last executing test programs: 3.738000274s ago: executing program 3: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41) sendmsg$inet(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="04", 0x1}], 0x1}, 0x1) 3.092619573s ago: executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, 0x4, 0x6, 0x301, 0x0, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) 2.84569051s ago: executing program 0: syz_emit_ethernet(0x62, &(0x7f0000000000)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x10, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x5, 0x0, @local, @rand_addr, {[@timestamp_addr={0x44, 0x14, 0x0, 0x3, 0x0, [{}, {@remote}]}, @ssrr={0x89, 0xf, 0x0, [@empty, @remote, @rand_addr]}, @generic={0x0, 0x6, "de042700"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) 2.398725892s ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000ecff850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000b00)='kfree\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000d40), 0x4) 2.391407131s ago: executing program 3: socket$packet(0x11, 0x3, 0x300) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) epoll_create1(0x0) socket(0x10, 0x803, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x840000000002, 0x3, 0x100) socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n'], 0x54}}, 0x0) 2.200637183s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xb}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000ecff850000000400000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000b00)='kfree\x00'}, 0x10) r1 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r1, 0x11, 0x0, &(0x7f0000000d40)=0x1, 0x4) 1.847115143s ago: executing program 2: r0 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb56450000822be3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 1.74728002s ago: executing program 1: r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x3d, 0x8, 0x2}, 0x48) r1 = socket$inet6_udp(0xa, 0x2, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20) 1.69008217s ago: executing program 3: r0 = socket$inet(0x2, 0x76661398c8a59995, 0x7) r1 = socket$unix(0x1, 0x1, 0x0) setsockopt$sock_void(r1, 0x1, 0x1b, 0x0, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) r2 = socket$inet(0x2, 0x1, 0x0) r3 = dup(r2) read$FUSE(r3, 0x0, 0x0) shutdown(r0, 0x1) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000000)={0x2b, @multicast2, 0x4e22, 0x0, 'dh\x00', 0x29, 0x5, 0x6}, 0x2c) r4 = gettid() timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)) socket$netlink(0x10, 0x3, 0x0) creat(0x0, 0x0) epoll_create1(0x0) r5 = getpid() sched_setscheduler(r5, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9e) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x7, &(0x7f0000000140), 0x0) mq_open(&(0x7f0000000000)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x62, 0x0, 0x0) 1.439985772s ago: executing program 0: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={0x0, 0x0, 0x37}, 0x20) 1.340189193s ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0) close(r0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8b26, &(0x7f00000003c0)={'wlan1\x00'}) 1.11965984s ago: executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000680)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x308004a, &(0x7f00000006c0)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRESHEX=r0, @ANYRES64=r2], 0xe, 0x2b3, &(0x7f0000000200)="$eJzs3UFrI3UUAPA3yTQb9ZAgXhTBAT14KluvXhplBbEnJYJ60ODugiRhYRcCVjDbUz+BR7+HH8GLF7+B4FXw1iKVkcnMNAlN2lJjCvX3Oz3mP+/Nm/mH5JQ3X70+Hj58ksTRyW/RbifR2I/9OE2iG42oPY80AIC74zTP48/8JplpY/PdAADbUP7+l267FwBgOz757POPegcHDz7Osna82jme9JOIGB9P+uV673F8E6N4FPejE2cR+bky/uDDgweRZoVuvDWeTvpF5vjLX6r6vT8iZvl70Ynu6vy9rLSQP530d+LFyKL3eKdutROvrM5/Z0V+9Fvx9psL/e9GJ379Op7EKB5GkTvP/34vy97Pfzj57oviMkV+0oj+vdl5c3lzm/sCAAAAAAAAAAAAAAAAAAAAAMDdtptlSTm+Zza/pzhUzd9pns3Wd7Nad3k+T5mf1IXK+UB5VCN6pnn8WM7X+Su/n2VZXp04z0/jtdSLBQAAAAAAAAAAAAAAAAAAAKDw7NvD4WA0evR0I0E9DaD+W/8N6qQxHIz2F468EYfDQXNdweR8AME1LrE4baDodd3JUQSRprGhx3JV8ELRTxHE8yrYROV78839NMqg3piN3sXL75VFD4eDrFqqH/JwkFx1rXa9cT8tLrXi3zaWzz4SZ/nSUrTPW13Oam3oabReWrn0d57n16vz7u/lHlVHktmIjetdfaf+9K66wSJoX9yLn9cXXPuV0dzE9w4AAAAAAAAAAAAAAAAAAHDR/E+/KxaPLk1t/GdNAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWzd//XwftiFg+ciGYVsmXnVMFrXj67JZvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+BfwIAAP//j89OGA==") write$binfmt_script(r2, &(0x7f0000000340), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0) r3 = dup(r1) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0}, 0x90) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wg2\x00'}) ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 902.735278ms ago: executing program 3: r0 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) fgetxattr(r0, &(0x7f0000000040)=@random={'security.', '\x00'}, 0x0, 0x0) 780.251727ms ago: executing program 0: keyctl$session_to_parent(0x12) bpf$PROG_LOAD(0x5, 0x0, 0x0) keyctl$set_reqkey_keyring(0xe, 0x3) request_key(&(0x7f0000002740)='asymmetric\x00', &(0x7f0000002780)={'syz', 0x3}, &(0x7f00000027c0)=',*[\\/&)\x00', 0x0) 678.755843ms ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'geneve1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000240012800b00010067656e657665000014000280060005"], 0x44}, 0x1, 0x2}, 0x0) 220.917434ms ago: executing program 3: sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x60}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) chdir(0x0) syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x1014800, &(0x7f0000001a40)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYBLOB="32dca5cdedbec9fcb3c4bd727fd51ac29b0e2781fe6159fee55ccf2b17599ce3901577b117cfff458a6d0d61d148e71eea2abfc417c7e7447b8e48fc2f05644e983bf708037ee4cc82111755f55870aa3434dda9d944e5ec8941b01b2cff7ebd8cc86f03e041a4c4dcb9b9d91b25c0c3648f925fd39e811bade26712197ae07361496c68d4f8f2c6829a6a5d5f1d2c637861303b84eca61b9fcef7bf8c591cf466b53bac4c45dd42287155ce38289076b25ae1cc62fe4b9cddc911a092c617e1eec9a6607a6a1fd01db45ca9a1b22399d6d0e7f7a2dc2fbc5de33902bf4a422d8e99ea65947046f6461708e26a0750d53d693e38e3ec0f3e326ecfd35018966492c100b5fba05d3357bd0c401a85beab8e280b1f890625c8673e98b794fbb7a3e8708e661452fa9123ecfe6c4d42553b36659776d823ce0dfb001e3526949c6b3a8d43f12ead5b67b5467f1b835295df5d5549e9c025b73e81a1dfbe4a16d4c719af8823a5526f0292d040119fcb70fd83deec45688fcae9d76b981c12735f922d70a7edcc4e83b80f6d77955323125b5f3bac03dfdf883208712096bbf03ff01e5fffc8ee5c08dec70a6251c09b2c55f8926584845b75dca791c4ed6423fd9776a64dab4b78ccb2ec86ca52554ebae3cad260d790e1610c69a44acec445edd771a69d3f4bff91b14bd6877d51d57e5643ed86b1938789bd13866fabbfaddda9eadb4514a435f74532a3315d6fc3f213f78335049422f0928482712e5856e5e7a2ff8da4a31b4fcdf791bcc6f1facb01856338b2c17d03b26ac9b91895d231ce346f9b69ff8c26b46587c7f64dc89bf468742baec654bdd9ec3e623373856fc7bb032237a78a216b033e135e9464d86fd640308685ff51555e62fb586a3baf0113fb90041567d55457e4cc6964fa9249bded35beb4b492fe465769a79ab772aa975743af81c3ac0a4420c616ef2c9a7425fc08d80cd349911f77268e503e58b91e689546c6281f5296616adf1225e6612708062049cc947a955499e3cc36c11c2c363a35cf83a7e3a7d301aaebf0a96638a2e2212cf11b317f439514d76ecae50b7f9ad3f771cab12f6955a7d350238f04cba7a812f0d2d40f4343c42486a5e0dc9ee3af6eb4f20d46e02c13e07bf0bbb88af62f81d3d8acb130937b1134285a9b6fc9cd2208734ac972ab2420e5a86e3773a77e560fcb5822355a170fe32d2eb5692a274e24871496f97f7db83131feefc723ac3dcd5389a99bf6a85a4b08c1df64a645d9809174415dcf489bc076e567aa726827e375d054751af3fe0066ccd701de636c101b4845c673ecf93097d000e14004d539022dac23de112cc3f4b323ad20ae2b7cd6dc616089c55ac13bdc980badfdd59112f6be2f7d7d5372b714d2cef6d26ecd85a4e70ce9ec07df912157d9391a1457b6b054c86abd9a2be0c7c5386ad07e34d0e23be29455af04c3c27771041e2e6d4e7243f357b9cad0e799365276f321dfa2bf5bda959912de696fb33d757490cfc15bb291aef058cd53616255ca422e1384238339ade451908a6c4721205c54acc687d1391e6bd2fe8f934a7d874cb34d55fdfb5493c9db01f624b1ea6ebf4a3fb60b970827d7d49e19d4fd7c6bc7c78c9b4a1b6562e7a3254d8d25181768c2dc32fb3dfb75641bcc8fab55021471f54d98db571c6c67bb9af4ce4102afa5b729e90886a8f9e77269f752d32318e88ff7a4056cbf8272760533caf35434a5ae7cd1353e5cb8f30009c24fd7280fc265aae56adb8b99e178e6bb7402078dab8701cbcbfc51b384a4798929799b88bbddc161fad01bde59ea349f06c4ce1177a4c7c5ef5a6171e49408bde22a0db8cb474dbfe5d3add36adfb1320fa23c72c0c0b55a3713f4bd62cfd4fb96a5ed7245f738b3692fb43b9ae001338c044477f63349440467184d85531b7596ebe1f518ce1f5ef5f026e0f1bbf58e935ef1259a3c862165413f19b75080e2d3c39499ffffff7f000000000853c45ad25ff4aced9a9f394c7aaee1741bcc80e8fdeee539703526fc6ee920964ac33bc61efc816a81c1a6bb11b2347b4be8c8aa386b2afeca3f3e80020626b219a467e71af7cf55b5e3804da06268dcbe7ec6132f9a990d263ff013920da553b477ef29f9499137a6db7b3ae0f57e97e2deb29275e06bf9bba3491192703eadb43b498a0abaa05ef4e0ef0d1dae2c0b1ddee7c3b3e47c3cf37aa3274fe326cba6cfe455edd70b8d5c5a437e14512b27dc96c604dd980fe18d455a4244fde0c54161f6526fdf07879dade807319972d6c6c1c9f8c46e14f52b032c7fe6fc6efd8917ddec08f00023851c92a1e947e0abc2a38fc4e5d5e54679df457c3fd7d82b96b9ef951139082aac3598ff8f9ab373d6a626bc282936db001fc3bc8528933204a638c80a1e4a3ae637bcf7368c54f294d9568544a64935b8d6bfa210a57c0f7c410d7a94a62a743d804ad58829ddfa503278656485bf96e2502d9bb3034a0c020b0ceb2b46025be9583b2d0e0872c0204322442c0ebb87843eb6d2574c5c3932d7adf39525862323a5acd0ba8c57b016ab8e1dad23a2305599e55ccda021a31050a9db17e78a2bb8c4afe28308d727d4681ebc7efc9a713842c41f09ad33a30d980bc80c6a4397e359115793f881853ecb8a6feef89ae549fea7b82310f25c0a65c78dc7d5e5b9bdf0f387e157e1020547f907fac0bb48704401664ebcb2bf5df5b231005896a5fcd4165971fc39a70091509583837e0062609ec7b3cb35947509332a009f20692544232bd5d3aee74d793c24aaff361859442cad1e167e10e7236db577694085bbda3b00e2295dcc905f15d10f2e839eb18a7e3698a33230beab04d759117259361c9da84a947766d883f40ada108073911055a9172f9ebc835b094041ad793c482bfac8858bc7a722fb82e55fc02350626125aed7e03e70557d93a8157c795813d6e686be367ddf21d764d875b1f5b06aa8d841f0285b8b9ec49218051034404cb37ca41487451682bf2a81a97764ff3a2d6ba3c7d1a535c08855952a8f578fc5380cc5674f1b103bf2297b724311d9006117436a082387d2e99de6df054e17a2b4c315b77ae38e5623fa8fca103924ea57165b5652c17a09f6e4c0748b0b1bad4b67d06125a1fb563e02f79815954b6d52c40a2744d037fe2a664414aa22bb35ece515f5fec241b377e7528a5db0ba6401577ad7ba54f3867ff4260a175830d449890ed04c1708d7e4672c018fec7379f9d822d1dec67b0c104bfe28254a66aa4e088b366c213395dae14de68ae3311307ce0a6d029b44e93075168c8a3461d1ad37add8b4da8fa3cde3f72ed4135ba940719989094280eb2ec38f1f780cdf09a5d6e74a62e97bcec008be27c197b97f0386d4f171c177ee2fb3c0a6309b88a4e7fd252f1e82bbe14fa602b8ccbfac28ab95da6688f32c60e4cd4163fd6eca9de2439b4b412ff8f0f1a61be37a76865967d3ccc3eb1ef02661ec06fa0ea71d7dfcaeaa54d7d700459366d2b90f70551a55048ae15482ab611ecccacd4012d326037ece523c61d9a5620946d57ff7326005cff29300365234d2a7bd1f3666a9e8ab2102ad8e7b5ac87710625485d71577aa8918bb9072113dd905e18c120a0e68cc22f912b79d24aef67fc513f54934f5fe5f3ea4abd7fb27a2b47c0956028f59b726109f0c4f07b033cace2ba3fe0184440f28e5eb50e3cf510be5993aa7a53c08a12e497846e9bc2d01701a03df389da09feb9ef05f4fed16e81f6dd7d8004a6ca0fedfe479cb0b5fb919e47270151280ca81fdeac996d5066d8fd73974f8bb7f3125d2820f315311e3681404c4bd43f258aed972762434c4a7cccdbc8209ac2b18bbc33ad60be7530801a0b051e3957e5f0de24ae99f767bf90d98889a299061109f368d271a6bdafd64bd9e8a993e0dde5701b454a443ae859019bf1cde126653e69548c34c0aaeb535144331f674f9e545ed04a5d7b01a398a6b4b69978a02b5a5c506f74372637a0137cb1502a77d616e67647ba74cf2c6b7c33e5b8e49a0211b739190ecf12565f630803e551ab668e175a063cadf6b88be55ab98250b9c9d3ffc2f755eb41c6813bd7da1d4a7ccf514a7435069bb9bf47d7c2b4fde61c2eb0696ecf8eb8559371cb547b825e6d550d212e7b384380dfbfe0214e786a29cb52b53ab