last executing test programs:

50.550643009s ago: executing program 4 (id=168):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x208, 0x0, &(0x7f0000000140)="2b7393b7c6347cd49978d5023a81022d1e7baeea09c5d463b04397f7a66a0f0b769bc097d48d09754d7e15e59224486b3df2c3fc8b3379a1a30fee142bb1a32d4c3b32006571f5de9d846e7e8b8e64c79a66e2ba19f7eca5d0e0517dcd4eba1ab882af481e477e362ceb1fd11c9d50b5e3afd7f60aa6881b2681c53ee87badeeba28eba948324721a382f000917a4a6f6f76d04e0b19396feccdbae7795aaa45818dce2d1f7b4642b09dd40bf4bef9854b631eb821b13a7e475d5c9a9d4bbb3fd9b07650683a35d9557d1e7e6496dd6f6f5ca57a5c43b9863819829430e1607ebf0dbb2308a8181ef5ccdcf1eb157470d54635a1a5b7075c77dfdb97155af8fa282fcc5ca5bad36839e0cad1304c542be170a44da4089a32bc3f35a85a6e30b8d233809335a4274938505517a26728b643c2f04917afe55c68759adea3bb70f5b5c3c59fc24d6e3835c110420cfd6de096f8dec90f5f577744d2d0f3ec21819253cdb102d50678293328726f1c4f7163e28e79ab4767e3054dfa9a11b1fdafb8757b2a91f8283ad01712062048b52b5cfcaf648fe760a98ee82fbb1836c88434e0b36f9b56c4d3cd8b42566cba88ddb7418762cd8495a4ec8de7952789c2a6d37cdbbecde53ffea86db893181d9b5c7d4663d1bd78c9cb87af7cbfa54a1b2c98432ef5ba6f43c358ae873495f46850d56d83f3d7d376b3b6120ffe93c8ab6b6f214316d8c3376a5a"})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext2\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x784, &(0x7f00000007c0)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0TwIqh4EPTSsy/15tWXq/4XHqSlalqseJDI7Eu7bXbTTZvdDeTzgck+z8xsnue7z8wzz+wMOwHsWRPpn0zEoYj4KIkYq89PImKomhqMOFFb7/b6Wj6dktjYePOPpLrOrfW1fDS9J3WgnnkyIn58P+JwZnO55ZXV+VyxWFiq56cqC+enyiurR84t5OYKc4XFY9MzM0ePv3D82M7F+tcvqwevf/zas9+c+Oe9J65++FMSJ+JgfVlzHDtlIibqn8lQ+hHe49WdLqzPkn5XgIeS7poDtb08DsVYDFRTbYz0smYAQLe8GxEbAMAekzj+A8Ae0/ge4Nb6Wr4x9fcbid668UpE7K/F37i+WVsyWL9mt796HXT0VnLPlZEkIsZ3oPyJiPjiu7e/Sqfo0nVIgFYuXY6IM+MTm/v/ZNM9C9v13FYLN4arLxP3zdb/Qe98n45/Xmw1/svcGf9Ei/HPcIt992E8eP/PXNuBYtpKx38vN93bdrsp/rrxgXruf9Ux31By9lyxkPZt/4+IyRgaTvPT1VVb3wU1efPfm+3Kbx7//fnJO1+m5aevd9fIXBscvvc9s7lK7lHjbrhxOeKpwVbxJ3faP2kz/j3VYRmvv/TB5+2WpfGn8TamzfF318aViGdatv/dtky2vD9xqro5TDU2iha+/fWz0XblN7d/OqXlN84FeiFt/9Gt4x9Pmu/XLG+/jJ+vjP3QbtmD42+9/e9L3qqm99XnXcxVKkvTEfuSNzbPP3r3vY18Y/00/smnW+//W23/6TnhmQ7jH7z++9cPH393pfHPbqv9t5+4ent+oF35nbX/TDU1WZ/TSf/XaQUf5bMDAAAAAAAAAAAAAAAAAAAAAAAAgE5lIuJgJJnsnXQmk83WnuH9eIxmiqVy5fDZ0vLibFSflT0eQ5nGT12ONf0e6nT99/Ab+aP35Z+PiMci4tPhkWo+my8VZ/sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWjz/P/Ub8P9rh0A0DX7+10BAKDnHP8BYO/Z3vF/pGv1AAB6x/k/AOw9HR//z3S3HgBA7zj/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoMtOnTyZTht/r6/l0/zshZXl+dKFI7OF8nx2YTmfzZeWzmfnSqW5YiGbLy20/UeXai/FUun8TCwuX5yqFMqVqfLK6umF0vJi5fS5hdxc4XRhqGeRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnyiur87lisbAksWViZHdUY9ckBmNXVEOia4nmXmKkfx0UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwC73XwAAAP//+Lkq2Q==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000008000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000240)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x51}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x10, r1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
fdatasync(r1)
capget(&(0x7f0000000380)={0x20071026, 0xffffffffffffffff}, &(0x7f00000003c0)={0x8fc4, 0x8, 0x8, 0x8000, 0x80, 0x7a4829f5})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000000)={0x7, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0xfffffffd, @dev}}}, 0x108)
getsockopt$inet6_buf(r5, 0x29, 0x30, &(0x7f0000000000)=""/26, &(0x7f0000000580)=0x1a)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000740)={&(0x7f0000000400)=ANY=[@ANYBLOB="08010000", @ANYRES16=0x0, @ANYBLOB="000026bd7000fedbdf250700000008000100650000000c0099008909000008000000140004006261746164765f736c6176655f300000080005000700000005005300000000000c001780040001000400050008001780040002000a00e800ffffffffffff0000280017800400030004000400040004000400020004000100040004000400010004000100040005002400178004000200040005000400050004000400040005000400020004000500040005000a00e800ffffffffffff00001c00e7006a3f1e94dcffb3298f6f2a51e664f2a52f5315aa19adb0ef0a001800030303030303000005005300000000000a00180003030303030300000400cc000400cc00f3ccc4980a861f36d104ae3e1eefb30f2ab1cb8a9e6d8953ac66f6c23818c102a1c30bc3c744939e3fb84db9117ce13e476cdf954615061689f29cf3629bf9560724e89ecd573e73855f42177052f6fc0ba1e7e6560c0d797768fbf4f5ef4309de454efe5aa646e3311448f0a0e5646245"], 0x108}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0))
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
pwritev(r8, &(0x7f0000000600)=[{&(0x7f0000000240)="01000000", 0x4}, {&(0x7f0000000280)="f697079a16", 0x5}], 0x2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

45.33506934s ago: executing program 4 (id=174):
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000001280)={'ip6tnl0\x00', &(0x7f0000001200)={'syztnl0\x00', 0x0, 0x4, 0x80, 0xb2, 0x3, 0x6, @dev={0xfe, 0x80, '\x00', 0x27}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x8, 0x0, 0x7fffffff, 0x1}})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffff00000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r1, 0x8982, &(0x7f00000004c0))
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240), 0x48}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@newtfilter={0x6c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x3c, 0x2, [@TCA_CGROUP_ACT={0x38, 0x1, [@m_connmark={0x34, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x6c}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000040)={'ip6gre0\x00', &(0x7f0000000240)={'syztnl0\x00', r7, 0x29, 0x6, 0x1f, 0x6, 0x3a, @mcast1, @rand_addr=' \x01\x00', 0x8, 0x10, 0x7f, 0x180}})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000002dc0)={@mcast1, 0x81, 0x0, 0x3, 0xa, 0xca7f, 0xaa6d}, 0x20)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r9, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYRESOCT, @ANYRES32=r9, @ANYBLOB="1400050000000000000000000000000000000013797b29b3d71482bf19dfde38a807347495bdc4e5faf832781f4bbc146217f2bac3fe349df134cb29b64cebf496e2c2de49dbbaf711f76f912d13c8dc8df3e71da83f378b5b46e75dfcd10be1934cb9fbe2abab8c25bdae572962b91efeedad0d28c1d420626f2813a51ae9a732b772232fb0258a35e6cff30830b1aa04cf311f6e15a4849394cd4195a994d14b6d61a1387991cd4e1f9db398290f84021b8697d721047a1dffc833a371f8227bd06ad18a2b668e5972fbef1c99e61fd24ef55bc425dd36b3cb8d4849"], 0x2c}}, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000006d80)={'syztnl2\x00', &(0x7f0000006d00)={'syztnl2\x00', r9, 0x2d, 0x4, 0x8, 0x6239, 0x30, @local, @mcast2, 0x20, 0x700, 0x8000, 0x10001}})
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r11, &(0x7f0000000000), &(0x7f0000000080)=@buf='\x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001400)={r11, &(0x7f00000018c0)="c8286c390e7de4d887bb6bc203d58fcf3801000000982a39e0b4e2946b35d51bfd6ae7d962254f5e7bae72aa0722ea2561e9540bde1402e525d8ce54f6199796801267b5a6039c28cd7195136f1e4718de1beb15e8fb3b39ae5f61fd61c19761c0ec7edfe795979a842d0eac031f7c3dbb937084f02b00"/128}, 0x23)
sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r10, &(0x7f00000097c0)={&(0x7f0000008b00), 0xc, &(0x7f0000009780)={&(0x7f0000000800)=ANY=[@ANYBLOB="62870000", @ANYRES16=r11, @ANYBLOB="00c62bbd7000fddbdf257a000000080003002bb8afbd0de9", @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x40884}, 0x90)
getsockname$packet(r1, &(0x7f00000002c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r10, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newlink={0x94, 0x10, 0xffffff1f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x0, 0x35288}, [@IFLA_LINKINFO={0x6c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x5c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x1}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @empty}, @IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_LINK={0x8, 0x1, r12}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x37}}, @IFLA_IPTUN_PROTO={0x5, 0x9, 0x29}]}}}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x94}, 0x1, 0x0, 0x0, 0x8000}, 0x4000080)

42.701948982s ago: executing program 4 (id=181):
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r2, &(0x7f00000000c0)={0x2, 0x0, @empty}, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000380)={<r4=>0x0})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000180)={r4, 0x0, 0x4})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000004c0)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r5, 0x3, r3, 0x5})
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x4048aec9, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1fb}, 0x0, 0x0)
write$sequencer(0xffffffffffffffff, 0x0, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
io_setup(0x8001, &(0x7f00000001c0))

38.863034557s ago: executing program 4 (id=189):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61122400000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb"], &(0x7f0000000100)='GPL\x00'}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb26fc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x28, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0xe, 0x6e}}}}, [""]}, 0x28}, 0x1, 0x0, 0x0, 0xc000}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x0)
umount2(&(0x7f0000000380)='./file0\x00', 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x0)
ioctl$sock_bt_hci(r2, 0x400448ca, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

38.860777187s ago: executing program 2 (id=190):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r7, 0x4b31, &(0x7f0000000580))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_tcp_int(r8, 0x6, 0x6, &(0x7f0000000040)=0x20000006, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r8, &(0x7f00000014c0)={0xa, 0x0, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x4000300)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

36.336462731s ago: executing program 2 (id=192):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000008c0)=[@text64={0x40, &(0x7f0000000780)="dd3506000000660f72e610430f01c8b9800000c00f3235000800000f30f20f38f09731ec0000420f783fc4c3f9622b0547dc8b22130000450f096566440f388083fc000000", 0x45}], 0x1, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0xc9d7, 0x3, 0x11}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000003c0)=r3}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r7, &(0x7f0000005180)=[{{&(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c, 0x0}}], 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r5}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20)
r8 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r9, 0x107, 0x5, &(0x7f0000000200)=@req3={0x8000, 0x3, 0x8000, 0x3}, 0x1c)
sendmsg(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000000)=',', 0x1}], 0x1}, 0x8940)
writev(r8, &(0x7f0000000340)=[{&(0x7f0000000100)="5fc903ce8cb5049e077f3ba953190a8ce22e51a45861006641e661523ed30e13487a64d3e98231a20c5e08ebe24801b531c63d06db0e6cca2bdb10dd7d02d74ab9dd95bd33747598fc1e063ff967b7c16abd2076323dca7cd2cc5ab8225b6d31c8029cfe91c8f8c054ff41", 0x6b}, {&(0x7f0000000980)="941dd634f75d70afed00837e63d7a620c1b5fd6f48660a86826b474ffb6274f02f52586f30140dafd6a0baffee63a7bafec8837268f35cf21be882e4ac6c522534080f35b3033aeb3f84e473f0b8c5a0d132378d8d7ff5299fd7616415c9c97f6331af9d07a746bb657558522dcee4c292efe922ce9584ec0ca31b7f5362419bd2084f5f9d2ef32bb866383dcb862e17ae85989ce20040b023f6d6b6cae15622b6b9ab922f95edd7f1fe11b20efdecc038027fe452320671c98e51817e1ab6e62610629bb0fa0b8513df543828b7dc90c220c6e7b17c4c7176508749", 0x50c}, {&(0x7f0000000480)='3', 0x10}], 0x3)
dup3(0xffffffffffffffff, r7, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xc, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r10}, 0x0, &(0x7f00000002c0)}, 0x20)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000b00)={0x0, 0x0, @ioapic={0x2000, 0x1, 0x5, 0x0, 0x0, [{0x8, 0x0, 0x0, '\x00', 0x1}, {0x8, 0xff, 0x0, '\x00', 0xfd}, {0x20, 0x20, 0x7}, {0x74, 0x1, 0x80, '\x00', 0x8}, {0x40, 0x7, 0x6, '\x00', 0x13}, {0x20, 0x3, 0x79, '\x00', 0x3f}, {0x4, 0xff, 0x9, '\x00', 0x6}, {0x20, 0x0, 0x2, '\x00', 0x4}, {0x20, 0x2, 0x0, '\x00', 0x2e}, {0x2, 0x80, 0x40, '\x00', 0x81}, {0x0, 0x20, 0xa7, '\x00', 0x3f}, {0xc0, 0x1, 0x6}, {0x1, 0x7f, 0x0, '\x00', 0xa6}, {0x3f, 0x2, 0x9}, {0x0, 0x1, 0x0, '\x00', 0x97}, {0x0, 0x1f, 0x1, '\x00', 0x1}, {0x4, 0x20, 0x76, '\x00', 0x1}, {0x5, 0x80, 0x1f, '\x00', 0x7f}, {0x1f, 0x5, 0x63, '\x00', 0x6}, {0x2d, 0x2, 0x2, '\x00', 0x9}, {0x64, 0x1, 0x3, '\x00', 0x4}, {0x8, 0x8, 0x6, '\x00', 0x3}, {0x20, 0x1, 0x2, '\x00', 0x4}, {0x0, 0x5, 0x5, '\x00', 0x3f}]}})
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000024d564b000000eccd"])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r12 = pidfd_getfd(r3, r10, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='sys_enter\x00', r12}, 0x10)

