXfr3Ua30W12m91Wt9Vtd9vdTrfT7XK7clYWbp/b5w64A+6gO+gOuUPusDvsjrgj7qg76o65r1y2+9odd9+4E+5bd9J95065791pd8addT+4c+5Hd95dcBdrgbvkLrsr7md31XmXGnkrMiPydmRm5J3IrMjsyJzI3EhaZF5kfuTdyILIwsiiyHuRxZH3I0siSyPLIssj6ZEPIhmRFZHMyIeRlZGPIlmRVZHVkTWRtZF1CnyxXaEv4Uv6qL/Fl/K3+gRf2pfxZb3z5XyiL+8r+Nt8RX+7r+Tv8JX9nb6Kr+qr+cd8K9/at/FtfTv/uG/vn/AdfEffyT/pO/suvqt/yif5p303/4zv7p/1Pfxzvqd/3vfyL/jevo/v61/0/fxLvr8f4JP9QD/ID/ZD/FA/zA/3I/zLfqR/xY/yr/oUP9qP8a/5sf51P87ngfF+gp/o3/ST/GQ/xU/10/x0n+rf8jP8236mf8fP8rP9HD/Xp/l5fr5/1y/wC/0i/55f7N/3S/xSv8wv9+n+A5/hV/hM/6Ff6T/yWX6VX+3X+LV+nV/vN/iNfpPf7Lf4rX6b3+53+J3+Y7/L7/Z7/F6/z+/3B/wn/qD/1B/yn/nD/nN/xH/hj/ov/TH/lc/2X/vj/ht/wn/rT/rv/Cn/vT/tz/iz/gd/zv/oz/sL/qL/yV/yl/0V/7O/+gefWav7Z95CZ4wxxhj7/8jg39k/8N+8pwBA/NK+7L2/fnfR7H/cLwFga6G/tYeK+M4RAHh6QK+H/77VqZOcnPzLsVkSgpJLASDyLyf4JV4FnaALJEFHqPBvxzdU9LlEv9N/9A6A/P+QEwO/xr/2/8V/0P/jT07MqBxejPtP+l8KkFDy15ycVfjf41XQKWc20BEq/gf9F27/O+PP92UqQId/yIkFgA75/nX8ifAEPANJ/3QkY4wxxhhjjDH2N0NFtR6/t37OWZ/Hq19z8sKv8e+tzxljjDHGGGOMMXbtPden71OPJyV17MENbnAjlzW6/CfHXOvfTIwxxhhjjLE/268X/b++l+9aDogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuF/l/8p7FrPUfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsWvtfAQAA//8uTzNp")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffff44}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_DEL_DAEMON(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x28, r9, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}]}]}, 0x28}}, 0x0)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c0000000000", @ANYBLOB], 0x38}, 0x0)

8.895185407s ago: executing program 1:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000f, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
arch_prctl$ARCH_GET_GS(0x1004, 0x0)

8.675679359s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000009c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
pipe2$9p(&(0x7f00000008c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
write$P9_RLCREATE(r3, &(0x7f0000000900)={0x18, 0xf, 0x2, {{0x0, 0x2}, 0x6}}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x1}}, {@usrquota}]}, 0x1, 0x4f0, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1UncNqp6gHJCCFVC9AhSGxI3imLHUeyUJvSQ/g9IVOIER/4Azj1x54LgxqUckPgRgZpKHLya8SR1k7hJmzaO4s9HGs28N2N/36s778VfJ34B9K0LEbEVEcMRcTciJvL6JN/iZntLr3u2/XB+Z/vhfBKt1u1/J9n5tC46HpN6L3/OYkT85AcRP08Oxm1sbC7PVauVtbw81aytTjU2Ni8v1eYWK4uVlXJ5dmZ2+vqVa+W31tdPasP50Vef/mnrO79MmzWe13T2421qd31oL05qMCJ+9C6C9cBA3p/hXjeEN1KIiI8i4tPs/p+IgezVBADOs1ZrIloTnWUA4LwrZDmwpFDKcwHjUSiUSu0c3scxVqjWG81L9+rrKwvtXNlkDBXuLVUr03mucDKGkrQ8kx2/KJf3la9ExIcR8auR0axcmq9XF3r5gw8A9LH39s3//xtpz/8AwDlX3F8x0pt2AACn58D8DwCce+Z/AOg/5n8A6D/mfwDoP+Z/AOg/5n8A6Cs/vnUr3Vo7+fdfL9zfWF+u37+8UGksl2rr86X5+tpqabFeX8y+s6d21PNV6/XVmaux/mDyu6uN5lRjY/NOrb6+0ryTfa/3ncrQqfQKAHiVDz958tckIrZujGZbdKzlYK6G863Q6wYAPTPQ6wYAPWO1L+hfJ3iPLz0A58QhS/S+pBgRo/srW61W6+WaA5cAZ9fFL8n/Q7/qyP/7LWDoM/L/0L/k/6F/tVrJcdf8j+NeCACcbXL8QJfP/z/K97/PPxz42cL+Kx6/y1YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2ba7/m8pXwt8PAqFUini/YiYjKHk3lK1Mh0RH0TEX0aGRtLyTI/bDACcVOEfSb7+18WJz8b3nx1Ono9k+4j4xW9u//rBXLO59ue0/j979c3HeX25F+0HAI6yO09n+4438s+2H87vbqfZnn9+PyKK7fg728Oxsxd/MAazfTGGImLsv0lebks6chcnsfUoIr54WP+TGM9yIO2VT/fHT2O/f6rxCy/FL2Tn2vv03+ILrxPUos+QeZKOPzcPu/8KcSHbH37/F7MR6uTy8S99qvmdbAx8EX93/BvoMv5dOG6Mq3/8Yfto9OC5RxFfHozYjb3TMf7sxk+6xP/smPH/9pWvfdrtXOu3ERfj8PidsaaatdWpxsbm5aXa3GJlsbJSLs/OzE5fv3KtPJXlqKe6zwb/unHpg27n0v6PdYlfPKL/3zxm/3/3/7s//for4n/7G4fFL8THr4ifDuHfOmb8ubE/FLudS+MvdOn/Ua//pWPGf/r3zQPLhgMAvdPY2Fyeq1Yraw4cnP2D9L/s0RcnPWnh904r1nC81qNarTeK1W3EeBtZN+As2LvpI+J5rxsDAAAAAAAAAAAAAAAc6jT+YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+jwAAP//rCPR4g==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200), 0xfea7)
r6 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r6, 0x0)
copy_file_range(r5, &(0x7f00000001c0), r4, 0x0, 0xffffffffa003e45c, 0x700000000000000)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)=ANY=[@ANYBLOB="c435deb82600003900100028bd7000fddbdf250d000000090086006c626c630000f3ff08002600ac1414bb08", @ANYRES32, @ANYBLOB="08004600ac1414bb8300158008003e00ac1414aa04003d0014005500000000000000000000000000000000008e9291dd34ce355b56f919ba58a96c97ff1fe323fc1ed2f15c0555beae1bb191005d97ff627f2184f305b3a2a843d25a479cc3ae1998b926d09a6e26df9ad85c3aae0a54107544b1cd81c19dd1415167946aaa688afad5770141ea69a5be2e007f021e8008000b00", @ANYRES32=0xee01, @ANYBLOB="ed24aa67cc394a87fb1fb707459891d760dd1cec05dc545295f12bb87ad0a352344164314e37356a76de58674d276762dbf4fa600ac678a013d02f44f7b308074e77ffabf854c22b16b752ab0552625300838b6120500b32513da7f3734cd4f2c7626f4867b2b3ab993998f03d3e20ae8c23ca8f09adf6cd2bbbe0b5c1232cc1e204a2004b85fdf84ad0c23838e79a67252218ac338d8ff9a3b69986692ec6bb9f840a15b6e0992da2ed767ac23c08f4cb87fe3ac70c06d7218064f9f74dfe5aa91a2d20c8899457724db7f9860f44f5f88403b0163e76de2095f538b9080d8afc4559d95686331b917ada8b70204b98eaa1e9080039007b6c000008006c00", @ANYRES32, @ANYBLOB="18dc63e8da2d8115f30854b09ae851f9ea91f620e0f93bc9f3c94df5d1b81386651b5a694f0c4fa3de9a6c6be94417d0c86503a15483941a2bf586aac20c51f3e0eb7019eaa002d9ab0a9ad6a0eaccbc941e0654f657bcf0bf7c78e2844b4d5a4157623d60c447fd5d387c7a6fcec701f4f3cd3db0d42b7ce104b360fc9e2aafe90e3302675d71a412c5589f6f21fa5ed83b7a6c8f418246a2117ba4064317e0fa070000006f0a9df5b5991a8dec8e8fb45d92a0c2a4032a6704192ff67ae3bcb602b0b700df48d6badd7a504e7d1d6b6fe7e3761fb4d85cb527df7c594bae9704a2e5ac92d7728bd29f6d1ddda69d3a21ff72d26aee506db8905784f7d8089a89224238a6401916ec6d13dc4e97c65af94585d3ad460e506427568df44a3f1a3fa77f00c1f1102d049d87df65458ed1555a175d26fffd3598c28b32789e6264a1e247ce2d467b8f792dfbe665400da5e2c35839797d3979c8bceedf875eec6b9115853764c2588837bbed3ef6b20800090070771eaf4f87d60487bc60ada850682e6b574d4db732b2307fa62c4983694f5b147c7b0bcff7806d8df3111ec312e30d0d22e029176a8a1dd215ae9fcb05ad05890dc7d16afe1b3a2205cd7ee283ab41c87567073e17f32f6b444fea138121fde9804b95723b83e3af2dd71eb0f4f5bec3c121c782c98eb1bd9095b18f7de274d85e30aeeb94a06790d73b4aa532fd3353fd9b8c9a79047868ec61938a39abe5682fb089c737fc5d58a335e8fbe7bf00462c3f887e4d46fbb0ce867ba6", @ANYRES32, @ANYBLOB="007a231180a7f8bb050c02f18c03ea92bf4487ae7dd663020093e36ecf514aa91259e356baefb0199232287abe1d97c1bf45a2c784e5dc0c81884d817865265628e61dd1f6c569b9af4d807939172f7022039c68fbb0aafa688b990fa61d072371c664876e018f313144d3230d9aaf94c76bf51b186ea940f920f33764e59e6b123a71b217a0922ee0958fef9fc7295be16697dfffae04d1d8661bc8e500165def249ce7cea0c64e5a38f9da4d6230799c8828c9dacd4a71cd7d69eae59df5d4f7e9c9cceb47ebce7d4ed9ddef22735da4ae11eb226912d94fdc359c615774fadeb0f73438f9d5bc8b00172e85a252c301aeb60400960062a5a54ca66b23248cd785f8de2fd3b0b349afe6f8720b77a3ec6c6b4e21841dc130bf95b2e9c2c5a80799d1d65c393e3afe73d48a8ab71fe2debe1c7d1f42893bd97b504f4f756b336407fd129ab3fb78cab64e773063484b12d68075417bc0094a6a8a85f891edc0189e15cda89e4efcd11b6de3422daa8f652de1f9e2aaa82206d29ae2983a8e4ca2844230ec96d35794df97956f38768206d632b414fd6a1decb44e86cfa141b63d3d6b7de79566a5683307cbd14dd934d0e7b966ce6614ee49e49fe7573b5255862c7ce1a1d486d00e10b5f51af7060ee07180fda8b27d63585f22897baab2bc9c516ca5417453387d3b8bc2083eb3a6f04ae0f20b1abebef684462fcf0008a693f42b16dfd7f33b45ec7379ece6b39db9d26b5d1f3c799377a1e85f75ba853f60db4bf2ad0eefafd7b5f6fa74424bfd64f4d8c8883f92a0deb21b3d484ed173a286c6402e3dd05dbf1ae2d21f58b9d6004db0260041abb67ed6b84004334eda0b565d2ef217dfc30add4ef95449dc97d372816c87974f678f0444e7a260c56b4faad0a97dc886b4a48f201b5bfe61e57589a21427b2ff8d06e15f11cf8768e6a509739bb0c5a86586784e5d2ceda8642703a2f2ebe92597d7ad072ad86bfc6dfb3cdcd57e3c0f55e869d8d64b3cd9bd68c09e2ef84266b5b1a3a0a595e12062f0460860fd57b74f3bbe7aeb6f7cc110abc0ee5374e23ba193b535660f6a6f2d437873a9cdd864308b73ed30146df5dd9d7dbef70227c2c2b894c550690e59104168e45780894f52e254d785c1cc2f801d11d2802ba6e4ac3ad8cc258016950ffe13ab64b5f1dbff89e7831e10561f3b6c40c73acfc9a075020cc04df543e4905bf82cdffab1f5f46665ce2b4b7cd63a4676a47fb30fd90f829f9038bb1af1e330a548dda5c6d14ddb638ece9fc142a32a6c28f0eb0603602ff4df6f91c631c5ec729b3cc7222bc9435459907417d37abd257fb41670cff3d010fd47ef1aaec1033dd04a913ae5f7b34590495882fb619bdd35bf7f275e1628824c7110da897c42abf18ac4cc99fb9449380fdd0b64263822fb1d5e6775a4048a444a8db132ff4e173ed5e9da88a3d59b8006b3e99f4014fdde410fe2c7ae152a5b456c66c37c091a5e5fcc88f8d0d26e89df47701d3981c2668d09feeca7b205dd53307488ccd189b614f57edf61e7c69ad56333bd8559de05b67f74afd183cf17521f19fcb22f9757a711c304e6627686ac33a8e19e63c7564b1c73446d964ec543e5d0bb36169269528ea3beb0c57999047b071756d8096dd11d3867b000f7a1d71c7135e52af0ac572ebb64c27a12c6fec74a9d31129c999c7e72d9a99ffb955dc3c2f1ded11b5371ccf533d9d11e0a5290ccb1813385a958e1e0a174fbf72d32a91dee4a0b6c86b38706db02a5489ea76f71bffe05e4c0183cc4599fdcf45a079746f20930abbdace206cdfb1c52e7713736165a02f00929be0e725f51dcc65872af569b7cf1d25d7e1f38af18ee01a78145242c3ca74957a1333daa7373131fc168d20d808a2263e4c04d28662cf04dcff184348cbfdd2bf7302073171d2caa40d26100fecd88d38fe3a43a4570002bc015f69a30ed8f59cfd485bd7a28c6f0ba8db92307471ed7d56bc527c16dd486101550d947e81294f8724ff989929e191b10161569846d23c3f837f0988316b12d3caca126f12b7c20cf3167cf3a60bc42abdbf92a3e7b934e73673f0f6e27e0d999fd3754769b0781a504b6796157c56c82afe2267c634f1fb32d7dd88ac5ccf4ecc118b6345c71b98a660bf785b82f6ea037ab71a021873b678d9cf43584cf1f6ac1af2eaf60d41cb2fa9e0c1999d78be5f71997d33b9b63a40525a5e2251edb6d11f179b2b05284dc356031645f11810ac166d72d320d233b2ed1f4ac82f12a268e0b307ca780cb596451b2ab777efe02f0d24bca95c6067fd4f50e9823df93e01376fddc0e97b55692ba65a1b66c928391ffb48e4d5be1c8a4582b04080e60d8c73be56dd427d5c113772c9fc004fb99e12263fefd0813d8d437bf2367014dd89670f46f3bed9772cabbc0afd536ca29efdc387d993d3f25b593dd55e6946524493ec0808a970693e1fd8ed4b20cb095d013cabdc829ab3f56ca2f1366d2cd83d888eb944e808786642d757962e23e29d1eb09638b"], 0x26b8}}, 0x0)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r7, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r7, 0x1)
getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000003140)=""/4094, &(0x7f0000000e00)=0xffe)
ftruncate(0xffffffffffffffff, 0x3)
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="d40000000109010400000000"], 0xd4}}, 0x0)