21776e8ae0fd32a51c6c268f928dce13f4a9bb5d53635343c854dcbbff37b87f495d6e96ad229b8ec541316dc3d13bc7c0aafd591480f0d0631289c619e7b2c9480fce95feb5eee82f9de25c20bdc7e1230280f4cd29c5a26bcbfc3c7ca9f5e4f7eff085dd7d810a6537c28cddda40fc1b8f0ff5cca65c752f37f182a002c3e9b34f2b88f23ad0ffb13c5199730ac01b0a8224c7e526625697dfcf264bb4aac83d210a55389c37bb71bc931893b51baae3c4be98e3842d962a27003bb8156ff1fa2b41efcddd432cc00fcf95b458d06f40b237bafdf525c88c09a0c9c607cb4468fe5f3b610872c66044dcc10190b16de8208e3ad64072b7d711dd0de5efde61ee63b703dc26a201156ccbb1c59a17a38ff0c8796f7a37da4a5975c7bedc0515fcb1d7bccd6e67327c65f47ba69d2717ce377357b51bf9738e0faed16ca2b6b592cc0ab672f9f260e67692544717d17b5f1d153c24d5ee63e0ea1c1481f340d6137613645ce22e8a5fafbe54ea561b6c092cb49752ab3903141163da48a114170803e318f76d56ad58c5b65090824cac8929ca24958ac36a29419e6139aa98e736765d222ba3c4edefd6edae7e4d68ff6d81cf90e6515c53998423e7ff28fddff6ed7374cef7c85e8c9e20e581a61a14c8aa467b7a3928adc44a12853a7a5fc8b3b315b2bb35c03bcb348702382d6c47ecb4f026f32547ce55a9e4fedc74214159d945f33006c1b10df2c745ee5b8f422bcece3fc132d13a26210868f1c2c98c02430d318d2df8d9aff1266adb651f567eb74ccb3a4a9ab611de28e0823c8a20035390ab736a62b29975e4fea47e8a6939cbda05b4750ddae7881247809bc3f3f3cea7f63a577b0bd0067aaea25006347fced467c8b026f6de3b6abd8ca2d565c978c262baed39fe45457f27ab8368d4c1055cf898e73eb9bfe28cd038424b94bc58bec9da8472f2080b9ebf1f008bbbeab66a2b4bf14530b9ec126a57743260ef5d07ac0d675cc18b5c1100c14024196f06e3401a2b6df7967d20c0e84490ce64f33339b54b38d9ea15e48590fa95694ad87afbd91e8b571a9b5bd2b6e3f6aa68f70a29c22ae0b98be9c277b3f81e0406187229785e9debd80e2e805b5e4c8a6e6dbe9c1c045e914af6b6bdc0c1320a3e3afe0b26b3f684e34fbbec72a7aa8855ddf3aed3ac11fbfbee9f297033aa7340918d67ebe6223ac47683caee83df79ccf0ceb62b56772247b33ad8e2983e52e3bb4817707132c56546ce388ba76502e6568ba1d62fe3a25cd3b7115ab3baa39c3cd0787db461c70ef317ebc96138faa0cbbbcff18b48242f5237d3e80abdaab2d194e39e090053dc24201fb25fd79f32fd1bc70e7a7ba5df7741fdc073e03c8ca3f45a58476b70d3ee3659a2d5572c1c521fdbad70d9c6bd4dceb04234f119f72e18c8c478b6621b88771d2f29e2cbe0a8faa69e9e0b7b2e0749d9201fe2632c3787f17b1e7d7a3daed0c2a0b1d715f2798c412140bd2a8af8f3af2775731434b4e839d544b123dc5c7bf0371f89e6bd54edba40e6eec1b96a52f31adfee973d4604e6d31b7b66a4e0ec7c9e9175034c8684be6dad97302c8bbc3bbc558726cdb22edb60237e1275a626562f1da73ce0a6afee1076d4834999bfc4c88ee65adef6fe0a11c042fe53c0e448d9fd5ce8400a2a58160e5d23ea35ed3d6323", @ANYBLOB="a240939593dcf5d96f4ae9a6a307fed9139e08b16fa6096b876c40f3645fe4793498f349e30de690cc6f68a0bd843e5fc9cd54566eb36c05efba9e7e11805a000853610e8dc7c7a9ae20", @ANYRES8=0x0, @ANYRESDEC=0x0, @ANYRESOCT, @ANYRESHEX, @ANYRES32], 0xff, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_service_time\x00', 0x26e1, 0x0) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r2, 0x8b26, &(0x7f0000000080)={'wlan1\x00', @random='\x00\x00\a\x00\b\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0xffc9) r3 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = creat(&(0x7f00000000c0)='./bus\x00', 0x0) lseek(r4, 0x20000007ffffc, 0x1) 69.663665ms ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'macsec0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2000000010000110000100000475000000000000", @ANYRES32=r1, @ANYBLOB="02fe"], 0x20}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="20000000100001040000000000000000004801f4", @ANYRES32=r1, @ANYBLOB="03"], 0x20}, 0x1, 0x500}, 0x0) 29.713722ms ago: executing program 0: syz_mount_image$hfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x2000088, &(0x7f0000000580)=ANY=[], 0x3, 0x2c4, &(0x7f0000000900)="$eJzs3U9rE0EYx/HfbNJ0Y0pd24ogglItiAep9VK8KNIX4UnUJkIxVGgr2l6snkXw6t234IvwJL4BT3ryBeTkysxOkk2TzT8Tl9TvB5omm3l2n8nu7M4TCCsA/637W98/3f5p/4xUUEHSHSlQrFAqSjqvC+GL3YOdg3qt2m9FBdkI+2eURJquNka1XqE2zkV4kX1V1EI4gf6hvzCeL/unpVFj40T3fsbMcaO/x6ANpHk/Ot37p2VMHuedQM5MQw290mLeeQAA8uWv/4G/zi/4qUAQSGv+su+u/7/9pC/vfP9WI+8Ecpa6/rvKKzZ2/551b7XrPTcbtO8HzSpxnG25wiLwB1ArgcuS+lWVLpeg/HSnXru5/bxeDfRWd71UsxX3WE0O3SafrZusvule9WqP2rSP8ftecX2Ys33YyMh/ebJbHMx8MV/NQxPpo6qt+V8xNnY3uT0VndhTSf7rvdb1YbP1NEpaZfTynNvIxc4ic0Avw+wzTsmvs5hONcrOMxW11PFVQ7N3twZELfeM2hgQtXIyqnU0/7Av69nh45kbppF5bx6YVf3SZ22l5v+B/STX1Dn+s1fiWgZzZfuJ29GZ2bLoWkbpRceXera0A7jctQRjep2x3J/63umJNrW4f3hUelyv1/b2D4+ezeyTuCCNFGXPGqNvy5+J4qn3qzjlT6x5LExjE2VNZj3RsI0V1fYacRznfRzeu6LJrtBeQ/Lrzj86TSFX7Z2edybIiZ1lmaT+q4R+bhvW1t08wT5EfebpJ74H6C6rKslCN8du1wZK1wZL7vFMe7p342Xyv09tUMmu4Iatua5el66lFg6oRiKf5ylhtvRNj/j+HwAAAAAAAAAAAAAAAAAAYNYM/XuA0vg/J8i7jwAAAAAAAAAAAAAAAAAAAAAAzLqs+/9qGvf/3d4d6f6/nTfPATBpfwIAAP//w9iOlw==") r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000780), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10) sendmsg$NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="738700000000000000000100000008000100000000000c000600000000000100000008000300"], 0x30}}, 0x0) 0s ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) write$binfmt_script(r3, 0x0, 0xfffffe5d) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010008506000000ff0100000000000000", @ANYRES32=r4, @ANYBLOB="01ff00e1c3ed00001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x6558, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x24, 0x10, 0x5, 0x0, 0x0, {0x10, 0x0, 0x4c, r4, {}, {0xffff}}}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.227' (ED25519) to the list of known hosts. 