35.99036636s ago: executing program 2 (id=194):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000080eff955a7626a4d8009c39e12c767b445dd4f9c1e1a161efadd5a752d5ce27aa746ea1242cb0c868df6b954a0984968d6e83371ec2c6325c471662d037f0fee945b7c9ecce4027c3b335f919c388078034d07c6912214fd5e2b9ca320f3f182632ed2581660346f5f6b0eaa8a231b756c0b47530010db4e5fbc9551ea6492c5098d7736f38e561a181e973b02b4f4efdc7cd62dd262cbe7c75c660fbf43e24bc2951042b7fcc023fa45e4f22445aa41c3d2960ecaf5fb18c92e42b61c3229633fc4907bcf308e1d73fe5f8165495facc844b52ecdccc97603ddc72590cea2690d38bf6cda47c943e4670f3d823b565cdd9ae7f13480000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x62)
listen(r3, 0x0)
r4 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000007c0)={0x10000001})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000004a00010000000000000000000a008000", @ANYRES32=r8, @ANYBLOB="000000000000000001"], 0x30}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@bloom_filter={0x1e, 0x8000, 0x80, 0x6, 0x100, r5, 0x80000000, '\x00', 0x0, r1, 0x2, 0x5, 0x4, 0x6}, 0x48)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYBLOB="5000000010000305000000000000000000002500", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128008000100677470001c00028008000100", @ANYRES32, @ANYBLOB="08000500", @ANYRES32, @ANYBLOB='\b\x00!\x00', @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x50}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r13=>0x0})
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r11, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r13, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}}, 0x0)
bind$netlink(r12, 0x0, 0x5c)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x890b, &(0x7f0000000100))

34.80484189s ago: executing program 2 (id=196):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
open(0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r1}, 0x10)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket(0x40000000002, 0x3, 0x2)
setsockopt$inet_int(r2, 0x0, 0x14, &(0x7f0000000440)=0x185, 0x4)
r3 = socket(0x40000000002, 0x3, 0x80000000002)
sendto$unix(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r2, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10, &(0x7f0000000680), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
process_vm_writev(r0, &(0x7f0000000940)=[{0x0}, {&(0x7f0000000a40)=""/157, 0x9d}, {&(0x7f0000000b00)=""/48, 0x30}, {&(0x7f0000000b40)=""/122, 0x7a}, {&(0x7f0000000bc0)=""/90, 0x5a}, {&(0x7f00000007c0)=""/3, 0x3}], 0x6, &(0x7f0000000f00)=[{&(0x7f0000000cc0)=""/164, 0xa4}, {&(0x7f0000000d80)=""/152, 0x98}, {&(0x7f0000000e40)}, {&(0x7f0000000e80)=""/123, 0x7b}], 0x4, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x206100, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x2081c80, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r4, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r5, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r5, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
close(r5)
ftruncate(0xffffffffffffffff, 0x0)

34.377856896s ago: executing program 4 (id=197):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0xa37, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r1, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"})
r2 = epoll_create1(0x0)
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x1)
name_to_handle_at(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000200)=ANY=[@ANYRES32=r0], &(0x7f0000000080), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00'}, 0x90)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000003c0)='freezer.state\x00', 0x0, 0x0)
r3 = socket(0x1, 0x5, 0x0)
r4 = epoll_create1(0x80000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000280)={0x14823545f2636de0})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r4, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000001c0)={0xc000000e})
epoll_pwait(r4, &(0x7f0000000040)=[{}, {}, {}, {}], 0x3, 0x3f0d6348, 0x0, 0x2a)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x20001414)
ioctl$TUNSETOFFLOAD(r6, 0x40047452, 0x40323f827c0000)
shutdown(r3, 0x0)
close(r3)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFNETMASK(r7, 0x8917, &(0x7f0000000280)={'pim6reg0\x00', {0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}})
syz_clone(0x0, 0x0, 0x49, 0x0, 0x0, 0x0)
r8 = syz_open_pts(r1, 0x0)
r9 = dup3(r8, r1, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB="2c771d1b2b0b70123bb2d365362aaa33f2043e53e621df76fec57eb476811d70", @ANYRESHEX=r10, @ANYBLOB=',\x00'])
ioctl$BTRFS_IOC_FS_INFO(r1, 0x8400941f, &(0x7f0000000340))

32.6773438s ago: executing program 4 (id=202):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80042, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
unshare(0x68060200)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000480)={[{}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x1f}}, {@user_xattr}, {@grpid}, {@journal_checksum}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}], [{@permit_directio}, {@context={'context', 0x3d, 'system_u'}}]}, 0x1, 0x605, &(0x7f0000000c00)="$eJzs3c1vVFUbAPDnTqelpbxvCzEqLmQSYiBRWlrANMYFbA1p8CNu3FhpQaRAQ2u0aEJJcGNi3Bhj4sqF+F8okS0rXblwoStDQtSwNHHMTO8tnc7tJ20vcH+/ZOi599w751ymT8+ZM+fcCaC0ao1/KhF7I2IqiehL5hbyqpFm1uaPu/f3x6cbjyTq9df/TCJJ92XHJ+nP3vTk7oj46cck9nS0lzs9e+X82OTkxOV0e3DmwtTg9OyVQ+cujJ2dODtxcfjF4ZFqHBsZOryh67qas+/k9fc+6Pt09K1vv/4nGfru19Ekjscr6YGLr2Oz1KLW/D9J2rN6Rza7sIJ0pL8ni1/ipFpghViX7PXrjIinoi864v6L1xefvFpo5YAtVU8i6kBJJeIfSirrB2Tv7Ze+D64U0isBtsPdE/MDAO3xX50fG4zu5tjAzntJLB7WSSJiYyNzrXZFxO1bo9fP3Bq9Hls0Dgfkm7sWEU/nxX/SjP/+6I7+ZvxXWuK/0S84lf5s7H9tg+UvHSoW/7B95uO/uy3+u9L8/uanePnx//ai+H9ng+XXYn9nmny3pyX+ezZ8TQAAAAAAAFBWN09ExAt5n/9XFub/RM78n96IOL4J5deWbLd//l+5swnFADnunoh4OXf+byWb/dvfkab+15wP0JmcOTc5cTgi/h8RB6NzR2N7aIUyDn2256vl8mrp/L/s0Sj/djoXMK3HneqO1nPGx2bGHvS6gYi71yKeyZ3/myy0/0lO+9/4ezC1xjL2PHfj1HJ5q8c/sFXq30QcyG3/79+1Ilnu/hzHjh4bGTo82OwPDGa9gnbPfvT598uVv9H4d4sJeHCN9n/nyvHfnyy+X8/0+ss4MlutL5e30f5/V/JG85Yz2TzlD8dmZi4PRXQlJzsae1v2D6+/zvA4yuIhi5dG/B/cv/L4X17/vyci5pY8d/JX65rizJP/9v6+XH30/6E4jfgfX1f7v/7E8I3+H7InO77kZnhra/+PNtv6g+ke438w78ssnrpa9+eEYzUva7vrCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPg0pE7IqkMrCQrlQGBiJ6I+KJ2FmZvDQ98/yZS+9fHG/kNb//v5J902/f/HaSff9//6Lt4SXbRyJid0R80dHT3B44fWlyvOiLBwAAAAAAAAAAAAAAAAAAgIdEb/v6/99607w/OgquHLD1qkVXAChMTvz/XEQ9gO2n/YfyEv9QXuIfykv8Q3mJfygv8Q/lJf6hvMQ/AAAAAAA8Vnbvu/lLEhFzL/U0Hw1daV5noTUDtlql6AoAhXGLHygvU3+gvLzHB5JV8ruXPWm1M1cydfoBTgYAAAAAAAAAAACA0jmw1/p/KCvr/6G8rP+H8srW/+8ruB7A9mt/j1+/WkhFgEKttJI/d/3/qmcBAAAAAAAAAAAAAJtpevbK+bHJyYnLa0xci4g1H/xoJd4stPRKRGzG89TWc3C9Pr/a42F5CR7xRDYV/mGpz5JEttZvbWcV9zcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo9V8AAAD///x9I5c=")
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[], 0x3c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_tables_targets\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
write$input_event(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_udplite(0xa, 0x2, 0x88)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0x0, 0x6, 0x2, 0x0, 0x0])
semctl$SETVAL(0x0, 0x0, 0x10, &(0x7f0000000040))
r5 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_attach_bpf(r5, 0x1, 0x2e, &(0x7f0000000000), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioprio_set$uid(0x0, 0x0, 0x0)
semget(0x3, 0x3, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
semctl$GETPID(0x0, 0x0, 0xb, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000140), 0x4)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000880))

31.853450839s ago: executing program 2 (id=203):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r7, 0x4b31, &(0x7f0000000580))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_tcp_int(r8, 0x6, 0x6, &(0x7f0000000040)=0x20000006, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r8, &(0x7f00000014c0)={0xa, 0x0, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x4000300)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

29.530605856s ago: executing program 2 (id=208):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000380)={[{@user_xattr}, {@noquota}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@noquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x8}}, {@delalloc}, {@user_xattr}, {@quota}]}, 0x1, 0x562, &(0x7f0000001080)="$eJzs3U1rXFUfAPD/nSR9f56mUIqKSKALK7WTJvGlgou6FC0WdF+H5DaUTDolMylNLLRd2I0bKYKIBXGve5fFL+CnKGihSAm6cDNyJ3fSaTKTt06b2Pv7wW3Puedm/vfMuefMuXNmmAAKayT7pxTxckR8nUQc7igbjLxwZPm4pUfXJ7MtiWbz0z+TSPJ97eOT/P+DeealiPj1y4iTpbVx6wuLM5VqNZ3L86ON2Suj9YXFU5dmK9PpdHp5fGLizNsT4++9+07f6vrG+b+/++Teh2e+Or707c8PjtxJ4mwcyss669Eh2WKIm52ZkRjJH2Aozq46cGyLD7zbbfWJYncYyPv5UGRjwOEYyHs98OK7ERFNoKAS/R8Kqj0PaN/b97gPfmE9/GD5Bmht/QeX3xuJfa17owNLyRN3Rtn97nAf4mcxfvnj7p1si97vQ8SToW/2ITJQdDdvRcTpwcG141+Sj3/bd3oTx6yOUbTXH9hJ97L5z5vd5j+llflPdJn/HOzSd7dj4/5fetCHMD1l87/3u85/Vxathgfy3P9ac76h5OKlapqNbf+PiBMxtDfLr7eec2bpfrNXWef8L9uy+O25YH4eDwb3Pvk3U5VG5Wnq3OnhrYhXus5/k5X2T7q0f/Z8nN9kjGPp3dd6lW1c/2er+WPE613b//GKVrL++uRo63oYbV8Va/11+9hvveLvdP2z9j+wfv2Hk8712vrWY/yw7580mje6lm33+t+TfNZK78n3Xas0GnNjEXuSj9fuH3/8t+18+/is/ieOrz/+dbv+90fE55us/+2jP73aq6xL/UvPu/2nttT+W0/c/+iL73vF31z7v9VKncj3bGb82+wJPs1zBwAAAAAAALtNKSIORVIqr6RLpXJ5+fMdR+NAqVqrN05erM1fnorWd2WHY6jUXuk+3PF5iLH887Dt/Piq/EREHImIbwb2t/LlyVp1aqcrDwAAAAAAAAAAAAAAAAAAALvEwR7f/8/8PrDTZwc8c37yG4prw/7fj196AnYlr/9QXPo/FJf+D8Wl/0Nx6f9QXHn/t9wPBeT1H4pL/wcAAAAAAAAAAAAAAAAAAAAAAAAAAIC+On/uXLY1lx5dn8zyU1cX5mdqV09NpfWZ8uz8ZHmyNnelPF2rTVfT8mRtdqPHq9ZqV8bGY/7aaCOtN0brC4sXZmvzlxsXLs1WptML6dBzqRUAAAAAAAAAAAAAAAAAAAD8t9QXFmcq1Wo6JyGxrcTg7jgNiT4ndnpkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH/g0AAP//8UY6Ow==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
open(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000001e40)=@v1={0x0, @aes128, 0x0, @desc1})
ioctl$EXT4_IOC_CLEAR_ES_CACHE(0xffffffffffffffff, 0x6628)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d40)={0x0, 0x1b, &(0x7f0000000900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, {}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, @map_fd={0x18, 0x6}, @map_fd={0x18, 0xdb3e5c0a82365e3c}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffd}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}, @jmp={0x5, 0x0, 0xb, 0x0, 0xb, 0x80, 0xffffffffffffffff}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8000}, @exit], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000600)='GPL\x00', 0x7fffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], 0x0, 0x10, 0x80000000}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
unshare(0x8040480)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
shutdown(r5, 0x1)
ppoll(&(0x7f00000000c0)=[{r5}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002000007b8af8ff00000000bfa200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