6.829439407s ago: executing program 3:
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="01"], 0x1c}}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7)

6.779574098s ago: executing program 2:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0x0)
shutdown(r0, 0x0)
fstat(0xffffffffffffffff, 0x0)
setuid(0x0)

6.170850183s ago: executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
r3 = io_uring_setup(0x3eae, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000})

6.076239918s ago: executing program 3:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ftruncate(r2, 0xf2d)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = dup(r2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000002100)={{0x3, 0x1, 0x6, 0x0, 0x7fffffff}})
sendfile(r3, r4, 0x0, 0xe0000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x87}, {0x3c}, {0x6}]})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = dup(r1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r10, &(0x7f0000000080)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x2a, 0x7d1cdc3e828018e9, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KDFONTOP_GET(r5, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0xf, 0x1de, &(0x7f00000003c0)})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})

5.877426908s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0)
pread64(r8, 0x0, 0x0, 0x0)
getdents(r7, &(0x7f0000000380)=""/24, 0x18)
getdents64(r7, 0xffffffffffffffff, 0x43)
socket$nl_rdma(0x10, 0x3, 0x14)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0)

4.901132029s ago: executing program 1:
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22}, 0x10)
listen(r0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
r2 = accept4$inet(r0, 0x0, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @loopback}, 0x10)
r3 = ioctl$TUNGETDEVNETNS(r2, 0x5450, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8901, &(0x7f00000000c0))

4.657847915s ago: executing program 4:
getpeername(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c)
dup3(r1, r0, 0x0)
write$P9_RVERSION(r0, 0x0, 0x0)

4.595268229s ago: executing program 2:
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x5451, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x5450, 0x0)

4.484758175s ago: executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000006c0)={@val, @void, @eth={@broadcast, @random="91d6e8bc19e3", @void, {@ipv4={0x800, @udp={{0x7, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x2000, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private}, {0x0, 0x0, 0x8}}}}}}, 0x2e)

4.135486419s ago: executing program 2:
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x0, 0xa, 0x3ff, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$vim2m(0xffffff9c, 0x0, 0x2, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(0xffffffffffffffff, 0x4004743a, &(0x7f0000000300))
ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00))
sendmmsg(r0, &(0x7f0000001cc0)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000540)="86a8", 0x2}, {0x0}], 0x2}}], 0x1, 0x0)