2024/06/11 06:34:45 fuzzer started 2024/06/11 06:34:46 dialing manager at 10.128.0.169:30024 [ 189.108155][ T5042] cgroup: Unknown subsys name 'net' [ 189.390808][ T5042] cgroup: Unknown subsys name 'rlimit' [ 224.190783][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.197627][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 2024/06/11 06:35:42 starting 5 executor processes [ 243.456103][ T5048] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 246.295361][ T5070] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 246.347810][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 246.362511][ T5073] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 246.375267][ T5073] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 246.383689][ T5073] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 246.393093][ T50] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 246.419704][ T5073] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 246.427575][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 246.432978][ T5073] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 246.439356][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 246.451035][ T5073] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 246.451785][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 246.580978][ T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 246.598012][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 246.607975][ T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 246.652310][ T50] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 246.677913][ T50] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 246.687752][ T50] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 246.756439][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 246.766432][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 246.784935][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 246.799160][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 246.811030][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 246.822068][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 247.233130][ T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 247.261191][ T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 247.271105][ T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 247.303541][ T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 247.319228][ T50] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 247.329706][ T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 247.742912][ T5071] chnl_net:caif_netlink_parms(): no params data found [ 248.455533][ T5078] chnl_net:caif_netlink_parms(): no params data found [ 248.574995][ T5070] Bluetooth: hci1: command tx timeout [ 248.580817][ T5070] Bluetooth: hci0: command tx timeout [ 248.802807][ T5081] chnl_net:caif_netlink_parms(): no params data found [ 248.818183][ T50] Bluetooth: hci2: command tx timeout [ 248.942964][ T50] Bluetooth: hci3: command tx timeout [ 249.269157][ T5071] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.277943][ T5071] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.286169][ T5071] bridge_slave_0: entered allmulticast mode [ 249.296171][ T5071] bridge_slave_0: entered promiscuous mode [ 249.332593][ T5071] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.341022][ T5071] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.349219][ T5071] bridge_slave_1: entered allmulticast mode [ 249.358831][ T5071] bridge_slave_1: entered promiscuous mode [ 249.369670][ T5069] chnl_net:caif_netlink_parms(): no params data found [ 249.394676][ T50] Bluetooth: hci4: command tx timeout [ 249.682400][ T5071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 249.730455][ T5084] chnl_net:caif_netlink_parms(): no params data found [ 249.753505][ T5078] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.763162][ T5078] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.771148][ T5078] bridge_slave_0: entered allmulticast mode [ 249.780839][ T5078] bridge_slave_0: entered promiscuous mode [ 249.814096][ T5071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 249.824360][ T5078] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.832200][ T5078] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.840237][ T5078] bridge_slave_1: entered allmulticast mode [ 249.849706][ T5078] bridge_slave_1: entered promiscuous mode [ 250.076030][ T5078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.209914][ T5078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.311961][ T5071] team0: Port device team_slave_0 added [ 250.320503][ T5081] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.332582][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 250.341619][ T5081] bridge_slave_0: entered allmulticast mode [ 250.351074][ T5081] bridge_slave_0: entered promiscuous mode [ 250.437333][ T5081] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.446537][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 250.454371][ T5081] bridge_slave_1: entered allmulticast mode [ 250.464035][ T5081] bridge_slave_1: entered promiscuous mode [ 250.489815][ T5071] team0: Port device team_slave_1 added [ 250.656422][ T50] Bluetooth: hci0: command tx timeout [ 250.662125][ T50] Bluetooth: hci1: command tx timeout [ 250.729848][ T5078] team0: Port device team_slave_0 added [ 250.830707][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.838661][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.865189][ T5071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.891781][ T5078] team0: Port device team_slave_1 added [ 250.921394][ T50] Bluetooth: hci2: command tx timeout [ 250.976636][ T50] Bluetooth: hci3: command tx timeout [ 251.001294][ T5081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.048538][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.056413][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.083118][ T5071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.136887][ T5081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 251.179773][ T5069] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.187689][ T5069] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.195679][ T5069] bridge_slave_0: entered allmulticast mode [ 251.205453][ T5069] bridge_slave_0: entered promiscuous mode [ 251.376718][ T5069] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.384743][ T5069] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.392551][ T5069] bridge_slave_1: entered allmulticast mode [ 251.404357][ T5069] bridge_slave_1: entered promiscuous mode [ 251.426422][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.433731][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.460556][ T5078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.473114][ T50] Bluetooth: hci4: command tx timeout [ 251.485233][ T5081] team0: Port device team_slave_0 added [ 251.495621][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.502894][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.529572][ T5078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.542375][ T5084] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.550531][ T5084] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.558479][ T5084] bridge_slave_0: entered allmulticast mode [ 251.567745][ T5084] bridge_slave_0: entered promiscuous mode [ 251.680903][ T5081] team0: Port device team_slave_1 added [ 251.731811][ T5084] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.739729][ T5084] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.747758][ T5084] bridge_slave_1: entered allmulticast mode [ 251.757789][ T5084] bridge_slave_1: entered promiscuous mode [ 251.852360][ T5069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.977212][ T5071] hsr_slave_0: entered promiscuous mode [ 251.988481][ T5071] hsr_slave_1: entered promiscuous mode [ 252.007507][ T5069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.055595][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.062804][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.089279][ T5081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.263816][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.271186][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.297714][ T5081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.337728][ T5078] hsr_slave_0: entered promiscuous mode [ 252.347816][ T5078] hsr_slave_1: entered promiscuous mode [ 252.358452][ T5078] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.366459][ T5078] Cannot create hsr debugfs directory [ 252.383835][ T5084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 252.421593][ T5069] team0: Port device team_slave_0 added [ 252.482305][ T5084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.542247][ T5069] team0: Port device team_slave_1 added [ 252.754070][ T50] Bluetooth: hci1: command tx timeout [ 252.755668][ T5070] Bluetooth: hci0: command tx timeout [ 252.886992][ T5084] team0: Port device team_slave_0 added [ 252.915490][ T5081] hsr_slave_0: entered promiscuous mode [ 252.925437][ T5081] hsr_slave_1: entered promiscuous mode [ 252.934199][ T5081] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.942398][ T5081] Cannot create hsr debugfs directory [ 252.969900][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.977224][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.003638][ T5069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.004953][ T5070] Bluetooth: hci2: command tx timeout [ 253.027218][ T5084] team0: Port device team_slave_1 added [ 253.083633][ T5070] Bluetooth: hci3: command tx timeout [ 253.096646][ T5069] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.103929][ T5069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.130325][ T5069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.410593][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 253.417994][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.445097][ T5084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 253.535060][ T5070] Bluetooth: hci4: command tx timeout [ 253.552470][ T5084] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 253.559705][ T5084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 253.586277][ T5084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 253.792647][ T5069] hsr_slave_0: entered promiscuous mode [ 253.802255][ T5069] hsr_slave_1: entered promiscuous mode [ 253.811399][ T5069] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 253.820913][ T5069] Cannot create hsr debugfs directory [ 254.101474][ T5084] hsr_slave_0: entered promiscuous mode [ 254.113393][ T5084] hsr_slave_1: entered promiscuous mode [ 254.122349][ T5084] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 254.130426][ T5084] Cannot create hsr debugfs directory [ 254.621820][ T5071] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 254.710995][ T5071] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 254.778895][ T5071] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 254.822661][ T5070] Bluetooth: hci0: command tx timeout [ 254.828554][ T5070] Bluetooth: hci1: command tx timeout [ 254.888052][ T5071] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 255.098036][ T50] Bluetooth: hci2: command tx timeout [ 255.174230][ T50] Bluetooth: hci3: command tx timeout [ 255.188846][ T5078] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 255.263201][ T5081] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 255.287227][ T5078] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 255.343801][ T5081] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 255.363976][ T5078] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 255.403968][ T5078] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 255.532935][ T5081] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 255.587398][ T5069] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 255.628064][ T50] Bluetooth: hci4: command tx timeout [ 255.636991][ T5081] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 255.670635][ T5069] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 255.825398][ T5069] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 255.855640][ T5069] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 255.887759][ T5084] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 255.975314][ T5084] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 256.055722][ T5084] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 256.112963][ T5084] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 256.872342][ T5071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.108971][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.249902][ T5081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.283911][ T5071] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.340981][ T5078] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.376797][ T5069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.407085][ T779] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.415116][ T779] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.588812][ T5069] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.610854][ T4518] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.618919][ T4518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.646201][ T4518] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.653963][ T4518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.711140][ T5081] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.817575][ T4518] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.825524][ T4518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.853470][ T4518] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.861639][ T4518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.030524][ T5084] 8021q: adding VLAN 0 to HW filter on device bond0 [ 258.064381][ T4518] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.072392][ T4518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.089533][ T4518] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.097494][ T4518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.123780][ T4518] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.131656][ T4518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.307988][ T5084] 8021q: adding VLAN 0 to HW filter on device team0 [ 258.452287][ T5071] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 258.463379][ T5071] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 258.580844][ T4518] bridge0: port 1(bridge_slave_0) entered blocking state [ 258.588543][ T4518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 258.772637][ T4518] bridge0: port 2(bridge_slave_1) entered blocking state [ 258.780588][ T4518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.989704][ T5081] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.971464][ T5078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.179864][ T5071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.300853][ T5081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.672786][ T5069] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.715104][ T5078] veth0_vlan: entered promiscuous mode [ 261.751073][ T5084] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.972311][ T5081] veth0_vlan: entered promiscuous mode [ 262.007872][ T5078] veth1_vlan: entered promiscuous mode [ 262.183347][ T5081] veth1_vlan: entered promiscuous mode [ 262.557666][ T5078] veth0_macvtap: entered promiscuous mode [ 262.621997][ T5084] veth0_vlan: entered promiscuous mode [ 262.666105][ T5069] veth0_vlan: entered promiscuous mode [ 262.706925][ T5078] veth1_macvtap: entered promiscuous mode [ 262.760505][ T5081] veth0_macvtap: entered promiscuous mode [ 262.807805][ T5069] veth1_vlan: entered promiscuous mode [ 262.863599][ T5084] veth1_vlan: entered promiscuous mode [ 262.880345][ T5081] veth1_macvtap: entered promiscuous mode [ 263.067638][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.163484][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.176134][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.194235][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.226418][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.358251][ T5069] veth0_macvtap: entered promiscuous mode [ 263.395420][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 263.408216][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.423828][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.448505][ T5084] veth0_macvtap: entered promiscuous mode [ 263.492313][ T5078] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.503915][ T5078] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.514735][ T5078] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.523828][ T5078] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.558452][ T5069] veth1_macvtap: entered promiscuous mode [ 263.582732][ T5084] veth1_macvtap: entered promiscuous mode [ 263.658235][ T5081] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.667624][ T5081] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.676881][ T5081] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.686246][ T5081] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.876247][ T5069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.888783][ T5069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.900224][ T5069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 263.911103][ T5069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 263.927264][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.022390][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 264.033644][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.043970][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 