7.763709994s ago: executing program 1 (id=245):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
pipe2(0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsync(0xffffffffffffffff)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000540)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x2, 0x5}, 0x48)
signalfd(r0, &(0x7f0000000680)={[0x1cb000000000]}, 0x8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200)=0xb, 0x23000)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @multicast2}, 0x2, 0xfffffffd}}, 0x2e)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r6, 0x111, 0x2, 0x20002001, 0x4)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b70400000000000085000000430000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000700)=@generic={0x0}, 0x18)
socket$igmp(0x2, 0x3, 0x2)

6.786866297s ago: executing program 1 (id=246):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x71, 0x10, 0x90}, [@ldst={0x3, 0x0, 0x3}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_FLAGS={0x6}]}}}]}, 0x40}}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14)
r2 = syz_open_dev$vcsn(&(0x7f0000000200), 0x1, 0x181)
write$nbd(r2, &(0x7f0000000100)={0x67446698, 0x0, 0x0, 0x0, 0x0, "cf218de837f91abb4175bab93c3623359dfe4195c561029a750f337cf13683dfca6b26408944b057c4e99b80b3fdc3e107cfbf86c86e34260fa537d4232972063b"}, 0x51)
sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000480)={&(0x7f0000000f00)=@dellinkprop={0xa8, 0x6d, 0x2, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, 0x2200, 0x49310}, [@IFLA_MTU={0x8, 0x4, 0x3}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x2405}, @IFLA_MTU={0x8, 0x4, 0x4}, @IFLA_NET_NS_FD={0x8, 0x1c, r2}, @IFLA_PHYS_SWITCH_ID={0x1f, 0x24, "cc36bd26c0efe882d286407d07107df26b267b724cdf30be992074"}, @IFLA_MAP={0x24, 0xe, {0x10000, 0x1000, 0x7fff, 0x81, 0x1, 0xe7}}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0xffffffff}, @IFLA_IFALIAS={0x14, 0x14, 'ip6_vti0\x00'}, @IFLA_CARRIER={0x5, 0x21, 0x87}]}, 0xa8}, 0x1, 0x0, 0x0, 0x4000000}, 0x4080)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x3, 0xffffffffffffffff)
write(r4, &(0x7f0000000100), 0xfffffe5d)
openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x80400, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010000104000002cf66000000005d0000", @ANYRES32=r8, @ANYBLOB="00000000060000001c0012000b000100627269646765"], 0x3c}}, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_FLAGS={0x6}]}}}]}, 0x40}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r9, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f0000000ac0)={0x428, 0x13, 0xa, 0x801, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_OBJ_USERDATA={0xe8, 0x8, "f35a66afa132b4bdc59d22812c44716e8fa47bce0799b2f8940d6c993b4480c65608409d38ba307be6b142e0460b101c08dea9bd317cfddedc6a39be00e62b33fdd6ea21db271ecbf8ea736477e0ad930b731490352e6ad7a473d8cc6203c0be1eebdc65f967538f0d88491d467ce1840fd6a904268b4ade4e03234ae64494e1d610d7027c1c2d2365fb4000beb7f3d2aac33ce0376ecfe23108fd1edd31cf3b47e3e0f49bbc484cc01c9f6d923d42211e713b250e969bfa581c27b82784bea4d88bb6e158e17944b78e2e082493daef51c97bea1ec4bb0058c667b14e0fa896676461cd"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x9}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_USERDATA={0xc6, 0x8, "013be990890893a49fc892c8da6525fdc0985f7fbace620a3f9d6fdacd15cfa8a4a079cb1beb88e93b1c11937d9047ce531142bfc27f0674ac32875f4fd82114733778188b48f360ce2dd0f30317281061bcfccfeff2146383728e5603569969d0c4dfa6de309b0059efb736fb084922fa051356215e3085e71a400f602e00aef026ee66d3c18d0387a79da8b1ba4060715cce416930220235281aae13ab623dabb29077256c61f9b5e2500df94e04a98c41056d4529762c3716a2a8401aa1dcafbe"}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_USERDATA={0xbc, 0x8, "3b4c224b2de939841fcc518a7d0751e8461460b1ba773bac2d45f6a4fd9f2eaf3daaa8b17c2985f44f99ffd6bdf025249ed8e420e525532980c8c62688ae4bf54bff5b1e2e891cbf4a134cef1c17badd1442450df26f0c02a0be03945e66057a499ae4c486e03b9e8a948d99e8fe26510fc8211b8aaf44dffcc33ce21777024644a39c2a7e86e27c965f819b339ea872b0996a9107bde9213089b7145f07f3460ceb4f9e2aa5d5bebfd0ae00dd2f679f4f9aa225868d27b8"}, @NFTA_OBJ_USERDATA={0x7d, 0x8, "063572e4de95e23165ce24ae991dcbab1bce2794631fd82049f6d532765a271f160757d2ff6c6dc972863c6425a91d640e677105e79517137b9b0f94a9af64f8dbce9323e8f2b4fcb97d718bd736cd638efa80e103213ec03c003cf975f0794752a6fe07335c7eb41be39b15d8d6069d4d8d6e7ae3f860097a"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_USERDATA={0xf7, 0x8, "78381663c07ea4d6041ccfbdfff7b93ffe182b8d91a7aa46c301a71c355ebbebf620647a04ed24cdb6c958437a2ceb42083dd2c6112821b99db42c9e8749fb1ec4b26561c5e4536192d04d3740ca4718aa57fb847e5bcbfd282c7ffb74d1a52dc4ef455860b8ff80bf61f87339da47b6683b4f177d54ef712762cea016d1b914870851eca61d1ed84b927d6644acc3b32468e64dbffbdac77a0bc13bf7e69167764d4d6f9b471f07c5f438f2d3595c24006e8e868620ae30ba2fc6a18aceaf5823dcca0f429ad5525eaf902127709951a56a38b1ec49939ca4f82ba3e3384a596e50ab9e3621a209be78135f01e83fcfc21531"}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x5}]}, 0x428}, 0x1, 0x0, 0x0, 0xc5}, 0xc0)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(r10, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@RTM_DELMDB={0x38, 0x55, 0x1, 0x0, 0x0, {0x7, r8}, [@MDBA_SET_ENTRY={0x20, 0x1, {r11, 0x0, 0x0, 0x0, {@in6_addr=@ipv4={'\x00', '\xff\xff', @loopback}, 0x86dd}}}]}, 0x38}}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x5, &(0x7f0000000280)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], <r12=>0x0, 0x8, &(0x7f0000000400)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x10, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f00000007c0)=ANY=[@ANYBLOB="61124c00000000006113500000000f00bf2000000000000007000000100000003d0301000000000095000000000000006926000000000000bf670000000000005606000032ff07006706000020000000150600000ee60000bf250000000000003d350001000000006507f3ff010000000707000022c24810790d1cdb00000000bf540000000000000704000004f3f8ffac53010000008000a404000000000000050000000000f2cdaabc8383c8f56b8c0500a800ef1856bb9b904e70c347de8f426bad033728760857289ad166cbb434587529df2a24c02257c8dd2dc925cb0ff850d3fbd1f09a889b57b1edaf7abe847db9bcae8d7467086ef331d137046c358611f1b1bde5cdfba964241caebec538abc8987b78c83ea754d0890af5fba692290b24368bfb2eb6679110824414093b826bd6705a407072b2baeb007e985c43222c9732bc52c68194c46df933587fb1c31bd28e883fe541bb611ea59e89a91407b80002be8082bb7c7bf296f25886ec7018d182b3adc538320246ed12730eb983ab570542d19dc5d088609f1c1863fc4312432c941d5ac14702d5eaf4ab19263759b40a1a2c13a3cda097ee570db1c7f74503fcff75d47fda77f637900f0a317ce338ad130bc6114b8fa1ea03e070b9cee08540face40f235a266eaf2b289853f7551fbf34a91ce3e93b5287e3ee5b8cde7baaa309958b8b1b9f0f0565e760caa52b56673934d279435673a7b80c13330f88b67cb82a4db4abc380c702ea8df20c9fc7dd08a56ff01119a3d4be75496d7eb41577b02e81cdc79218b443c73b3c529db19bf5552ba31423c492c445be865e2afa8021f31996f0e1e25d2e66487b5cd57ea254a056c7a993a4b621c0ae4b2b337452548a67ea400121bfbfc9a0dbe7ddbd8b1b603f76eabba88393cd682250cbbcab158cb36a0285021acd606c819c46a4cf2f013d413ca7532667021db5f63eb1c405de9f35f666a21ad93268cd10b2c6ab8c0eb0da4047311d88a419d262010e0c7e14a39dc6bb206d77e59073488909485140bdc80c858e44bc9f62bd7606eb1cf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, r12}, 0x80)
fcntl$dupfd(0xffffffffffffffff, 0x3, 0xffffffffffffffff)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
r14 = fcntl$dupfd(r13, 0x3, 0xffffffffffffffff)
write(r14, &(0x7f0000000100), 0xfffffe5d)

6.784192927s ago: executing program 0 (id=247):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x9, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0xa3074bfe6145fe33, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x90)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x82400, 0x0, 0xfc, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
dup(0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002c80)=@newtaction={0x14, 0x12, 0xbf68af9d17701211, 0x0, 0x0, {0x7}}, 0x14}}, 0x0)
read(r6, &(0x7f0000000440)=""/70, 0x46)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x2044020, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00')
preadv(r7, &(0x7f00000001c0)=[{&(0x7f00000006c0)=""/4089, 0xff9}], 0x2, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="60000000000201040000000000007f0002000000240002801400018008000100e000000108000200ac1414000c000280"], 0x60}}, 0x0)