4.095251575s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000009c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
pipe2$9p(&(0x7f00000008c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80800)
write$P9_RLCREATE(r3, &(0x7f0000000900)={0x18, 0xf, 0x2, {{0x0, 0x2}, 0x6}}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x1}}, {@usrquota}]}, 0x1, 0x4f0, &(0x7f00000003c0)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1UncNqp6gHJCCFVC9AhSGxI3imLHUeyUJvSQ/g9IVOIER/4Azj1x54LgxqUckPgRgZpKHLya8SR1k7hJmzaO4s9HGs28N2N/36s778VfJ34B9K0LEbEVEcMRcTciJvL6JN/iZntLr3u2/XB+Z/vhfBKt1u1/J9n5tC46HpN6L3/OYkT85AcRP08Oxm1sbC7PVauVtbw81aytTjU2Ni8v1eYWK4uVlXJ5dmZ2+vqVa+W31tdPasP50Vef/mnrO79MmzWe13T2421qd31oL05qMCJ+9C6C9cBA3p/hXjeEN1KIiI8i4tPs/p+IgezVBADOs1ZrIloTnWUA4LwrZDmwpFDKcwHjUSiUSu0c3scxVqjWG81L9+rrKwvtXNlkDBXuLVUr03mucDKGkrQ8kx2/KJf3la9ExIcR8auR0axcmq9XF3r5gw8A9LH39s3//xtpz/8AwDlX3F8x0pt2AACn58D8DwCce+Z/AOg/5n8A6D/mfwDoP+Z/AOg/5n8A6Cs/vnUr3Vo7+fdfL9zfWF+u37+8UGksl2rr86X5+tpqabFeX8y+s6d21PNV6/XVmaux/mDyu6uN5lRjY/NOrb6+0ryTfa/3ncrQqfQKAHiVDz958tckIrZujGZbdKzlYK6G863Q6wYAPTPQ6wYAPWO1L+hfJ3iPLz0A58QhS/S+pBgRo/srW61W6+WaA5cAZ9fFL8n/Q7/qyP/7LWDoM/L/0L/k/6F/tVrJcdf8j+NeCACcbXL8QJfP/z/K97/PPxz42cL+Kx6/y1YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2ba7/m8pXwt8PAqFUini/YiYjKHk3lK1Mh0RH0TEX0aGRtLyTI/bDACcVOEfSb7+18WJz8b3nx1Ono9k+4j4xW9u//rBXLO59ue0/j979c3HeX25F+0HAI6yO09n+4438s+2H87vbqfZnn9+PyKK7fg728Oxsxd/MAazfTGGImLsv0lebks6chcnsfUoIr54WP+TGM9yIO2VT/fHT2O/f6rxCy/FL2Tn2vv03+ILrxPUos+QeZKOPzcPu/8KcSHbH37/F7MR6uTy8S99qvmdbAx8EX93/BvoMv5dOG6Mq3/8Yfto9OC5RxFfHozYjb3TMf7sxk+6xP/smPH/9pWvfdrtXOu3ERfj8PidsaaatdWpxsbm5aXa3GJlsbJSLs/OzE5fv3KtPJXlqKe6zwb/unHpg27n0v6PdYlfPKL/3zxm/3/3/7s//for4n/7G4fFL8THr4ifDuHfOmb8ubE/FLudS+MvdOn/Ua//pWPGf/r3zQPLhgMAvdPY2Fyeq1Yraw4cnP2D9L/s0RcnPWnh904r1nC81qNarTeK1W3EeBtZN+As2LvpI+J5rxsDAAAAAAAAAAAAAAAc6jT+YqnXfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD8+jwAAP//rCPR4g==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200), 0xfea7)
r6 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r6, 0x0)
copy_file_range(r5, &(0x7f00000001c0), r4, 0x0, 0xffffffffa003e45c, 0x700000000000000)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x5a042, 0x20)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$alg(0x26, 0x5, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001640)=ANY=[@ANYBLOB="c435deb82600003900100028bd7000fddbdf250d000000090086006c626c630000f3ff08002600ac1414bb08", @ANYRES32, @ANYBLOB="08004600ac1414bb8300158008003e00ac1414aa04003d0014005500000000000000000000000000000000008e9291dd34ce355b56f919ba58a96c97ff1fe323fc1ed2f15c0555beae1bb191005d97ff627f2184f305b3a2a843d25a479cc3ae1998b926d09a6e26df9ad85c3aae0a54107544b1cd81c19dd1415167946aaa688afad5770141ea69a5be2e007f021e8008000b00", @ANYRES32=0xee01, @ANYBLOB="ed24aa67cc394a87fb1fb707459891d760dd1cec05dc545295f12bb87ad0a352344164314e37356a76de58674d276762dbf4fa600ac678a013d02f44f7b308074e77ffabf854c22b16b752ab0552625300838b6120500b32513da7f3734cd4f2c7626f4867b2b3ab993998f03d3e20ae8c23ca8f09adf6cd2bbbe0b5c1232cc1e204a2004b85fdf84ad0c23838e79a67252218ac338d8ff9a3b69986692ec6bb9f840a15b6e0992da2ed767ac23c08f4cb87fe3ac70c06d7218064f9f74dfe5aa91a2d20c8899457724db7f9860f44f5f88403b0163e76de2095f538b9080d8afc4559d95686331b917ada8b70204b98eaa1e9080039007b6c000008006c00", @ANYRES32, @ANYBLOB="18dc63e8da2d8115f30854b09ae851f9ea91f620e0f93bc9f3c94df5d1b81386651b5a694f0c4fa3de9a6c6be94417d0c86503a15483941a2bf586aac20c51f3e0eb7019eaa002d9ab0a9ad6a0eaccbc941e0654f657bcf0bf7c78e2844b4d5a4157623d60c447fd5d387c7a6fcec701f4f3cd3db0d42b7ce104b360fc9e2aafe90e3302675d71a412c5589f6f21fa5ed83b7a6c8f418246a2117ba4064317e0fa070000006f0a9df5b5991a8dec8e8fb45d92a0c2a4032a6704192ff67ae3bcb602b0b700df48d6badd7a504e7d1d6b6fe7e3761fb4d85cb527df7c594bae9704a2e5ac92d7728bd29f6d1ddda69d3a21ff72d26aee506db8905784f7d8089a89224238a6401916ec6d13dc4e97c65af94585d3ad460e506427568df44a3f1a3fa77f00c1f1102d049d87df65458ed1555a175d26fffd3598c28b32789e6264a1e247ce2d467b8f792dfbe665400da5e2c35839797d3979c8bceedf875eec6b9115853764c2588837bbed3ef6b20800090070771eaf4f87d60487bc60ada850682e6b574d4db732b2307fa62c4983694f5b147c7b0bcff7806d8df3111ec312e30d0d22e029176a8a1dd215ae9fcb05ad05890dc7d16afe1b3a2205cd7ee283ab41c87567073e17f32f6b444fea138121fde9804b95723b83e3af2dd71eb0f4f5bec3c121c782c98eb1bd9095b18f7de274d85e30aeeb94a06790d73b4aa532fd3353fd9b8c9a79047868ec61938a39abe5682fb089c737fc5d58a335e8fbe7bf00462c3f887e4d46fbb0ce867ba6", @ANYRES32, @ANYBLOB="007a231180a7f8bb050c02f18c03ea92bf4487ae7dd663020093e36ecf514aa91259e356baefb0199232287abe1d97c1bf45a2c784e5dc0c81884d817865265628e61dd1f6c569b9af4d807939172f7022039c68fbb0aafa688b990fa61d072371c664876e018f313144d3230d9aaf94c76bf51b186ea940f920f33764e59e6b123a71b217a0922ee0958fef9fc7295be16697dfffae04d1d8661bc8e500165def249ce7cea0c64e5a38f9da4d6230799c8828c9dacd4a71cd7d69eae59df5d4f7e9c9cceb47ebce7d4ed9ddef22735da4ae11eb226912d94fdc359c615774fadeb0f73438f9d5bc8b00172e85a252c301aeb60400960062a5a54ca66b23248cd785f8de2fd3b0b349afe6f8720b77a3ec6c6b4e21841dc130bf95b2e9c2c5a80799d1d65c393e3afe73d48a8ab71fe2debe1c7d1f42893bd97b504f4f756b336407fd129ab3fb78cab64e773063484b12d68075417bc0094a6a8a85f891edc0189e15cda89e4efcd11b6de3422daa8f652de1f9e2aaa82206d29ae2983a8e4ca2844230ec96d35794df97956f38768206d632b414fd6a1decb44e86cfa141b63d3d6b7de79566a5683307cbd14dd934d0e7b966ce6614ee49e49fe7573b5255862c7ce1a1d486d00e10b5f51af7060ee07180fda8b27d63585f22897baab2bc9c516ca5417453387d3b8bc2083eb3a6f04ae0f20b1abebef684462fcf0008a693f42b16dfd7f33b45ec7379ece6b39db9d26b5d1f3c799377a1e85f75ba853f60db4bf2ad0eefafd7b5f6fa74424bfd64f4d8c8883f92a0deb21b3d484ed173a286c6402e3dd05dbf1ae2d21f58b9d6004db0260041abb67ed6b84004334eda0b565d2ef217dfc30add4ef95449dc97d372816c87974f678f0444e7a260c56b4faad0a97dc886b4a48f201b5bfe61e57589a21427b2ff8d06e15f11cf8768e6a509739bb0c5a86586784e5d2ceda8642703a2f2ebe92597d7ad072ad86bfc6dfb3cdcd57e3c0f55e869d8d64b3cd9bd68c09e2ef84266b5b1a3a0a595e12062f0460860fd57b74f3bbe7aeb6f7cc110abc0ee5374e23ba193b535660f6a6f2d437873a9cdd864308b73ed30146df5dd9d7dbef70227c2c2b894c550690e59104168e45780894f52e254d785c1cc2f801d11d2802ba6e4ac3ad8cc258016950ffe13ab64b5f1dbff89e7831e10561f3b6c40c73acfc9a075020cc04df543e4905bf82cdffab1f5f46665ce2b4b7cd63a4676a47fb30fd90f829f9038bb1af1e330a548dda5c6d14ddb638ece9fc142a32a6c28f0eb0603602ff4df6f91c631c5ec729b3cc7222bc9435459907417d37abd257fb41670cff3d010fd47ef1aaec1033dd04a913ae5f7b34590495882fb619bdd35bf7f275e1628824c7110da897c42abf18ac4cc99fb9449380fdd0b64263822fb1d5e6775a4048a444a8db132ff4e173ed5e9da88a3d59b8006b3e99f4014fdde410fe2c7ae152a5b456c66c37c091a5e5fcc88f8d0d26e89df47701d3981c2668d09feeca7b205dd53307488ccd189b614f57edf61e7c69ad56333bd8559de05b67f74afd183cf17521f19fcb22f9757a711c304e6627686ac33a8e19e63c7564b1c73446d964ec543e5d0bb36169269528ea3beb0c57999047b071756d8096dd11d3867b000f7a1d71c7135e52af0ac572ebb64c27a12c6fec74a9d31129c999c7e72d9a99ffb955dc3c2f1ded11b5371ccf533d9d11e0a5290ccb1813385a958e1e0a174fbf72d32a91dee4a0b6c86b38706db02a5489ea76f71bffe05e4c0183cc4599fdcf45a079746f20930abbdace206cdfb1c52e7713736165a02f00929be0e725f51dcc65872af569b7cf1d25d7e1f38af18ee01a78145242c3ca74957a1333daa7373131fc168d20d808a2263e4c04d28662cf04dcff184348cbfdd2bf7302073171d2caa40d26100fecd88d38fe3a43a4570002bc015f69a30ed8f59cfd485bd7a28c6f0ba8db92307471ed7d56bc527c16dd486101550d947e81294f8724ff989929e191b10161569846d23c3f837f0988316b12d3caca126f12b7c20cf3167cf3a60bc42abdbf92a3e7b934e73673f0f6e27e0d999fd3754769b0781a504b6796157c56c82afe2267c634f1fb32d7dd88ac5ccf4ecc118b6345c71b98a660bf785b82f6ea037ab71a021873b678d9cf43584cf1f6ac1af2eaf60d41cb2fa9e0c1999d78be5f71997d33b9b63a40525a5e2251edb6d11f179b2b05284dc356031645f11810ac166d72d320d233b2ed1f4ac82f12a268e0b307ca780cb596451b2ab777efe02f0d24bca95c6067fd4f50e9823df93e01376fddc0e97b55692ba65a1b66c928391ffb48e4d5be1c8a4582b04080e60d8c73be56dd427d5c113772c9fc004fb99e12263fefd0813d8d437bf2367014dd89670f46f3bed9772cabbc0afd536ca29efdc387d993d3f25b593dd55e6946524493ec0808a970693e1fd8ed4b20cb095d013cabdc829ab3f56ca2f1366d2cd83d888eb944e808786642d757962e23e29d1eb09638b"], 0x26b8}}, 0x0)
r7 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r7, &(0x7f00000001c0)="c2", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r7, 0x1)
getsockopt$bt_hci(r7, 0x84, 0x80, &(0x7f0000003140)=""/4094, &(0x7f0000000e00)=0xffe)
ftruncate(0xffffffffffffffff, 0x3)
memfd_create(&(0x7f0000000000)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;Y\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2W\xc72\xea\xb7Wp\xc36\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KB\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89\xc4s\xb7\x14~}\xaa\x8c\xc3\x95BAE\xf2.\x8f#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\xa6XI\xe5h\xaa\x15\x9a\xf7Z\xe3%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xe29\xc3}\xb9P\xd5F\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x1b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00'/1301, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="d40000000109010400000000"], 0xd4}}, 0x0)

3.824597743s ago: executing program 3:
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$TIOCGWINSZ(r0, 0x8927, &(0x7f0000000140))

3.197209322s ago: executing program 2:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
fstat(r0, &(0x7f00000022c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
setresuid(0xffffffffffffffff, r1, 0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

2.832264843s ago: executing program 1:
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16, @ANYBLOB="01"], 0x1c}}, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="040e041e0b20"], 0x7)

2.604592847s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r6, &(0x7f0000000100)='reno\x00', 0x5)
write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0)

2.56341162s ago: executing program 3:
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
arch_prctl$ARCH_GET_GS(0x1004, 0x0)

2.372135852s ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x13, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x19}]}, &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f0000000180)}, 0x20)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r3)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000200)='map_files\x00')
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000340)='oom_score_adj\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x1, &(0x7f0000000000)=[{0x6}]})
ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, 0x0)
pread64(r8, 0x0, 0x0, 0x0)
getdents(r7, &(0x7f0000000380)=""/24, 0x18)
getdents64(r7, 0xffffffffffffffff, 0x43)
socket$nl_rdma(0x10, 0x3, 0x14)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000bc0)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r9, &(0x7f0000000b80)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001500000020002b8008000100030000000c0005000000000000000000050002000000000008000300", @ANYRES32=r11], 0x44}}, 0x0)

1.125308101s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
r3 = io_uring_setup(0x3eae, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000080)={&(0x7f0000c15000/0x1000)=nil, &(0x7f0000508000/0x4000)=nil, 0x1000})

