last executing test programs:

1m37.798874541s ago: executing program 4:
syz_emit_ethernet(0x22, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500001400000000002f9078ac2414bbac1414bbe6c738e9bb1060057ef4aa47f16ddefcf95539021fbd145cad5dae63f3bf97af"], 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@usrjquota}, {@lazytime}, {@errors_continue}, {@test_dummy_encryption}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x100})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x6b965000)
r1 = syz_open_procfs(0x0, 0x0)
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23c, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000040)={0x0, r6, r7})

1m24.733626387s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0xf, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x1000, 0x0, 0x7f})
getpid()
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net\x00')
getdents64(r3, 0xffffffffffffffff, 0x43)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000000), 0xc, 0x0}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000041, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x7002, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m20.093342454s ago: executing program 2:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @loopback, @loopback, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

1m18.092419305s ago: executing program 2:
syz_emit_ethernet(0x22, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500001400000000002f9078ac2414bbac1414bbe6c738e9bb1060057ef4aa47f16ddefcf95539021fbd145cad5dae63f3bf97af"], 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@usrjquota}, {@lazytime}, {@errors_continue}, {@test_dummy_encryption}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x100})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x6b965000)
r1 = syz_open_procfs(0x0, 0x0)
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23c, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, <r8=>0x0], 0x2})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000040)={r8, 0x0, r7})

1m11.177509945s ago: executing program 3:
bind$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000002580)=@newlink={0x20, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x3}}, 0x20}}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002480)=ANY=[], 0x18}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="44010000", @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="2701330080000000ffffffffff"], 0x144}}, 0x0)

1m9.66834304s ago: executing program 3:
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xfe)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r1, 0x29, 0x37, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000140)=ANY=[@ANYBLOB="00020201"], 0x18)
write$binfmt_elf64(r1, 0x0, 0x78)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x1f}, 0x48)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000480)={'ip6gre0\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181100003ff9e8b715b00313eef01dfb46d505b7cbe266dac39e5ace20312fa4ec1280823362d4663db4e06a1a219efe425f91a159f7486cf3bda6790fc7adf96f6aa4830020f89f65cb3855295869e262dce76b353cc624a7036856", @ANYRES32=0x0, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$hfsplus(&(0x7f0000000440), &(0x7f0000000180)='./file0\x00', 0x3784c08, &(0x7f00000014c0)=ANY=[@ANYRES64=r1, @ANYBLOB="5ae3f80e7431f604122d0931b48b5c4c0cb8c881472a61c718e092eb687619ffb95ef8ce2353c11d074145cbe4ff9c6cf2746bae449d41f42ce97e80a36ac86ac28efe26aac5bda028d1a7a0d7c7c00e2df79354788c2de87d3d71766cf01ff4fa80f5dee992601d95b886564b2238352512ee10c0614f858b8a726756bf77593a8f0e9f16e0aff9f03be22745912fa2760ca6ab16b5ce4f175f0dc2ecf062", @ANYBLOB="61f31caf8d8aff3c141838dc8cc8461dd7f4999be5e56258d1ad7fbed3b264f7ed1396c90166f9b17937958c95d365cf5e11684f2b52357e6f9e52f2ad2446a370b7bb8b5b3ca23fc71a21b2d0820c99cd72b04ac2beba9c2246fb0216083b17a6ed4f5f61e9c6d1bce8df6abb1be79cf2c10323b6657392b3b1c0c16f3920818369f356be451b826b1e62d3e5a3f9f9a30ad64d625166f86dfe045aae1689273ed9d428535e8a3f3068d1bc272f2eb4ab7832b5fec5650f9bd2336477e041e2f3e898ec", @ANYRESDEC=r3, @ANYRES64, @ANYRESDEC=0x0, @ANYRESDEC], 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04030b00c800ce5dd37d19965fc01aff701b650101000000000000000000be0fd2b9228fdd729d2e844f66b0148e71729157fb7c50a2989575f160fc528c56d6af7f45ea4658fd464746dfe5480edb141a43f8e0cbf9"], 0xe)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_tree(r5, &(0x7f0000000400)='./file0\x00', 0x89001)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000540)=""/239, 0xef)

1m5.79782218s ago: executing program 2:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @loopback, @loopback, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

56.382098828s ago: executing program 3:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000000000000000000001812", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000000000008500000019000000b7000200000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000880)={r1, &(0x7f0000000800)="9a147a4ce878", &(0x7f0000000400)=""/43, 0x4}, 0x20)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_pressure(r2, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xffffa}, 0x2f)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setsig(r5, 0xa, 0x21)
fcntl$setlease(r5, 0x400, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000140)='leases_conflict\x00', r6}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

56.065852292s ago: executing program 4:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
writev(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000400)}, {&(0x7f0000000480)="454d221929c5c5f9d9e2957f4056c3b52bd685c7f2e18d781d3f1c59dceff29fb3da06a7b1424491b549d1dbe76eeff3e594a8b12591f33328f3b799ae04840642b438329e5860e1adf539a896d7631aadf5f40b594c6edc3e9f2200", 0x5c}], 0x3)

52.579009212s ago: executing program 3:
syz_emit_ethernet(0x22, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500001400000000002f9078ac2414bbac1414bbe6c738e9bb1060057ef4aa47f16ddefcf95539021fbd145cad5dae63f3bf97af"], 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@usrjquota}, {@lazytime}, {@errors_continue}, {@test_dummy_encryption}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x100})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x6b965000)
r1 = syz_open_procfs(0x0, 0x0)
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23c, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, <r8=>0x0], 0x2})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000040)={r8, 0x0, r7})

46.615620008s ago: executing program 3:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB='d'], 0x64}}, 0x0)

37.782536739s ago: executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000", @ANYRES16=r1, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1ff070000cbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd26792040000006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a37"], 0x114}}, 0x0)

18.291195606s ago: executing program 3:
syz_emit_ethernet(0x22, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004500001400000000002f9078ac2414bbac1414bbe6c738e9bb1060057ef4aa47f16ddefcf95539021fbd145cad5dae63f3bf97af"], 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@usrjquota}, {@lazytime}, {@errors_continue}, {@test_dummy_encryption}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x71e5b314, 0x100})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x12, 0xffffffffffffffff, 0x6b965000)
r1 = syz_open_procfs(0x0, 0x0)
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f00000006c0)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000003c0)={r5, <r6=>0x0, <r7=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x23c, 0x0, 0x0, "b4bc323ef77d1f000071849800000000deff00000000e6ffffff00"}})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000000c0)=[0x0, <r8=>0x0], 0x2})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000040)={r8, 0x0, r7})

17.293512925s ago: executing program 0:
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_setup(0x4f0e, &(0x7f0000000080)={0x0, 0x515b, 0x80, 0x0, 0x158}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="100000001500"/16], 0x10}, 0x0, 0xe3d08660d7cd4e04})
set_mempolicy(0x6, &(0x7f0000000000)=0x9, 0xff)
iopl(0x3)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000900)={@map, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x40)
set_mempolicy(0x0, &(0x7f0000000140)=0xd41, 0x9)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0}, 0x0)
setuid(r6)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000015c0)='devices.list\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYRESHEX=r4], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@map=r10, r9, 0x7}, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1000}, {0x0}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x23, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYRESOCT=0x0], 0x20}}, 0x84)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000001780)=ANY=[@ANYBLOB="b4000000000000007910000000000000c3080000f10000009500740000020000cb234508f7dbb71fb0881fc3a54d15711529dc0336d8499fac91fb6e945b3470147eaea657eb2cb1b6dcda4a3af058149500c4ad1ed66bcc46463979367b72bd0ede290961e409236f95d7e194642bc9cfbd76b3039a0c4f9cfec3316261a0a9fe0d89de9068e197c5ef5ce1e1c614c7a5922c9363aadec72bc8155e29e70e47a1775ae1a5cc7794719000272868770000eba40fd475e6987cf07abe4fffcaad8d328e780ef342834b55d0dbc5d7d2939dfb4d4b5de6660c656b47b79dfe4ddef1c692420c5b367ca1564e2a37", @ANYRES8=r12, @ANYRES64=r7, @ANYRES8=r8, @ANYRESOCT=r7], &(0x7f0000003ff6)='GPL\x00', 0x6, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212"], 0x10}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f00000011c0)=[{0x44}, {0x6}]})
socket$vsock_stream(0x28, 0x1, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001000100", @ANYRES8=r12, @ANYRES8=r3], 0x1c}}, 0x0)

15.397517559s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0xf, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x1000, 0x0, 0x7f})
getpid()
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net\x00')
getdents64(r3, 0xffffffffffffffff, 0x43)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={0x0}}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000041, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x7002, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.115160813s ago: executing program 4:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
writev(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000400)}, {&(0x7f0000000480)="454d221929c5c5f9d9e2957f4056c3b52bd685c7f2e18d781d3f1c59dceff29fb3da06a7b1424491b549d1dbe76eeff3e594a8b12591f33328f3b799ae04840642b438329e5860e1adf539a896d7631aadf5f40b594c6edc3e9f2200", 0x5c}], 0x3)

14.101137601s ago: executing program 0:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f000000060027000000000008000a00a8"], 0x6c}}, 0x0)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @loopback, @loopback, [], "1e520b4c951ee12e"}}}}}}}, 0x0)

13.94813683s ago: executing program 4:
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0xfe)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000080)=ANY=[], 0x8)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000140)=ANY=[@ANYBLOB="00020201"], 0x18)
write$binfmt_elf64(r0, 0x0, 0x78)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x1f}, 0x48)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000480)={'ip6gre0\x00', <r3=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181100003ff9e8b715b00313eef01dfb46d505b7cbe266dac39e5ace20312fa4ec1280823362d4663db4e06a1a219efe425f91a159f7486cf3bda6790fc7adf96f6aa4830020f89f65cb3855295869e262dce76b353cc624a7036856", @ANYRES32=0x0, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$hfsplus(&(0x7f0000000440), &(0x7f0000000180)='./file0\x00', 0x3784c08, &(0x7f00000014c0)=ANY=[@ANYRES64=r0, @ANYBLOB="5ae3f80e7431f604122d0931b48b5c4c0cb8c881472a61c718e092eb687619ffb95ef8ce2353c11d074145cbe4ff9c6cf2746bae449d41f42ce97e80a36ac86ac28efe26aac5bda028d1a7a0d7c7c00e2df79354788c2de87d3d71766cf01ff4fa80f5dee992601d95b886564b2238352512ee10c0614f858b8a726756bf77593a8f0e9f16e0aff9f03be22745912fa2760ca6ab16b5ce4f175f0dc2ecf062", @ANYBLOB="61f31caf8d8aff3c141838dc8cc8461dd7f4999be5e56258d1ad7fbed3b264f7ed1396c90166f9b17937958c95d365cf5e11684f2b52357e6f9e52f2ad2446a370b7bb8b5b3ca23fc71a21b2d0820c99cd72b04ac2beba9c2246fb0216083b17a6ed4f5f61e9c6d1bce8df6abb1be79cf2c10323b6657392b3b1c0c16f3920818369f356be451b826b1e62d3e5a3f9f9a30ad64d625166f86dfe045aae1689273ed9d428535e8a3f3068d1bc272f2eb4ab7832b5fec5650f9bd2336477e041e2f3e898ec", @ANYRESDEC=r2, @ANYRES64, @ANYRESDEC=0x0, @ANYRESDEC], 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="04030b00c800ce5dd37d19965fc01aff701b650101000000000000000000be0fd2b9228fdd729d2e844f66b0148e71729157fb7c50a2989575f160fc528c56d6af7f45ea4658fd464746dfe5480edb141a43f8e0cbf942"], 0xe)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0xffffffffffffffb6)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
open_tree(r4, &(0x7f0000000400)='./file0\x00', 0x89001)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000540)=""/239, 0xef)

12.507945429s ago: executing program 1:
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x8, &(0x7f0000000000)=ANY=[@ANYBLOB="180600000000000000000000000000001812", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000000000008500000019000000b7000200000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000880)={r1, &(0x7f0000000800)="9a147a4ce878", &(0x7f0000000400)=""/43, 0x4}, 0x20)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_pressure(r2, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000340)={'some', 0x20, 0x7, 0x20, 0xffffa}, 0x2f)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)
ioctl$SIOCSIFHWADDR(r4, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
fcntl$setsig(r5, 0xa, 0x21)
fcntl$setlease(r5, 0x400, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000140)='leases_conflict\x00', r6}, 0x10)
creat(&(0x7f0000000280)='./file0\x00', 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