5.783606912s ago: executing program 1 (id=249):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000100)={&(0x7f0000000000), 0x10, &(0x7f0000000700)=[{&(0x7f0000000080)="080064d02a780996", 0x8}], 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="10"], 0x28}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001340)=[{&(0x7f0000001500)=""/151, 0x97}], 0x1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001380)={{0x1, <r1=>0xffffffffffffffff}, &(0x7f0000001200), &(0x7f0000001240)}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r5=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000017c0)={0x50, r4, 0x5, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x34, 0x8, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x5}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=@base={0x12, 0xfffffffc, 0x3, 0x2, 0x8, r1, 0xfff, '\x00', r5, 0xffffffffffffffff, 0x0, 0x5, 0x4}, 0x48)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000014c0)={0xffffffff, 0x1, 0x0, 0x0, 0x0, "05000000000000000000001000"})
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
r6 = syz_open_pts(0xffffffffffffffff, 0x42)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0xa}, 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xbd, <r8=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRES64=r7, @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001280)=r8, 0x4)
r9 = dup3(r6, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(r9, &(0x7f00000001c0)={0xd, {"08c39ee52f329f1698b1c4865f8b540a5eee9f496a0809c3d21c25867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76013256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)
syz_mount_image$hfsplus(&(0x7f0000000300), &(0x7f0000000640)='./file1\x00', 0x1008810, &(0x7f00000021c0)=ANY=[], 0x1, 0x5f4, &(0x7f0000000780)="$eJzs3U9vHGcdB/Dvrv9kHaTUdZM2oEpYRaoQFonXlkjhQikFWahClThw4WIRp7GySSt7i9weaEAcKk59CeXgN4A4FikH2iOcKnEz6hGJu29GMzvj3cTb1I7X2U3z+Uizz/PsM/Ps7/nN7GRmrGgDPLXWljJ9L42sLb2xU7T3dlc7e7urt+t6knNJmkkrSaN4+29Jvkjuprfkm3XHQHnE55+03vrso08/7LVa1VKu33jYdsdzGMt8L9ayHNV4K6cer5xdq24tJFk8XXwwGge1/wztPuX3EgCYZI1katj788n56uK1uA/oXRX3rrGfaHfHHQAAAAA8Bs/sZz87uTDuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBJUv3+f6NamnV9MY369/9nq/dS1Z9o98YdAAAAAAAAAACMwLf3s5+dXKjbB43yb/4vlY2L5es38m62s5GtXMlO1tNNN1tpJ5kfGGh2Z73b3WofY8uVoVuuPJ75AgAAAAAAAMDX1B+z1v/7PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIJGMtUryuViXZ9PczpJK8lssd7d5F91fbLMnGjtV88sDgAAAJgcz+xnPzu5ULcPGuU9//PlfX8r7+ZOutlMN51s5Hr5LKB319/c213t7O2u3i6Wo+P+5H8nCqMcMb1nD8M/+XK5xlxuZLN850p+m7fTyfU0yy0Ll+t4hsf1hyKmxo8rx4zselUWM/9FVU6G+TIjM4cZWa5iK7Lx7MMzccK98+AntdM8fPJz8Qxyfr4qi/m8PtE5Xxk4+p5/eCaShV//+drNzp1bN29sL03OlB7Rg5lYHcjEC09VJpbLTFw6bK/l5/lVlrKYN7OVzfwu6+lmI4t5vaytV8dz8Tq/t7t60PPBkEy9et/z1Te/KpLZar/0zqIni+mlctsL2cwv83aul3t0OddyLSv5QX6Y5fv28KWhe/iDg6q7/NY3T/at/853q8pMkp+d+EHuWSry+uxAXgfPufNl3+A7/SwtjP7cOP2tqlIcPa9N3Lmxn4mZ8l+JOhPPPZiJ+3fuX8oDZ7tz59bWzfV3jvl5L1dlkYGfHsnEwdTpZ/SoiuNlodhZZev+o6Poe25oX7vsu3jY1zzSd+mw76u+qbPVNdzRkVbKvheG9vW2uzzQN+x6C4CJd/5752fn/jv3z7mP5/40d3PujdZr51459+JsZv4x86Pp5amXmy82/pqP8/v+/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDott97/9Z6p7OxpaLy9FUWk4xmwMVJmM4IK+fGfWYCztrV7u13rm6/9/73N2+v17/a90q73b62fPXGZmejeh13lADAKPUv+scdCQAAAAAAAAAAAAAA8GUex38nHvccAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAr7e1pUzfSyPt5SvLRXtvd7VTLHW9v2YrSaOo/D359xfJ3fSWzOc3U/VKjS/7nM8/ab312Uefftgfq1Wv33jYdsczEEvSrMpRjbdy6vH6M1xMslCVMHb/DwAA//9uwwS6")
r10 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
fremovexattr(r10, &(0x7f0000000040)=@known='trusted.overlay.upper\x00')
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f0000000780)=ANY=[@ANYRESHEX, @ANYRES64=0x0], 0x11, 0x69d, &(0x7f00000000c0)="$eJzs3c9vHGf9B/D3rNc/NpUct03TfL+qhGmkgohI7FgphEsCQihIFarCgbPVOI0VJw2Oi9IeiAtIXDnwB5RDuMAJhJCQkCKVM9wqbhanSkhcekp7YNDMzq7X7q7tJE1sw+sVzT7PM8/MM5/5zI/9EVkT4H/WpVNp308nl069dqdqb9xbWNm4t3CjV08ymaSVtLtFiptJ8UFyMd0p/1fNbIYrRm3nl8vnL3/48cZH3VY7m+NVL53RAbb3shfrzZTZJGNN+Ri2jPfGo403uVkt+pmpEnaylzjYb+NJyi1+eHyzZ5hybKAx8noHDo+i+745oHv9zyRHkkz13tDWu52tpx/hrh7qXrT+5OIAAACAA+Pog7vJnUzvdxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwmDTP/y+aqdWrz6boPf9/YuAZ+xP7HO5oO0c21avcbz2NYAAAAAAAAADgyfrCg/zmcllO99plUf+f/8t141j9+kzezu0sZTWncyeLWctaVjOfZGZgoIk7i2trq/O9NT8ty3LEmmeHrnl2jwF3Po+9BgAAAAAAAID/Ghea8ie5lOl9jgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALYokrFuUU/HevWZtNpJppJMVMutJ3/r1Q+z+/sdAAAAADwFRx/kQe5kutcui/o7//H6e/9U3s7NrGU5a1nJUq7UvwV0v/W3Nu4trGzcW7hRTZ8d95v/2qz/fnrXMOoR0/3tYfiWT9RLdHI1y/Wc03kjb2UlV9Kq16yc6MUzPK73qpiKC11lubcEXWnKas9/0ZQHw0ydkfF+Ruaa2KpsPLtzJgaPziNsaT6t/i8/xx4i5xd23Erx794xOdKbkzzz3d1zPv5QO/NYtmfi7MDZd3znTCRf+sNvf3Bt5eb1a8X6qYNzGj2EyX9sXjXbM7EwkIkX95yJq7cPZya2a+WFfv1SvpPv51Rm83pWs5wfZTFrWcpsvl3XFpvzuXqd2TlTF7e0Xt8tionmuIxti+mLR7vlTjG9XK87neV8L2/lSpbyav3vbObztZzLuZwfOMIv7BT3eveqbw256v84OviTX24qnSQ/b8qDocrrswN5HbznztR9g3NaKSe76z33ud0b+9r/31SqI/HTpjwY+pmYSv9dohfd870MjA/NxK/q28rtlZvXV68t3to2brE+fHuvZOvuH5wbSXW+PFcdrLq19eyo+p4f2jdf9x3r97W29/260+/b7UqdaD7DfXaks3Xfi0P7Fuq+EwN9m5+3Pi3LTurPWwAceEe+cmSi88/OXzvvd37WudZ5bepbk1+ffGki438Z/0Z7buyV1kvF7/J+fpzdv6EDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7uv3Ou9cXV1aWVrdVyrK8O6LriVTSTrbM+fOfBpapHy6VZO8DVktfbCX1nHaaysMFdvfRdue9R03C35tjstp7sN1TyfzjVKZGnj/bK5+UZXkwYt5LpWwclHj2o7JvtyTgKTmzduPWmdvvvPvV5RuLby69uXTz/Llz5+fOn3t14czV5ZWlue7rfkcJPAkDn8ABAAAAAAAAAACAQ2Jvf5xTPN7f9gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8hkun0r6fIvNzp+eq9sa9hZVq6tU3l/wkSStJMZsUHyQX050yMzBcMWo768nlDz/e+KjbajdTvXxrp/X2Zr2ZMptkrCmHmBo2s7w7aryiHufW6PH2qOjvYZWwk73EwX77TwAAAP//XKcWbA==")
chdir(&(0x7f0000000840)='./file1\x00')
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket(0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000340)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}}}, 0x9)

5.710418648s ago: executing program 0 (id=250):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x62)
listen(r3, 0x0)
r4 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000007c0)={0x10000001})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000004a00010000000000000000000a008000", @ANYRES32, @ANYBLOB="001c3a7f040000d4bd"], 0x30}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x3, 0x5, 0x9, 0x7, 0x1871, 0x1, 0x32d3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5}, 0x48)
r7 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES64=r1, @ANYBLOB="00000000000000002800128008000100677470001c00028008000100", @ANYRES8=0x0, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="7232b464", @ANYBLOB="922b9f283987ef5ec0bc853effe01509b05cdf8cfa141082403f0018ea099613875f938ca36e6da138ba263682b230c07ed7cf99e9273d17759b4b4586ed3f87dffdf9d2069e9a4e4f2a6b1fbbff022f0bc2c65fac8652b2a6766164a0d0500fda0d37976078bf00d0c437b044dbda5d3897f58480401e7e855574e334932c6ec963a62ca885dafbf087d0ca519d57316e1e4bfe75ff7bdaec6aaf7530eefc1256b6996bc5d7f0d9b56f43e0a96fd65f3ff2259b1725de23a595a6f1d0f0123f1cabb50402c1ad5f", @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYRES16=r1, @ANYRESOCT=r5], 0x50}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r9, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r11, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x890b, &(0x7f0000000100))

5.108950669s ago: executing program 1 (id=252):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000005640)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa87ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09002100000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf4ece4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c7f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f921860c6e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61fe2010000294800323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e824f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5cd628ab84875f2deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c49a0189da9173c62f0ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d8935a9c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e46d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a034b0dfb318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d39a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353026bdc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340103fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a87284164018ace6ce58a82c5de321452461089cdd69259f5390f5f508646a524490583c30630bedb47e158ad41c0a653e86a4f4f255cd2a6e95f33b586823aef5564d9de1f5bdd8c80e193f0597b8003860302cd243c00bc5a82c52afb115d16258d507937966bb89409d6d7346b652d0761d7c72875ae1efb9bc7c6807c2d783e31fd9cd7e84d3d50d8fc44ab8ac9ccd2c0d42e3bd4c029241320446bbf47e23d1320de30fbdf7ed13f80c28fb5c13fccc2e3f73509bdcddad8a2fe48cdd61f2f43611704af64eed8b0cbbd08754f93b8f3d6347aad5cde1ccc5cbd5eaa87e52cea257c856a4af5243eeb5e89f0000000000000000f420df5e4c6d856b3d55e455c08110b2ef4255a38f81555e8e1f22d59c0bc3c9013e66a1f5bda1b695e1602c0afb5c35b2f68f3b151b1e869f40ff4d1bef5e926e1ff95f6321131e4cb797f53455a093a95e67605222d6acc29c46e5db1ef3b8b07e2169fb24ced4b3ae87ebeca06df93212e465bbd1a7e41df2e1a0d508f86cfc7a469ac682685c44692877d03c34c23a65d2677acc73b5d276fdebd685c9b7a079eae228d8426188cb19b083548f5f29e493ab079f33d1965dcbb165015c46998ad410d60cc65fcfa73bd65a43fc024455c4bf530d663976cf71490577251780ab6b1cf8d397444b5be575229f687a3d95ea6b2aa62fce8acb3d4a6a130b4fefa55d0c1d6f3fa448ee24e588e2965c9a442f0baf90923dda91a6850fb3b9c7f432b63001423fedcf053fa28024cc9a178a07042dabc07176fc524032c2edb340c9c18a83565c431aeb0c869683507255254430f90f61e4eca9c8fa98c000b35fec357ee1ebd08439bd95c1ab0753dfd2603d1608bd8c589a1e160000a6ee0ad13346e08738c2d7b00b5d121d918f1dc8bceded939fa8605b54b37cdfcea0bf2bc63e655dc04a2e50212ff89d6587d49896ce18916cf3adc12839c345ca91bb232b891fae2fdd68aaa38281c0feb2c107af3e080d6cdd1c6646ec6804d7e9960c02aa0db9eda24bbcb287fd2a890fa7f9d6ae0c0b1f8dd1603c9ea2f66b572276f96a28b5b6dd9f9bf6ad4bdaa2139b90faf1f40b0f141258578bd825daaaf718d21b7ac05fe5d1b699e5422ca341fe1c944f68fe3a6d783dcf30b0e09d7688f696883b61cb64464b04d351a0a69b0733c348049b0430ed40e200f4050000000000000000000000996bcc1b721b152c892fab887e7d20466d90c049c0fdf51dcc16d226a2619c6f47bc25b7f5df5c09fed638922ed127ab36aa7b0c58a2ce5894b1b0f5375d340d96b69b966b05daaf585121a9c7605ed8e9964eef1f14b74cbb2ccdadc6d0b77cf0492b75e1cd11bfdcfddde91b20366715ba0cbe1041be2a65c25d7ca15ef8b71bd2ab9a4294899a1964b0152518fc2ac15a728bcb9e2bc4b551dfdf9011a2a607bc39ad2c4d7c64dcf967724e9b63c397d5265ad3f1da4395a5a800d8845257dcbf210d4f00fe0bd3deed05e506736e6bb6d40ee6cb960bcdb33633ee87f82beb665a9a4c2d4d2b06479ade3a4cd6bba765c9f52b52a0bdd0849ab92baae3775570accb5a57ee9f0035fc6d3df4eebec2e7eb4ff863d3979a2002e5f2f7f4428ddca471037b49d4fd130743a97faa02c293b721e52bf53d64c6585e138162331ef98792e1e9b21a6a084fb7b42c64062ef1323a8a65a8ed6038f274f28ff4f78123a1ef108efbe8c4f4e347d50dcdbc33bf3ade4c3a39d316061930d7dd39b8acdecc3f27830e3eda40e648328d95a9aee65a9dd09fd4e96d5b852025dc53ec3f30cc753e6a796084b4e34f521dbb230ae0f3b79142073d437e1fd22d3b7503ffa95b1d5c7740b0ecbfd35dc0f8af895583dfcc2689f6e02c2dd4b57f3dcac54f40da013eb221fa3d65de760576031052c25a96ed4b20230b36d46d3d3fd6bb1d77cc8a48a6b10fa0149e55ccde4a2b26cca2d1ca9191c74ab006a602543fc24d1283e353cfb917620000000024bf3eed258c02a591ec4cd295212d9a98d38745f6f6c4537b2ccc5f9602da15f184f239098bf32551c7cf454e2faa2b9e17965b71104f8e311e1e936ce0cf783eb978fcd56f225f782d00e7008c664e34a3cc563e5fc4fa6aeced4bf805f71fc74472c0386aee070339af9fee8b32efad7fd0a0c7b3045d74bcb568a888fc9aa4599b71adad2135acbb600000fd2fd1755764ebfdf13f8633fe6358c8e05a792f0b9f133687041254cdf6cadeadcaa557de5fd2d3da5a75168fc36847cfa9b7c1a51f05bdb9bd36e9b17a75000000000000000000060000000000000074f3f5c25cb1d0"], &(0x7f0000000100)='GPL\x00'}, 0x90)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x7}}, {{@in=@remote, 0x0, 0x6c}, 0x0, @in6=@dev}}, 0xe8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000000)=0x4547, 0x4)
bind$inet(r3, 0x0, 0x0)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x1, 0x1}, 0x48)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000004000001d85"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mlock2(&(0x7f00009b5000/0x4000)=nil, 0x4000, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r5}, 0x10)
sendmmsg$inet6(r4, &(0x7f0000001500)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000000c0)="a6c6c34238f4595563a175ec970bf439024f8ec2dd49af842ad6830044218ebde605b5112fb292cf5d480002739aed74e8bacf37c73b5cdff62e63d3205c2d63c2ae686256cacda6fccf602641752997b84b75cdfd8d156c5fa9fa3f9338f13e0bb9af65d1e645a7f7553972ac", 0x6d}], 0x1}}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/108, 0x6c}, {0x0, 0x2}], 0x2}}], 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'vcan0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x7, 0x3, &(0x7f0000001300)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x6, 0x13, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000da00000049d7b58d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000001800000000000000000000004d00000085100000020000008300080010000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000008c0)={0x4, 0x3, 0x5, 0x2}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000900)=[{0x2, 0x3, 0x0, 0xb}, {}, {0x4, 0x1}], 0x10, 0x80}, 0x90)
syz_open_procfs(0x0, 0x0)