0s ago: executing program 1:
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x0, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101, 0x7}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
ftruncate(r2, 0xf2d)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r4 = dup(r2)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000002100)={{0x3, 0x1, 0x6, 0x0, 0x7fffffff}})
sendfile(r3, r4, 0x0, 0xe0000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x3, &(0x7f0000000080)=[{0x87}, {0x3c}, {0x6}]})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
socket$alg(0x26, 0x5, 0x0)
r6 = dup(r1)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r10, &(0x7f0000000080)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0xfff1, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x2a, 0x7d1cdc3e828018e9, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KDFONTOP_GET(r5, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x0, 0xf, 0x1de, &(0x7f00000003c0)})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.2' (ED25519) to the list of known hosts.
2024/06/12 17:43:00 fuzzer started
2024/06/12 17:43:01 dialing manager at 10.128.0.169:30026
[  163.448886][ T5045] cgroup: Unknown subsys name 'net'
[  163.707132][ T5045] cgroup: Unknown subsys name 'rlimit'
2024/06/12 17:43:49 starting 5 executor processes
[  209.844018][ T5046] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  212.104837][ T5074] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  212.133971][ T5074] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  212.145593][ T5074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  212.186487][   T50] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  212.197640][   T50] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  212.207149][   T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  212.217320][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  212.231791][   T50] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  212.242702][   T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  212.253468][   T50] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  212.263371][   T50] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  212.276736][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  212.394395][ T4430] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  212.412131][ T5074] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  212.420295][ T5079] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  212.429727][ T5074] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  212.454240][ T5079] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  212.464836][ T5079] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  212.474383][ T5078] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  212.487544][ T5079] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  212.496449][ T5079] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  212.497438][ T5078] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  212.516364][ T5078] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  212.527310][ T5078] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  212.577645][ T5078] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  212.828497][ T5078] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  212.838401][ T5078] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  212.853217][ T5078] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  212.864557][ T5078] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  212.873932][ T5078] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  213.704854][ T5072] chnl_net:caif_netlink_parms(): no params data found
[  213.725959][ T5075] chnl_net:caif_netlink_parms(): no params data found
[  214.374352][   T50] Bluetooth: hci0: command tx timeout
[  214.406621][ T5084] chnl_net:caif_netlink_parms(): no params data found
[  214.468116][   T50] Bluetooth: hci1: command tx timeout
[  214.611288][   T50] Bluetooth: hci2: command tx timeout
[  214.662184][ T5082] chnl_net:caif_netlink_parms(): no params data found
[  214.685977][ T5081] chnl_net:caif_netlink_parms(): no params data found
[  214.884096][   T50] Bluetooth: hci3: command tx timeout
[  215.011525][   T50] Bluetooth: hci4: command tx timeout
[  215.157275][ T5075] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.165973][ T5075] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.173948][ T5075] bridge_slave_0: entered allmulticast mode
[  215.183363][ T5075] bridge_slave_0: entered promiscuous mode
[  215.392666][ T5075] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.400560][ T5075] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.410091][ T5075] bridge_slave_1: entered allmulticast mode
[  215.419469][ T5075] bridge_slave_1: entered promiscuous mode
[  215.434849][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.445307][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.453313][ T5084] bridge_slave_0: entered allmulticast mode
[  215.462621][ T5084] bridge_slave_0: entered promiscuous mode
[  215.523296][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.532599][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.540312][ T5084] bridge_slave_1: entered allmulticast mode
[  215.549601][ T5084] bridge_slave_1: entered promiscuous mode
[  215.560157][ T5072] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.568007][ T5072] bridge0: port 1(bridge_slave_0) entered disabled state
[  215.576036][ T5072] bridge_slave_0: entered allmulticast mode
[  215.584191][ T5072] bridge_slave_0: entered promiscuous mode
[  215.690228][ T5075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  215.757315][ T5072] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.767989][ T5072] bridge0: port 2(bridge_slave_1) entered disabled state
[  215.775992][ T5072] bridge_slave_1: entered allmulticast mode
[  215.785139][ T5072] bridge_slave_1: entered promiscuous mode
[  215.840450][ T5075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.010025][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.057344][ T5082] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.065359][ T5082] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.073204][ T5082] bridge_slave_0: entered allmulticast mode
[  216.083054][ T5082] bridge_slave_0: entered promiscuous mode
[  216.163946][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.173914][ T5081] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.181792][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.189515][ T5081] bridge_slave_0: entered allmulticast mode
[  216.198726][ T5081] bridge_slave_0: entered promiscuous mode
[  216.220394][ T5072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.230375][ T5081] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.241096][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.248936][ T5081] bridge_slave_1: entered allmulticast mode
[  216.258182][ T5081] bridge_slave_1: entered promiscuous mode
[  216.267650][ T5082] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.275583][ T5082] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.283482][ T5082] bridge_slave_1: entered allmulticast mode
[  216.292436][ T5082] bridge_slave_1: entered promiscuous mode
[  216.310195][ T5075] team0: Port device team_slave_0 added
[  216.454609][ T5072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.464670][   T50] Bluetooth: hci0: command tx timeout
[  216.541281][   T50] Bluetooth: hci1: command tx timeout
[  216.546188][ T5075] team0: Port device team_slave_1 added
[  216.701352][   T50] Bluetooth: hci2: command tx timeout
[  216.752231][ T5084] team0: Port device team_slave_0 added
[  216.761947][ T5075] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.769114][ T5075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.795508][ T5075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.853985][ T5081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.873940][ T5082] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.891961][ T5084] team0: Port device team_slave_1 added
[  216.901813][ T5075] batman_adv: batadv0: Adding interface: batadv_slave_1
[  216.908950][ T5075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.935714][ T5075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  216.944149][   T50] Bluetooth: hci3: command tx timeout
[  216.955542][ T5072] team0: Port device team_slave_0 added
[  216.986428][ T5081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.005203][ T5082] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.084442][ T5072] team0: Port device team_slave_1 added
[  217.098291][   T50] Bluetooth: hci4: command tx timeout
[  217.197068][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.204355][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.231997][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.388359][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.396333][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.424435][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.438949][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.446355][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.472786][ T5072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.513021][ T5081] team0: Port device team_slave_0 added
[  217.547542][ T5082] team0: Port device team_slave_0 added
[  217.591972][ T5072] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.599134][ T5072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.626583][ T5072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.667198][ T5081] team0: Port device team_slave_1 added
[  217.683124][ T5082] team0: Port device team_slave_1 added
[  217.733909][ T5075] hsr_slave_0: entered promiscuous mode
[  217.743902][ T5075] hsr_slave_1: entered promiscuous mode
[  217.988298][ T5084] hsr_slave_0: entered promiscuous mode
[  217.999532][ T5084] hsr_slave_1: entered promiscuous mode
[  218.009815][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.017939][ T5084] Cannot create hsr debugfs directory
[  218.082662][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.089827][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.116249][ T5081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.133699][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_0
[  218.140963][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.175363][ T5082] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  218.235626][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.242904][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.269228][ T5081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.318448][ T5082] batman_adv: batadv0: Adding interface: batadv_slave_1
[  218.327135][ T5082] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  218.354795][ T5082] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  218.377000][ T5072] hsr_slave_0: entered promiscuous mode
[  218.387219][ T5072] hsr_slave_1: entered promiscuous mode
[  218.395807][ T5072] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.403718][ T5072] Cannot create hsr debugfs directory
[  218.541673][   T50] Bluetooth: hci0: command tx timeout
[  218.611731][   T50] Bluetooth: hci1: command tx timeout
[  218.784586][   T50] Bluetooth: hci2: command tx timeout
[  218.997566][ T5081] hsr_slave_0: entered promiscuous mode
[  219.007808][ T5081] hsr_slave_1: entered promiscuous mode
[  219.020634][ T5081] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.021350][   T50] Bluetooth: hci3: command tx timeout
[  219.028525][ T5081] Cannot create hsr debugfs directory
[  219.079810][ T5082] hsr_slave_0: entered promiscuous mode
[  219.089164][ T5082] hsr_slave_1: entered promiscuous mode
[  219.111656][ T1217] ieee802154 phy0 wpan0: encryption failed: -22
[  219.118342][ T1217] ieee802154 phy1 wpan1: encryption failed: -22
[  219.129918][ T5082] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  219.137823][ T5082] Cannot create hsr debugfs directory
[  219.172662][   T50] Bluetooth: hci4: command tx timeout
[  219.736451][ T5075] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  219.840095][ T5075] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  219.914164][ T5084] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  219.956478][ T5075] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  220.007431][ T5084] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  220.079826][ T5075] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  220.117936][ T5084] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  220.294161][ T5084] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  220.328347][ T5072] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  220.365977][ T5072] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  220.476705][ T5072] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  220.516401][ T5072] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  220.611642][   T50] Bluetooth: hci0: command tx timeout
[  220.670004][ T5081] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  220.691567][   T50] Bluetooth: hci1: command tx timeout
[  220.727533][ T5081] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  220.798605][ T5081] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  220.860265][   T50] Bluetooth: hci2: command tx timeout
[  220.877180][ T5081] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  221.088394][ T5082] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  221.093142][   T50] Bluetooth: hci3: command tx timeout
[  221.124530][ T5082] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  221.149915][ T5082] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  221.199757][ T5082] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  221.257854][   T50] Bluetooth: hci4: command tx timeout
[  221.663063][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.750635][ T5075] 8021q: adding VLAN 0 to HW filter on device bond0
[  221.895133][ T5084] 8021q: adding VLAN 0 to HW filter on device team0
[  221.955166][ T5075] 8021q: adding VLAN 0 to HW filter on device team0
[  222.002880][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.010599][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.127937][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.135831][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.152925][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.160684][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.295291][  T778] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.303121][  T778] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.554256][ T5081] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.683432][ T5072] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.905905][ T5081] 8021q: adding VLAN 0 to HW filter on device team0
[  222.966222][ T5072] 8021q: adding VLAN 0 to HW filter on device team0
[  223.025590][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.033438][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.170265][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.178183][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.282271][ T5082] 8021q: adding VLAN 0 to HW filter on device bond0
[  223.299013][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.307002][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.323753][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.332144][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  223.500349][ T5082] 8021q: adding VLAN 0 to HW filter on device team0
[  223.767842][ T5133] bridge0: port 1(bridge_slave_0) entered blocking state
[  223.775681][ T5133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  223.856819][ T5072] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  223.932602][ T5133] bridge0: port 2(bridge_slave_1) entered blocking state
[  223.940317][ T5133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  224.950108][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  224.979401][ T5075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  225.706874][ T5084] veth0_vlan: entered promiscuous mode
[  225.860465][ T5084] veth1_vlan: entered promiscuous mode
[  226.024882][ T5072] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.122983][ T5081] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.340093][ T5082] 8021q: adding VLAN 0 to HW filter on device batadv0
[  226.382344][ T5084] veth0_macvtap: entered promiscuous mode
[  226.474128][ T5084] veth1_macvtap: entered promiscuous mode
[  226.784072][ T5081] veth0_vlan: entered promiscuous mode
[  226.806095][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.878987][ T5072] veth0_vlan: entered promiscuous mode
[  226.903705][ T5081] veth1_vlan: entered promiscuous mode
[  226.991496][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.036998][ T5072] veth1_vlan: entered promiscuous mode
[  227.071433][ T5084] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.080490][ T5084] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.089733][ T5084] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.101791][ T5084] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.236099][ T5082] veth0_vlan: entered promiscuous mode
[  227.424618][ T5072] veth0_macvtap: entered promiscuous mode
[  227.454306][ T5082] veth1_vlan: entered promiscuous mode
[  227.510764][ T5081] veth0_macvtap: entered promiscuous mode
[  227.539367][ T5072] veth1_macvtap: entered promiscuous mode
[  227.583931][ T5081] veth1_macvtap: entered promiscuous mode
[  227.870424][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.882254][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.897400][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_0
[  227.921797][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.932588][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.942791][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  227.953515][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.968733][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.042440][ T5072] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.053324][ T5072] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.068595][ T5072] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.126385][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.137253][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.147478][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.158303][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.173700][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.204468][ T5075] veth0_vlan: entered promiscuous mode
[  228.253935][ T5072] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.265465][ T5072] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.274891][ T5072] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.284019][ T5072] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.349131][ T5082] veth0_macvtap: entered promiscuous mode
[  228.403567][ T5081] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.412829][ T5081] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.422136][ T5081] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.431429][ T5081] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.479632][ T5082] veth1_macvtap: entered promiscuous mode
[  228.558751][ T5075] veth1_vlan: entered promiscuous mode
[  228.689422][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.700265][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.710448][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.721215][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.731488][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.742214][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.757609][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.938159][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.950810][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.961261][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.972193][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.982336][ T5082] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.993183][ T5082] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.008550][ T5082] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.156068][ T5075] veth0_macvtap: entered promiscuous mode