11.210010103s ago: executing program 0:
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x24040044}, 0x40001)
r0 = syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xae1, &(0x7f0000001e40)="$eJzs3V2MVFcBAOBzd3cWFqgMFexKsYDVtv50KcuKP6jQQEwkpTG+NGl8IZRWImJiTapNExeefLNNg4lP/sSnvjTVmNgXQ/rkSxNL0pj0CX3wQYKxiQ8VhTE7e87szGGGO7Pszg/zfcndM+eec+ece/feO/f3nACMrYn634WF2SKEi2++euwfD/19ZmnM4UaOav3vVFOsEkIoYnwq+74rk8vhjfdfOtUuLMJ8/W+KhyevNabdHEJYDHvCpVANOy9efuXt+SdOnD9+Ye87rx26uj5zDwAA4+Ublw4t7Pjrn+/fdv31B46EDY3x6fi8GuNb4nH/kXjgn47/J0JrvGgamk1n+abiMDHTmm+yTb7mcipZvqkO5U9n5Vc65NsQbl/+ZNO4dvMNoyytx9VQTMy1xCcm5uaWz8lD/bx+upg7d+bss88PqKLAmvv37hDCnqbh6IXW+LANh4egDqscakNQh6Ebrn/5xgtleY70rz7Xa8sGvlz6NNS2DnoPBLAsv194i8X8ysKdSd92pMvyrz0+0XZ6WAv9Xv97Kn96wOUH5f/mvD0Oa+duXZvSfKXtaEuM5/cR8ueXOm9/+Z2O1rH5/YhKl/XsdB9hVO4vdKrnZJ/rsVqd6p+vF3err8QwLYevtqTubtl+8v/pqPyPgfY+yK//GwyG4R5CS7xyJ99VG/D+Bxhe+XNztXR/NMqf68vTN5SkbyxJnylJ31SSvrkkHcbZ737w0/BysXK9Kz+n7/V6eLrOdk8MP9RjffLrkb2Wnz/326s7LT9/nhiG2R9OPnX6C888fXn5+f+isf7fjOt7Ot2oxm3rUsyQrhfm19Ubz/5XW8uZ6JDv3qw+97TJX/+8vTVfsX3le0LTfuaWesy2Tre1U75drfmqWb6ZOGzM6psfn2zKpkvHH2m/mpbXVDa/lWw+prN6pP3Kthjm9YDVSOtjp+f/0/o5GyrFs2fOnn4sxtN6+qfJyoal8fv7XG/gznX7/s9saH3/Z0tjfGWieb+wdWV8sbxfeCN+X+v4+UY5reMPxHj6nfv25Ex9/Nyp7519Zu1nH8ba8z968Tsnz549/f2h/FCEoahGyYevDUc1evmQTluGpT4+9Pphz2qmmuxhex/wjglYd/t+vHwQ8OiZ75587vRzp88dOHjwwPz8wS8eWNhXP67f13x032xxALUF1tLKj/6gawIAAAAAAAAAAAB064Xjxy6/+9bn31t+/3/l/b/0/n968je9//+T7P3//D359B58eg9wW5v0ep6sgdXpLF8lDh/O6rs9K2dHNt1HYtjoxy++/5+Ky9t1TfW5Lxtf6RDNmhO4pb2U6awNkry/wI/H8EIMfx1ggIqZ9qNj2L596ytLG0TxQdO6ntqnaGqXoqZ94NGR/m/1taGpSaP0/nfbdp2a/tnb+lBH1l4/3lgc9DwC7f1zrNr//tfKjA+8LobOw1R/y/v5+K4TtY5H6d32YAOwNrppb3ctrys0TnXjhcF03TOF5/749Y1LQ8p27fHW0vP2S6EXf3m3NT7s/U+ud/l5v339Ln/Q89/v/j8b/d91vf/Lesyrrq7c//zi6ntNxYadt5Qfrzzm5efzn9qB3t5lwfHG1PVYfpqbh0Nefvv5r/0qKz+/IdSl/2blb+qy/Fvmf9fqyv9fLD8ttkce7Lb85RoXE631mMnmI93/y68bJzey+U9te96m/G++2G7+V9lR481YPoyzUelntlfZcUTjoH31/f9Gi2vb/2+jstluLX8O43MxnnbE6TmHvL+TXuufnq9IvwM7su8vSn7f9P872r4Uw7LtIfX/m9bHavzJb4rXl2WKV9os27t1XwOj6spY3f/r13B1+TRoddNvHHz9R2ZYHII61CZXMV2jn7gB179Wq63vBa0SAy2cgS//QZ8nDLr8QS//Mnn/v/kxfN7/b56e9/+bp+f9/66kz8S/k7edPu//N1+eef+/efp92ffm/QPPlqR/tCR9Z/v0xmn7/SXT7ypJ/1hJ+t5G+uGWHCn9gZLpd5ek31uS/mBJ+idK0j9Zkv5QSfojTenNfUCn9E+VTH+3S++jjOv8wzjL38+z/cP4SPd/Om3/20vSgdH1s9f3H336t9+qLr//P924HpLu4x2J8Uo8f/phjOf3vUNTfCntrRj/W5Y+7Nc7YJzk7Wfkv+8Pl6QDoys952X7hjFUbGw/OoZl7VZ1Os5ntHw6hp+J4Wdj+GgM52K4L4b7Yzjfp/qxPo6+8ftDLxcr5/tbs/RunyfP3wdqaScqhHCgy/rk1wd6fZ49b8evV3da/ipfBwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiYifrfhYXZIoSLb7567KkTZ/YtjTncyFGt/51qilUa04XwWAwnY/jL+OHG+y+dag5vxrAI86EIRWN8ePJao6TNIYTFsCdcCtWw8+LlV96ef+LE+eMX9r7z2qGr67cEAAAA4O73/wAAAP//+MYR+g==")
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271a, 0x0, &(0x7f0000000040))
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000140)=<r2=>0x0)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x119c, 0x1c, 0x400, 0x70bd26, 0x25dfdbfe, {0x1d}, [@nested={0x10d0, 0x145, 0x0, 0x1, [@typed={0x8, 0x4b, 0x0, 0x0, @uid=r2}, @typed={0xc, 0xed, 0x0, 0x0, @u64=0x6}, @typed={0x8, 0xd9, 0x0, 0x0, @fd=r0}, @generic="31ceb62302095c2759e027bf6def54a5f10e9a47dd9cfb1286ce9eec9082ceea0cf6ec9410ac14d74989f91a05661554813e952b023f217acb3bdbb9fc8196c8f6a66972d690227f9837f6cab751c73efdfaf83d15f6aec9c806818a2e5dbcf6718293fff95d958b5e323811d63d8a2314dd481fef922d9dc18901", @typed={0x14, 0x86, 0x0, 0x0, @ipv6=@mcast2}, @generic="2a2ae62bafe72999f02d304c9b582325bd266059c1eea2b86f098ad396a70a3995f9", @generic="b164c95dc8ce92a725d4746b89deafe6737dab15847e04cfce2eeebc7459a3c979fbf9c1e0fc846bb9f403f897df4fe076ec17ca70b116295ddaa212449b78a268d0e6299ad51ab5b66c59fe491a4156638f0392d8dac8fc176052f60f2ffc879570bf25cdcc1f67bdfcfa9a9c9bd9fb14dcc47ade40496ac6a6e4f746995da95de8add7332708d43dd3602f50b34e803968710607eac7c120a7fd1713dfd7c0f2e3905331a6023beaf9375c2ca0381c3d46a5367b8e9f3a152443c80f47e293f505fde0c01d4a480328257679af1fbd2d5996a398630aaaec928d34b0f9dce317d696c236ccc18d6d22afd114eab30537ac6107bc38c76bbfce74276c42818b7a02f3ee1413100458bb0b753738be83051ef8c715cf3171677e4e585aff3ebe49f56a5e0cb709b717c0a5291ecf4024bddc6c82cb745746d5b1d9f4c70d128bdb129b6134eb3f3a89e2784230780023aaa96c1b0ec4b3077a9354f8e49cf54cd1e9b8970874ae29cfe75396d71451403c99cf186f2548fb1d0a1b16c14058f1fa558f17a783e0332c2046703ec518a2111fc8d80909c1f7a11e9a04af145438de85905ea66f66f990d6ca0021700631a119a2fd42864bf449844014f827b2beeadb3235b84978ab3102b95475231e2c1dee1f0347d672cb86985328b69b29ebf8091293242f2c0050560464c4d379751a0ea14d14fd0bbe87665fc4c8c3b37b0bb9369064792e39ed53cd6e8501cddfbdb314c92b9e3625e2a0dbfb0865d67f0d072758a078c95e703b3e785280557554731f94453766f0e0b0b1d25a6b6a9847e29a92e2253546e88e21e27e9aa4b99614a8942a731c66e6681178fa63b7b288740634e9a06cd9dceffeddd7948268c97cfe3c160d437c58bda4c8f07bdeca3c355ab015f49002ef2103b3f61020cedd111fffc9bdad3d0dce328a0bb6678072f74863ae23be7863fa1de41ef06bb7c8e11868386e6c7d5ae2ccda301df79ca2603e70ca62ed09f1441fdcb0d223c79bae55117601b33e5115f900edd3cd7c15cac6532a4faaaf9fe7c8a4db041b63536a10197eecf14ca84e6e18439c946b59ab61d2f41739f5b7bfc28b6500dff1c2b1f0b11e04b4445d301cddb56894c2e5bb93d4e776e6394e071755ab272203d9a3aac0bbaa22b6f1fe70ef722e646d4beb36566106c5d4138f82c6bc0d70a245a8e956caaa90f4145db58d25ff251ebc8902bca73b777422f1dd48b0b8e7bcd0813c1c041a11d4572a4758dd1552cc5e34db0af420c45b3dfde7c397309f9ca7a8b826246c3a66b3c915cac1099cfce1787354eb08f8361f861162020cda122ade125727622b390bb7f30180133c3ca1807920dde7973b65ad79a4ef815e34357278ae95125d0a130c5ae01d08c31d1d2ac6fc945635df5e978537c50575de9bdda3cf5cec464cce39eb77b9303dfae8e4c8b689e4e58122734f8f894ace3584fba9a4593f0c837af7d4bbb218bfcacdf5e7a8fb96afe54717849201d494b1b105bfdbab59416dd2a230cdf0d5121b0deb36ceefe7ab730cf66235c2eca47f7bed394b546cc44c3a72544a8970897c5c7c394ed0f9e37d48e2cb3b8ef2dfe3d1d1532e5ade615a15fdede5ae8638f4c4f7d9dd94cd79821095a299d8338aa7407dc920425a11a50befcf412f01c9e67e413b9b4b59b223f4d5ab936565c33210890d9dc7076fde9f30ff0cc5b9be62873013fcf7943b08280a95ca95037c06b99fbd902d2163f0f90a756a1fce4c9b6a90228ea225154d2b16c051f03dd7a02e3d2a8fba429343ae902291ee2d86e7d6e44052f31a65aa47eb1e0a6824e805db004d0125f6613f64ef4d7fad81e77095c36c73064649fdc799d4848dd5df5a7922065daaaed501fb40187165cf50a97c7758e92a5509e1559a460cd20b3866851d05b4bae13353c27a0ea6d15657fd2addbf2d628e627c0cfdfeba4b68624b2d4c2d5752843e41ae65c081a322b5c49f65a63aa44118af612d52980dd08a11986eb79487b7836a81808415c83da0d69276d42a27072e24358db58c4e9fa40e8f68980645db4ec780aa62d1928a847fbb1345b4d93f7c91d07d79afc5ad768ee3c44d171609689232706273e0e8d0da3a95aab2b0f27ca1ede0ce0c9bbe6af44322b646fadd8cc81641e1815a8c39b819a1911698b379b3c9bff3259ec840b1c5e93b68b41f5470623aed9e1ea5618a8655212ae8bd32c7edde933d010cb51ce30e71018664515c0a2279f18d51f2fc853f1f9bb3df8e33998178dd77daadec872047b4d671a2d81b4112003d0f06204a4dd48f989f6256c7110a98f19f8cdcf9d381186d6e12dc73e0b8b0d20b332f4015f429ee026a855932f7c15638d466c95e415194e6afea5192fb436d20ec98fdce3ca77c322a9060e4b547016cbc1cc3ccc12997eb5469978ad83efdd71c008ac8b66900295996aa4ce6f0c3726e56510f41a0933a99928ebd632736fda13a86bda1e2e5908c7828d50a3ba66b8f105804b6ec0cc2978790bd21fd0e64a4e8367fbd01a0ad00819dc2d446e71dbe4a42263f591e079118e4c9cbb9df5c2bc8e1d9e533fcef277d7af80582a29bab1b2944e64f4b4cad2bd26249b20b4da720ac059c14269bb17d73ca746a2f64f22039b0cfdadd47223cc3bc13670bfec283d0c8723bcf3b1ce9c3394b7a242615e121974ff985fadfc7451590b71ad81022a06547885fb66cd97648654686b266ac5246729ed8c30466c671a45d90a7e250de22476ba79dc70484989ecd4fa58671b60383f688b086ec0b6f8b879e5969e7f983f924b7f9676066954424a75f234a4cb81f09ee3e6b07fc6acd891378370dbcf749e6e1abe9fbbfe15670f8c10f39a93d52289968fa0ef9acead378474122872d2eddf43be6cc15454a709db2733451cf8503ddee75812c009367d06c9d7a5d88db18999b9861955d78906656eb0f8c2ff0fc3d65825aeddd6be56a7275e6b0d3f69741c7ed9b0ca06fe4707542eb42624c97f1b364c8be544ccef6691d0bc2cbc7688d56faecfcb7e2b12f4baf876d0c30265a23ac7e24b1d76a1f86b09c3743c137b6b7c2cca5d85291c3cff5f3301166cdecb11376fcf039f29878afebec71e2267e67f69ee73e4f1b373e93697026d61edd4975e3459698dbdd55c6d0bf8a921c96eb064efe15077c262a3663bb7b9c6693c9d6db411f45172fda8f635f41e20d0c58c4c43af32c24c1e8df016bfd48decd90953b8eba24c391e45a0d08e5e5ce5bc4f95bf2aef4ec3f356305ee4956c6c849a47d56ee844748b9b3fdfc0738852d36851fce12f156d93fc2ee8a9f286e53332d271ff885af8e079171cc2d11d68cc9deaa2ff8181250fa83ceea66c00359d94f7d582e9e7e49155e796a0064ec45f235018a939a34ecb5b360310225e56f1f6edfb5c770c10e5a139161523f2d1682a0267629347a05cba1d9e11d920d8364e3952fef8a5edf6befa1f8cd268d689e2e8641705a69578a99e99cbb4cbf6da1a3ba5afba55a19f9c26431e261a659f932391c9111bd01f337e7680e84181776b34b638ecc2255374cd6c80203fb1dffa34c23a666cbc99687e1aad2e0bad111be8a36de50bdcba338be23b369ef7b94941ad32c887369185610108cdc6e7fe2b104ca7e369345a91c5d88e86d0dbf30a90b129b132ba76b0400b61c1126c4983e81899c9c05cf114d7fe5d3860a193c2eec0975697e719d413aaf1e56ab3f86d8d75619cb915a921d0afb1943b53f3fa665c3a29e3b30bc49af48ef0442daba7461021dfa6ba0893011e80c1abf800881043d2e58d618f96aa0c0514e7c9298dc8e04e20f9fed7bb251add7b4d4d571ffef359fd3fbd42256320445651840cc66edda8d3f51d274955cb56323da16688da0713cacd5a6c8812f706209bcc9057856ebf4fb3143b18f6e2a2a463bd0d9435923b61f90f14a2a7de82ecff0ac3075a03c5d98fe44798173538cf85f21c7afa6c885f988fb5e0da9e4fad14639f177dab16c0865c82fe9169aa2a8735a8530af19d2fb5cbd7c0cd7d8244e00d7950ceb2b58b2430637ce634298291e7f885d7875b6c05eedaf12b87c2eb2539baf78bca72e39fa63cbaa4a2094edb26f38e1cb864b060ac6bd980c5351df0cfee4bdfd5447eae6f5e4ba46b78075317960da4274f374d4aa6378bab1117b6ef2ae30a0fcc2dee6dea96a36ced228da4670420b861cf5609970499db86edb0ead25ee571dd41d1c11329bc1336931aa0a75cef08074c12b0685d5c75eda4993fa84484368e1feba30ba5ae281b08f1f3f6a2cef801f6e01fde48b708cbd37ca9fb36e7248ae14fffce1ec234b0ebb388edbb6b61197c6ef88dd621d2fa04c6600c58209a16ee01382bec33e8c46a02b406c2b946bc3290a58ff1751251fbbc0e90dd1943de6f450940a52d4dadc206c007be2309191247cd98e1978362252fa2f3e129357c6738b02266d356ce51e2ee830c94ce92fa1a212b9dbbbd6fc026c95203cac49bcde4cb4e31b20f4c15f9f3da8efd09867739252fae47062c9a739c9b7e264de10f844e5f7e25e8e371c95aa219a391666404f841fe41955257d67611e48992551ae4ff2b67b44b7fb231a4d548ab1fabc104ed85be2e3b037ab0c657fd7d00e7be062b53797bdd47999c99c7b898572c0b816b39a5a1a34d02d22b71cf930d28fbe5b7cb036384841910d3b9fa2a4111baae8215314f168b026fc05f4c8914450e899641e391881537a62cf8d65f3464e4386dc04ee33a095036930b9c3168867f46dbce86e427b6c5a8b992c66f44a5d77e69bbe883b03a9cccc9c751b1e8d298f68f65b016c052e8174c2dee4db19514f6fea0fcf512f3e2c571f600a7bb8f1956ad2fbd0765d7f705df2c6d0567e44199cc8c1baf44543c2363549931a284bab7aca205e26098ce726c12730571a9f6ee5f3f8b05e8c408bb74423de42674f61a31b2f6904ad43d8ec9f42e9cee42c5c740d8bc3cf96970822fe0b51dff8e5a3063293a19a632668246d3fc24bc483508ac52ef148cf4fe78c78cc1c864750a796c01dd129ec5cab7493f9277f4dc7ef57ccc64deea7244f3f322af7c0792f38bb1bbc14475b9a5b3172d4e54905067cef1f39e598f2cae775e717d1cdd54408744036e770e430b542d45ca84335f768f2514759fbffb336fa3e089faea35e5d74c888e2d34abee25aa7522c2cb6541918455979310c5195813944e88649f964d12ead4e5c98cf696dc34bf4753ee2fcee6ae94df595193f596ac35a0e3d7295ada61b9694d065afc2b2177925ac4cc88408e39994495c871664d4ba871d8e2a700c612d1d44ab6e73e70e6fc77109f1735df6ea4000b0b06d0ddcee338ac278115729abb790f53645cbeedbea476c78f500170303630b5f32dc4fa3a15bbcc83682a78c7f80ebe492ad130632ec88a02bb5a437264e69c40c93db924dd1fb17e20e470b05eaca3e9d93bddcf27c8a7d1116fd9fc57e07a7c1b149a5f4c4e5683226b6f7ba118c9483f0709c438e8d5bbc0e9b511b4011526c5ecd8d7bd2f353e5a28880a23c91c17299e1adb1ca4d477ec7dd7a4b8470bbe74f70e3717d9eed7d377f71fa8487b3640f9f382ed48d7f41d51ce1eff29b399a2686617cdc324fb8d6d92bc961f0a4d986d0b8a46cb459316c2f56993e9c324b38cd36074e3cb4bedf0a4f9fc2cad049f549afd3d96cfd1480dbb35d5c70028ed3f28927b90674c36f2d6d48bf710da233dd336d77a35f40d2121df1fa532c6b8e5f090336f2e642165e3e"]}, @generic="a6be40caa2bc2e330519c00ba3", @typed={0xb, 0x0, 0x0, 0x0, @str='nilfs2\x00'}, @generic="64faec5c6854fa17593b5cf0584c0a8eddcff9cd3e3e2cc2ce384b2dc5ddc6d9c868c70ab5f5dfadbd230261fecb78668eec70e00d50065b69a7ed57a915de830884b550fe77ee25aff28768166195f61495c44c6b3bae1d5c5049c42e7f8b372453c67774c18ab24560a9961a9463403eaf333af240c74e1989a797d237b82b84d0e3414f1490c7a7bbfb0e4b190963a414f126404af3d4ed987fb3ee8a"]}, 0x119c}, 0x1, 0x0, 0x0, 0x40000801}, 0xc005)
open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
write(r5, &(0x7f0000001100)="94", 0x1)
tee(r4, r8, 0x81, 0x0)
write$binfmt_elf64(r8, 0x0, 0x78)
write(r6, 0x0, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x17, 0x0, &(0x7f0000000100))