4.802783905s ago: executing program 0 (id=253):
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x1, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@generic={&(0x7f0000000080)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0x53, 0x92, &(0x7f0000000180)="888c6e59fe492e21545c45ab4c546b49458e0233fb5867f3a3ae86b012b47f2914d815f4dd0bdbf5b41c4d8edb96e1753df731cd5b60fa2ecfc831154057009068cc62b0707a6f8b40a71c021806f57c6a4777", &(0x7f0000000200)=""/146, 0x1f, 0x0, 0xd, 0x38, &(0x7f00000002c0)="0f50ba7d7785106d9f48e1e510", &(0x7f0000000300)="7ddf022cbca39007d419f72b85113c9226b26e7c92e4c99b0ea6bff66edfbe5c1bf756d471f4793b401a93abe8fc8c74f2dc4582161a854f", 0x3, 0x0, 0xfd}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x3, &(0x7f00000004c0)=[{0x15, 0x0, 0x0, 0x1}, {0x15}, {0x6}]})
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140))
ftruncate(r2, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0010}]})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x4, 0xd6, 0x5, 0xa}, {0x3, 0x2, 0x0, 0x8}, {0x1, 0x1, 0x6, 0x2}, {0x5, 0x2f, 0x1f}, {0x4, 0x0, 0x3, 0x3}, {0x4, 0x6, 0x9, 0x3ff}, {0x6, 0x0, 0x2b, 0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)={<r4=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f0000000100)={r4, 0x2, 0x1})
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/arp\x00')
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/fib_trie\x00')
r7 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
fcntl$setstatus(r7, 0x4, 0x2000)
read$nci(r6, &(0x7f0000000140)=""/127, 0x7f)
read$nci(r5, &(0x7f0000001480)=""/4132, 0x1024)
preadv(r5, &(0x7f0000000400)=[{&(0x7f00000000c0)=""/44, 0x2c}], 0x1, 0x36, 0x0)
socket(0x15, 0x5, 0x0)
epoll_create1(0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000080), 0xc)
read(0xffffffffffffffff, &(0x7f0000000180)=""/40, 0x28)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000400), 0x4)
r8 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0x60002014})

3.667867611s ago: executing program 3 (id=257):
socket$inet(0x2, 0x1, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6(0xa, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040))
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000500)={{{@in6=@mcast2, @in=@multicast2}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = io_uring_setup(0x77f, &(0x7f0000000340)={0x0, 0x198d})
r3 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
read$hiddev(r3, &(0x7f0000000740)=""/43, 0x2b)
close_range(r2, 0xffffffffffffffff, 0x0)
bind$bt_hci(r0, &(0x7f0000000080), 0x6)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000540)={<r5=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r4, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r5}}, 0x10)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0, r5}}, 0x20)
r6 = syz_io_uring_setup(0x95, &(0x7f0000000140), &(0x7f0000000300)=<r7=>0x0, &(0x7f0000000100)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000004c0)=@IORING_OP_FILES_UPDATE={0x14, 0x40, 0x0, 0x0, 0x0, &(0x7f0000000640)=[0xffffffffffffffff], 0x1})
io_uring_enter(r6, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000140))
r9 = socket$kcm(0x2, 0x0, 0x84)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$inet(r9, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x0)

3.352036577s ago: executing program 3 (id=258):
socket$inet6(0xa, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x0, 0x0)
ioctl$BLKDISCARD(r1, 0x1265, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@bloom_filter={0x1e, 0x84, 0x1000, 0x200, 0x1a80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x1, 0x7}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000200)=ANY=[@ANYRESDEC=r1, @ANYBLOB="4dca8e0cebfe21f61b36b7681bf16b39537db2987a21553613f95b11c3e639e4139928475e4b12840e72a4f2119bcee3d8d17651127cc7861f3ff9b4884b900a55bfc7dec0cde32617037fc552578e2ce1470b93adf94b689a84dfaec52c8fbd9274280f3fa76a2ab0110674429da0b47073040cdc8b61e8cf9c98f24cf8ff67a252e23c5393ecf36ca000e1949f122bd6fe869fb9fc05f801f3", @ANYBLOB="0000000000000000b7020000030022d6850000008600000095"], &(0x7f0000000040)='syzkaller\x00', 0x4000007f, 0x0, 0x0, 0x0, 0x5d, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0xf4f}, 0x90)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000580)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f5014d564b"])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r10, 0xae60)
ioctl$KVM_CREATE_PIT2(r5, 0x4040ae77, &(0x7f0000000380)={0x4})
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r10, 0x8048ae66, &(0x7f0000000300)={[{}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000580)=[@text16={0x10, &(0x7f0000000780)="6766c744240066000000f30f01f96766c744240600000000670f011c24ba2100ecba6100ec66b8684b258a66efbafc0c66b87400000066ef0f01d6660f0d9e0a0065660fe460700f0017baf80c66b8ce395c8a66efbafc0cec0f32", 0x5b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r11, 0xae80, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)

3.331191249s ago: executing program 0 (id=259):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x24, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
ioperm(0x0, 0xa, 0x3f)
wait4(0x0, 0x0, 0x80000002, &(0x7f0000000340))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$key(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x40040)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x4, &(0x7f0000000100)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x56}]}, &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{}, 0x0, &(0x7f0000000640)=r5}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000006c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r5}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000800))
r6 = syz_open_procfs(0x0, &(0x7f0000000280)='net/ip6_flowlabel\x00')
read$char_usb(r6, &(0x7f0000000140)=""/189, 0xfffffecd)
read$msr(r6, &(0x7f0000000080)=""/25, 0x19)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x10}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0)
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r8, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_IFINDEX={0x8}]}, 0x2c}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r6, 0x80489439, &(0x7f00000002c0))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x194, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0xb}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @algo_auth_trunc={0x5c, 0x14, {{'cmac(aes)\x00'}, 0xfffffffffffffce3, 0x0, "0a55b0ca9cce75f5c91c906cf8542b42"}}]}, 0x194}}, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)=0x14)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

3.118762697s ago: executing program 3 (id=260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
signalfd(0xffffffffffffffff, &(0x7f0000000440), 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="59c8901b50d942b7b1f35c0acae335373ac38c26d2840dc4c236a1375e41cccef35ccd50ccdb0a00182bfb25de421a17608b7c182ebfa2f7c4f34f49175fa5bf6cb4ac9bd0db98de7b0084361d1b362094b3a47b2e219c203139847657a5b9f0ab0c8b313c83634bfbb8587ecd7343c0058f4a9230358b9a2fea044ea55dba4eeec7e1e2b51d96c4c903d04f4bf2db0df87e1846456fd3343d", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095", @ANYRES64=r3, @ANYRESHEX=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000380), &(0x7f00000003c0)=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES32], &(0x7f0000000240)='GPL\x00', 0x80000001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
r7 = gettid()
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x0, &(0x7f0000000540)=0x3e4b, 0x4)
bind$inet(r9, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r9, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r9, r8, 0x0, 0x20000023893)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)

2.863864508s ago: executing program 1 (id=261):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10)
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x62)
listen(r3, 0x0)
r4 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000007c0)={0x10000001})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000004a00010000000000000000000a008000", @ANYRES32, @ANYBLOB="001c3a7f040000d4bd"], 0x30}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x3, 0x5, 0x9, 0x7, 0x1871, 0x1, 0x32d3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x5}, 0x48)
r7 = socket$netlink(0x10, 0x3, 0x6)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000940)=ANY=[@ANYRESDEC=r2, @ANYRES64=r1, @ANYBLOB="00000000000000002800128008000100677470001c00028008000100", @ANYRES8=0x0, @ANYRESOCT, @ANYRESDEC, @ANYBLOB="7232b464", @ANYBLOB="922b9f283987ef5ec0bc853effe01509b05cdf8cfa141082403f0018ea099613875f938ca36e6da138ba263682b230c07ed7cf99e9273d17759b4b4586ed3f87dffdf9d2069e9a4e4f2a6b1fbbff022f0bc2c65fac8652b2a6766164a0d0500fda0d37976078bf00d0c437b044dbda5d3897f58480401e7e855574e334932c6ec963a62ca885dafbf087d0ca519d57316e1e4bfe75ff7bdaec6aaf7530eefc1256b6996bc5d7f0d9b56f43e0a96fd65f3ff2259b1725de23a595a6f1d0f0123f1cabb50402c1ad5f", @ANYBLOB='\b\x00\n\x00', @ANYRES32=r4, @ANYRES16=r1, @ANYRESOCT=r5], 0x50}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_FRAME(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="98030000", @ANYRES16=r9, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r11, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
sendmsg$inet(r1, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x20000010)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x890b, &(0x7f0000000100))

2.090132634s ago: executing program 3 (id=262):
r0 = inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x14000200)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
inotify_rm_watch(r1, r0)
sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x7, 0x100)
signalfd4(r1, &(0x7f0000000080)={[0x8da]}, 0x8, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1000080, &(0x7f0000000500), 0x1, 0x47a, &(0x7f0000000900)="$eJzs3M9vFFUcAPDvTH8gP1sVURC0ikbij5YWVA5eNJp40MRED3isbUFkoYbWRAiRagweDYl349HEv8CbF6MejIk3o4lHQ0KUmICe1swv2C67pZRtF9nPJxn2vZm3+953Z97M23lMA+hZI9k/ScSmiPg1IoaK7OICI8XL5Yunp/65eHoqiXr99T+TvNyli6enqqLV+zaWmT1pRPpxUlay2NzJU0cna7WZE2V+bL5+Zmzu5KmnjhybPDxzeOb4xIED+/eNP/vMxNMdiTOL69KOD2Z3bn/5zXOvTh0899b3X2Xt3bar2N4YR6eMZIH/Vc81b3u005V12eaGdNLfxYZwQ/oiIttdA3n/H4q+uLrzhuKlj7raOGBVZdemde03L9SB21gS3W4B0B3VhT77/VstazT0uCVceD5i6pci/svlUmzpj7QsM7CK9Y9ExMGFfz/Pllil+xAAAI3ysc2TrcZ/aWzLX4tZnS3lHMpwRNwZEXdFxN0RsTUi7onIy94bEfcVb64PLbP+5qmha8c/6fmbCvA6svHfc+XcVrUsFPWW1cdwX5nbnMc/kBw6UpvZW34ne2JgXZYfX6KOb178+dPmdevL18bxX7Zk9VdjwdL5/qYbdNOT85OdGpRe+DBiR//i+IstyZWZgOwI2B4RO27so7dUiSOPf7mzXaFlxN9eB+aZ6l9EPFbs/4Voir+S5POTx95tMz85dkfUZvaOVUfFtX746exr7eq/qfg7INv/GxYf/00lhv5OivnagajVZk7M3XgdZ3/7pO1vmuvHn7Y8/geTN/I56x/fLta9Pzk/f2I8YjB5Jc8PRsP6iavvrfJV+Sz+PbtbHf9pfo6Lcv/fHxHZQbwrIh6IiAfLtj8UEQ9HxO4l4v/uhUfeWXn8qyuLfzpa9//ScNI4Xz938lT13V5ds3Si7+i3Xydt6l/e/t8fC/m5tpCf/65jOe1a2dEMAAAA/z9pRGyKJB29kk7T0dHi//BvjQ1pbXZu/olDs+8dny6eERiOgbS60zXUcD90PFkoP7HIT5T3iqvt+8r7xp/1rc/zo1Oztekuxw69bmOb/p/5o6/brQNWnee1oHc19/+0S+0A1p7rP/SuFv1/fTfaAaw913/oXa36/5mmvLkAuD1d2/9/b/En6yqDq90cYA0Z/0Pv0v+hd+n/0JMWPRJ/fPNyH5uX6PlEpLdEMyRWmsgu+0uU6faZCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+CwAA//9RG/CH")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000440), 0x4)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r5, 0x6611)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x80803, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@multicast1, @in, 0x0, 0x0, 0x4e23, 0x1, 0xa}, {}, {0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in6=@private1, 0x0, 0x33}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r7, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
connect$inet6(r6, &(0x7f00000000c0), 0x1c)
syz_genetlink_get_family_id$mptcp(&(0x7f00000007c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r8, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000240), 0x78}}, 0x0)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r10 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r10, &(0x7f0000fa0fe4)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
setsockopt$inet_buf(r9, 0x0, 0x8008000000010, &(0x7f00000000c0)="170000000200010000ffbe8c5ee17688a2003c000201000a000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568302ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b63a6323ded2231454668492f9c681a6a9fc", 0xb8)
syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="9b43a409aa81aaaaaa06df3b6371164ce6f1181caaaa0008004500001c000400000001907800000000ff"], 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=@newtfilter={0x5c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x2c, 0x2, [@TCA_BASIC_EMATCHES={0x28, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x100}}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0x0, 0x1, 0x9}}}]}]}]}}]}, 0x5c}}, 0x4000000)