[  229.240828][ T5075] veth1_macvtap: entered promiscuous mode
[  229.263134][ T5082] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.272358][ T5082] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.281627][ T5082] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.290672][ T5082] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.564983][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.577089][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.587342][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.598123][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.608270][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.619098][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.629228][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.640088][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.655903][ T5075] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.867205][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.878105][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.888393][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.899168][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.909410][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.920540][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.930783][ T5075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.942507][ T5075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.957703][ T5075] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.262745][ T5075] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.272032][ T5075] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.281229][ T5075] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.290275][ T5075] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.302861][ T3282] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.310958][ T3282] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.543666][   T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.552199][   T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.232825][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.242383][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.487532][ T1082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.497062][ T1082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.616661][   T34] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.625467][   T34] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.719600][ T3282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.727993][ T3282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.151874][ T5139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.159950][ T5139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.410818][ T3505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.421835][ T3505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.162538][  T950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.170615][  T950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  237.490703][  T950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  237.500737][  T950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  241.440562][    C0] net_ratelimit: 44 callbacks suppressed
[  241.440636][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  249.770928][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  255.033413][ T5396] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  255.290723][   T29] audit: type=1326 audit(1718214274.414:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5395 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  255.530369][ T5398] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  262.338335][   T29] audit: type=1326 audit(1718214281.314:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5433 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  262.515172][ T5438] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  263.902900][ T5443] loop4: detected capacity change from 0 to 1024
[  264.326763][ T3282] hfsplus: b-tree write err: -5, ino 4
[  266.181407][   T29] audit: type=1326 audit(1718214285.264:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5467 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  268.467497][ T5488] loop0: detected capacity change from 0 to 1024
[  269.011876][ T3367] hfsplus: b-tree write err: -5, ino 4
[  271.379820][   T29] audit: type=1326 audit(1718214290.474:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5504 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  271.484478][ T5509] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  272.645807][ T5524] loop2: detected capacity change from 0 to 1024
[  273.158299][ T1082] hfsplus: b-tree write err: -5, ino 4
[  275.282519][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  277.542871][   T29] audit: type=1326 audit(1718214296.594:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  277.690262][ T5551] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  278.964268][ T5565] loop4: detected capacity change from 0 to 1024
[  279.586491][ T1082] hfsplus: b-tree write err: -5, ino 4
[  280.574081][ T1217] ieee802154 phy0 wpan0: encryption failed: -22
[  280.580781][ T1217] ieee802154 phy1 wpan1: encryption failed: -22
[  281.199831][   T29] audit: type=1326 audit(1718214300.274:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5585 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  281.305600][ T5589] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  283.203979][ T5595] Zero length message leads to an empty skb
[  285.087720][ T5604] loop0: detected capacity change from 0 to 1024
[  285.372944][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  285.655061][  T950] hfsplus: b-tree write err: -5, ino 4
[  286.824041][   T29] audit: type=1326 audit(1718214305.904:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5617 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  286.925310][ T5620] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  287.468344][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  289.127539][ T5641] loop3: detected capacity change from 0 to 1024
[  289.661973][ T3505] hfsplus: b-tree write err: -5, ino 4
[  290.519360][ T5666] binder: 5665:5666 ioctl 8901 20000040 returned -22
[  291.252306][   T29] audit: type=1326 audit(1718214310.344:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5667 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  291.957366][ T5677] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  293.340892][ T5697] loop2: detected capacity change from 0 to 256
[  293.475513][ T5697] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfff32d8b, utbl_chksum : 0xe619d30d)
[  293.780028][ T5699] loop4: detected capacity change from 0 to 1024
[  294.823996][   T29] audit: type=1326 audit(1718214313.894:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5706 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  294.961390][ T5712] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  296.342958][   T29] audit: type=1326 audit(1718214315.454:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5726 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  296.473451][ T5731] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  297.129789][ T5735] IPVS: Scheduler module ip_vs_sip not found
[  298.240145][ T5746] loop1: detected capacity change from 0 to 128
[  298.293006][ T5746] =======================================================
[  298.293006][ T5746] WARNING: The mand mount option has been deprecated and
[  298.293006][ T5746]          and is ignored by this kernel. Remove the mand
[  298.293006][ T5746]          option from the mount to silence this warning.
[  298.293006][ T5746] =======================================================
[  298.421399][ T5746] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  298.476598][ T5746] UDF-fs: warning (device loop1): udf_fill_super: No partition found (2)
[  298.586190][ T5520] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  298.654322][    T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  299.094488][    T8] usb 3-1: config index 0 descriptor too short (expected 68, got 36)
[  299.103197][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  299.114724][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  299.128274][    T8] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  299.147031][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.264514][    T8] usb 3-1: config 0 descriptor??
[  299.399643][    T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  299.553786][   T50] Bluetooth: hci0: Unknown advertising packet type: 0x70
[  299.553944][   T50] Bluetooth: hci0: Malformed LE Event: 0x0d
[  299.560687][    T8] usb 3-1: USB disconnect, device number 2
[  300.807569][ T5760] loop4: detected capacity change from 0 to 764
[  300.894948][ T5760] rock: directory entry would overflow storage
[  300.901772][ T5760] rock: sig=0x4654, size=5, remaining=4
[  300.926714][   T29] audit: type=1326 audit(1718214319.984:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5762 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  301.195379][ T5766] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  302.115595][   T29] audit: type=1800 audit(1718214321.214:13): pid=5776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1966 res=0 errno=0
[  302.510037][ T5779] loop4: detected capacity change from 0 to 256
[  302.716941][ T5776] loop0: detected capacity change from 0 to 4096
[  302.811936][ T5776] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  303.295519][ T5783] loop2: detected capacity change from 0 to 8
[  303.388167][ T5776] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  303.768916][ T5788] loop3: detected capacity change from 0 to 512
[  303.944587][ T5788] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  303.959782][ T5788] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it
[  303.971394][ T5788] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended
[  304.141961][ T5788] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  304.181594][ T5788] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino
[  304.220824][ T5788] EXT4-fs (loop3): Remounting filesystem read-only
[  304.228865][ T5788] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.255361][ T5788] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  304.659465][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.806978][    T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  304.995488][ T5238] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  305.204980][    T8] usb 3-1: config index 0 descriptor too short (expected 68, got 36)
[  305.213986][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.224630][    T8] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  305.238033][    T8] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  305.247653][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.294071][    T8] usb 3-1: config 0 descriptor??
[  305.423225][    T8] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  305.585755][   T29] audit: type=1326 audit(1718214324.664:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5802 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  305.664120][   T50] Bluetooth: hci0: Unknown advertising packet type: 0x70
[  305.664273][   T50] Bluetooth: hci0: Malformed LE Event: 0x0d
[  305.671959][    T8] usb 3-1: USB disconnect, device number 3
[  305.771493][ T5809] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  306.720538][   T29] audit: type=1800 audit(1718214325.784:15): pid=5821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1953 res=0 errno=0
[  307.192993][ T5828] pim6reg1: entered promiscuous mode
[  307.198809][ T5828] pim6reg1: entered allmulticast mode
[  307.403885][ T5821] loop3: detected capacity change from 0 to 4096
[  307.457808][ T5821] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  307.793057][ T5821] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  308.851520][ T5139] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  309.249990][ T5139] usb 3-1: config index 0 descriptor too short (expected 68, got 36)
[  309.259200][ T5139] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.269845][ T5139] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  309.289080][ T5139] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  309.300463][ T5139] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.334044][ T5139] usb 3-1: config 0 descriptor??
[  309.372449][   T29] audit: type=1326 audit(1718214328.364:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5848 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  309.396018][ T5139] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  309.550499][ T5854] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  309.681623][   T50] Bluetooth: hci0: Unknown advertising packet type: 0x70
[  309.681963][   T50] Bluetooth: hci0: Malformed LE Event: 0x0d
[  309.691208][   T43] usb 3-1: USB disconnect, device number 4
[  310.411390][   T29] audit: type=1800 audit(1718214329.474:17): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1946 res=0 errno=0
[  311.114083][ T5870] loop4: detected capacity change from 0 to 4096
[  311.197086][ T5870] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  311.522596][ T5870] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  312.831545][   T29] audit: type=1326 audit(1718214331.904:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5895 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  312.979823][ T5898] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  313.417880][   T43] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  313.822054][   T43] usb 1-1: config index 0 descriptor too short (expected 68, got 36)
[  313.830660][   T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.842865][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  313.856256][   T43] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  313.866017][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.954257][   T43] usb 1-1: config 0 descriptor??
[  314.024889][   T43] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  314.285296][   T50] Bluetooth: hci3: Unknown advertising packet type: 0x70
[  314.285452][   T50] Bluetooth: hci3: Malformed LE Event: 0x0d
[  314.291635][   T43] usb 1-1: USB disconnect, device number 2
[  314.716111][ T5922] loop4: detected capacity change from 0 to 4096
[  314.749428][ T5922] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  315.091411][ T5922] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  315.548379][ T5933] Illegal XDP return value 4294967294 on prog  (id 42) dev N/A, expect packet loss!
[  316.479042][   T29] audit: type=1326 audit(1718214335.534:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  316.623925][ T5947] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  316.837816][ T5951] loop2: detected capacity change from 0 to 8
[  317.166134][ T5953] loop0: detected capacity change from 0 to 2048
[  317.338810][ T5953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  317.414307][   T50] Bluetooth: hci3: unexpected cc 0x0402 length: 65 > 1
[  318.563068][ T5961] loop3: detected capacity change from 0 to 4096
[  318.609392][ T5961] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  318.938553][ T5973] dccp_invalid_packet: pskb_may_pull failed
[  318.963026][ T5967] loop0: detected capacity change from 0 to 4096
[  319.003364][ T5961] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  320.962793][ T5994] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  321.277465][ T5994] loop0: detected capacity change from 0 to 2048
[  321.482562][ T6000] loop1: detected capacity change from 0 to 512
[  321.492891][   T50] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  321.494924][ T5994] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  321.501660][   T50] Bluetooth: hci3: Injecting HCI hardware error event
[  321.545704][   T50] Bluetooth: hci3: hardware error 0x00
[  321.716176][   T29] audit: type=1326 audit(1718214340.728:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  321.811554][   T29] audit: type=1326 audit(1718214340.888:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6002 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  322.021592][   T29] audit: type=1326 audit(1718214341.128:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6005 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  322.257514][ T6008] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  323.651805][   T50] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  324.017160][ T6020] loop2: detected capacity change from 0 to 4096
[  324.145639][ T6020] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  324.366700][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  324.391469][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  324.483973][ T6020] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  325.916947][ T6034] loop2: detected capacity change from 0 to 2048
[  326.116016][ T6034] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.383038][    T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!!
[  326.438864][   T29] audit: type=1800 audit(1718214345.458:23): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  326.460465][   T29] audit: type=1804 audit(1718214345.498:24): pid=6038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3274436581/syzkaller.2WLLUh/78/bus" dev="sda1" ino=1965 res=1 errno=0
[  328.182015][ T6052] overlayfs: failed to resolve './file1': -2
[  328.389565][   T29] audit: type=1326 audit(1718214347.458:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6045 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=20 compat=1 ip=0xf7470579 code=0x0
[  328.612451][ T6050] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  330.682061][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  332.170167][ T6059] loop1: detected capacity change from 0 to 32768
[  332.239001][ T6059] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (6059)
[  332.313182][ T6063] loop3: detected capacity change from 0 to 4096
[  332.328562][ T6059] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.339500][ T6059] BTRFS info (device loop1): using sha256 (sha256-generic) checksum algorithm
[  332.344246][ T6063] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  332.350644][ T6059] BTRFS info (device loop1): using free-space-tree
[  332.463146][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  332.464382][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  332.474976][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  332.485702][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  332.495855][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  332.505849][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  332.515938][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  332.529526][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  332.541284][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  332.551881][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  332.563080][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  332.573823][ T6059] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  332.649714][ T6063] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  332.861857][ T6059] BTRFS error (device loop1): open_ctree failed
[  333.322130][   T43] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  333.711557][   T43] usb 3-1: config index 0 descriptor too short (expected 68, got 36)