9.399020474s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x12}}, 0x1c)
recvmmsg(r1, &(0x7f0000008880), 0x45b, 0x2, 0x0)

8.07251699s ago: executing program 0:
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x6cb, 0x81a7, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, {0x9}}}]}}]}}, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x7}, @hci_rp_read_enc_key_size={{}, {0x3, 0xc8}}}}, 0xa)

6.178360117s ago: executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[@ANYBLOB="640000001000010000000004000000120001000000000100000000000000"], 0x64}}, 0x0)

4.037323875s ago: executing program 2:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14010000", @ANYRES16=r1, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1ff070000cbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd26792040000006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a37"], 0x114}}, 0x0)

3.733889907s ago: executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000040))
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x0, 0x4}, 0x6)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r1, 0xf505, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x5, 0x0, &(0x7f00000002c0)='\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{0x1}, 0x0, 0x0}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)={0x1b, 0x0, 0x0, 0x800, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x0, 0x0, &(0x7f0000000740)='GPL\x00', 0x7, 0x9e, &(0x7f0000000900)=""/158, 0x0, 0x0, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000780)={0x2, 0xe, 0x744, 0xffff}, 0x10, 0x0, r4, 0x2, &(0x7f0000000880)=[r1], &(0x7f00000009c0)=[{0x0, 0x3, 0xe, 0x1}, {0x2, 0x2, 0xf, 0x9}], 0x10, 0x5}, 0x90)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="2800000013ff290a008000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000008001a0004000000"], 0x28}}, 0x0)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000440)=0x7fffffff, 0x4)
recvmsg(r5, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0xf012, &(0x7f0000000180)=[{&(0x7f0000003ac0)=""/4096, 0x200116c0}], 0x1, &(0x7f0000000200)=""/20, 0x14}, 0x100)
ioctl$sock_bt_hci(r0, 0x800448d7, &(0x7f0000000080)="fd800f81b83f9c3fdcad72ae15cd0439a999dec1573f26a950fe31202a")

3.083050766s ago: executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.550941013s ago: executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x2, 0x0)
vmsplice(r0, 0x0, 0x0, 0x0)

2.039041648s ago: executing program 4:
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_setup(0x4f0e, &(0x7f0000000080)={0x0, 0x515b, 0x80, 0x0, 0x158}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="100000001500"/16], 0x10}, 0x0, 0xe3d08660d7cd4e04})
set_mempolicy(0x6, &(0x7f0000000000)=0x9, 0xff)
iopl(0x3)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000900)={@map, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x40)
set_mempolicy(0x0, &(0x7f0000000140)=0xd41, 0x9)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc}, 0x1c)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r6=>0x0, <r7=>0x0}, 0x0)
setuid(r6)
r8 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000015c0)='devices.list\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYRESHEX=r4], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8}, 0x90)
socket$inet6_tcp(0xa, 0x1, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@map=r10, r9, 0x7}, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
recvmmsg(0xffffffffffffffff, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1000}, {0x0}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x23, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYRESOCT=0x0], 0x20}}, 0x84)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000001780)=ANY=[@ANYBLOB="b4000000000000007910000000000000c3080000f10000009500740000020000cb234508f7dbb71fb0881fc3a54d15711529dc0336d8499fac91fb6e945b3470147eaea657eb2cb1b6dcda4a3af058149500c4ad1ed66bcc46463979367b72bd0ede290961e409236f95d7e194642bc9cfbd76b3039a0c4f9cfec3316261a0a9fe0d89de9068e197c5ef5ce1e1c614c7a5922c9363aadec72bc8155e29e70e47a1775ae1a5cc7794719000272868770000eba40fd475e6987cf07abe4fffcaad8d328e780ef342834b55d0dbc5d7d2939dfb4d4b5de6660c656b47b79dfe4ddef1c692420c5b367ca1564e2a37", @ANYRES8=r12, @ANYRES64=r7, @ANYRES8=r8, @ANYRESOCT=r7], &(0x7f0000003ff6)='GPL\x00', 0x6, 0xc3, &(0x7f000000cf3d)=""/195}, 0x90)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212"], 0x10}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000140)={0x2, &(0x7f00000011c0)=[{0x44}, {0x6}]})
socket$vsock_stream(0x28, 0x1, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001000100", @ANYRES8=r12, @ANYRES8=r3], 0x1c}}, 0x0)

1.609160774s ago: executing program 1:
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r1], 0x1c}}, 0x0)
writev(r0, &(0x7f0000001840)=[{0x0}, {&(0x7f0000000400)}, {&(0x7f0000000480)="454d221929c5c5f9d9e2957f4056c3b52bd685c7f2e18d781d3f1c59dceff29fb3da06a7b1424491b549d1dbe76eeff3e594a8b12591f33328f3b799ae04840642b438329e5860e1adf539a896d7631aadf5f40b594c6edc3e9f2200", 0x5c}], 0x3)

0s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getrlimit(0xf, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x1000, 0x0, 0x7f})
getpid()
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net\x00')
getdents64(r3, 0xffffffffffffffff, 0x43)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000001c0)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={0x0}}, 0x10)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000041, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x7002, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