2.048419237s ago: executing program 0 (id=263):
socket$netlink(0x10, 0x3, 0x0)
dup(0xffffffffffffffff)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000200)="9e36d448b36e48d276c1a0fce104", 0x0, 0x7fffffff, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500fc2fd91b000000000071103a0000000000660000000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000100), 0x10)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x4b63, &(0x7f0000000180)=0x4)
ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, &(0x7f0000000000)={{0x0, 0x9}, {0x2b92, 0x66b}, 0xd3})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
sendmmsg$inet6(r1, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044051)
mount$9p_fd(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000380), 0x0, &(0x7f0000000ec0)=ANY=[@ANYBLOB="fda65300a4906e5add977472616e733d31642c7266646e6f3d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000e00)={0x18, 0xa, &(0x7f0000000c00)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x7}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}, @map_idx_val={0x18, 0x8, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7b800000}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000040)='GPL\x00', 0x800, 0x73, &(0x7f0000000c80)=""/115, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000d00)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000d40)={0x5, 0xc, 0x101, 0x71c747d4}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000d80)=[{0x2, 0x3, 0x5, 0x6}, {0x0, 0x3, 0x9}, {0x0, 0x0, 0x1, 0x1}, {0x5, 0x4, 0x2, 0x2}, {0x2, 0x5, 0x3, 0x4}, {0x0, 0x3, 0xf, 0x1}, {0x5, 0x3, 0x4, 0x3}], 0x10, 0xff}, 0x90)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000180), 0x4)
sendto$inet6(r2, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
poll(0x0, 0x0, 0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
shutdown(r2, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001c80)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, <r3=>0x0}})
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000000640)={r3, 0x0, 0x0, [0x0, 0x0, 0x0, 0x400, 0x1], [0x101, 0xab, 0x0, 0x7, 0x100000000, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x9, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xaad, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xa0, 0x1000000000, 0x5, 0x5, 0x3, 0x0, 0x100000000, 0x0, 0x0, 0x402, 0x1, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0xfffe, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xb062, 0x0, 0x0, 0x0, 0x10]})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000002000010000000000000000000a00000000000000000000140003006c6f00"/47], 0x30}}, 0x0)
recvmsg(r4, &(0x7f0000000bc0)={&(0x7f0000000a80)=@xdp, 0x80, &(0x7f0000000b00)=[{&(0x7f0000002080)=""/4096, 0x1000}], 0x1, &(0x7f0000000b40)=""/110, 0x6e}, 0x0)

1.019356624s ago: executing program 3 (id=264):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r7, 0x4b31, &(0x7f0000000580))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)}, 0x20)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet6_tcp_int(r8, 0x6, 0x6, &(0x7f0000000040)=0x20000006, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r8, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r8, &(0x7f00000014c0)={0xa, 0x0, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x4000300)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)

645.768126ms ago: executing program 1 (id=265):
r0 = socket$netlink(0x10, 0x3, 0xf)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x24000041}, 0x4000004)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010000000000000000028000000000000a9200c84db28db80e2c4d17a16390d6ad27e04aeab77f20a218474fb7f732b07c4b19d474332e76f9f6c9c78eabf0fea75c03114fa6ebbb0b89b1c386e6d163b1dd607b0e6382b3c4644cd71936bd5924d3da5db3c6cc42706104140cc27c925a4a3ad6982342b9245804084cd167677b886fc3e4a7e6a2ccfd18911d566b2c6f247db6a7c4577ce46109c493041e630e2c0bb8d66e7acc95c746de97cffdf995213eec91f0d3cf8388908598c7304869f0e486e1ed7221ce681436060cc67a6f1d1d36b78", @ANYRES32=r2, @ANYBLOB="0000001cbb6783b3000100626f6e640000000000b6cd5e401bdb44f343a4565531e8c6bbf6c5003bf6060d535c5ab50f3325a290078730dedd6554ad3c7ab940d3b7a967fa3050d3844e8848aa69b45933115e75dcf40889025b31ddf1157a3fb57ed85e202ae983eab3498844e1a25e384cc7990859472f10686fde4265b33c003be3e51e1f74493a6feaf684ec4376e4fa16dcde4f4612e9a1739a0c87b5f198ce8872ac159cfc5a213dffefda85e4961ea6abd13bb6668fedc4f4baa68da5a6bdb8d0390033aa048e199cca4f996be511b8dcc58bd783e92a168eaa9e258996ca2618f6b660961cadd275cdf781b4ed1342ccc354c7219720d11c2d5982f7c7138be385fcbce7205a297659abbd867b5051e4326753ebb186678d3c944382f0f06753649e8b437ca8b1422dec8fd626000a14ad44a3208c6fc57a07611c742abad4e036a06a0caceb897723"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="3c00000010001fff0000000000000000000034466f847ff95def0000b90bd7de8e88b15f86101f0bc9f695efd7d2e5597d01c618aa003988aa3b4927b8f4a053a4dc074ea52249c8ce1abcf300889e93a154569c1cf33510fcf7f1cf4ed02ced58fca1e6ca782ac36c35302a603d0c6702b1ff2c32f8f64f4dc5be3dfcdb2f779c27f2f13fbf6b12910cf433305d835feb9b677f6d070c78fe18", @ANYRES32=0x0, @ANYBLOB="00000000800000fd130012c00b00c04ca168b5726950676500002600028008000a00", @ANYRES32=r2], 0x3c}}, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
socket(0x1, 0x803, 0x0)
r5 = socket(0x18, 0x0, 0x0)
close(r5)
r6 = socket$can_j1939(0x1d, 0x2, 0x7)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r8=>0x0})
bind$can_j1939(r6, &(0x7f0000000340)={0x1d, r8}, 0x18)
connect$can_j1939(r5, &(0x7f00000000c0)={0x1d, r8}, 0x18)
sendmmsg$alg(r5, &(0x7f00000000c0), 0x4924924924924d8, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000080), 0xffffffffffffffff)
r9 = socket(0x11, 0x800000003, 0x0)
r10 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=@bridge_delneigh={0x40, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r11, 0x80}, [@NDA_LLADDR={0xa, 0x2, @remote}, @NDA_VLAN={0x6}, @NDA_IFINDEX={0x8, 0x8, r4}, @NDA_VLAN={0x6}]}, 0x40}, 0x1, 0xf000}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r13 = socket(0x1d, 0x0, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRESHEX=r12, @ANYRESOCT=r10, @ANYRES16=r9, @ANYRESHEX=r10, @ANYRESDEC, @ANYRES16=r13, @ANYRESHEX=r2], 0x88}}, 0x0)
r14 = socket$nl_route(0x10, 0x3, 0x0)
r15 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r14, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="2000000011000d04000000000000000110000000", @ANYRES32=r16, @ANYBLOB="6fe35f2ac6eb07730dea573f779104947706edae05425e87753eef413500fd5aefc4d8d50b8f6a28d6227428be934e7faba01b33794765dd4af2"], 0x20}}, 0x0)

86.687773ms ago: executing program 0 (id=266):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000740)=0x7)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000700)={0x8, 0xe0, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1b, 0x10, &(0x7f00000006c0)=ANY=[@ANYRES16, @ANYRES8=0x0, @ANYRESDEC=r1, @ANYRESDEC=r0], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000000)={@remote, @multicast1, 0x0, "d30f388c52647612d91de4353d68b0fa00", 0x0, 0x2}, 0x3c)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000280)={@multicast2, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500"}, 0x3c)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000fff000/0x1000)=nil)
setsockopt$MRT_ADD_MFC(r2, 0x0, 0xcc, &(0x7f0000000200)={@empty, @private, 0x0, "606b177019716ea6ac38f5bd6e0630e369c7b35d21ff1f4d7ed79c31e2b0f1da"}, 0x3c)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r3, 0x0, 0xcc, &(0x7f0000000180)={@private, @multicast2, 0x0, "941621a61c5815f4678d8fd4a8e14b0447113c694d1fd55708018620fd419884"}, 0x3c)
setsockopt$MRT_FLUSH(r2, 0x0, 0xd4, &(0x7f0000000140)=0x7, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280))
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r4, 0x40405515, 0x0)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f3, &(0x7f0000000040)={'sit0\x00', 0x0})
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000780), 0x3, 0x47b, &(0x7f00000007c0)="$eJzs28tvFVUYAPBvpg+sgK3EFw9jFY34amlBZOFCjSYuMDHRBSZualsIUqihNRHSaDEGFy4MiSs3xqWJf4Er3RhwZeJW94aEmG5AVmPm3jvtvZfb0lvvA+jvl0w5Z2boOd/MnHvPoxPApjWc/0gitkXEnxExWM7WnjBc/uf60sLkv0sLk0lk2Tv/JKXzri0tTBanFv9va5HpjUi/SGJ3g3Lnzp47OTEzM32mkh+dP/XR6NzZcy+cODVxfPr49Onxw4cPHhh76dD4iy2JM4/r2q5PZ/fsfPO9i29NHr34weUfkyL+ujhaZHitg09lWYuL667tVemkt4sVoSk95WYafaX2Pxg9sXLzBuONz7taOaCtsizLHlr98GIG3MWS6HYNgO4ovujz8W+xdajrcVu4+mp5AHRtKZ28vrRQ2spHeiOtnNNXN75tpeGIOLp447t8i/bMQwAA1Pg57/8836j/l0b1vNB9lTWUoYi4PyJ2RMShiHggIh6MKJ37cEQ80mT59YskN/d/0ivVuSxpsoBbyPt/L1fWtmr7f0XvL4Z6Krntpfj7kmMnZqb3V67JvujbkufH1ijjl9f/+Lo6f74qXd3/y7e8/KIvWKnHld4ttb9vamJ+4v/GXbh6PmJXb138R6K0gFesBOSXfGdE7NpgGSee/WHPasfK8WeDq8e/hhasM2XfRzxdvv+LUXP/Vx60ZO31ydF7YmZ6/2jxVNzst98vvL1a+be+/+2V3/97Gz7/y/EPJdXrtXPN/PZvn8l/Xvjry1XHNBt9/vuTd0vp/sq+Tybm58+MRfQnR8qVLvbXlVc6b3zl/Dz+fXsbt/8dsXIldkdE/hA/Gl9den8k4rFK3R+PiCciYu8aV+HSa09+uPH42yuPf6qp+7+S6I/6PY0TPSd//SkibixPOQw1E39+/w+WUvsqe9bz+beeejX7NAMAAMCdKo2IbZGkI8vpNB0ZWZ78TGdm5+afOzb78emp8jsCQ9GXFjNdg1XzoWMD5WF9kR+P2vyByrzxNz0DpfzI5OzMVJdjh81ua+P2X/J3T7drB7TdetbRLnegHkDneV8TNq/1t/8kWvz3V0CX+f6HzatB+x/oRj2Azmv0/f9ZF+oBdF5d+69d9jPgh7ua8T9sXhtp/z4z4O6wZlvu71w9gI6aG4hbvyR/9lwsrutN/zs58Up0oKzzt0OkrUlEeltUQ6JNiW5/MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTGfwEAAP//H/zwGw==")

0s ago: executing program 3 (id=267):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000), 0xe)
listen(r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f00000000c0)={0x5, {{0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x3e}}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000c80)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000244000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000003000000020000007f000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ec000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000239fa45a2ca89de928f81768411d2fd3a2d49fe699aebb1eeebb4e52ee44426cc80bbac3afc38ef5bcac8eddb", @ANYRESDEC=r1], 0x210)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/softnet_stat\x00')
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="000b24167e43cd3488730127602c048db0810920ecd552e7b349457d3b0f1100bff9117e57d0f2d8000200000000"], 0x0, 0x62c, &(0x7f0000000640)="$eJzs3U1vXFcdB+DfHY+dOEip2yZpQUVYyQLUiMQvrfECiYAQ8iJCldh0w8JKnMbKxK1sF7kVog6vW74BZeGuWSGEWEQqa76CURcskNhbbIzunTv2OHbG48TJTOjzSMfn3Dkv95y/7pyZuSNrAnxpLbyb0YcpsnD15kZ5vL0129remr3fKSc5k6SRNNtZipWk+Dy5kXbKV8sH6+GKx51n/MBRs05V+0avfv3ZrFMmk4zU+WmNd+uY8R4cO1yxt8IyYFc6gYNB2z1k8yTdn/J5CwyDov26echEci7J2fp9QE60Owyx/5d1AAAAQC8v7WQnGzk/6HkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAi6T+/f+iTo1OeTJF5/f/x+rHUpdfaA8HPQEAAAAAAAAAOAXf2MlONnK+c7xbVN/5X64OLlR/v5IPs5alrOZaNrKY9axnNdNJJroGGttYXF9fne6j58yRPWeez3oBAAAAAAAAYJjt7vao+6Rn119mYf/7fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAZFMtLOqnShU55Io5nkbJKxst1m8rdO+UX2cNATAAAAgOfgpZ3sZCPnO8e7RfWZ/1L1uf9sPsxK1rOc9bSylNvVvYD2p/7G9tZsa3tr9n6ZDo/7/f+caBrViGnfezj6zFNVi//u9VjIj/KTXM1k3slqlvOzLGY9S5nMD6vSYopM1HcvJjrzPHq+Nw4cvXPcXF+vZjKeO1mu5nYtt/J+WrmdRrWGqk3vMz4oo1N8r9ZnjG7Xebmi39f5cJioIjK6F5GpOvZlNF7uHYke18nu7u7ucWeaTmPvHtSFcvRm+o35X/7Zx8rO1XkZ698Odcxnuq6+S71jnlz+4ut/vttauXf3ztrV4VnSE3o0ErNdkXjtSxWJsToa7V20kYt7NcfvlpervueznB/n/dzOUkYyn7cz0+yMMdcV14t97G+Nk+1vV75VF8aT/K7O03xs+0/6DsvJvXHwsIzry11x7d7pJqq67kf2o/TK6b8KNL9WF8pz/KrOh8OjkZjuisSrvSPxx2qjX2ut3Fu9u/hBz7Psr/ebdV4+bX/z5Hvz4ReZp1ZeL6/sXbwHr46y7tUj66arugt7dY1DdRf36g4+U99uP1PzVt7KVOYzV7W+dORIM1Xda0fWzVZ1r3fVVe9yRjrrKrrehQAwxM69eW5s/N/j/xj/dPzX43fHb579wZn5M2+MZfTvzb+O/KnxWeO7xZv5NL/Y//wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ubWPPr632GotrT5S6PzK0hFV+4UvHld1s9GjV6ew2UebYwujSU5jHIVnVigvoyGYxnAVhv+iHey+BDx719fvf3B97aOPv718f/G9pfeWVmZnp+dm5ufmZ+au31luLU21/w56msAzsP+iP+iZAAAAAAAAAAAAAP16Hv9OMOg1AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+2hXcz+jBFpqeuTZXH21uzrTJ1yvstm0kaSYqfJ8XnyY20Uya6hised56f/uE78/+a/uzB/ljNTvtGr3792axTJpOM1PlpjXfrqccr9lZYBuxKJ3AwaP8LAAD//8BVDEs=")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x2}, {0x35, 0x0, 0x0, 0xe12b}, {0x16}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={<r3=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000400)={r3})
io_submit(0x0, 0x1, &(0x7f0000002340)=[&(0x7f0000000040)={0x0, 0x300, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
r4 = memfd_create(&(0x7f0000000000)='\x107', 0x0)
write$binfmt_elf32(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4600000000000000000000000001003e0000000012000000003800000000000000a163000000000000000000000000007f8049e30c1e0440"], 0x58)
finit_module(r4, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
ftruncate(0xffffffffffffffff, 0xc17a)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r5, 0x3, r2, 0x5})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
socket(0x840000000002, 0x3, 0x100)

kernel console output (not intermixed with test programs):