[  333.720070][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  333.730621][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  333.744144][   T43] usb 3-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  333.755957][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.843181][   T43] usb 3-1: config 0 descriptor??
[  333.932709][   T43] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  334.103832][   T50] Bluetooth: hci0: Unknown advertising packet type: 0x70
[  334.103979][   T50] Bluetooth: hci0: Malformed LE Event: 0x0d
[  334.121425][   T43] usb 3-1: USB disconnect, device number 5
[  335.281892][   T29] audit: type=1326 audit(1718214354.338:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6092 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  335.412357][ T6096] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  335.528400][ T6098] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  336.188865][ T6104] loop4: detected capacity change from 0 to 4096
[  336.260183][ T6104] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  336.339863][   T29] audit: type=1326 audit(1718214355.438:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6105 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  336.363012][   T29] audit: type=1326 audit(1718214355.468:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  336.386023][   T29] audit: type=1326 audit(1718214355.498:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  336.462171][   T29] audit: type=1326 audit(1718214355.558:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=55 compat=1 ip=0xf7470579 code=0x7ffc0000
[  336.486601][   T29] audit: type=1326 audit(1718214355.558:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  336.509546][   T29] audit: type=1326 audit(1718214355.558:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  336.522379][ T6109] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  336.737177][ T6104] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  337.236180][ T5127] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  337.451382][ T5127] usb 4-1: device descriptor read/64, error -71
[  337.762813][ T5127] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  337.983326][ T5127] usb 4-1: device descriptor read/64, error -71
[  338.133656][ T5127] usb usb4-port1: attempt power cycle
[  338.584143][   T29] audit: type=1326 audit(1718214357.718:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6135 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  338.606637][ T5127] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  338.653101][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  338.702290][ T5127] usb 4-1: device descriptor read/8, error -71
[  338.703422][ T6142] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  338.841375][ T5139] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  338.932736][ T6115] Bluetooth: hci0: command 0x0406 tx timeout
[  338.933189][ T5087] Bluetooth: hci2: command 0x0406 tx timeout
[  338.938992][ T6115] Bluetooth: hci4: command 0x0406 tx timeout
[  338.939097][ T6115] Bluetooth: hci1: command 0x0406 tx timeout
[  338.971605][ T5127] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  339.081918][ T5127] usb 4-1: device descriptor read/8, error -71
[  339.082713][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.099993][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.110144][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  339.123517][    T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  339.133111][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.155224][    T8] usb 2-1: config 0 descriptor??
[  339.172657][ T5139] usb 5-1: Using ep0 maxpacket: 32
[  339.205153][ T5127] usb usb4-port1: unable to enumerate USB device
[  339.266599][ T6146] capability: warning: `syz-executor.0' uses deprecated v2 capabilities in a way that may be insecure
[  339.321693][ T5139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.333424][ T5139] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.343773][ T5139] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  339.353203][ T5139] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.395981][ T5139] usb 5-1: config 0 descriptor??
[  339.455937][ T5139] hub 5-1:0.0: USB hub found
[  339.637926][    T8] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  339.645858][    T8] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0
[  339.699427][    T8] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  339.720180][ T5139] hub 5-1:0.0: 1 port detected
[  339.742651][ T6148] loop0: detected capacity change from 0 to 4096
[  339.762106][    T8] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  339.784787][ T6148] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  339.966997][    T8] usb 2-1: USB disconnect, device number 2
[  339.967166][ T6148] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  340.057848][   T29] audit: type=1326 audit(1718214359.138:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  340.175469][ T6151] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  340.690150][ T5139] hub 5-1:0.0: activate --> -90
[  341.043302][ T6162] loop1: detected capacity change from 0 to 1024
[  341.046173][ T6157] loop0: detected capacity change from 0 to 8192
[  341.082969][ T6157] REISERFS warning (device loop0): super-6515 reiserfs_parse_options: journaled quota format not specified.
[  341.087401][ T6162] EXT4-fs: Ignoring removed i_version option
[  341.102244][ T6162] EXT4-fs: Ignoring removed orlov option
[  341.108211][ T6162] EXT4-fs: Invalid commit interval 2026860225, must be smaller than 21474836
[  341.821663][ T5139] hub 5-1:0.0: hub_ext_port_status failed (err = -32)
[  341.830880][   T29] audit: type=1800 audit(1718214360.898:35): pid=6171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1948 res=0 errno=0
[  341.854639][   T29] audit: type=1800 audit(1718214360.928:36): pid=6171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1948 res=0 errno=0
[  341.997249][ T1217] ieee802154 phy0 wpan0: encryption failed: -22
[  342.004252][ T1217] ieee802154 phy1 wpan1: encryption failed: -22
[  342.367929][   T29] audit: type=1326 audit(1718214361.448:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6173 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  342.568240][ T6180] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  342.663984][ T5127] usb 5-1: USB disconnect, device number 2
[  342.933742][ T6179] loop1: detected capacity change from 0 to 4096
[  342.990509][ T6179] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  343.346700][ T6179] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  343.471743][   T29] audit: type=1326 audit(1718214362.548:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6188 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  343.558234][ T6191] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  344.517106][ T6202] loop0: detected capacity change from 0 to 2048
[  344.592335][ T6202] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  344.651769][ T6206] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  344.687071][ T6208] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  344.729121][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  344.740499][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  344.784426][ T6202] Remounting filesystem read-only
[  344.823244][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  344.834470][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  344.851662][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  344.862753][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  344.941701][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  344.952634][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  344.967471][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  344.978469][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.031728][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.042949][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.193991][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.205005][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.238563][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.251698][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.312612][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.332736][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.399620][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.412116][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.551435][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.562470][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.641673][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.652630][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.726778][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.746350][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.809217][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.820454][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.881589][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.892611][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.939603][ T6202] NILFS (loop0): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  345.950614][ T6202] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  345.986506][   T29] audit: type=1800 audit(1718214365.098:39): pid=6202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="file2" dev="loop0" ino=16 res=0 errno=0
[  346.125789][ T6202] syz-executor.0 (6202) used greatest stack depth: 3960 bytes left
[  346.171467][   T29] audit: type=1326 audit(1718214365.238:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  346.292625][ T6223] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  346.604724][ T6224] loop4: detected capacity change from 0 to 4096
[  346.640222][ T6224] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  346.946859][ T6224] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  347.149340][   T29] audit: type=1326 audit(1718214366.178:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6228 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  347.222761][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  348.258071][ T6241] loop3: detected capacity change from 0 to 512
[  348.320031][ T6241] ext4: Unknown parameter 'euid'
[  349.329901][ T6254] loop3: detected capacity change from 0 to 2048
[  349.378239][ T6254] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  349.440416][   T29] audit: type=1326 audit(1718214368.568:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6255 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  349.478351][ T6262] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  349.575649][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  349.586734][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  349.661522][ T6254] Remounting filesystem read-only
[  349.721716][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  349.742138][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  349.786452][ T6265] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  349.792296][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  349.807103][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  349.900083][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  349.911572][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  349.987426][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  349.998395][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.047179][ T6260] loop2: detected capacity change from 0 to 4096
[  350.073672][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.084756][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.149878][ T6260] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  350.159654][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.171729][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.377262][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.388286][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.447987][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.459117][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.463678][ T6260] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  350.505476][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.516365][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.566423][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.577510][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.591524][   T29] audit: type=1326 audit(1718214369.668:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6268 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  350.615559][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.628611][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.685432][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  350.699786][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.711636][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.742192][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.757185][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.830445][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.841519][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.892133][ T6254] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  350.903124][ T6254] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  350.943433][   T29] audit: type=1800 audit(1718214370.058:44): pid=6254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file2" dev="loop3" ino=16 res=0 errno=0
[  351.958364][   T29] audit: type=1326 audit(1718214371.028:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  351.984299][   T29] audit: type=1326 audit(1718214371.028:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.007997][   T29] audit: type=1326 audit(1718214371.038:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.030929][   T29] audit: type=1326 audit(1718214371.048:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.054517][   T29] audit: type=1326 audit(1718214371.048:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.077365][   T29] audit: type=1326 audit(1718214371.048:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.152630][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  352.152705][   T29] audit: type=1326 audit(1718214371.248:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.182305][   T29] audit: type=1326 audit(1718214371.268:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.207630][   T29] audit: type=1326 audit(1718214371.268:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.244857][   T29] audit: type=1326 audit(1718214371.268:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.273551][   T29] audit: type=1326 audit(1718214371.288:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.298828][   T29] audit: type=1326 audit(1718214371.288:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.322752][   T29] audit: type=1326 audit(1718214371.408:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=16 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.345502][   T29] audit: type=1326 audit(1718214371.408:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.368360][   T29] audit: type=1326 audit(1718214371.458:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  352.749362][   T29] audit: type=1326 audit(1718214371.858:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6284 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  353.162530][ T6294] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  353.395666][ T6299] syz-executor.2[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  353.396247][ T6299] syz-executor.2[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  353.561816][ T6297] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  353.999377][ T6302] loop3: detected capacity change from 0 to 2048
[  354.044066][ T6302] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  354.109959][ T6308] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  354.199291][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.210299][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.252881][ T6302] Remounting filesystem read-only
[  354.273085][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.284119][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.311334][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.322267][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.415296][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.426238][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.531701][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.552239][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.576279][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  354.615064][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.626087][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.665687][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.677074][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.791401][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.802628][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  354.908214][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  354.919729][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.001806][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.012871][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.048084][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.070567][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.095483][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.108744][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.171632][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.182589][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.239116][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.249960][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.317455][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.328734][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.406686][ T6302] NILFS (loop3): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  355.417683][ T6302] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  355.431668][ T6319] veth0_vlan: entered allmulticast mode
[  355.649538][ T6320] veth0_vlan: left promiscuous mode
[  355.659364][ T6320] veth0_vlan: entered promiscuous mode
[  357.061862][ T6342] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  358.051429][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  358.051503][   T29] audit: type=1326 audit(1718214377.178:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6344 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  358.183447][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  359.180734][ T6354] loop1: detected capacity change from 0 to 2048
[  359.260603][ T6354] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  359.391344][ T6362] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  359.482380][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.496411][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.525566][ T6354] Remounting filesystem read-only