r 8 using dummy_hcd
[  370.975112][   T25] usb 3-1: Using ep0 maxpacket: 8
[  371.155492][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[  371.167321][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  371.177555][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  371.313823][ T6021] loop1: detected capacity change from 0 to 40427
[  371.387897][ T6021] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  371.396202][ T6021] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  371.406440][   T25] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  371.416181][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.424520][   T25] usb 3-1: Product: Т
[  371.429016][   T25] usb 3-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  371.468052][   T25] usb 3-1: SerialNumber: ᠉
[  371.513252][   T25] usb 3-1: config 0 descriptor??
[  371.525014][ T6021] F2FS-fs (loop1): Found nat_bits in checkpoint
[  371.579228][   T25] ati_remote 3-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  371.831450][ T6033] loop4: detected capacity change from 0 to 1024
[  371.860510][   T25] usb 3-1: USB disconnect, device number 8
[  371.882877][ T6021] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  371.890910][ T6021] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  372.023514][ T6033] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.147226][ T6033] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  372.236537][ T6033] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  372.336294][ T6033] EXT4-fs error (device loop4): __ext4_iget:4913: inode #12: block 13: comm syz-executor.4: invalid block
[  372.361538][ T6033] EXT4-fs error (device loop4): __ext4_iget:4913: inode #12: block 13: comm syz-executor.4: invalid block
[  372.514930][   T29] audit: type=1804 audit(1718350404.112:88): pid=6033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/35/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  372.773334][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.688708][ T6049] loop0: detected capacity change from 0 to 2048
[  373.862015][ T6049] EXT4-fs: Ignoring removed bh option
[  373.868420][ T6049] EXT4-fs: Ignoring removed nomblk_io_submit option
[  373.875780][ T6049] EXT4-fs: Ignoring removed nobh option
[  374.030215][ T6049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.213714][ T6046] EXT4-fs error (device loop0): __ext4_remount:6525: comm syz-executor.0: Abort forced by user
[  374.233705][ T6046] EXT4-fs (loop0): Remounting filesystem read-only
[  374.714468][ T5085] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  374.763000][   T29] audit: type=1804 audit(1718350406.372:89): pid=6059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2279203368/syzkaller.zV0X8A/49/file0" dev="sda1" ino=1951 res=1 errno=0
[  374.886908][ T6067] netlink: 312 bytes leftover after parsing attributes in process `syz-executor.3'.
[  374.974357][ T6067] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.096029][ T6067] bridge_slave_0 (unregistering): left allmulticast mode
[  375.103392][ T6067] bridge_slave_0 (unregistering): left promiscuous mode
[  375.112113][ T6067] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.884525][ T4427] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  375.892647][ T4427] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  375.909486][ T6077] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  375.920207][ T6077] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  375.929909][ T6077] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  376.556555][ T6082] loop2: detected capacity change from 0 to 512
[  376.795847][ T6082] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz-executor.2: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964)
[  376.883066][ T6082] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  376.932443][ T6082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  377.333396][ T5071] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.974492][ T6096] loop3: detected capacity change from 0 to 1024
[  378.195918][ T6096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.294207][ T6096] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  378.362103][ T6101] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  378.541847][ T6096] EXT4-fs error (device loop3): __ext4_iget:4913: inode #12: block 13: comm syz-executor.3: invalid block
[  378.584970][ T6101] EXT4-fs error (device loop3): __ext4_iget:4913: inode #12: block 13: comm syz-executor.3: invalid block
[  378.673469][   T29] audit: type=1804 audit(1718350410.232:90): pid=6096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/5/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  378.711338][ T4427] Bluetooth: hci0: unexpected event for opcode 0x0c47
[  378.762427][ T6105] loop2: detected capacity change from 0 to 256
[  378.992021][ T6105] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72685a33, utbl_chksum : 0xe619d30d)
[  379.297025][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.528548][ T4427] Bluetooth: hci2: unexpected event for opcode 0x2023
[  380.756423][   T29] audit: type=1326 audit(1718350412.382:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6113 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5dc607cea9 code=0x0
[  381.027344][ T6120] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  381.037049][ T6120] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  382.735872][ T4427] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  382.744868][ T4427] Bluetooth: hci0: Injecting HCI hardware error event
[  382.752639][   T51] Bluetooth: hci0: hardware error 0x00
[  382.798018][ T6131] loop1: detected capacity change from 0 to 2048
[  382.940660][ T6131] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  382.980087][ T6131] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  383.041662][ T6131] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  383.155499][   T29] audit: type=1800 audit(1718350414.722:92): pid=6131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=1367 res=0 errno=0
[  384.005869][ T6138] loop2: detected capacity change from 0 to 1024
[  384.067556][ T6138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  384.094025][ T6138] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  384.123303][ T6138] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  384.290613][ T6138] EXT4-fs error (device loop2): __ext4_iget:4913: inode #12: block 13: comm syz-executor.2: invalid block
[  384.307523][ T6138] EXT4-fs error (device loop2): __ext4_iget:4913: inode #12: block 13: comm syz-executor.2: invalid block
[  384.334065][   T29] audit: type=1804 audit(1718350415.952:93): pid=6138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir253517451/syzkaller.bBvB3m/48/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  384.578172][ T4427] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  384.587230][ T4427] Bluetooth: hci2: Injecting HCI hardware error event
[  384.595114][ T4427] Bluetooth: hci2: hardware error 0x00
[  384.822716][   T51] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  385.367639][ T6145] loop4: detected capacity change from 0 to 32768
[  385.957615][ T5071] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.657325][ T4427] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  387.124528][   T29] audit: type=1326 audit(1718350418.662:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6160 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa5db47cea9 code=0x0
[  387.338839][ T4427] block nbd0: Receive control failed (result -107)
[  387.429299][ T6162] nbd0: detected capacity change from 0 to 15960
[  387.442544][ T6162] block nbd0: Dead connection, failed to find a fallback
[  387.450639][ T6162] block nbd0: shutting down sockets
[  387.456354][ T6162] blk_print_req_error: 6 callbacks suppressed
[  387.456435][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.472236][ T6162] buffer_io_error: 6 callbacks suppressed
[  387.472311][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.487226][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.496752][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.505228][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.514771][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.533576][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.546840][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.556039][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.565649][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.573877][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.583539][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.592020][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.601659][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.610070][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.619659][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.638340][ T6162] ldm_validate_partition_table(): Disk read failed.
[  387.647702][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.658409][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.666963][ T6162] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  387.676492][ T6162] Buffer I/O error on dev nbd0, logical block 0, async page read
[  387.685291][ T6162] Dev nbd0: unable to read RDB block 0
[  387.692011][ T6162]  nbd0: unable to read partition table
[  388.542875][ T6177] loop2: detected capacity change from 0 to 2048
[  388.644036][ T6177] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  388.664261][ T6177] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  388.688943][ T6177] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  388.753217][   T29] audit: type=1800 audit(1718350420.342:95): pid=6177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1367 res=0 errno=0
[  389.391684][ T6185] loop3: detected capacity change from 0 to 1024
[  389.566058][ T6185] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  389.616585][ T6185] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  389.631486][ T6185] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  389.718065][ T6185] EXT4-fs error (device loop3): __ext4_iget:4913: inode #12: block 13: comm syz-executor.3: invalid block
[  389.733455][ T6185] EXT4-fs error (device loop3): __ext4_iget:4913: inode #12: block 13: comm syz-executor.3: invalid block
[  389.763649][   T29] audit: type=1804 audit(1718350421.382:96): pid=6185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/12/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  389.905120][ T6190] loop4: detected capacity change from 0 to 512
[  389.982201][ T6190] EXT4-fs (loop4): Test dummy encryption mode enabled
[  390.022193][ T6190] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.4: corrupted in-inode xattr: invalid ea_ino
[  390.040558][ T6190] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 12 (err -117)
[  390.068513][ T6190] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  390.803985][ T5789] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.909740][ T6197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.919144][ T6197] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.196982][ T5145] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  391.434940][ T5145] usb 1-1: device descriptor read/64, error -71
[  391.732163][ T5145] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  391.985341][ T5145] usb 1-1: device descriptor read/64, error -71
[  392.088675][ T4427] Bluetooth: hci1: unexpected event for opcode 0x2023
[  392.126692][ T5145] usb usb1-port1: attempt power cycle
[  392.564966][ T5145] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  392.666121][ T5145] usb 1-1: device descriptor read/8, error -71
[  392.960985][ T5145] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  393.688835][   T29] audit: type=1326 audit(1718350425.302:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6210 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ae67cea9 code=0x0
[  394.065824][ T5145] usb 1-1: device descriptor read/8, error -71
[  394.202468][ T5145] usb usb1-port1: unable to enumerate USB device
[  394.611001][   T29] audit: type=1800 audit(1718350426.202:98): pid=6217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1943 res=0 errno=0
[  394.657466][ T4427] block nbd1: Receive control failed (result -107)
[  394.765344][ T6220] nbd1: detected capacity change from 0 to 15960
[  394.772574][ T6215] block nbd1: Dead connection, failed to find a fallback
[  394.780171][ T6215] block nbd1: shutting down sockets
[  394.785776][ T6215] blk_print_req_error: 6 callbacks suppressed
[  394.785846][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.813411][ T6215] buffer_io_error: 6 callbacks suppressed
[  394.813486][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.828707][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.838274][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.846739][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.856275][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.864489][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.874103][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.882647][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.902154][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.913349][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.922544][ T6217] capability: warning: `syz-executor.2' uses deprecated v2 capabilities in a way that may be insecure
[  394.934196][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.942703][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.952260][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.960751][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  394.970418][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  394.980695][ T6215] ldm_validate_partition_table(): Disk read failed.
[  394.988555][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  395.007867][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  395.018802][ T6215] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  395.028473][ T6215] Buffer I/O error on dev nbd1, logical block 0, async page read
[  395.037259][ T6215] Dev nbd1: unable to read RDB block 0
[  395.044014][ T6215]  nbd1: unable to read partition table
[  396.097724][ T4427] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  396.106650][ T4427] Bluetooth: hci1: Injecting HCI hardware error event
[  396.114491][ T4427] Bluetooth: hci1: hardware error 0x00
[  397.026599][ T5080] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  397.628675][   T29] audit: type=1804 audit(1718350429.172:99): pid=6233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir253517451/syzkaller.bBvB3m/54/bus" dev="sda1" ino=1958 res=1 errno=0
[  398.267747][ T4427] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  400.017317][   T29] audit: type=1804 audit(1718350431.612:100): pid=6252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/17/file0" dev="sda1" ino=1942 res=1 errno=0
[  400.522849][ T6261] loop4: detected capacity change from 0 to 4096
[  400.591270][ T6261] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  400.798367][ T4427] block nbd4: Receive control failed (result -107)
[  400.895396][ T6261] nbd4: detected capacity change from 0 to 15960
[  400.905521][ T6261] block nbd4: Dead connection, failed to find a fallback
[  400.913434][ T6261] block nbd4: shutting down sockets
[  400.919128][ T6261] blk_print_req_error: 6 callbacks suppressed
[  400.919220][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.939314][ T6261] buffer_io_error: 6 callbacks suppressed
[  400.939388][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  400.955017][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.964432][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  400.972915][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  400.982705][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  400.991046][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.000698][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.009130][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.018643][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.027083][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.040506][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.050123][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.062756][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.071893][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.081438][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.089741][ T6261] ldm_validate_partition_table(): Disk read failed.
[  401.097017][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.106624][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.115013][ T6261] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  401.124446][ T6261] Buffer I/O error on dev nbd4, logical block 0, async page read
[  401.133007][ T6261] Dev nbd4: unable to read RDB block 0
[  401.143724][ T6261]  nbd4: unable to read partition table
[  401.574223][ T6272] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.3'.
[  403.120445][ T6281] loop4: detected capacity change from 0 to 1024
[  403.313909][ T6281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.379731][ T6281] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  403.422606][ T6281] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  403.571668][ T6281] EXT4-fs error (device loop4): __ext4_iget:4913: inode #12: block 13: comm syz-executor.4: invalid block
[  403.659189][ T6281] EXT4-fs error (device loop4): __ext4_iget:4913: inode #12: block 13: comm syz-executor.4: invalid block
[  403.695744][   T29] audit: type=1326 audit(1718350435.272:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feae707cea9 code=0x7ffc0000
[  403.722410][   T29] audit: type=1326 audit(1718350435.272:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6282 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feae707cea9 code=0x7ffc0000
[  403.805584][   T29] audit: type=1804 audit(1718350435.392:103): pid=6281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/49/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  404.136427][ T6296] netlink: 'syz-executor.1': attribute type 12 has an invalid length.
[  404.497090][ T5080] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.311142][ T3599] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.448591][ T3599] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.527412][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  406.539362][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  406.559906][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  406.610367][ T3599] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.632051][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  406.685557][   T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  406.700721][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  406.898668][ T3599] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.443748][ T3599] bridge_slave_1: left allmulticast mode
[  407.450006][ T3599] bridge_slave_1: left promiscuous mode
[  407.459198][ T3599] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.521723][ T3599] bridge_slave_0: left allmulticast mode
[  407.528117][ T3599] bridge_slave_0: left promiscuous mode
[  407.535307][ T3599] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.385101][ T3599] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  408.460274][ T3599] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  408.553000][ T3599] bond0 (unregistering): Released all slaves
[  408.681584][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  408.688894][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[  408.816333][ T4427] Bluetooth: hci3: command tx timeout
[  408.830431][ T3599] tipc: Disabling bearer <udp:s>
[  408.836313][ T3599] tipc: Left network mode
[  408.996893][   T29] audit: type=1804 audit(1718350440.612:104): pid=6314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2279203368/syzkaller.zV0X8A/66/file0" dev="sda1" ino=1940 res=1 errno=0
[  409.588616][ T6303] chnl_net:caif_netlink_parms(): no params data found
[  409.760209][ T3599] hsr_slave_0: left promiscuous mode
[  409.801541][ T3599] hsr_slave_1: left promiscuous mode
[  409.857655][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  409.865887][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_0
[  409.913678][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  409.921691][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_1
[  409.987090][ T3599] veth1_macvtap: left promiscuous mode
[  409.993030][ T3599] veth0_macvtap: left promiscuous mode
[  409.999631][ T3599] veth1_vlan: left promiscuous mode
[  410.005545][ T3599] veth0_vlan: left promiscuous mode