   56.960935][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.977293][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.989084][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   57.002072][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.011751][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.019895][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.037340][ T3637] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.046883][ T3637] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.059094][ T3637] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.067970][ T3637] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.102097][ T3641] device veth0_macvtap entered promiscuous mode
[   57.123363][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   57.135614][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.145310][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   57.158569][ T3641] device veth1_macvtap entered promiscuous mode
[   57.169762][ T3636] device veth1_vlan entered promiscuous mode
[   57.218711][ T3635] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.230355][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   57.239474][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   57.248969][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   57.257472][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   57.266013][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   57.289709][ T3641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   57.300636][ T3641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   57.315582][ T3641] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.326288][ T3641] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   57.337072][ T3641] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   57.348367][ T3641] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.362439][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   57.371611][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.381059][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   57.389942][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   57.441431][ T3641] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.450685][ T3641] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.460949][ T3641] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.464304][ T2514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.475280][ T3641] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.477647][ T2514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.502245][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   57.512212][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   57.521439][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   57.530367][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   57.538963][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   57.554477][ T3647] 8021q: adding VLAN 0 to HW filter on device batadv0
[   57.589591][ T3636] device veth0_macvtap entered promiscuous mode
[   57.600466][ T3635] device veth0_vlan entered promiscuous mode
[   57.626381][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   57.640399][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   57.650777][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   57.665180][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   57.674085][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   57.682016][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   57.692342][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   57.702924][ T3636] device veth1_macvtap entered promiscuous mode
[   57.724229][ T2514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.738760][ T3635] device veth1_vlan entered promiscuous mode
[   57.748139][ T2514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.771750][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   57.790170][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   57.802094][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   57.818113][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   57.829858][ T3636] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.859878][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   57.868321][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   57.877202][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   57.885502][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   57.893244][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   57.903023][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   57.928716][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   57.953384][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   57.965832][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   57.976399][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.005408][ T3636] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.021518][ T3635] device veth0_macvtap entered promiscuous mode
[   58.050959][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.062035][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.078271][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   58.096844][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   58.112150][ T3636] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.122439][ T3636] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.131983][ T3636] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.142209][ T3636] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.153874][ T3645] Bluetooth: hci4: command tx timeout
[   58.154761][ T3652] Bluetooth: hci1: command tx timeout
[   58.159276][ T3645] Bluetooth: hci2: command tx timeout
[   58.170506][ T3652] Bluetooth: hci3: command tx timeout
[   58.170854][ T3638] Bluetooth: hci0: command tx timeout
[   58.188474][ T3635] device veth1_macvtap entered promiscuous mode
[   58.199388][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   58.210825][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   58.236185][ T2514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.245575][ T2514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.284961][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.310213][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.322563][ T3718] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   58.340901][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.352343][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.367610][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.376603][ T3720] binder: 3716:3720 ioctl c018620c 20000280 returned -22
[   58.379715][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.400936][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.412572][ T3635] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.448699][ T3720] loop0: detected capacity change from 0 to 2048
[   58.450165][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.465529][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.469744][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   58.489803][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   58.500527][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.506743][ T3720] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   58.514457][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.536279][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   58.561335][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.581318][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.591600][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.602197][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.613781][ T3635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.625090][ T3635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.637180][ T3635] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.657901][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.667525][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.676467][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   58.685372][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   58.694901][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   58.702716][   T40] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   58.725325][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.726837][ T3635] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.733315][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.750419][ T3635] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.759805][ T3635] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.771957][ T3635] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.789670][ T3647] device veth0_vlan entered promiscuous mode
[   58.801279][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.834678][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.857148][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.876529][ T3647] device veth1_vlan entered promiscuous mode
[   58.900105][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   58.911723][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   58.971675][ T3647] device veth0_macvtap entered promiscuous mode
[   58.973895][   T27] audit: type=1326 audit(1724972016.334:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3725 comm="syz.3.4" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[   58.980243][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   59.010088][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   59.018919][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   59.041761][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   59.058072][ T3647] device veth1_macvtap entered promiscuous mode
[   59.098370][   T27] audit: type=1326 audit(1724972016.464:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3716 comm="syz.0.1" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76dbd79ef9 code=0x7fc00000
[   59.119601][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.131534][ T2514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.142454][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.153353][ T2514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.154880][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.172768][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.185169][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.196525][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.206912][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   59.211245][ T3729] loop2: detected capacity change from 0 to 1024
[   59.217450][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.218940][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_0
[   59.257822][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   59.268203][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.282289][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   59.291625][ T2514] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   59.308894][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.334825][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.345425][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.356765][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.366769][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.378852][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.389082][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   59.401268][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   59.416793][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_1
[   59.422496][ T3637] EXT4-fs (loop0): unmounting filesystem.
[   59.438491][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   59.448822][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   59.470335][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.489964][ T3647] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   59.494942][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.508911][ T3647] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   59.519657][ T3647] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   59.528667][ T3647] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   59.540584][ T3733] loop0: detected capacity change from 0 to 1024
[   59.552241][ T3733] EXT4-fs (loop0): required journal recovery suppressed and not mounted read-only
[   59.554402][   T51] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.628779][ T3653] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   59.708098][ T2514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.726570][ T2514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.925950][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.933561][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.941995][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   60.884653][ T3740] trusted_key: encrypted_key: master key parameter 'ecryptf' is invalid
[   60.985671][ T3645] Bluetooth: hci3: command tx timeout
[   60.986072][ T3638] Bluetooth: hci1: command tx timeout
[   60.998225][ T3638] Bluetooth: hci4: command tx timeout
[   61.011468][ T3652] Bluetooth: hci2: command tx timeout
[   61.017197][ T3645] Bluetooth: hci0: command tx timeout
[   61.448892][    C1] eth0: bad gso: type: 1, size: 1408
[   61.465895][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.626126][    C1] eth0: bad gso: type: 1, size: 1408
[   61.691921][ T3739] hfsplus: b-tree write err: -5, ino 8
[   61.769054][ T3746] netlink: 60 bytes leftover after parsing attributes in process `syz.0.7'.
[   61.865869][ T3747] loop0: detected capacity change from 0 to 64
[   61.906563][ T3747] hfs: invalid catalog max_key_len 7
[   61.913050][ T3747] hfs: unable to open catalog tree
[   62.212095][ T3746] loop0: detected capacity change from 0 to 4096
[   62.252326][ T3746] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[   62.297995][ T3746] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[   62.306006][ T3746] ntfs3: loop0: ntfs_set_state r=3 failed, -22.
[   62.451151][   T11] ntfs3: loop0: ntfs3_write_inode r=3 failed, -22.
[   62.461002][ T3637] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[   62.469741][ T3637] ntfs3: loop0: ntfs_evict_inode r=3 failed, -22.
[   62.714691][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   63.101614][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.110219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.118905][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.127240][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.135563][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.143890][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.153031][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.162063][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.170515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.316472][ T3766] vivid-003: =================  START STATUS  =================
[   63.331924][ T3766] vivid-003: Radio HW Seek Mode: Bounded
[   63.338871][ T3766] vivid-003: Radio Programmable HW Seek: false
[   63.346137][ T3766] vivid-003: RDS Rx I/O Mode: Block I/O
[   63.393120][   T22] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   63.458129][ T3766] vivid-003: Generate RBDS Instead of RDS: false
[   63.469010][ T3766] vivid-003: RDS Reception: true
[   63.476977][ T3766] vivid-003: RDS Program Type: 0 inactive
[   63.646588][ T3766] vivid-003: RDS PS Name:  inactive
[   63.665586][ T3766] vivid-003: RDS Radio Text:  inactive
[   63.682563][ T3766] vivid-003: RDS Traffic Announcement: false inactive
[   63.700076][ T3766] vivid-003: RDS Traffic Program: false inactive
[   63.700179][ T3776] xt_recent: hitcount (262144) is larger than allowed maximum (255)
[   63.730421][ T3766] vivid-003: RDS Music: false inactive
[   63.743412][ T3780] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12'.
[   63.752557][ T3766] vivid-003: ==================  END STATUS  ==================
[   63.798305][ T3774] loop4: detected capacity change from 0 to 256
[   63.815119][   T22] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   63.853650][   T22] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   63.865368][ T3774] FAT-fs (loop4): Unrecognized mount option "" or missing value
[   64.005755][   T22] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   64.024888][ T3774] loop4: detected capacity change from 0 to 512
[   64.028808][   T22] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   64.071725][   T22] usb 3-1: SerialNumber: syz
[   64.114999][ T3754] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   64.149119][ T3774] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   64.374131][ T3638] Bluetooth: hci3: SCO packet for unknown connection handle 0
[   64.690991][ T3797] loop0: detected capacity change from 0 to 2048
[   64.845529][ T3797] UDF-fs: warning (device loop0): udf_fill_super: No partition found (2)
[   65.144716][ T3795] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[   65.193261][ T3647] EXT4-fs (loop4): unmounting filesystem.
[   65.440612][ T3805] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'.
[   65.457378][ T3805] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'.
[   65.480911][ T3809] cgroup: subsys name conflicts with all
[   65.511036][ T3806] netlink: 20 bytes leftover after parsing attributes in process `syz.4.17'.
[   65.531898][ T3810] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'.
[   65.639517][ T3806] netlink: 12 bytes leftover after parsing attributes in process `syz.4.17'.
[   65.654237][ T3814] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   65.691131][ T3810] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'.
[   65.734779][ T3810] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'.
[   65.787126][ T3805] netlink: 24 bytes leftover after parsing attributes in process `syz.1.19'.
[   66.998194][ T3826] __nla_validate_parse: 16 callbacks suppressed
[   66.998214][ T3826] netlink: 44246 bytes leftover after parsing attributes in process `syz.1.21'.
[   67.064336][   T22] cdc_ether: probe of 3-1:1.0 failed with error -71
[   67.114164][ T3828] loop4: detected capacity change from 0 to 256
[   67.123673][   T22] usb 3-1: USB disconnect, device number 2
[   67.190979][ T3828] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   67.265933][   T27] audit: type=1326 audit(67.244:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3829 comm="syz.0.23" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76dbd79ef9 code=0x0
[   67.363825][ T3832] loop2: detected capacity change from 0 to 1024
[   67.402048][ T3832] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (7780!=20869)
[   67.449936][ T3832] EXT4-fs (loop2): invalid journal inode
[   67.456464][ T3832] EXT4-fs (loop2): can't get journal size
[   67.467977][ T3832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   67.558472][ T3838] syz.4.22: attempt to access beyond end of device
[   67.558472][ T3838] loop4: rw=524288, sector=280, nr_sectors = 128 limit=256
[   67.594642][ T3838] syz.4.22: attempt to access beyond end of device
[   67.594642][ T3838] loop4: rw=524288, sector=408, nr_sectors = 256 limit=256
[   67.609002][ T3838] syz.4.22: attempt to access beyond end of device
[   67.609002][ T3838] loop4: rw=0, sector=280, nr_sectors = 8 limit=256
[   67.676453][   T27] audit: type=1800 audit(67.604:5): pid=3838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.22" name="file1" dev="loop4" ino=1048596 res=0 errno=0
[   67.895684][   T27] audit: type=1800 audit(67.674:6): pid=3841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.22" name="file1" dev="loop4" ino=1048596 res=0 errno=0
[   68.184081][ T3647] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005)
[   68.204243][ T3845] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   68.209055][ T3647] exFAT-fs (loop4): Filesystem has been set read-only
[   68.237035][ T3647] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000005)
[   68.326222][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24'.
[   70.820956][ T3857] loop1: detected capacity change from 0 to 512
[   70.827887][ T3857] ext4: Unknown parameter 'context'