[  359.554420][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.569704][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.606730][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.617733][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.638947][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.650033][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.685342][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.696317][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.746520][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.757453][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.776901][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.787981][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.803672][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.814663][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.840378][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.851415][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.878656][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.889567][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.911479][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.922526][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  359.977557][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  359.988444][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  360.073103][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  360.087245][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  360.143127][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  360.154113][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  360.226356][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  360.239574][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  360.306321][ T6354] NILFS (loop1): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  360.319697][ T6354] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  360.370911][   T29] audit: type=1800 audit(1718214379.468:80): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.1" name="file2" dev="loop1" ino=16 res=0 errno=0
[  360.557542][ T6366] loop3: detected capacity change from 0 to 512
[  360.577831][   T29] audit: type=1326 audit(1718214379.658:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.604603][   T29] audit: type=1326 audit(1718214379.658:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.629257][   T29] audit: type=1326 audit(1718214379.678:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.652478][   T29] audit: type=1326 audit(1718214379.678:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.675357][   T29] audit: type=1326 audit(1718214379.708:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.701805][   T29] audit: type=1326 audit(1718214379.708:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.725650][   T29] audit: type=1326 audit(1718214379.708:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  360.728479][ T6366] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  360.748349][   T29] audit: type=1326 audit(1718214379.708:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6365 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf73f75a7 code=0x7ffc0000
[  360.868248][ T6366] EXT4-fs (loop3): orphan cleanup on readonly fs
[  360.876653][ T6366] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #3: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  360.941728][ T6366] EXT4-fs error (device loop3): ext4_quota_enable:7059: comm syz-executor.3: Bad quota inode: 3, type: 0
[  360.981389][ T6366] EXT4-fs warning (device loop3): ext4_enable_quotas:7100: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  360.999587][ T6366] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  361.007705][ T6366] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  361.056171][ T6366] fuse: Bad value for 'fd'
[  361.271451][ T5127] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  361.337298][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.366156][ T6374] loop0: detected capacity change from 0 to 512
[  361.448655][ T6374] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino
[  361.469742][ T6374] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 12 (err -117)
[  361.516181][ T6374] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.542661][ T5127] usb 5-1: Using ep0 maxpacket: 8
[  361.742864][ T5127] usb 5-1: config 0 has no interfaces?
[  361.915933][ T5127] usb 5-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.40
[  361.925568][ T5127] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.934116][ T5127] usb 5-1: Product: syz
[  361.938536][ T5127] usb 5-1: Manufacturer: syz
[  361.943605][ T5127] usb 5-1: SerialNumber: syz
[  362.024056][ T5127] usb 5-1: config 0 descriptor??
[  362.243286][ T6383] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  362.315138][ T5139] usb 5-1: USB disconnect, device number 3
[  363.194217][ T5084] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  363.585265][   T29] kauditd_printk_skb: 25 callbacks suppressed
[  363.585341][   T29] audit: type=1326 audit(1718214382.718:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6391 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  363.723692][ T6396] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  363.921851][   T29] audit: type=1804 audit(1718214382.988:115): pid=6400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3274436581/syzkaller.2WLLUh/113/file0" dev="sda1" ino=1942 res=1 errno=0
[  363.948758][   T29] audit: type=1326 audit(1718214383.008:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000
[  363.977886][   T29] audit: type=1326 audit(1718214383.008:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000
[  364.002705][   T29] audit: type=1326 audit(1718214383.028:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=187 compat=1 ip=0xf7468579 code=0x7ffc0000
[  364.025692][   T29] audit: type=1326 audit(1718214383.028:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x7ffc0000
[  365.022170][   T29] audit: type=1800 audit(1718214384.088:120): pid=6415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1954 res=0 errno=0
[  365.365969][   T29] audit: type=1326 audit(1718214384.408:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6417 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  365.799983][ T6424] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  366.228455][ T6430] loop2: detected capacity change from 0 to 2048
[  366.295247][ T6430] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  366.471845][ T6437] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  366.591218][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  366.600084][   T29] audit: type=1804 audit(1718214385.698:122): pid=6438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3636858667/syzkaller.zqmAzA/82/file0" dev="sda1" ino=1969 res=1 errno=0
[  366.602102][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  366.634231][   T29] audit: type=1326 audit(1718214385.708:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6436 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  366.770717][ T6430] Remounting filesystem read-only
[  366.835821][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  366.846732][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  366.952728][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  366.963847][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.061416][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.072587][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.147929][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.159220][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.233314][ T6434] loop4: detected capacity change from 0 to 1024
[  367.311682][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.322728][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.324809][ T6443] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  367.355246][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.366380][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.409563][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.420518][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.436853][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.452686][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.471648][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.482529][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.517971][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.529200][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.594553][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.606616][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.695281][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.707750][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.769507][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.780739][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.796748][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.807819][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  367.825837][ T6430] NILFS (loop2): bad btree node (ino=16, blocknr=15): level = 1, flags = 0x0, nchildren = 157
[  367.837132][ T6430] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  368.615050][ T6454] netlink: 'syz-executor.3': attribute type 1 has an invalid length.
[  368.636366][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  368.636437][   T29] audit: type=1800 audit(1718214387.768:129): pid=6453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1962 res=0 errno=0
[  368.746789][ T6454] bond1: entered promiscuous mode
[  369.470914][ T6467] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET)
[  369.893494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!!
[  369.984320][   T29] audit: type=1326 audit(1718214388.968:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6469 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  370.012065][ T6471] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  370.132374][   T29] audit: type=1804 audit(1718214389.218:131): pid=6475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3636858667/syzkaller.zqmAzA/85/file0" dev="sda1" ino=1961 res=1 errno=0
[  370.158145][   T29] audit: type=1326 audit(1718214389.238:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  370.181193][   T29] audit: type=1326 audit(1718214389.278:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6474 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x7ffc0000
[  370.739805][   T29] audit: type=1326 audit(1718214389.818:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  370.832172][ T6483] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  370.927724][   T29] audit: type=1326 audit(1718214390.018:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6484 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  371.093645][ T6489] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  372.006383][   T29] audit: type=1800 audit(1718214391.088:136): pid=6498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1945 res=0 errno=0
[  372.375830][ T3505] hfsplus: b-tree write err: -5, ino 4
[  372.621408][   T29] audit: type=1804 audit(1718214391.698:137): pid=6510 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir4216955046/syzkaller.tuIwHc/87/file0" dev="sda1" ino=1962 res=1 errno=0
[  372.647191][   T29] audit: type=1326 audit(1718214391.708:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x7ffc0000
[  373.383923][ T6517] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.2'.
[  373.393821][ T6517] bridge_slave_1: left allmulticast mode
[  373.399685][ T6517] bridge_slave_1: left promiscuous mode
[  373.406621][ T6517] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.502311][ T6517] bridge_slave_0: left allmulticast mode
[  373.508228][ T6517] bridge_slave_0: left promiscuous mode
[  373.515305][ T6517] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.833026][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  373.833101][   T29] audit: type=1326 audit(1718214392.938:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6522 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  373.956736][ T6526] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  374.026429][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  374.905332][ T6534] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  375.036228][ T6534] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[  375.273855][   T29] audit: type=1326 audit(1718214394.328:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  375.804029][ T6545] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  376.096162][   T29] audit: type=1800 audit(1718214395.168:144): pid=6549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1955 res=0 errno=0
[  377.307215][   T29] audit: type=1326 audit(1718214396.388:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  377.464224][ T6574] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  377.488474][   T29] audit: type=1326 audit(1718214396.558:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6571 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  377.569970][ T6579] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  378.471621][   T29] audit: type=1800 audit(1718214397.548:147): pid=6588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1956 res=0 errno=0
[  378.642456][ T6599] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  378.658885][   T29] audit: type=1326 audit(1718214397.748:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6585 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73c8579 code=0x0
[  379.564265][ T6615] IPv6: NLM_F_REPLACE set, but no existing node found!
[  380.296366][   T29] audit: type=1326 audit(1718214399.358:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6621 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  380.413785][ T6623] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  380.893847][   T29] audit: type=1326 audit(1718214399.958:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  380.966634][ T4430] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  380.976712][ T4430] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  380.986973][ T4430] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  381.006024][ T4430] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  381.021520][ T4430] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  381.070425][ T4430] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  381.166646][ T6627] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  381.912833][   T29] audit: type=1800 audit(1718214400.968:151): pid=6638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  381.995720][ T6641] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  382.403687][ T3367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.542662][ T3367] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.759687][ T3367] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.947234][ T3367] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.096767][ T6630] chnl_net:caif_netlink_parms(): no params data found
[  383.194725][ T5074] Bluetooth: hci5: command tx timeout
[  383.354101][ T3367] bridge_slave_1: left allmulticast mode
[  383.360021][ T3367] bridge_slave_1: left promiscuous mode
[  383.366942][ T3367] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.402735][ T3367] bridge_slave_0: left allmulticast mode
[  383.408646][ T3367] bridge_slave_0: left promiscuous mode
[  383.424014][ T3367] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.010550][ T3367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  384.084880][ T3367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  384.155766][ T3367] bond0 (unregistering): Released all slaves
[  384.203987][ T6656] veth0Wvlan: renamed from geneve0 (while UP)
[  384.492405][   T29] audit: type=1326 audit(1718214403.558:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6665 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  384.515732][   T29] audit: type=1326 audit(1718214403.568:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6667 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  384.615961][ T6666] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  384.776932][ T6671] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  384.947220][   T29] audit: type=1800 audit(1718214404.048:154): pid=6678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1959 res=0 errno=0
[  385.042107][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  385.159542][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  385.251312][ T5074] Bluetooth: hci5: command tx timeout
[  385.340961][ T3367] hsr_slave_0: left promiscuous mode
[  385.389466][ T3367] hsr_slave_1: left promiscuous mode
[  385.452622][ T3367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.460592][ T3367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.525996][ T3367] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.535516][ T3367] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.668595][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  385.721896][ T3367] veth1_macvtap: left promiscuous mode
[  385.727638][ T3367] veth0_macvtap: left promiscuous mode
[  385.733773][ T3367] veth1_vlan: left promiscuous mode
[  385.739213][ T3367] veth0_vlan: left promiscuous mode
[  386.704509][ T3367] team0 (unregistering): Port device team_slave_1 removed
[  386.863950][ T3367] team0 (unregistering): Port device team_slave_0 removed
[  387.352900][ T5074] Bluetooth: hci5: command tx timeout
[  387.685643][ T6630] bridge0: port 1(bridge_slave_0) entered blocking state
[  387.693488][ T6630] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.701402][ T6630] bridge_slave_0: entered allmulticast mode
[  387.710563][ T6630] bridge_slave_0: entered promiscuous mode
[  387.847936][ T6630] bridge0: port 2(bridge_slave_1) entered blocking state
[  387.856038][ T6630] bridge0: port 2(bridge_slave_1) entered disabled state
[  387.864083][ T6630] bridge_slave_1: entered allmulticast mode
[  387.873505][ T6630] bridge_slave_1: entered promiscuous mode
[  387.873541][   T29] audit: type=1326 audit(1718214406.948:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6708 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  387.957660][ T6716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  388.044371][   T29] audit: type=1326 audit(1718214407.098:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6710 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  388.161478][ T6715] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  388.313089][ T6630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  388.394846][ T6630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  388.745986][ T6630] team0: Port device team_slave_0 added
[  388.831209][ T6630] team0: Port device team_slave_1 added
[  389.101263][ T6630] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.108430][ T6630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.136583][ T6630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.303098][ T6630] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.310283][ T6630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.337140][ T6630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.412162][ T5074] Bluetooth: hci5: command tx timeout
[  389.815626][ T6630] hsr_slave_0: entered promiscuous mode
[  389.871754][ T6630] hsr_slave_1: entered promiscuous mode
[  391.653446][   T29] audit: type=1326 audit(1718214410.728:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6746 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  391.678786][   T29] audit: type=1326 audit(1718214410.728:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6748 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  391.774749][ T6751] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  391.872165][ T6752] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  392.338726][ T6630] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  392.417804][ T6630] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  392.512176][ T6630] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  392.581833][ T6630] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  393.671985][ T6630] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.828514][ T6630] 8021q: adding VLAN 0 to HW filter on device team0