[  410.895504][ T4427] Bluetooth: hci3: command tx timeout
[  410.921405][ T3599] team0 (unregistering): Port device team_slave_1 removed
[  411.058344][ T3599] team0 (unregistering): Port device team_slave_0 removed
[  412.604944][   T29] audit: type=1800 audit(1718350444.152:105): pid=6332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1961 res=0 errno=0
[  412.829468][ T6303] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.837645][ T6303] bridge0: port 1(bridge_slave_0) entered disabled state
[  412.845855][ T6303] bridge_slave_0: entered allmulticast mode
[  412.855621][ T6303] bridge_slave_0: entered promiscuous mode
[  412.878889][ T6303] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.888898][ T6303] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.897340][ T6303] bridge_slave_1: entered allmulticast mode
[  412.907463][ T6303] bridge_slave_1: entered promiscuous mode
[  412.975414][ T4427] Bluetooth: hci3: command tx timeout
[  413.332360][ T6303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  413.440064][ T6303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  413.568098][ T6303] team0: Port device team_slave_0 added
[  413.615644][ T6303] team0: Port device team_slave_1 added
[  413.896953][ T6303] batman_adv: batadv0: Adding interface: batadv_slave_0
[  413.904266][ T6303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  413.931585][ T6303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  414.048233][ T6303] batman_adv: batadv0: Adding interface: batadv_slave_1
[  414.055604][ T6303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  414.082172][ T6303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.667521][ T6303] hsr_slave_0: entered promiscuous mode
[  414.696646][   T29] audit: type=1804 audit(1718350446.252:106): pid=6342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/53/bus" dev="sda1" ino=1947 res=1 errno=0
[  414.716880][ T6303] hsr_slave_1: entered promiscuous mode
[  414.774362][ T6303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  414.782448][ T6303] Cannot create hsr debugfs directory
[  415.077188][ T4427] Bluetooth: hci3: command tx timeout
[  416.136035][ T6303] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  416.257155][ T6303] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  416.416672][ T6303] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  416.468090][ T6303] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  417.811713][ T6303] 8021q: adding VLAN 0 to HW filter on device bond0
[  417.982726][ T6303] 8021q: adding VLAN 0 to HW filter on device team0
[  418.085598][ T5145] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.093396][ T5145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  418.198525][ T5145] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.206532][ T5145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  420.461468][ T6303] 8021q: adding VLAN 0 to HW filter on device batadv0
[  420.767202][ T6303] veth0_vlan: entered promiscuous mode
[  420.820569][ T6303] veth1_vlan: entered promiscuous mode
[  421.034091][ T6303] veth0_macvtap: entered promiscuous mode
[  421.061121][ T6303] veth1_macvtap: entered promiscuous mode
[  421.138696][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  421.149652][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.160682][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  421.171577][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.181772][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  421.192598][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.202796][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  421.215960][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.234130][ T6303] batman_adv: batadv0: Interface activated: batadv_slave_0
[  421.675955][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  421.686823][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.697202][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  421.708105][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.718338][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  421.731620][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.742569][ T6303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  421.753448][ T6303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  421.769665][ T6303] batman_adv: batadv0: Interface activated: batadv_slave_1
[  422.396534][ T6303] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  422.406026][ T6303] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  422.415420][ T6303] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  422.424509][ T6303] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  424.127154][   T29] audit: type=1804 audit(1718350455.712:107): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/57/bus" dev="sda1" ino=1957 res=1 errno=0
[  424.152948][   T29] audit: type=1804 audit(1718350455.712:108): pid=6375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/57/bus" dev="sda1" ino=1957 res=1 errno=0
[  424.184509][   T29] audit: type=1804 audit(1718350455.742:109): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/57/bus" dev="sda1" ino=1957 res=1 errno=0
[  425.526667][ T5132] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  425.795006][ T5132] usb 4-1: Using ep0 maxpacket: 8
[  425.915965][ T5132] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  425.928287][ T5132] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  425.941832][ T5132] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  426.141649][ T5132] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  426.151372][ T5132] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.160410][ T5132] usb 4-1: Product: Т
[  426.164993][ T5132] usb 4-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  426.201174][ T5132] usb 4-1: SerialNumber: ᠉
[  426.218700][ T5132] usb 4-1: config 0 descriptor??
[  426.281736][ T5132] ati_remote 4-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  426.486049][ T6388] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  426.498954][ T5132] usb 4-1: USB disconnect, device number 2
[  429.796941][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  429.805242][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  430.012978][ T4246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  430.027531][ T4246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  431.201257][   T29] audit: type=1804 audit(1718350462.732:110): pid=6413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/29/bus" dev="sda1" ino=1958 res=1 errno=0
[  434.977465][   T29] audit: type=1804 audit(1718350466.552:111): pid=6424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1713899108/syzkaller.himBxD/2/bus" dev="sda1" ino=1955 res=1 errno=0
[  435.003032][   T29] audit: type=1804 audit(1718350466.582:112): pid=6426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1713899108/syzkaller.himBxD/2/bus" dev="sda1" ino=1955 res=1 errno=0
[  435.028601][   T29] audit: type=1804 audit(1718350466.602:113): pid=6424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1713899108/syzkaller.himBxD/2/bus" dev="sda1" ino=1955 res=1 errno=0
[  435.065683][    T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  435.354867][    T8] usb 4-1: Using ep0 maxpacket: 8
[  435.516337][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  435.526965][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  435.537232][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  435.745484][    T8] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  435.762114][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.772980][    T8] usb 4-1: Product: Т
[  435.779390][    T8] usb 4-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  435.815518][    T8] usb 4-1: SerialNumber: ᠉
[  435.922477][    T8] usb 4-1: config 0 descriptor??
[  435.981496][    T8] ati_remote 4-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  436.237596][    T8] usb 4-1: USB disconnect, device number 3
[  437.302209][ T3599] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.476028][ T3599] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.583605][ T3599] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  437.751505][ T3599] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.176049][ T3599] bridge_slave_1: left allmulticast mode
[  438.182088][ T3599] bridge_slave_1: left promiscuous mode
[  438.189136][ T3599] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.267130][ T3599] bridge_slave_0: left allmulticast mode
[  438.273095][ T3599] bridge_slave_0: left promiscuous mode
[  438.280189][ T3599] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.117046][ T3599] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  440.788699][ T3599] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  440.950236][ T3599] bond0 (unregistering): Released all slaves
[  441.836435][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  441.851980][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  441.866981][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  441.883283][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  441.931549][   T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  441.944139][ T5076] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  442.062185][ T3599] hsr_slave_0: left promiscuous mode
[  442.091351][ T3599] hsr_slave_1: left promiscuous mode
[  442.145616][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.153500][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_0
[  442.218177][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  442.226371][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.329172][ T3599] veth1_macvtap: left promiscuous mode
[  442.335466][ T3599] veth0_macvtap: left promiscuous mode
[  442.341463][ T3599] veth1_vlan: left promiscuous mode
[  442.347399][ T3599] veth0_vlan: left promiscuous mode
[  443.547874][ T3599] team0 (unregistering): Port device team_slave_1 removed
[  443.582190][   T29] audit: type=1804 audit(1718350475.202:114): pid=6448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3426694353/syzkaller.VyuTXE/64/bus" dev="sda1" ino=1959 res=1 errno=0
[  443.650016][ T3599] team0 (unregistering): Port device team_slave_0 removed
[  444.095022][ T5076] Bluetooth: hci0: command tx timeout
[  445.335652][ T6442] chnl_net:caif_netlink_parms(): no params data found
[  446.175120][ T5076] Bluetooth: hci0: command tx timeout
[  446.831300][ T6442] bridge0: port 1(bridge_slave_0) entered blocking state
[  446.839394][ T6442] bridge0: port 1(bridge_slave_0) entered disabled state
[  446.848841][ T6442] bridge_slave_0: entered allmulticast mode
[  446.858579][ T6442] bridge_slave_0: entered promiscuous mode
[  446.967953][ T6442] bridge0: port 2(bridge_slave_1) entered blocking state
[  446.975952][ T6442] bridge0: port 2(bridge_slave_1) entered disabled state
[  446.983892][ T6442] bridge_slave_1: entered allmulticast mode
[  446.993811][ T6442] bridge_slave_1: entered promiscuous mode
[  447.451808][ T6442] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  447.523355][ T6442] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  447.808399][ T6442] team0: Port device team_slave_0 added
[  447.849033][ T6442] team0: Port device team_slave_1 added
[  448.130278][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_0
[  448.137854][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  448.169354][ T6442] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  448.256236][ T5076] Bluetooth: hci0: command tx timeout
[  448.267701][ T6442] batman_adv: batadv0: Adding interface: batadv_slave_1
[  448.275200][ T6442] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  448.301682][ T6442] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  449.006264][ T6442] hsr_slave_0: entered promiscuous mode
[  449.068116][ T6442] hsr_slave_1: entered promiscuous mode
[  450.340697][ T5076] Bluetooth: hci0: command tx timeout
[  450.613225][ T6442] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  450.662079][ T6442] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  450.725996][ T6442] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  450.783164][ T6442] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  451.226038][   T43] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  451.530457][   T43] usb 5-1: Using ep0 maxpacket: 8
[  451.713932][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  451.726399][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  451.737195][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  451.823996][ T6442] 8021q: adding VLAN 0 to HW filter on device bond0
[  451.979678][   T43] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  451.989995][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  451.998526][   T43] usb 5-1: Product: Т
[  452.002897][   T43] usb 5-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  452.038731][   T43] usb 5-1: SerialNumber: ᠉
[  452.073523][ T6442] 8021q: adding VLAN 0 to HW filter on device team0
[  452.106847][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.114971][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  452.128824][ T5076] block nbd3: Receive control failed (result -107)
[  452.147758][   T43] usb 5-1: config 0 descriptor??
[  452.210732][   T43] ati_remote 5-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  452.237324][ T6475] nbd3: detected capacity change from 0 to 15960
[  452.271321][ T5132] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.279337][ T5132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  452.440123][ T6472] block nbd3: shutting down sockets
[  452.508021][   T43] usb 5-1: USB disconnect, device number 8
[  454.143093][ T6442] 8021q: adding VLAN 0 to HW filter on device batadv0
[  454.459560][ T6442] veth0_vlan: entered promiscuous mode
[  454.613257][ T6442] veth1_vlan: entered promiscuous mode
[  454.863760][ T6488] xt_hashlimit: overflow, try lower: 0/0
[  455.181222][ T6442] veth0_macvtap: entered promiscuous mode
[  455.224005][ T6442] veth1_macvtap: entered promiscuous mode
[  455.380452][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  455.391349][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.401739][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  455.420576][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.433446][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  455.444261][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.454695][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  455.465573][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.481402][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_0
[  455.783986][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.795105][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.805410][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.819086][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.831427][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.842674][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.853018][ T6442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  455.863904][ T6442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  455.879861][ T6442] batman_adv: batadv0: Interface activated: batadv_slave_1
[  456.021119][ T3599] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.108298][ T6442] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  456.120232][ T6442] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  456.130983][ T6442] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  456.140602][ T6442] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  456.217975][ T3599] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.403807][ T3599] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.610698][ T3599] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.818904][ T4427] Bluetooth: hci5: command 0x0406 tx timeout
[  457.083854][ T3599] bridge_slave_1: left allmulticast mode
[  457.090580][ T3599] bridge_slave_1: left promiscuous mode
[  457.097740][ T3599] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.165874][ T3599] bridge_slave_0: left allmulticast mode
[  457.171973][ T3599] bridge_slave_0: left promiscuous mode
[  457.179199][ T3599] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.205581][ T3599] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  458.317034][ T3599] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  458.425173][ T3599] bond0 (unregistering): Released all slaves
[  459.306886][ T4427] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  459.337839][ T4427] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  459.352140][ T4427] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  459.399007][ T4427] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  459.423469][ T4427] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  459.449175][ T4427] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  459.572112][ T3599] hsr_slave_0: left promiscuous mode
[  459.617184][ T3599] hsr_slave_1: left promiscuous mode
[  459.676253][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  459.684154][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_0
[  459.748937][ T3599] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  459.757223][ T3599] batman_adv: batadv0: Removing interface: batadv_slave_1
[  459.872166][ T3599] veth1_macvtap: left promiscuous mode
[  459.879280][ T3599] veth0_macvtap: left promiscuous mode
[  459.885515][ T3599] veth1_vlan: left promiscuous mode
[  459.891156][ T3599] veth0_vlan: left promiscuous mode
[  461.066656][ T3599] team0 (unregistering): Port device team_slave_1 removed
[  461.101542][ T3599] team0 (unregistering): Port device team_slave_0 removed
[  461.535334][ T4427] Bluetooth: hci1: command tx timeout
[  463.047787][ T6501] chnl_net:caif_netlink_parms(): no params data found
[  463.614953][ T4427] Bluetooth: hci1: command tx timeout
[  464.126451][ T6501] bridge0: port 1(bridge_slave_0) entered blocking state
[  464.134403][ T6501] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.142623][ T6501] bridge_slave_0: entered allmulticast mode
[  464.152437][ T6501] bridge_slave_0: entered promiscuous mode
[  464.265193][ T6501] bridge0: port 2(bridge_slave_1) entered blocking state
[  464.273494][ T6501] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.282053][ T6501] bridge_slave_1: entered allmulticast mode
[  464.292090][ T6501] bridge_slave_1: entered promiscuous mode
[  464.459761][ T6501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  464.491358][ T6501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  464.611917][ T6501] team0: Port device team_slave_0 added
[  464.633963][ T6501] team0: Port device team_slave_1 added
[  464.963506][ T6501] batman_adv: batadv0: Adding interface: batadv_slave_0
[  464.970948][ T6501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  465.002477][ T6501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  465.099437][ T6501] batman_adv: batadv0: Adding interface: batadv_slave_1
[  465.106857][ T6501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  465.133360][ T6501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  465.676459][ T6501] hsr_slave_0: entered promiscuous mode
[  465.695456][ T4427] Bluetooth: hci1: command tx timeout
[  465.763686][ T6501] hsr_slave_1: entered promiscuous mode
[  465.795041][ T6501] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  465.804809][ T6501] Cannot create hsr debugfs directory
[  467.015185][ T4024] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.023543][ T4024] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.131515][ T4024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  467.140763][ T4024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  467.652578][ T6501] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  467.715854][ T6501] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  467.775783][ T4427] Bluetooth: hci1: command tx timeout
[  467.827804][ T6501] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  467.858563][ T6501] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  468.556303][ T4024] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.752801][ T4024] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.062130][ T4024] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.470245][ T4024] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  469.817898][ T6501] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.905670][ T4024] bridge_slave_1: left allmulticast mode
[  469.912121][ T4024] bridge_slave_1: left promiscuous mode
[  469.920258][ T4024] bridge0: port 2(bridge_slave_1) entered disabled state
[  470.001380][ T4024] bridge_slave_0: left allmulticast mode
[  470.007777][ T4024] bridge_slave_0: left promiscuous mode