264.054820][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.064975][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 264.076121][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.092112][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 264.173338][ T5069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.185238][ T5069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.197084][ T5069] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.207960][ T5069] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.223606][ T5069] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 264.362811][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.375478][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.387484][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.398382][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.408539][ T5084] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 264.421593][ T5084] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 264.437546][ T5084] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 264.500185][ T5069] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.509474][ T5069] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.518932][ T5069] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.528134][ T5069] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.810415][ T5084] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.819949][ T5084] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.829307][ T5084] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.838547][ T5084] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 265.032730][ T5071] veth0_vlan: entered promiscuous mode [ 265.196252][ T5071] veth1_vlan: entered promiscuous mode [ 265.601819][ T5071] veth0_macvtap: entered promiscuous mode [ 265.721566][ T5071] veth1_macvtap: entered promiscuous mode [ 265.966385][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.977333][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 265.987686][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 265.998698][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.009029][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.024245][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.035581][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.046469][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.062611][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.207379][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.218330][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.228625][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.239632][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.249892][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.262605][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.273401][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.284314][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.302547][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 266.526462][ T5071] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.536270][ T5071] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.545618][ T5071] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 266.554909][ T5071] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.201131][ T3184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.210346][ T3184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.385664][ T2836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.393779][ T2836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.784829][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.793014][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.166113][ T3065] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.174226][ T3065] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.297146][ T2990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.305474][ T2990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.462865][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.471950][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.916930][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.925200][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.201499][ T3184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.211768][ T3184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.560649][ T5271] warning: `syz-executor.2' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 274.686878][ T3184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.695440][ T3184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.900574][ T5273] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 275.008400][ T2836] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 275.017479][ T2836] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 275.135302][ T5277] loop1: detected capacity change from 0 to 256 [ 275.181857][ T5277] ======================================================= [ 275.181857][ T5277] WARNING: The mand mount option has been deprecated and [ 275.181857][ T5277] and is ignored by this kernel. Remove the mand [ 275.181857][ T5277] option from the mount to silence this warning. [ 275.181857][ T5277] ======================================================= [ 275.230627][ T5281] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 275.846922][ T5288] veth1_macvtap: left promiscuous mode [ 275.853079][ T5288] macsec0: entered allmulticast mode [ 275.893421][ T5292] veth1_macvtap: entered promiscuous mode [ 275.899719][ T5292] veth1_macvtap: entered allmulticast mode [ 275.906096][ T5292] macsec0: left allmulticast mode [ 275.911374][ T5292] veth1_macvtap: left allmulticast mode [ 275.939615][ T5291] loop0: detected capacity change from 0 to 64 [ 275.991166][ T5289] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 276.048457][ T5291] hfs: keylen 9474 too large [ 276.053413][ T5291] ===================================================== [ 276.061487][ T5291] BUG: KMSAN: uninit-value in hfs_brec_find+0x65e/0x980 [ 276.067665][ T5289] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 276.068877][ T5291] hfs_brec_find+0x65e/0x980 [ 276.091784][ T5291] hfs_brec_read+0x3f/0x1a0 2024/06/11 06:36:14 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 276.096823][ T5291] hfs_cat_find_brec+0xe6/0x400 [ 276.101853][ T5291] hfs_fill_super+0x1f28/0x23c0 [ 276.107209][ T5291] mount_bdev+0x397/0x520 [ 276.112543][ T5291] hfs_mount+0x4d/0x60 [ 276.117068][ T5291] legacy_get_tree+0x114/0x290 [ 276.122091][ T5291] vfs_get_tree+0xa7/0x570 [ 276.126863][ T5291] do_new_mount+0x71f/0x15e0 [ 276.131619][ T5291] path_mount+0x742/0x1f20 [ 276.136307][ T5291] __se_sys_mount+0x725/0x810 [ 276.141129][ T5291] __x64_sys_mount+0xe4/0x150 [ 276.147413][ T5291] x64_sys_call+0x2bf4/0x3b50 [ 276.152344][ T5291] do_syscall_64+0xcf/0x1e0 [ 276.157864][ T5291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.164021][ T5291] [ 276.166626][ T5291] Local variable fd created at: [ 276.171595][ T5291] hfs_fill_super+0x4e/0x23c0 [ 276.183656][ T5291] mount_bdev+0x397/0x520 [ 276.190410][ T5291] [ 276.192880][ T5291] CPU: 0 PID: 5291 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 276.203292][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 276.213693][ T5291] ===================================================== [ 276.221123][ T5291] Disabling lock debugging due to kernel taint [ 276.227611][ T5291] Kernel panic - not syncing: kmsan.panic set ... [ 276.234185][ T5291] CPU: 0 PID: 5291 Comm: syz-executor.0 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 276.245881][ T5291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 276.256140][ T5291] Call Trace: [ 276.259566][ T5291] [ 276.262625][ T5291] dump_stack_lvl+0x216/0x2d0 [ 276.267578][ T5291] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.273841][ T5291] dump_stack+0x1e/0x30 [ 276.278248][ T5291] panic+0x4e2/0xcd0 [ 276.282397][ T5291] ? kmsan_get_metadata+0xf1/0x1d0 [ 276.287773][ T5291] kmsan_report+0x2d5/0x2e0 [ 276.292517][ T5291] ? vprintk_default+0x3e/0x50 [ 276.297583][ T5291] ? __msan_warning+0x95/0x120 [ 276.302582][ T5291] ? hfs_brec_find+0x65e/0x980 [ 276.307624][ T5291] ? hfs_brec_read+0x3f/0x1a0 [ 276.312590][ T5291] ? hfs_cat_find_brec+0xe6/0x400 [ 276.317876][ T5291] ? hfs_fill_super+0x1f28/0x23c0 [ 276.323165][ T5291] ? mount_bdev+0x397/0x520 [ 276.328019][ T5291] ? hfs_mount+0x4d/0x60 [ 276.332510][ T5291] ? legacy_get_tree+0x114/0x290 [ 276.337733][ T5291] ? vfs_get_tree+0xa7/0x570 [ 276.342613][ T5291] ? do_new_mount+0x71f/0x15e0 [ 276.347694][ T5291] ? path_mount+0x742/0x1f20 [ 276.352590][ T5291] ? __se_sys_mount+0x725/0x810 [ 276.357867][ T5291] ? __x64_sys_mount+0xe4/0x150 [ 276.362954][ T5291] ? x64_sys_call+0x2bf4/0x3b50 [ 276.368025][ T5291] ? do_syscall_64+0xcf/0x1e0 [ 276.372923][ T5291] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.379230][ T5291] ? kmsan_get_metadata+0x146/0x1d0 [ 276.384636][ T5291] ? hfs_brec_keylen+0x4fc/0x610 [ 276.389829][ T5291] ? hfs_brec_keylen+0x58f/0x610 [ 276.394958][ T5291] ? __hfs_brec_find+0x426/0x830 [ 276.400175][ T5291] ? kmsan_get_metadata+0x146/0x1d0 [ 276.405575][ T5291] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.411597][ T5291] __msan_warning+0x95/0x120 [ 276.416371][ T5291] hfs_brec_find+0x65e/0x980 [ 276.421256][ T5291] hfs_brec_read+0x3f/0x1a0 [ 276.426046][ T5291] hfs_cat_find_brec+0xe6/0x400 [ 276.431218][ T5291] ? mutex_lock+0x38/0x60 [ 276.435774][ T5291] ? hfs_find_init+0x224/0x250 [ 276.440777][ T5291] hfs_fill_super+0x1f28/0x23c0 [ 276.445864][ T5291] ? kmsan_get_metadata+0x146/0x1d0 [ 276.451261][ T5291] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 276.457305][ T5291] ? setup_bdev_super+0x93c/0xa10 [ 276.462578][ T5291] mount_bdev+0x397/0x520 [ 276.467312][ T5291] ? __pfx_hfs_fill_super+0x10/0x10 [ 276.472742][ T5291] hfs_mount+0x4d/0x60 [ 276.477115][ T5291] legacy_get_tree+0x114/0x290 [ 276.482112][ T5291] ? __pfx_hfs_mount+0x10/0x10 [ 276.487115][ T5291] ? __pfx_legacy_get_tree+0x10/0x10 [ 276.492659][ T5291] vfs_get_tree+0xa7/0x570 [ 276.497338][ T5291] ? mount_capable+0x97/0x120 [ 276.502232][ T5291] do_new_mount+0x71f/0x15e0 [ 276.507040][ T5291] ? kmsan_get_metadata+0x146/0x1d0 [ 276.512563][ T5291] path_mount+0x742/0x1f20 [ 276.517222][ T5291] ? user_path_at_empty+0x325/0x3a0 [ 276.522686][ T5291] __se_sys_mount+0x725/0x810 [ 276.527607][ T5291] ? kmsan_get_metadata+0x146/0x1d0 [ 276.533025][ T5291] __x64_sys_mount+0xe4/0x150 [ 276.537939][ T5291] x64_sys_call+0x2bf4/0x3b50 [ 276.542844][ T5291] do_syscall_64+0xcf/0x1e0 [ 276.547573][ T5291] ? clear_bhb_loop+0x25/0x80 [ 276.552474][ T5291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.558603][ T5291] RIP: 0033:0x7f7310e7e66a [ 276.563174][ T5291] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 09 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 276.582994][ T5291] RSP: 002b:00007f7311c7eef8 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 276.591625][ T5291] RAX: ffffffffffffffda RBX: 00007f7311c7ef80 RCX: 00007f7310e7e66a [ 276.599778][ T5291] RDX: 0000000020000100 RSI: 0000000020000000 RDI: 00007f7311c7ef40 [ 276.607915][ T5291] RBP: 0000000020000100 R08: 00007f7311c7ef80 R09: 0000000002000088 [ 276.616059][ T5291] R10: 0000000002000088 R11: 0000000000000202 R12: 0000000020000000 [ 276.624193][ T5291] R13: 00007f7311c7ef40 R14: 00000000000002c4 R15: 0000000020000580 [ 276.632430][ T5291] [ 276.635719][ T5291] Kernel Offset: disabled [ 276.640132][ T5291] Rebooting in 86400 seconds..