[  393.909389][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.917216][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  393.991807][ T5132] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.999507][ T5132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.777923][   T29] audit: type=1326 audit(1718214413.848:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6786 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  394.865817][ T6789] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  394.997446][   T29] audit: type=1326 audit(1718214414.108:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6791 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  395.126317][ T6796] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  396.245079][ T6630] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.612940][   T29] audit: type=1326 audit(1718214416.708:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  397.728355][ T6844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  398.103226][   T29] audit: type=1326 audit(1718214417.188:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  398.253825][ T6854] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  398.897767][ T6630] veth0_vlan: entered promiscuous mode
[  399.049637][ T6630] veth1_vlan: entered promiscuous mode
[  399.484550][ T6630] veth0_macvtap: entered promiscuous mode
[  399.584425][ T6630] veth1_macvtap: entered promiscuous mode
[  399.782761][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.794584][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.806943][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.819112][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.831936][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.842799][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.854864][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.865676][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.881107][ T6630] batman_adv: batadv0: Interface activated: batadv_slave_0
[  400.070053][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.081375][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.091640][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.102448][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.114659][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.126301][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.136672][ T6630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.147537][ T6630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.163443][ T6630] batman_adv: batadv0: Interface activated: batadv_slave_1
[  400.240506][ T6630] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  400.250013][ T6630] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  400.259277][ T6630] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  400.268456][ T6630] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  401.248518][   T29] audit: type=1326 audit(1718214420.368:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  401.413066][ T6900] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  401.921644][   T29] audit: type=1326 audit(1718214421.008:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6902 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  402.118447][ T6910] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  403.444740][ T1217] ieee802154 phy0 wpan0: encryption failed: -22
[  403.451617][ T1217] ieee802154 phy1 wpan1: encryption failed: -22
[  404.989387][   T29] audit: type=1326 audit(1718214424.078:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  405.091781][ T6951] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  405.765098][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.773449][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.907446][ T3505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  405.916243][ T3505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  405.984718][   T29] audit: type=1326 audit(1718214425.018:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6959 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  406.095234][ T6965] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  406.880884][ T6979] loop3: detected capacity change from 0 to 16
[  406.983644][ T6979] erofs: (device loop3): mounted with root inode @ nid 36.
[  407.057034][ T5074] Bluetooth: hci2: unexpected event for opcode 0x2012
[  408.170606][   T29] audit: type=1326 audit(1718214427.278:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6992 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  408.241624][ T6998] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  408.296964][ T6999] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  408.424817][ T7003] loop4: detected capacity change from 0 to 8
[  408.562950][ T7003] SQUASHFS error: Failed to read block 0x1ec: -5
[  408.569669][ T7003] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  409.286282][   T29] audit: type=1326 audit(1718214428.328:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7011 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  409.447596][ T7016] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  411.091686][ T5074] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  411.100392][ T5074] Bluetooth: hci2: Injecting HCI hardware error event
[  411.108108][ T5074] Bluetooth: hci2: hardware error 0x00
[  411.206599][   T29] audit: type=1326 audit(1718214430.268:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  411.313940][ T7047] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  411.554139][ T4430] Bluetooth: hci2: unexpected event for opcode 0x200b
[  413.049937][   T29] audit: type=1326 audit(1718214432.118:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7064 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  413.163929][ T7069] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  413.180370][ T5074] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  413.252422][ T7035] loop2: detected capacity change from 0 to 32768
[  413.269421][ T7035] XFS: ikeep mount option is deprecated.
[  413.345969][ T7035] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop2": -EINTR
[  414.312596][ T5074] Bluetooth: hci4: unexpected event for opcode 0x200b
[  414.673475][   T29] audit: type=1326 audit(1718214433.738:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  414.703672][ T7089] loop3: detected capacity change from 0 to 256
[  414.813014][ T7090] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  415.497919][ T7099] loop1: detected capacity change from 0 to 64
[  416.771535][   T29] audit: type=1326 audit(1718214435.858:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  416.893410][ T7121] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  417.439948][ T5074] Bluetooth: hci0: unexpected event for opcode 0x200b
[  418.171995][   T29] audit: type=1326 audit(1718214437.268:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7134 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  418.253916][ T7141] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  418.871362][ T7146] loop0: detected capacity change from 0 to 512
[  419.173792][ T7146] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.187267][ T7146] ext4 filesystem being mounted at /root/syzkaller-testdir4216955046/syzkaller.tuIwHc/134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  420.000057][ T7162] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.0'.
[  421.274209][ T7171] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.2'.
[  421.681215][   T29] audit: type=1326 audit(1718214440.768:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7173 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0
[  421.821552][ T7176] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  426.326970][   T29] audit: type=1326 audit(1718214445.408:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7190 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0
[  426.502236][ T7192] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  427.288250][ T5084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.437624][   T29] audit: type=1326 audit(1718214448.538:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7218 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  429.587752][ T7223] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  430.968298][ T7236] loop3: detected capacity change from 0 to 256
[  431.256838][   T29] audit: type=1326 audit(1718214450.298:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7238 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f7579 code=0x0
[  431.353033][ T7244] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  431.409060][ T7243] loop1: detected capacity change from 0 to 512
[  431.677838][ T7243] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  431.691352][ T7243] ext4 filesystem being mounted at /root/syzkaller-testdir3636858667/syzkaller.zqmAzA/141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  431.900952][ T7230] loop2: detected capacity change from 0 to 8192
[  431.961341][ T7230] REISERFS warning (device loop2): super-6504 reiserfs_getopt: the option "usrjquota" requires an argument
[  431.961341][ T7230] 
[  433.003142][ T7243] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.1'.
[  435.768043][   T29] audit: type=1326 audit(1718214454.848:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7282 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  435.879412][ T7286] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  436.184224][   T29] audit: type=1326 audit(1718214455.268:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7290 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  436.273074][ T7292] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  439.919410][ T5082] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.194884][   T29] audit: type=1326 audit(1718214460.268:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7328 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  441.247519][ T7335] loop0: detected capacity change from 0 to 256
[  441.395388][ T7332] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  441.411765][   T29] audit: type=1326 audit(1718214460.478:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7331 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f4579 code=0x0
[  441.509050][ T7336] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  443.270660][ T7355] loop3: detected capacity change from 0 to 512
[  443.515845][ T7355] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.532999][ T7355] ext4 filesystem being mounted at /root/syzkaller-testdir3274436581/syzkaller.2WLLUh/184/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  444.156278][ T7353] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.3'.
[  444.665629][ T5081] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.069158][   T29] audit: type=1326 audit(1718214465.058:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7468579 code=0x0
[  446.103109][   T29] audit: type=1326 audit(1718214465.088:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7376 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf744f579 code=0x0
[  446.350211][ T7379] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  446.407223][ T7380] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  448.220910][ T7397] loop4: detected capacity change from 0 to 512
[  448.291978][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies.
[  448.487492][ T7397] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.500924][ T7397] ext4 filesystem being mounted at /root/syzkaller-testdir1374071609/syzkaller.4Srulv/20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  448.924151][ T5074] Bluetooth: hci4: unexpected event for opcode 0x200b
[  449.688823][   T29] audit: type=1326 audit(1718214468.748:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  449.742358][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  449.802422][ T7397] netlink: 192 bytes leftover after parsing attributes in process `syz-executor.4'.
[  451.891833][   T29] audit: type=1326 audit(1718214470.948:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7424 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7470579 code=0x0
[  452.014609][ T7428] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'.
[  452.381021][   T54] =====================================================
[  452.388333][   T54] BUG: KMSAN: uninit-value in virtqueue_add+0x1e86/0x65c0
[  452.395674][   T54]  virtqueue_add+0x1e86/0x65c0
[  452.400641][   T54]  virtqueue_add_sgs+0x186/0x1b0
[  452.405778][   T54]  virtscsi_add_cmd+0x838/0xad0
[  452.410825][   T54]  virtscsi_queuecommand+0x898/0xa60
[  452.416310][   T54]  scsi_queue_rq+0x4cc7/0x5a80
[  452.421263][   T54]  blk_mq_dispatch_rq_list+0x79b/0x3440
[  452.427040][   T54]  __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[  452.433697][   T54]  blk_mq_sched_dispatch_requests+0x12f/0x270
[  452.440031][   T54]  blk_mq_run_work_fn+0xd0/0x280
[  452.445170][   T54]  process_scheduled_works+0xa81/0x1bd0
[  452.450920][   T54]  worker_thread+0xea5/0x1560
[  452.455808][   T54]  kthread+0x3e2/0x540
[  452.460079][   T54]  ret_from_fork+0x6d/0x90
[  452.464683][   T54]  ret_from_fork_asm+0x1a/0x30
[  452.469644][   T54] 
[  452.472042][   T54] Uninit was stored to memory at:
[  452.477401][   T54]  copy_page_from_iter_atomic+0x12b7/0x2ae0
[  452.483526][   T54]  generic_perform_write+0x4c1/0xc60
[  452.489059][   T54]  ext4_buffered_write_iter+0x564/0xaa0
[  452.494788][   T54]  ext4_file_write_iter+0x208/0x3450
[  452.500243][   T54]  __kernel_write_iter+0x64d/0xc80
[  452.505558][   T54]  dump_user_range+0x8dc/0xee0
[  452.510510][   T54]  elf_core_dump+0x59f5/0x5d50
[  452.515479][   T54]  do_coredump+0x32d5/0x4920
[  452.520273][   T54]  get_signal+0x267e/0x2d00
[  452.524964][   T54]  arch_do_signal_or_restart+0x53/0xcb0
[  452.530731][   T54]  syscall_exit_to_user_mode+0x5d/0x160
[  452.536568][   T54]  __do_fast_syscall_32+0xc4/0x120
[  452.541888][   T54]  do_fast_syscall_32+0x38/0x80
[  452.546983][   T54]  do_SYSENTER_32+0x1f/0x30
[  452.551676][   T54]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.558281][   T54] 
[  452.560683][   T54] Uninit was created at:
[  452.565146][   T54]  __alloc_pages+0x9d6/0xe70
[  452.569904][   T54]  alloc_pages_mpol+0x299/0x990
[  452.574948][   T54]  alloc_pages+0x1bf/0x1e0
[  452.579525][   T54]  dump_user_range+0x4a/0xee0
[  452.584481][   T54]  elf_core_dump+0x59f5/0x5d50
[  452.589448][   T54]  do_coredump+0x32d5/0x4920
[  452.594219][   T54]  get_signal+0x267e/0x2d00
[  452.598981][   T54]  arch_do_signal_or_restart+0x53/0xcb0
[  452.604746][   T54]  syscall_exit_to_user_mode+0x5d/0x160
[  452.610495][   T54]  __do_fast_syscall_32+0xc4/0x120
[  452.615819][   T54]  do_fast_syscall_32+0x38/0x80
[  452.620913][   T54]  do_SYSENTER_32+0x1f/0x30
[  452.625606][   T54]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  452.632152][   T54] 
[  452.634558][   T54] Bytes 0-4095 of 4096 are uninitialized
[  452.640299][   T54] Memory access of size 4096 starts at ffff888041268000
[  452.647431][   T54] 
[  452.649852][   T54] CPU: 0 PID: 54 Comm: kworker/0:1H Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0
[  452.659821][   T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  452.670029][   T54] Workqueue: kblockd blk_mq_run_work_fn
[  452.675783][   T54] =====================================================
[  452.682808][   T54] Disabling lock debugging due to kernel taint
[  452.689068][   T54] Kernel panic - not syncing: kmsan.panic set ...
[  452.695596][   T54] CPU: 0 PID: 54 Comm: kworker/0:1H Tainted: G    B              6.9.0-syzkaller-02339-g101b7a97143a #0
[  452.706885][   T54] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  452.717099][   T54] Workqueue: kblockd blk_mq_run_work_fn
[  452.722840][   T54] Call Trace:
[  452.726228][   T54]  <TASK>
[  452.729257][   T54]  dump_stack_lvl+0x216/0x2d0
[  452.734251][   T54]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  452.740336][   T54]  dump_stack+0x1e/0x30
[  452.744676][   T54]  panic+0x4e2/0xcd0
[  452.748795][   T54]  ? kmsan_get_metadata+0xf1/0x1d0
[  452.754096][   T54]  kmsan_report+0x2d5/0x2e0
[  452.758761][   T54]  ? kmsan_get_metadata+0x146/0x1d0
[  452.764130][   T54]  ? kmsan_internal_set_shadow_origin+0x66/0xe0
[  452.770590][   T54]  ? kmsan_internal_check_memory+0x48c/0x560
[  452.776782][   T54]  ? kmsan_handle_dma+0xac/0xc0
[  452.781799][   T54]  ? virtqueue_add+0x1e86/0x65c0
[  452.786932][   T54]  ? virtqueue_add_sgs+0x186/0x1b0
[  452.792221][   T54]  ? virtscsi_add_cmd+0x838/0xad0
[  452.797426][   T54]  ? virtscsi_queuecommand+0x898/0xa60
[  452.803163][   T54]  ? scsi_queue_rq+0x4cc7/0x5a80
[  452.808273][   T54]  ? blk_mq_dispatch_rq_list+0x79b/0x3440
[  452.814204][   T54]  ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[  452.821015][   T54]  ? blk_mq_sched_dispatch_requests+0x12f/0x270
[  452.827468][   T54]  ? blk_mq_run_work_fn+0xd0/0x280
[  452.832768][   T54]  ? process_scheduled_works+0xa81/0x1bd0
[  452.838697][   T54]  ? worker_thread+0xea5/0x1560
[  452.843719][   T54]  ? kthread+0x3e2/0x540
[  452.848144][   T54]  ? ret_from_fork+0x6d/0x90
[  452.852901][   T54]  ? ret_from_fork_asm+0x1a/0x30
[  452.858121][   T54]  ? scsi_queue_rq+0x4335/0x5a80
[  452.863255][   T54]  ? blk_mq_dispatch_rq_list+0x79b/0x3440
[  452.869179][   T54]  ? __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[  452.875994][   T54]  ? blk_mq_sched_dispatch_requests+0x12f/0x270
[  452.882444][   T54]  ? blk_mq_run_work_fn+0xd0/0x280
[  452.887723][   T54]  ? process_scheduled_works+0xa81/0x1bd0
[  452.893728][   T54]  ? worker_thread+0xea5/0x1560
[  452.898770][   T54]  ? kthread+0x3e2/0x540
[  452.903272][   T54]  ? ret_from_fork+0x6d/0x90
[  452.908024][   T54]  ? ret_from_fork_asm+0x1a/0x30
[  452.913165][   T54]  ? ___slab_alloc+0xd41/0x34a0
[  452.918187][   T54]  ? kmsan_get_metadata+0x146/0x1d0
[  452.923563][   T54]  ? mempool_alloc_slab+0x36/0x50
[  452.928764][   T54]  ? should_fail_ex+0x4a/0x800
[  452.933720][   T54]  ? kmsan_get_metadata+0x146/0x1d0
[  452.939204][   T54]  kmsan_internal_check_memory+0x48c/0x560
[  452.945249][   T54]  kmsan_handle_dma+0xac/0xc0
[  452.950088][   T54]  virtqueue_add+0x1e86/0x65c0
[  452.955042][   T54]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  452.961028][   T54]  ? kmsan_get_metadata+0x146/0x1d0
[  452.966396][   T54]  ? kmsan_get_metadata+0x146/0x1d0
[  452.971770][   T54]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  452.977786][   T54]  virtqueue_add_sgs+0x186/0x1b0
[  452.982936][   T54]  virtscsi_add_cmd+0x838/0xad0
[  452.988011][   T54]  virtscsi_queuecommand+0x898/0xa60
[  452.993499][   T54]  ? __pfx_virtscsi_queuecommand+0x10/0x10
[  452.999494][   T54]  scsi_queue_rq+0x4cc7/0x5a80
[  453.004467][   T54]  ? __pfx_scsi_queue_rq+0x10/0x10
[  453.009756][   T54]  blk_mq_dispatch_rq_list+0x79b/0x3440
[  453.015520][   T54]  ? sbitmap_get+0x431/0x670
[  453.020288][   T54]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  453.026304][   T54]  ? dd_dispatch_request+0x9a1/0xa20
[  453.031796][   T54]  __blk_mq_sched_dispatch_requests+0x11b7/0x26e0
[  453.038452][   T54]  ? finish_task_switch+0x7bb/0x8f0
[  453.043862][   T54]  ? __blk_mq_sched_dispatch_requests+0x1031/0x26e0
[  453.050706][   T54]  blk_mq_sched_dispatch_requests+0x12f/0x270
[  453.057005][   T54]  blk_mq_run_work_fn+0xd0/0x280
[  453.062118][   T54]  ? __pfx_blk_mq_run_work_fn+0x10/0x10
[  453.067839][   T54]  process_scheduled_works+0xa81/0x1bd0
[  453.073611][   T54]  worker_thread+0xea5/0x1560
[  453.078484][   T54]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  453.084490][   T54]  kthread+0x3e2/0x540
[  453.088769][   T54]  ? __pfx_worker_thread+0x10/0x10
[  453.094075][   T54]  ? __pfx_kthread+0x10/0x10
[  453.098855][   T54]  ret_from_fork+0x6d/0x90
[  453.103439][   T54]  ? __pfx_kthread+0x10/0x10
[  453.108312][   T54]  ret_from_fork_asm+0x1a/0x30
[  453.113283][   T54]  </TASK>
[  454.521151][   T54] Shutting down cpus with NMI
[  454.526244][   T54] Kernel Offset: disabled
[  454.530627][   T54] Rebooting in 86400 seconds..