[  470.014477][ T4024] bridge0: port 1(bridge_slave_0) entered disabled state
[  470.208070][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  470.215093][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[  470.606779][ T4024] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  470.685824][ T4024] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  470.726575][ T4024] bond0 (unregistering): Released all slaves
[  470.940748][ T6501] 8021q: adding VLAN 0 to HW filter on device team0
[  471.002254][ T5132] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.010189][ T5132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.109013][ T5132] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.116944][ T5132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  471.547470][ T6501] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  471.559480][ T6501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  472.070086][ T5076] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  472.081371][ T5076] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  472.096461][ T5076] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  472.164469][ T5076] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  472.185018][ T5076] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  472.195082][ T5076] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  472.345142][   T29] audit: type=1326 audit(1718350503.912:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ae67cea9 code=0x0
[  472.433074][ T4024] hsr_slave_0: left promiscuous mode
[  472.458337][ T4024] hsr_slave_1: left promiscuous mode
[  472.472257][ T4024] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  472.481394][ T4024] batman_adv: batadv0: Removing interface: batadv_slave_0
[  472.544468][ T4024] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  472.552404][ T4024] batman_adv: batadv0: Removing interface: batadv_slave_1
[  472.689055][ T4024] veth1_macvtap: left promiscuous mode
[  472.703991][ T4024] veth0_macvtap: left promiscuous mode
[  472.710808][ T4024] veth1_vlan: left promiscuous mode
[  472.721166][ T4024] veth0_vlan: left promiscuous mode
[  473.546518][ T4024] team0 (unregistering): Port device team_slave_1 removed
[  473.596228][ T4024] team0 (unregistering): Port device team_slave_0 removed
[  474.335344][ T5076] Bluetooth: hci3: command tx timeout
[  474.826792][ T6501] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.967584][ T6559] chnl_net:caif_netlink_parms(): no params data found
[  475.492999][ T6501] veth0_vlan: entered promiscuous mode
[  475.683423][ T6501] veth1_vlan: entered promiscuous mode
[  476.119128][ T6501] veth0_macvtap: entered promiscuous mode
[  476.155430][ T6501] veth1_macvtap: entered promiscuous mode
[  476.314114][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.326551][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.341069][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.351919][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.363276][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  476.375129][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.394022][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_0
[  476.433749][ T5076] Bluetooth: hci3: command tx timeout
[  476.493635][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.509018][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.519419][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.530285][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.540592][ T6501] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.551519][ T6501] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.567656][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_1
[  476.857760][ T6501] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.868248][ T6501] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.877654][ T6501] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.887139][ T6501] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  476.922101][ T6559] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.930380][ T6559] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.938941][ T6559] bridge_slave_0: entered allmulticast mode
[  476.948818][ T6559] bridge_slave_0: entered promiscuous mode
[  477.035251][ T6559] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.043094][ T6559] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.051371][ T6559] bridge_slave_1: entered allmulticast mode
[  477.061273][ T6559] bridge_slave_1: entered promiscuous mode
[  477.371996][ T6559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.446417][ T6559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.682099][ T6559] team0: Port device team_slave_0 added
[  477.752012][ T6559] team0: Port device team_slave_1 added
[  477.930722][ T6559] batman_adv: batadv0: Adding interface: batadv_slave_0
[  477.940477][ T6559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.973604][ T6559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.256696][ T6559] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.264011][ T6559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  478.292254][ T6559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.313498][   T29] audit: type=1326 audit(1718350509.882:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6592 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ae67cea9 code=0x0
[  478.471844][ T6599] Invalid ELF section header overflow
[  478.521945][ T5076] Bluetooth: hci3: command tx timeout
[  478.884976][ T6559] hsr_slave_0: entered promiscuous mode
[  478.931216][ T6559] hsr_slave_1: entered promiscuous mode
[  478.993817][ T6559] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  479.002058][ T6559] Cannot create hsr debugfs directory
[  480.575177][ T5076] Bluetooth: hci3: command tx timeout
[  481.018732][ T6559] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  481.166413][ T6559] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  481.276666][ T6559] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  481.378096][ T6559] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  482.085323][ T6559] 8021q: adding VLAN 0 to HW filter on device bond0
[  482.195356][ T6559] 8021q: adding VLAN 0 to HW filter on device team0
[  482.245167][ T5153] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.252977][ T5153] bridge0: port 1(bridge_slave_0) entered forwarding state
[  482.331669][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.339637][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state
[  483.596358][ T4246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.604748][ T4246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.693125][ T4246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.701478][ T4246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.809324][ T6559] 8021q: adding VLAN 0 to HW filter on device batadv0
[  485.368415][ T6559] veth0_vlan: entered promiscuous mode
[  485.487182][ T6559] veth1_vlan: entered promiscuous mode
[  485.802709][ T6559] veth0_macvtap: entered promiscuous mode
[  485.858484][ T6559] veth1_macvtap: entered promiscuous mode
[  485.950675][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.961790][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.972697][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  485.983576][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.994112][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  486.005158][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.015452][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  486.026893][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.046383][ T6559] batman_adv: batadv0: Interface activated: batadv_slave_0
[  486.100392][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  486.113853][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.125987][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  486.139166][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.150040][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  486.161061][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.171400][ T6559] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  486.182363][ T6559] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  486.198447][ T6559] batman_adv: batadv0: Interface activated: batadv_slave_1
[  486.380508][ T6559] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  486.389852][ T6559] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  486.399285][ T6559] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  486.408540][ T6559] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  486.785196][ T5125] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  487.195212][ T5125] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[  487.206997][ T5125] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  487.217691][ T5125] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[  487.227239][ T5125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.580393][ T5125] usb 2-1: string descriptor 0 read error: -71
[  487.588090][ T5125] hub 2-1:32.0: USB hub found
[  487.686523][ T5125] hub 2-1:32.0: config failed, can't read hub descriptor (err -22)
[  487.896922][ T5125] usb 2-1: USB disconnect, device number 6
[  490.108414][ T6663] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  490.117742][ T6663] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  495.006897][ T5125] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  495.015524][ T5125] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  495.117484][  T145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  495.125918][  T145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.490078][ T6706] Bluetooth: MGMT ver 1.22
[  499.022610][ T6710] 9pnet_fd: p9_fd_create_unix (6710): problem connecting socket: ./file0: -111
[  499.845319][ T6717] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  499.861792][ T6717] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  500.054734][    C0] hrtimer: interrupt took 220142 ns
[  509.574582][    C1] sched: RT throttling activated
[  510.533461][ T6763] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  510.542490][ T6763] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  520.527590][ T6786] hub 9-0:1.0: USB hub found
[  520.533602][ T6786] hub 9-0:1.0: 8 ports detected
[  523.418483][ T6795] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  523.803186][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.812396][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.823034][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.831631][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.839507][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.848046][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.857698][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.866705][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.874451][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.883823][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.891706][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.899669][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.907594][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.915561][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.925824][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.933546][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.942401][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.950381][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.958269][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.966218][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.973965][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.982444][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.990469][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  523.998517][ T5132] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  524.010053][ T6800] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  524.026709][ T6800] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  524.032959][ T5132] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  524.338700][ T5125] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  524.725939][ T5125] usb 1-1: device descriptor read/64, error -71
[  525.081943][ T5125] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  525.414326][ T5125] usb 1-1: device descriptor read/64, error -71
[  525.542095][ T5125] usb usb1-port1: attempt power cycle
[  526.065266][ T5125] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  526.327207][ T5125] usb 1-1: device descriptor read/8, error -71
[  526.779672][ T5125] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  527.438530][ T5125] usb 1-1: device descriptor read/8, error -71
[  527.690927][ T5125] usb usb1-port1: unable to enumerate USB device
[  528.712803][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  531.583174][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  531.590427][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[  532.706777][ T6855] overlayfs: missing 'lowerdir'
[  539.777759][ T6888] syz-executor.4 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  542.063971][ T6912] kvm: emulating exchange as write
[  547.124372][ T6937] vlan2: entered promiscuous mode
[  547.171513][ T5120] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  547.524827][ T5120] usb 5-1: Using ep0 maxpacket: 32
[  547.691688][ T5120] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  547.702069][ T5120] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  547.712329][ T5120] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  547.722573][ T5120] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  547.945903][ T5120] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  547.955586][ T5120] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.963923][ T5120] usb 5-1: Product: syz
[  547.969721][ T5120] usb 5-1: Manufacturer: syz
[  547.974976][ T5120] usb 5-1: SerialNumber: syz
[  548.269315][ T5120] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 9 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  548.286957][ T5120] usb 5-1: USB disconnect, device number 9
[  548.323221][ T5120] usblp0: removed
[  548.477212][ T6948] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  548.486937][ T6948] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  554.196840][ T6980] vlan2: entered promiscuous mode
[  554.203365][ T6980] batadv0: entered promiscuous mode
[  554.222223][ T6980] team0: Port device vlan2 added
[  554.487598][   T29] audit: type=1804 audit(1718350586.062:117): pid=6983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2127089641/syzkaller.wOWkQ1/30/bus/bus" dev="sda1" ino=1957 res=1 errno=0
[  554.513491][   T29] audit: type=1804 audit(1718350586.102:118): pid=6985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2127089641/syzkaller.wOWkQ1/30/bus/bus" dev="sda1" ino=1957 res=1 errno=0
[  554.635158][   T29] audit: type=1804 audit(1718350586.252:119): pid=6983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2127089641/syzkaller.wOWkQ1/30/bus/bus" dev="sda1" ino=1957 res=1 errno=0
[  554.816836][ T6984] block nbd4: shutting down sockets
[  556.775859][   T29] audit: type=1800 audit(1718350588.382:120): pid=6987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1939 res=0 errno=0
[  556.804370][   T29] audit: type=1804 audit(1718350588.382:121): pid=7000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3809514382/syzkaller.nsj06E/24/bus" dev="sda1" ino=1939 res=1 errno=0
[  564.377528][ T4427] Bluetooth: hci0: command 0x0406 tx timeout
[  565.583769][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  566.076652][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  568.447014][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  568.857262][ T7097] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  573.338002][   T29] audit: type=1326 audit(1718350604.932:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7117 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f283027cea9 code=0x0
[  573.859849][ T5076] block nbd4: Receive control failed (result -107)
[  573.945041][ T7120] nbd4: detected capacity change from 0 to 15960
[  573.963858][ T7127] block nbd4: Dead connection, failed to find a fallback
[  573.971394][ T7127] block nbd4: shutting down sockets
[  573.977895][ T7127] blk_print_req_error: 6 callbacks suppressed
[  573.977978][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  573.996924][ T7127] buffer_io_error: 6 callbacks suppressed
[  573.997020][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.012491][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.022038][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.030391][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.039961][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.048320][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.058371][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.066881][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.076512][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.084984][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.097223][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.106458][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.106956][   T29] audit: type=1800 audit(1718350605.552:123): pid=7122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  574.115848][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.116173][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.154822][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.162895][ T7127] ldm_validate_partition_table(): Disk read failed.
[  574.170135][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.179727][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.188134][ T7127] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  574.200509][ T7127] Buffer I/O error on dev nbd4, logical block 0, async page read
[  574.209593][ T7127] Dev nbd4: unable to read RDB block 0
[  574.216398][ T7127]  nbd4: unable to read partition table
[  575.541025][ T7138] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  575.627230][ T5125] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  575.902366][ T5125] usb 4-1: Using ep0 maxpacket: 8
[  576.047988][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  576.058204][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  576.068911][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  576.235510][ T5125] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  576.252289][ T5125] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.263133][ T5125] usb 4-1: Product: Т
[  576.267847][ T5125] usb 4-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  576.302692][ T5125] usb 4-1: SerialNumber: ᠉
[  576.322773][ T5125] usb 4-1: config 0 descriptor??
[  576.384898][ T5125] ati_remote 4-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  576.586886][ T5153] usb 4-1: USB disconnect, device number 4
[  578.094152][   T29] audit: type=1326 audit(1718350609.652:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7154 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf1bc7cea9 code=0x0
[  578.265237][   T29] audit: type=1800 audit(1718350609.882:125): pid=7159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1943 res=0 errno=0
[  578.517909][ T5076] block nbd3: Receive control failed (result -107)
[  578.575075][ T7161] nbd3: detected capacity change from 0 to 15960
[  578.609750][ T7161] block nbd3: Dead connection, failed to find a fallback
[  578.617719][ T7161] block nbd3: shutting down sockets
[  578.624348][ T7161] ldm_validate_partition_table(): Disk read failed.
[  578.632203][ T7161] Dev nbd3: unable to read RDB block 0
[  578.638757][ T7161]  nbd3: unable to read partition table
[  580.293173][ T7177] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  581.200531][ T7186] Bluetooth: MGMT ver 1.22
[  581.205502][ T7186] Bluetooth: hci3: invalid length 0, exp 2 for type 22
[  581.906159][ T5120] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  582.144982][ T5120] usb 4-1: Using ep0 maxpacket: 8
[  582.269422][ T5120] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  582.279786][ T5120] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  582.297410][ T5120] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  582.478024][ T5120] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0005, bcdDevice=f4.bb
[  582.487905][ T5120] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.503952][ T5120] usb 4-1: Product: Т
[  582.510934][ T5120] usb 4-1: Manufacturer: 旒䳠쒂镉䜏ᨦࡳӡ젓䈮갼Ḗ䪤䰹׾馿ᣖ鯯ྦ䫜텮煷볘఻炲综孁蹙䌓鎨퍵◯觫㷱鬧೼濈ࣽ⿢騠苀禆锬뉐ﱯ긽졇둾䬞鋄먃ਃ֠ꧻ톸띷ᗒ䐨⓮㧋鱦ｑ顊⮘漱恦ອʭ੟㗘敩ᣈ螢펶隲傟녃⠀祝ㆆ④츇铲흩쎗劏ึ计䅃�牎䁰蹪鎺踼ዊ슩䶄秼➬촆矠䔄
[  582.545798][ T5120] usb 4-1: SerialNumber: ᠉
[  582.606883][ T5120] usb 4-1: config 0 descriptor??
[  582.661552][ T5120] ati_remote 4-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[  582.847252][   T29] audit: type=1800 audit(1718350614.462:126): pid=7203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1961 res=0 errno=0
[  582.865167][ T5120] usb 4-1: USB disconnect, device number 5
[  582.972968][   T29] audit: type=1326 audit(1718350614.592:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7202 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f283027cea9 code=0x0
[  583.339548][ T4427] block nbd1: Receive control failed (result -107)
[  583.435665][ T7206] nbd1: detected capacity change from 0 to 15960
[  583.451816][ T7213] block nbd1: Dead connection, failed to find a fallback
[  583.459802][ T7213] block nbd1: shutting down sockets
[  583.465395][ T7213] blk_print_req_error: 22 callbacks suppressed
[  583.465465][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.481247][ T7213] buffer_io_error: 22 callbacks suppressed
[  583.481336][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.495874][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.505356][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.516598][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.527051][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.535285][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.544769][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.552913][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.562245][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.570494][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.579907][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.588312][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.597671][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.605942][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.618262][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.626837][ T7213] ldm_validate_partition_table(): Disk read failed.
[  583.633728][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.643109][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.651439][ T7213] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  583.660766][ T7213] Buffer I/O error on dev nbd1, logical block 0, async page read
[  583.669065][ T7213] Dev nbd1: unable to read RDB block 0
[  583.675526][ T7213]  nbd1: unable to read partition table
[  585.681452][ T4427] Bluetooth: hci1: command 0x0406 tx timeout
[  589.706488][ T7253] netlink: 296 bytes leftover after parsing attributes in process `syz-executor.2'.
[  590.924038][ T7257] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  591.519243][   T29] audit: type=1326 audit(1718350623.132:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7256 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf1bc7cea9 code=0x0
[  593.044935][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  593.051789][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[  594.690393][ T7271] loop0: detected capacity change from 0 to 128
[  594.751879][ T7271] FAT-fs (loop0): bogus logical sector size 0
[  594.758731][ T7271] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  594.768716][ T7271] FAT-fs (loop0): Can't find a valid FAT filesystem
[  594.877716][   T29] audit: type=1800 audit(1718350626.492:129): pid=7271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1949 res=0 errno=0
[  595.055415][ T4427] Bluetooth: hci3: command 0x0406 tx timeout
[  596.995947][   T29] audit: type=1326 audit(1718350628.612:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7294 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff831a7cea9 code=0x0
[  596.996156][ T7299] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  601.788932][   T29] audit: type=1800 audit(1718350633.382:131): pid=7324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1944 res=0 errno=0
[  605.185771][ T7342] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  605.832799][   T29] audit: type=1326 audit(1718350637.402:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf1bc7cea9 code=0x0
[  607.981552][ T7357] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  608.535198][ T5132] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  608.906133][ T5132] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x38, skipping
[  608.919719][ T5132] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  609.116257][ T5132] usb 2-1: New USB device found, idVendor=2770, idProduct=9051, bcdDevice=9a.1b
[  609.126602][ T5132] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.135297][ T5132] usb 2-1: Product: syz
[  609.139748][ T5132] usb 2-1: Manufacturer: syz
[  609.145540][ T5132] usb 2-1: SerialNumber: syz
[  609.196771][ T5132] usb 2-1: config 0 descriptor??
[  609.289121][ T5132] gspca_main: sq905c-2.14.0 probing 2770:9051
[  609.497214][ T5132] gspca_sq905c: sq905c_command: usb_control_msg failed (-71)
[  609.507072][ T5132] sq905c 2-1:0.0: Get version command failed
[  609.513602][ T5132] sq905c 2-1:0.0: probe with driver sq905c failed with error -71
[  609.587947][ T5132] usb 2-1: USB disconnect, device number 7
[  610.928249][   T29] audit: type=1804 audit(1718350642.492:133): pid=7371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2127089641/syzkaller.wOWkQ1/56/file0" dev="sda1" ino=1943 res=1 errno=0
[  611.945211][ T5132] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  612.355155][ T5132] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  612.368852][ T5132] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  612.378804][ T5132] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.423762][ T5132] usb 2-1: config 0 descriptor??
[  612.486362][ T5132] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  612.689926][ T5132] usb 2-1: USB disconnect, device number 8
[  612.851574][ T7386] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  616.817668][   T29] audit: type=1326 audit(1718350648.342:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faf1bc7cea9 code=0x0
[  618.342527][ T7401] loop0: detected capacity change from 0 to 32768
[  618.444661][ T7401] btrfs: Deprecated parameter 'usebackuproot'
[  618.451156][ T7401] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  618.464189][ T7401] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7401)
[  618.498105][ T7401] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  618.508937][ T7401] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  618.519403][ T7401] BTRFS info (device loop0): disk space caching is enabled
[  619.495713][ T6559] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  621.682728][   T29] audit: type=1804 audit(1718350653.272:135): pid=7429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/102/file0" dev="sda1" ino=1961 res=1 errno=0
[  622.154873][  T781] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  622.555358][  T781] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x38, skipping
[  622.570864][  T781] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  622.799696][  T781] usb 1-1: New USB device found, idVendor=2770, idProduct=9051, bcdDevice=9a.1b
[  622.817603][  T781] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.838165][  T781] usb 1-1: Product: syz
[  622.847322][  T781] usb 1-1: Manufacturer: syz
[  622.853456][  T781] usb 1-1: SerialNumber: syz
[  622.897667][  T781] usb 1-1: config 0 descriptor??
[  622.977303][  T781] gspca_main: sq905c-2.14.0 probing 2770:9051
[  623.255137][  T781] gspca_sq905c: sq905c_command: usb_control_msg failed (-71)
[  623.270818][  T781] sq905c 1-1:0.0: Get version command failed
[  623.279749][  T781] sq905c 1-1:0.0: probe with driver sq905c failed with error -71
[  623.355180][  T781] usb 1-1: USB disconnect, device number 12
[  623.870629][ T5120] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  624.325490][ T5120] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  624.345991][ T5120] usb 4-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  624.361025][ T5120] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  624.464878][ T5120] usb 4-1: config 0 descriptor??
[  624.573517][ T5120] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  624.798840][ T5120] usb 4-1: USB disconnect, device number 6
[  624.953495][ T7438] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  628.052301][ T7450] loop0: detected capacity change from 0 to 32768
[  628.132107][ T7450] btrfs: Deprecated parameter 'usebackuproot'
[  628.139125][ T7450] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  628.156354][ T7450] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7450)
[  628.234299][ T7450] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  628.246642][ T7450] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  628.258408][ T7450] BTRFS info (device loop0): disk space caching is enabled
[  629.441373][ T6559] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  629.540905][ T7470] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  632.198316][   T29] audit: type=1804 audit(1718350663.712:136): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2375722374/syzkaller.TFc8Ni/106/file0" dev="sda1" ino=1964 res=1 errno=0
[  634.095677][ T5153] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  634.485548][ T5153] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x38, skipping
[  634.498280][ T5153] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  634.718674][ T5153] usb 1-1: New USB device found, idVendor=2770, idProduct=9051, bcdDevice=9a.1b
[  634.729514][ T5153] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.740252][ T5153] usb 1-1: Product: syz
[  634.745091][ T5153] usb 1-1: Manufacturer: syz
[  634.750179][ T5153] usb 1-1: SerialNumber: syz
[  634.792152][ T5153] usb 1-1: config 0 descriptor??
[  634.844088][ T5153] gspca_main: sq905c-2.14.0 probing 2770:9051
[  635.497990][ T5153] gspca_sq905c: sq905c_command: usb_control_msg failed (-71)
[  635.506258][ T5153] sq905c 1-1:0.0: Get version command failed
[  635.513207][ T5153] sq905c 1-1:0.0: probe with driver sq905c failed with error -71
[  635.641355][ T5153] usb 1-1: USB disconnect, device number 13
[  637.791992][ T5120] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  638.165869][ T5120] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  638.180430][ T5120] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  638.191167][ T5120] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.275189][ T5120] usb 1-1: config 0 descriptor??
[  638.341039][ T5120] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  638.550863][ T5076] Bluetooth: hci3: unexpected event for opcode 0x1408
[  638.581894][  T781] usb 1-1: USB disconnect, device number 14
[  642.587142][ T5076] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  642.596904][ T5076] Bluetooth: hci3: Injecting HCI hardware error event
[  642.609770][ T4427] Bluetooth: hci3: hardware error 0x00
[  643.435942][   T29] audit: type=1326 audit(1718350674.982:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7502 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f283027cea9 code=0x0
[  644.665731][ T4427] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  646.151471][ T7507] loop0: detected capacity change from 0 to 32768
[  646.224991][ T7507] btrfs: Deprecated parameter 'usebackuproot'
[  646.231501][ T7507] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  646.244036][ T7507] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7507)
[  646.274744][ T7507] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  646.289063][ T7507] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  646.299996][ T7507] BTRFS info (device loop0): disk space caching is enabled
[  647.330375][ T6559] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  647.928235][ T4246] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.095491][ T4246] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.306358][ T4246] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.488552][ T4246] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.721525][ T4246] bridge_slave_1: left allmulticast mode
[  648.728704][ T4246] bridge_slave_1: left promiscuous mode
[  648.737254][ T4246] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.777021][ T4246] bridge_slave_0: left allmulticast mode
[  648.784140][ T4246] bridge_slave_0: left promiscuous mode
[  648.791882][ T4246] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.797612][ T4246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  649.909112][ T4246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  649.938126][ T4246] bond0 (unregistering): Released all slaves
[  650.757790][ T5076] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  650.776759][ T5076] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  650.806044][ T5076] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  650.832113][ T5076] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  650.855249][ T5076] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  650.878349][ T5076] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  651.155692][ T4246] hsr_slave_0: left promiscuous mode
[  651.208164][ T4246] hsr_slave_1: left promiscuous mode
[  651.228211][ T4246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  651.238511][ T4246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  651.276662][ T4246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  651.288272][ T4246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  651.361323][ T4246] veth1_macvtap: left promiscuous mode
[  651.368957][ T4246] veth0_macvtap: left promiscuous mode
[  651.376906][ T4246] veth1_vlan: left promiscuous mode
[  651.385988][ T4246] veth0_vlan: left promiscuous mode
[  652.447228][ T4246] team0 (unregistering): Port device team_slave_1 removed
[  652.510454][ T4246] team0 (unregistering): Port device team_slave_0 removed
[  652.976745][ T5076] Bluetooth: hci2: command tx timeout
[  653.602102][ T5145] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  654.176895][ T5145] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  654.190548][ T5145] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  654.202835][ T5145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  654.338042][ T5145] usb 2-1: config 0 descriptor??
[  654.548103][ T1220] ieee802154 phy0 wpan0: encryption failed: -22
[  654.556501][ T1220] ieee802154 phy1 wpan1: encryption failed: -22
[  654.687240][ T5076] Bluetooth: hci1: unexpected event for opcode 0x1408
[  655.058297][ T5076] Bluetooth: hci2: command tx timeout
[  655.212303][ T7535] chnl_net:caif_netlink_parms(): no params data found
[  657.001576][ T5145] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  657.048491][ T5145] usb 2-1: USB disconnect, device number 9
[  657.137020][ T5076] Bluetooth: hci2: command tx timeout
[  657.792427][ T7535] bridge0: port 1(bridge_slave_0) entered blocking state
[  657.808296][ T7535] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.819870][ T7535] bridge_slave_0: entered allmulticast mode
[  657.832608][ T7535] bridge_slave_0: entered promiscuous mode
[  657.859220][ T7535] bridge0: port 2(bridge_slave_1) entered blocking state
[  657.870476][ T7535] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.880623][ T7535] bridge_slave_1: entered allmulticast mode
[  657.894407][ T7535] bridge_slave_1: entered promiscuous mode
[  658.050751][ T7535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  658.083856][ T7535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.402998][ T7535] team0: Port device team_slave_0 added
[  658.515890][ T7535] team0: Port device team_slave_1 added
[  658.686844][ T7535] batman_adv: batadv0: Adding interface: batadv_slave_0
[  658.694896][ T7535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  658.727290][ T7535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  658.742521][ T5076] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  658.754374][ T5076] Bluetooth: hci1: Injecting HCI hardware error event
[  658.765352][ T5076] Bluetooth: hci1: hardware error 0x00
[  658.832230][ T7535] batman_adv: batadv0: Adding interface: batadv_slave_1
[  658.841759][ T7535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  658.872365][ T7535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  659.075071][   T29] audit: type=1326 audit(1718350690.672:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7564 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f283027cea9 code=0x0
[  659.214767][ T4427] Bluetooth: hci2: command tx timeout
[  659.443054][ T7535] hsr_slave_0: entered promiscuous mode
[  659.488239][ T7535] hsr_slave_1: entered promiscuous mode
[  659.558789][ T7535] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  659.568335][ T7535] Cannot create hsr debugfs directory
[  660.816482][ T5076] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  661.114749][ T7570] loop1: detected capacity change from 0 to 1024
[  662.052385][ T7535] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  662.168630][ T7535] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  662.275922][ T7573] Zero length message leads to an empty skb
[  662.287523][ T7535] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  662.290466][ T7573] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  662.305393][ T7573] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  662.507598][ T7535] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  664.274329][ T7535] 8021q: adding VLAN 0 to HW filter on device bond0
[  664.461139][ T7535] 8021q: adding VLAN 0 to HW filter on device team0
[  664.592194][ T5129] bridge0: port 1(bridge_slave_0) entered blocking state
[  664.600019][ T5129] bridge0: port 1(bridge_slave_0) entered forwarding state
[  664.724997][ T5129] bridge0: port 2(bridge_slave_1) entered blocking state
[  664.732699][ T5129] bridge0: port 2(bridge_slave_1) entered forwarding state
[  666.086953][ T4246] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.225046][ T4246] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.353048][ T4246] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.495346][ T4246] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.006243][ T4246] bridge_slave_1: left allmulticast mode
[  667.013880][ T4246] bridge_slave_1: left promiscuous mode
[  667.022227][ T4246] bridge0: port 2(bridge_slave_1) entered disabled state
[  667.096268][ T4246] bridge_slave_0: left allmulticast mode
[  667.106331][ T4246] bridge_slave_0: left promiscuous mode
[  667.114968][ T4246] bridge0: port 1(bridge_slave_0) entered disabled state
[  667.983828][ T4246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  668.476955][ T4246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  668.650975][ T4246] bond0 (unregistering): Released all slaves
[  669.329562][ T4427] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  669.349873][ T4427] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  669.363527][ T4427] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  669.392655][ T4427] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  669.435277][ T4427] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  669.449433][ T4427] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  669.478981][ T7535] 8021q: adding VLAN 0 to HW filter on device batadv0
[  669.702777][ T4246] hsr_slave_0: left promiscuous mode
[  669.763086][ T4246] hsr_slave_1: left promiscuous mode
[  669.820697][ T4246] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  669.846408][ T4246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  669.908795][ T4246] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  669.922596][ T4246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  670.015906][ T4246] veth1_macvtap: left promiscuous mode
[  670.022047][ T4246] veth0_macvtap: left promiscuous mode
[  670.034220][ T4246] veth1_vlan: left promiscuous mode
[  670.045737][ T4246] veth0_vlan: left promiscuous mode
[  671.341948][ T4246] team0 (unregistering): Port device team_slave_1 removed
[  671.446322][ T4246] team0 (unregistering): Port device team_slave_0 removed
[  671.614806][ T4427] Bluetooth: hci0: command tx timeout
[  673.616800][ T7586] chnl_net:caif_netlink_parms(): no params data found
[  673.695128][ T4427] Bluetooth: hci0: command tx timeout
[  675.039938][ T7535] veth0_vlan: entered promiscuous mode
[  675.361707][ T7586] bridge0: port 1(bridge_slave_0) entered blocking state
[  675.376763][ T7586] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.385340][ T7586] bridge_slave_0: entered allmulticast mode
[  675.394174][ T7586] bridge_slave_0: entered promiscuous mode
[  675.499646][ T7535] veth1_vlan: entered promiscuous mode
[  675.558466][ T7586] bridge0: port 2(bridge_slave_1) entered blocking state
[  675.577134][ T7586] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.587700][ T7586] bridge_slave_1: entered allmulticast mode
[  675.596605][ T7586] bridge_slave_1: entered promiscuous mode
[  675.784880][ T4427] Bluetooth: hci0: command tx timeout
[  676.055201][ T7586] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  676.198328][ T7586] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  676.355168][   T29] audit: type=1804 audit(1718350707.872:139): pid=7603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3809514382/syzkaller.nsj06E/56/file0" dev="sda1" ino=1948 res=1 errno=0
[  676.529415][ T7586] team0: Port device team_slave_0 added
[  676.608208][ T7586] team0: Port device team_slave_1 added
[  676.663170][ T7535] veth0_macvtap: entered promiscuous mode
[  676.957462][ T7535] veth1_macvtap: entered promiscuous mode
[  676.981280][ T7586] batman_adv: batadv0: Adding interface: batadv_slave_0
[  676.989044][ T7586] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  677.021051][ T7586] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  677.180278][ T7586] batman_adv: batadv0: Adding interface: batadv_slave_1
[  677.188209][ T7586] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  677.217057][ T7586] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  677.475834][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  677.491019][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.505294][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  677.523220][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.536899][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  677.556296][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.573185][ T7535] batman_adv: batadv0: Interface activated: batadv_slave_0
[  677.644535][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  677.657018][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.669672][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  677.682089][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.694192][ T7535] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  677.708380][ T7535] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  677.730088][ T7535] batman_adv: batadv0: Interface activated: batadv_slave_1
[  677.788261][ T7586] hsr_slave_0: entered promiscuous mode
[  677.854770][ T4427] Bluetooth: hci0: command tx timeout
[  677.939274][ T7586] hsr_slave_1: entered promiscuous mode
[  678.045554][ T7535] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  678.056145][ T7535] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  678.065917][ T7535] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  678.078133][ T7535] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  680.319143][ T7586] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  680.467887][ T7586] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  680.557697][ T7586] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  680.650238][ T7586] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  682.157342][ T7586] 8021q: adding VLAN 0 to HW filter on device bond0
[  682.334310][ T7586] 8021q: adding VLAN 0 to HW filter on device team0
[  682.403268][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.413818][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.539494][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.550118][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  682.754978][ T7524] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  683.176683][ T7524] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  683.190919][ T7524] usb 2-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  683.201493][ T7524] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.314390][ T7524] usb 2-1: config 0 descriptor??
[  683.393186][ T7524] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  683.604755][   T25] usb 2-1: USB disconnect, device number 10
[  684.753319][ T7586] 8021q: adding VLAN 0 to HW filter on device batadv0
[  685.538881][ T4024] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.735891][ T4024] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  685.766523][ T7586] veth0_vlan: entered promiscuous mode
[  685.935519][ T4024] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.005690][ T7586] veth1_vlan: entered promiscuous mode
[  686.159750][ T4024] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  686.486944][ T7586] veth0_macvtap: entered promiscuous mode
[  686.614204][ T7586] veth1_macvtap: entered promiscuous mode
[  686.702052][ T4024] bridge_slave_1: left allmulticast mode
[  686.709933][ T4024] bridge_slave_1: left promiscuous mode
[  686.717697][ T4024] bridge0: port 2(bridge_slave_1) entered disabled state
[  687.312121][ T4024] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  687.366595][ T4024] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  687.410124][ T4024] bond0 (unregistering): Released all slaves
[  687.597604][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.609018][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.620825][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.633516][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.645328][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.658587][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.669422][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  687.680471][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  687.700251][ T7586] batman_adv: batadv0: Interface activated: batadv_slave_0
[  687.904914][   T25] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  687.913783][   T25] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.056979][ T3861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  688.070728][ T3861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  688.308521][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.322438][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.342828][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.360985][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.381836][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.400313][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.420229][ T7586] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  688.439486][ T7586] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  688.461263][ T7586] batman_adv: batadv0: Interface activated: batadv_slave_1
[  688.600036][ T5076] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  688.626673][ T5076] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  688.651297][ T5076] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  688.693400][ T5076] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  688.720445][ T5076] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  688.743296][ T5076] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  688.777423][ T7586] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  688.792843][ T7586] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  688.802988][ T7586] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  688.813901][ T7586] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  688.878090][   T29] audit: type=1326 audit(1718350720.492:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7643 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f283027cea9 code=0x0
[  688.971244][ T4024] hsr_slave_0: left promiscuous mode
[  688.999364][ T4024] hsr_slave_1: left promiscuous mode
[  689.013446][ T4024] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  689.026589][ T4024] batman_adv: batadv0: Removing interface: batadv_slave_0
[  689.049708][ T4024] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  689.063809][ T4024] batman_adv: batadv0: Removing interface: batadv_slave_1
[  689.115263][ T4024] batadv0: left promiscuous mode
[  689.124893][ T4024] veth1_macvtap: left promiscuous mode
[  689.136420][ T4024] veth0_macvtap: left promiscuous mode
[  689.153301][ T4024] veth1_vlan: left promiscuous mode
[  689.164876][ T4024] veth0_vlan: left promiscuous mode
[  689.763481][ T4024] team0 (unregistering): Port device vlan2 removed
[  690.238212][ T4024] team0 (unregistering): Port device team_slave_1 removed
[  690.309857][ T4024] team0 (unregistering): Port device team_slave_0 removed
[  691.060295][ T4427] Bluetooth: hci4: command tx timeout
[  691.676609][ T7664] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'.
[  692.655401][ T7645] chnl_net:caif_netlink_parms(): no params data found
[  693.140013][ T4427] Bluetooth: hci4: command tx timeout
[  694.034870][   T29] audit: type=1804 audit(1718350725.582:141): pid=7677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3809514382/syzkaller.nsj06E/63/file0" dev="sda1" ino=1951 res=1 errno=0
[  694.271843][ T7685] loop0: detected capacity change from 0 to 2048
[  694.547012][ T7686] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  694.612951][ T7645] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.622809][ T7645] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.631565][ T7645] bridge_slave_0: entered allmulticast mode
[  694.643810][ T7645] bridge_slave_0: entered promiscuous mode
[  694.722168][   T29] audit: type=1800 audit(1718350726.302:142): pid=7685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=18 res=0 errno=0
[  694.794695][ T7645] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.803306][ T7645] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.812321][ T7645] bridge_slave_1: entered allmulticast mode
[  694.831049][ T7645] bridge_slave_1: entered promiscuous mode
[  695.139886][ T7645] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.175447][ T7645] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  695.255276][ T4427] Bluetooth: hci4: command tx timeout
[  695.441752][ T7645] team0: Port device team_slave_0 added
[  695.489095][ T7645] team0: Port device team_slave_1 added
[  695.700234][ T7645] batman_adv: batadv0: Adding interface: batadv_slave_0
[  695.707739][ T7645] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.736375][ T7645] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  695.791833][ T7645] batman_adv: batadv0: Adding interface: batadv_slave_1
[  695.801333][ T7645] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  695.829415][ T7645] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  696.056840][ T7645] hsr_slave_0: entered promiscuous mode
[  696.103622][ T7645] hsr_slave_1: entered promiscuous mode
[  696.137572][ T7645] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  696.147836][ T7645] Cannot create hsr debugfs directory
[  696.258173][ T7686] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  696.272998][ T7686] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  696.353052][ T7686] Remounting filesystem read-only
[  696.366085][ T4246] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  696.374159][ T4246] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  696.386002][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.395703][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.407420][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.556127][ T4246] NILFS (loop0): discard dirty page: offset=0, ino=2
[  696.568644][ T4246] NILFS (loop0): discard dirty block: blocknr=18, size=1024
[  696.578777][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.592909][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.606584][ T4246] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.673457][ T6559] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  696.705660][ T6559] NILFS (loop0): discard dirty page: offset=0, ino=6
[  696.714292][ T6559] NILFS (loop0): discard dirty block: blocknr=35, size=1024
[  696.725070][ T6559] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  696.738249][ T6559] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  696.748576][ T6559] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  696.798584][ T6559] NILFS (loop0): discard dirty page: offset=0, ino=5
[  696.809963][ T6559] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  696.822117][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.835450][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.846373][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.951693][ T6559] NILFS (loop0): discard dirty page: offset=0, ino=4
[  696.959603][ T6559] NILFS (loop0): discard dirty block: blocknr=40, size=1024
[  696.967698][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.978658][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  696.991182][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  697.103835][ T6559] NILFS (loop0): discard dirty page: offset=0, ino=3
[  697.112339][ T6559] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  697.122713][ T6559] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  697.130938][ T6559] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  697.139338][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  697.151770][ T6559] NILFS (loop0): discard dirty page: offset=196608, ino=3
[  697.161239][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  697.173400][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  697.187450][ T6559] NILFS (loop0): discard dirty block: blocknr=49, size=1024
[  697.200509][ T6559] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  697.309047][ T4427] Bluetooth: hci4: command tx timeout
[  697.872459][ T7645] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  697.911241][ T7645] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  697.979707][ T7645] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  698.058475][ T7645] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  698.994904][ T7524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  699.003908][ T7524] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  699.168178][ T7645] 8021q: adding VLAN 0 to HW filter on device bond0
[  699.242291][ T7709] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.1'.
[  699.249486][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  699.261436][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  699.373657][ T7645] 8021q: adding VLAN 0 to HW filter on device team0
[  699.467432][   T43] bridge0: port 1(bridge_slave_0) entered blocking state
[  699.475870][   T43] bridge0: port 1(bridge_slave_0) entered forwarding state
[  699.491163][ T7524] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  699.626655][   T43] bridge0: port 2(bridge_slave_1) entered blocking state
[  699.635462][   T43] bridge0: port 2(bridge_slave_1) entered forwarding state
[  699.915781][ T7524] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  699.931252][ T7524] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  699.941110][ T7524] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  700.027345][ T7524] usb 1-1: config 0 descriptor??
[  700.086152][ T7524] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  700.304272][ T5129] usb 1-1: USB disconnect, device number 15
[  701.077876][ T7645] 8021q: adding VLAN 0 to HW filter on device batadv0
[  701.615769][ T7645] veth0_vlan: entered promiscuous mode
[  701.687564][ T7645] veth1_vlan: entered promiscuous mode
[  701.877126][ T7645] veth0_macvtap: entered promiscuous mode
[  701.908431][ T7645] veth1_macvtap: entered promiscuous mode
[  702.028544][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  702.039832][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.050209][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  702.061362][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.071844][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  702.082954][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.096994][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  702.109781][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.126251][ T7645] batman_adv: batadv0: Interface activated: batadv_slave_0
[  702.176584][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.187635][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.200396][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.212302][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.222791][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.233834][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.244187][ T7645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.255199][ T7645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.273180][ T7645] batman_adv: batadv0: Interface activated: batadv_slave_1
[  702.319089][ T7645] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  702.329488][ T7645] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  702.338949][ T7645] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  702.348275][ T7645] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  703.822099][   T29] audit: type=1326 audit(1718350735.432:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7728 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f676ac7cea9 code=0x0
[  704.306943][ T4024] =====================================================
[  704.315911][ T4024] BUG: KMSAN: uninit-value in nci_rx_work+0x35a/0x5d0
[  704.326802][ T4024]  nci_rx_work+0x35a/0x5d0
[  704.331982][ T4024]  process_scheduled_works+0xa81/0x1bd0
[  704.343954][ T4024]  worker_thread+0xea5/0x1560
[  704.354951][ T4024]  kthread+0x3e2/0x540
[  704.366662][ T4024]  ret_from_fork+0x6d/0x90
[  704.374184][ T4024]  ret_from_fork_asm+0x1a/0x30
[  704.380920][ T4024] 
[  704.384135][ T4024] Uninit was created at:
[  704.389986][ T4024]  kmem_cache_alloc_node+0x622/0xc90
[  704.396787][ T4024]  kmalloc_reserve+0x13d/0x4a0
2024/06/14 07:38:56 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  704.407114][ T4024]  __alloc_skb+0x35b/0x7a0
[  704.412977][ T4024]  virtual_ncidev_write+0x6d/0x290
[  704.424374][ T4024]  vfs_writev+0xb0e/0x1450
[  704.433774][ T4024]  do_writev+0x251/0x5c0
[  704.440751][ T4024]  __x64_sys_writev+0x98/0xe0
[  704.454296][ T4024]  x64_sys_call+0x23dc/0x3b50
[  704.462069][ T4024]  do_syscall_64+0xcf/0x1e0
[  704.467244][ T4024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.475178][ T4024] 
[  704.477780][ T4024] CPU: 0 PID: 4024 Comm: kworker/u8:19 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0
[  704.488968][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  704.499649][ T4024] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  704.507457][ T4024] =====================================================
[  704.517450][ T4024] Disabling lock debugging due to kernel taint
[  704.526153][ T4024] Kernel panic - not syncing: kmsan.panic set ...
[  704.533053][ T4024] CPU: 0 PID: 4024 Comm: kworker/u8:19 Tainted: G    B              6.9.0-syzkaller-02707-g614da38e2f7a #0
[  704.545893][ T4024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  704.557194][ T4024] Workqueue: nfc2_nci_rx_wq nci_rx_work
[  704.564064][ T4024] Call Trace:
[  704.567734][ T4024]  <TASK>
[  704.570879][ T4024]  dump_stack_lvl+0x216/0x2d0
[  704.576191][ T4024]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  704.582779][ T4024]  dump_stack+0x1e/0x30
[  704.587193][ T4024]  panic+0x4e2/0xcd0
[  704.591739][ T4024]  ? kmsan_get_metadata+0xf1/0x1d0
[  704.597522][ T4024]  kmsan_report+0x2d5/0x2e0
[  704.602448][ T4024]  ? kmsan_get_metadata+0x146/0x1d0
[  704.608258][ T4024]  ? __msan_warning+0x95/0x120
[  704.613394][ T4024]  ? nci_rx_work+0x35a/0x5d0
[  704.618550][ T4024]  ? process_scheduled_works+0xa81/0x1bd0
[  704.624976][ T4024]  ? worker_thread+0xea5/0x1560
[  704.630105][ T4024]  ? kthread+0x3e2/0x540
[  704.634708][ T4024]  ? ret_from_fork+0x6d/0x90
[  704.639638][ T4024]  ? ret_from_fork_asm+0x1a/0x30
[  704.644839][ T4024]  ? filter_irq_stacks+0x60/0x1a0
[  704.650220][ T4024]  ? stack_depot_save_flags+0x2c/0x6e0
[  704.656109][ T4024]  ? kmsan_get_metadata+0x146/0x1d0
[  704.661644][ T4024]  ? kmsan_get_metadata+0x146/0x1d0
[  704.667101][ T4024]  ? kmsan_get_metadata+0x146/0x1d0
[  704.672705][ T4024]  ? kmsan_internal_set_shadow_origin+0x66/0xe0
[  704.680080][ T4024]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  704.690295][ T4024]  ? kfree_skb_reason+0x197/0x4f0
[  704.695879][ T4024]  ? nfc_send_to_raw_sock+0x504/0x530
[  704.702032][ T4024]  ? kmsan_get_metadata+0x146/0x1d0
[  704.707643][ T4024]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  704.713671][ T4024]  __msan_warning+0x95/0x120
[  704.718529][ T4024]  nci_rx_work+0x35a/0x5d0
[  704.723324][ T4024]  ? __pfx_nci_rx_work+0x10/0x10
[  704.728458][ T4024]  process_scheduled_works+0xa81/0x1bd0
[  704.734742][ T4024]  worker_thread+0xea5/0x1560
[  704.739820][ T4024]  kthread+0x3e2/0x540
[  704.744123][ T4024]  ? __pfx_worker_thread+0x10/0x10
[  704.749463][ T4024]  ? __pfx_kthread+0x10/0x10
[  704.754301][ T4024]  ret_from_fork+0x6d/0x90
[  704.759403][ T4024]  ? __pfx_kthread+0x10/0x10
[  704.764911][ T4024]  ret_from_fork_asm+0x1a/0x30
[  704.770078][ T4024]  </TASK>
[  704.773839][ T4024] Kernel Offset: disabled
[  704.778541][ T4024] Rebooting in 86400 seconds..