[   71.647475][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[   71.665506][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[   71.768331][ T3653] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   71.787855][ T3853] loop1: detected capacity change from 0 to 512
[   71.794493][ T3853] journal_path: Lookup failure for './bus'
[   71.800397][ T3853] EXT4-fs: error: could not find journal device path
[   71.846358][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   71.871636][ T3647] syz-executor (3647) used greatest stack depth: 20088 bytes left
[   71.985070][    C1] eth0: bad gso: type: 1, size: 1408
[   72.384599][   T27] audit: type=1326 audit(72.364:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3862 comm="syz.1.30" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb76979ef9 code=0x0
[   72.411485][  T945] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   72.814814][  T945] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[   72.825958][  T945] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   72.837071][  T945] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   72.849221][  T945] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[   72.863729][  T945] usb 3-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00
[   72.886636][  T945] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.044341][  T945] usb 3-1: config 0 descriptor??
[   74.693613][    C0] sched: RT throttling activated
[   75.725600][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   75.735814][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   76.705131][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   76.712664][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   76.720458][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   77.019487][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   77.022714][  T152] cfg80211: failed to load regulatory.db
[   77.027267][  T945] thrustmaster 0003:044F:B653.0001: unknown main item tag 0x0
[   77.175655][  T945] thrustmaster 0003:044F:B653.0001: hidraw0: USB HID v0.00 Device [HID 044f:b653] on usb-dummy_hcd.2-1/input0
[   77.188273][  T945] thrustmaster 0003:044F:B653.0001: no inputs found
[   77.239415][ T3708] usb 3-1: USB disconnect, device number 3
[   77.877504][ T3890] ALSA: seq fatal error: cannot create timer (-22)
[   77.894142][ T3890] ALSA: seq fatal error: cannot create timer (-22)
[   79.247887][ T3898] delete_channel: no stack
[   82.093197][ T3909] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[   82.179821][    C1] eth0: bad gso: type: 1, size: 1408
[   82.268939][    C1] eth0: bad gso: type: 1, size: 1408
[   82.586260][ T3645] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.597625][ T3645] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.608802][ T3645] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.620382][ T3645] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.635453][ T3645] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   82.645175][ T3645] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.901666][ T3927] usb usb9: usbfs: process 3927 (syz.0.42) did not claim interface 0 before use
[   83.911153][ T3927] usb usb9: selecting invalid altsetting 21783
[   84.478086][ T3923] loop3: detected capacity change from 0 to 256
[   84.800277][ T3645] Bluetooth: hci4: command tx timeout
[   85.364486][ T3935] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[   85.661647][ T3913] chnl_net:caif_netlink_parms(): no params data found
[   85.846116][ T3935] loop1: detected capacity change from 0 to 256
[   86.019678][ T3913] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.060326][ T3913] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.083788][ T3913] device bridge_slave_0 entered promiscuous mode
[   86.131939][ T3913] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.154555][ T3913] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.209383][ T3913] device bridge_slave_1 entered promiscuous mode
[   86.306208][ T3966] loop0: detected capacity change from 0 to 256
[   86.309433][ T3913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   86.341929][ T3965] loop3: detected capacity change from 0 to 128
[   86.351308][ T3913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.395733][ T3967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.49'.
[   86.413490][ T3965] =======================================================
[   86.413490][ T3965] WARNING: The mand mount option has been deprecated and
[   86.413490][ T3965]          and is ignored by this kernel. Remove the mand
[   86.413490][ T3965]          option from the mount to silence this warning.
[   86.413490][ T3965] =======================================================
[   86.438231][ T3967] device bridge_slave_1 left promiscuous mode
[   86.562056][ T3967] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.592045][ T3967] device bridge_slave_0 left promiscuous mode
[   86.611844][ T3967] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.630152][ T3965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[   86.677658][ T3965] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   86.871038][ T3913] team0: Port device team_slave_0 added
[   86.877279][ T3645] Bluetooth: hci4: command tx timeout
[   86.902983][ T3913] team0: Port device team_slave_1 added
[   87.074829][ T3913] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.092197][ T3913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.264200][ T3913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.296720][ T3975] netlink: 60 bytes leftover after parsing attributes in process `syz.1.51'.
[   87.321020][ T3913] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.333851][ T3913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.363173][ T3975] netlink: 172 bytes leftover after parsing attributes in process `syz.1.51'.
[   87.385603][ T3913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.424516][ T3977] loop3: detected capacity change from 0 to 1024
[   87.600578][ T3913] device hsr_slave_0 entered promiscuous mode
[   87.624997][ T3913] device hsr_slave_1 entered promiscuous mode
[   87.690991][ T3913] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   87.709374][   T27] audit: type=1326 audit(87.684:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3979 comm="syz.0.53" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76dbd79ef9 code=0x0
[   87.750731][ T3913] Cannot create hsr debugfs directory
[   87.767498][ T3977] EXT4-fs: Ignoring removed orlov option
[   87.773982][ T3977] EXT4-fs: quotafile must be on filesystem root
[   87.884956][ T3977] loop3: detected capacity change from 0 to 128
[   87.957727][ T3977] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   88.233764][ T3645] Bluetooth: hci2: command tx timeout
[   89.213733][ T3645] Bluetooth: hci4: command tx timeout
[   89.443048][ T3913] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.587115][ T4003] loop2: detected capacity change from 0 to 2048
[   89.621146][ T4003] UDF-fs: bad mount option "d}ode=00000000000000000002004" or missing value
[   89.658937][ T3996] loop1: detected capacity change from 0 to 4096
[   89.689955][   T11] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   89.711606][ T3996] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[   89.713314][ T3913] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.798721][ T3996] ntfs3: loop1: Failed to load $LogFile.
[   89.809468][ T4003] loop2: detected capacity change from 0 to 2048
[   89.902458][ T4007] loop3: detected capacity change from 0 to 512
[   89.921453][ T4003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   90.143054][ T4007] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   90.450136][ T4018] loop0: detected capacity change from 0 to 1024
[   90.901556][ T3913] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.274514][ T3645] Bluetooth: hci4: command tx timeout
[   91.417649][   T27] audit: type=1326 audit(91.394:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4004 comm="syz.3.57" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[   91.456561][ T3913] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.477664][ T3996] loop1: detected capacity change from 0 to 4096
[   91.485003][ T3996] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[   91.608815][ T3996] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[   91.691122][   T27] audit: type=1804 audit(91.664:10): pid=4003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.56" name="/newroot/9/file0/bus" dev="loop2" ino=18 res=1 errno=0
[   91.791016][ T4007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.57'.
[   91.887317][ T3913] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.956275][ T3913] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   91.973188][ T3913] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.000102][ T3913] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.113795][    C1] eth0: bad gso: type: 1, size: 1408
[   92.150684][ T3641] EXT4-fs (loop3): unmounting filesystem.
[   92.223255][ T3913] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.287007][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   92.325390][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   92.372261][ T3913] 8021q: adding VLAN 0 to HW filter on device team0
[   92.436299][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   92.538789][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   92.680258][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   93.652494][ T3840] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.659711][ T3840] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.760465][ T4059] loop0: detected capacity change from 0 to 512
[   93.839652][ T4059] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   93.887673][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   93.901687][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   93.937666][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   93.959099][ T3840] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.966233][ T3840] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.998916][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   94.018938][ T4059] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   94.192008][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   94.229442][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   94.241346][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   94.884483][ T3637] EXT4-fs (loop0): unmounting filesystem.
[   94.951810][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   94.964772][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   94.998814][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.312385][ T4070] trusted_key: encrypted_key: master key parameter 'ecryptf' is invalid
[   95.887546][ T3913] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   95.984186][ T3913] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   96.075015][ T3638] Bluetooth: hci4: command tx timeout
[   96.102903][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   96.211004][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   96.235338][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   96.257485][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   96.362823][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   96.504544][ T4074] netlink: 4 bytes leftover after parsing attributes in process `syz.0.66'.
[   96.932808][ T3739] device hsr_slave_0 left promiscuous mode
[   97.431887][ T3739] device hsr_slave_1 left promiscuous mode
[   97.575013][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.582531][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.672398][ T4088] Zero length message leads to an empty skb
[   97.789133][ T4089] netlink: 40 bytes leftover after parsing attributes in process `syz.1.68'.
[   98.383189][ T4079] syz.0.66 uses obsolete (PF_INET,SOCK_PACKET)
[   98.434484][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   98.452287][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_1
[   98.515620][ T3739] device bridge_slave_1 left promiscuous mode
[   98.570202][ T3739] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.648591][ T3739] device bridge_slave_0 left promiscuous mode
[   98.663078][ T3739] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.741755][ T3739] device veth1_macvtap left promiscuous mode
[   98.770649][ T3739] device veth0_macvtap left promiscuous mode
[   98.795286][ T3739] device veth1_vlan left promiscuous mode
[   98.810406][ T3739] device veth0_vlan left promiscuous mode
[   99.078628][ T4096] loop3: detected capacity change from 0 to 32768
[   99.127029][ T4096] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.69 (4096)
[   99.195741][ T4096] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.207859][ T4096] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[   99.217114][ T4096] BTRFS info (device loop3): using free space tree
[   99.348493][ T4096] BTRFS info (device loop3): enabling ssd optimizations
[   99.747760][ T4121] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  100.001148][ T3739] team0 (unregistering): Port device team_slave_1 removed
[  100.060649][ T3739] team0 (unregistering): Port device team_slave_0 removed
[  100.123433][ T3739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.185589][ T3739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.185724][ T3641] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  100.750457][ T4127] kvm: vcpu 0: requested 32 ns lapic timer period limited to 200000 ns
[  100.773834][ T4127] kvm: pic: non byte write
[  100.773842][ T3739] bond0 (unregistering): Released all slaves
[  100.803920][ T4127] xt_hashlimit: Unknown mode mask 312C7057, kernel too old?
[  100.887684][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  100.895544][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  100.990666][ T3913] 8021q: adding VLAN 0 to HW filter on device batadv0
[  101.020234][ T4099] device veth0_vlan left promiscuous mode
[  101.139600][ T4132] netlink: 'syz.3.71': attribute type 4 has an invalid length.
[  101.147450][ T4132] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.71'.
[  102.111457][ T4139] loop3: detected capacity change from 0 to 256
[  102.184591][ T4139] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  102.277065][ T4144] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  102.277065][ T4144] The task syz.0.72 (4144) triggered the difference, watch for misbehavior.
[  102.326164][ T4139] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  102.355476][ T4142] netlink: 'syz.1.74': attribute type 1 has an invalid length.
[  102.595223][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  102.625085][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  102.683563][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  102.716970][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  102.738814][ T3913] device veth0_vlan entered promiscuous mode
[  102.750884][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  102.766758][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  102.791588][ T3913] device veth1_vlan entered promiscuous mode
[  102.942040][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  103.012257][ T4154] raw_sendmsg: syz.1.75 forgot to set AF_INET. Fix it!
[  103.105920][ T4154] loop1: detected capacity change from 0 to 512
[  103.129493][ T4154] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  103.632566][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  103.648842][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #3: comm syz.1.75: corrupted inode contents
[  103.663362][ T4154] EXT4-fs error (device loop1): ext4_dirty_inode:6083: inode #3: comm syz.1.75: mark_inode_dirty error
[  103.677662][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #3: comm syz.1.75: corrupted inode contents
[  103.689707][ T4154] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #3: comm syz.1.75: mark_inode_dirty error
[  103.704025][ T4154] Quota error (device loop1): write_blk: dquota write failed
[  103.712015][ T4154] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  103.722080][ T4154] EXT4-fs error (device loop1): ext4_acquire_dquot:6777: comm syz.1.75: Failed to acquire dquot type 0
[  103.739686][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #16: comm syz.1.75: corrupted inode contents
[  103.753565][ T4154] EXT4-fs error (device loop1): ext4_dirty_inode:6083: inode #16: comm syz.1.75: mark_inode_dirty error
[  103.767204][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #16: comm syz.1.75: corrupted inode contents
[  103.779567][ T4154] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #16: comm syz.1.75: mark_inode_dirty error
[  103.797230][ T4155] loop3: detected capacity change from 0 to 256
[  103.804392][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #16: comm syz.1.75: corrupted inode contents
[  103.804675][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  103.825765][ T4154] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  103.834926][ T4154] EXT4-fs error (device loop1): ext4_do_update_inode:5221: inode #16: comm syz.1.75: corrupted inode contents
[  103.849168][ T4154] EXT4-fs error (device loop1): ext4_truncate:4311: inode #16: comm syz.1.75: mark_inode_dirty error
[  103.860630][ T4154] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  103.873139][ T4154] EXT4-fs (loop1): 1 truncate cleaned up
[  103.879026][ T4154] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  103.912841][   T27] audit: type=1800 audit(103.884:11): pid=4152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.75" name="bus" dev="loop1" ino=18 res=0 errno=0
[  103.982448][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  103.993510][ T3913] device veth0_macvtap entered promiscuous mode
[  104.006881][ T4155] FAT-fs (loop3): Unrecognized mount option "shortname=xixed" or missing value
[  104.025127][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  104.049604][ T3913] device veth1_macvtap entered promiscuous mode
[  104.123744][ T4154] syz.1.75 (4154) used greatest stack depth: 20080 bytes left
[  104.225599][ T3653] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  104.974806][ T4155] Option 'gâ¶Ó˜HåÎ' to dns_resolver key: bad/missing value
[  105.063251][ T4166] loop0: detected capacity change from 0 to 512
[  105.126399][ T4166] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  105.134408][ T4166] EXT4-fs (loop0): mount failed
[  105.227668][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.403667][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.423718][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.463728][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.473583][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.501009][ T4169] hub 9-0:1.0: USB hub found
[  105.520897][ T4169] hub 9-0:1.0: 8 ports detected
[  105.655132][ T4170] loop0: detected capacity change from 0 to 1764
[  105.731828][ T4170] ISOFS: Logical zone size(2) < hardware blocksize(1024)
[  106.083774][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.106165][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.115117][ T3645] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  106.127586][ T3645] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  106.144603][ T3645] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  106.153028][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.165432][ T3645] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  106.173714][ T3645] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  106.181152][ T3645] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  106.184824][ T3913] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.210396][ T3653] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  106.261051][ T3635] EXT4-fs (loop1): unmounting filesystem.
[  106.344943][ T3635] syz-executor (3635) used greatest stack depth: 19536 bytes left
[  106.366522][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.386388][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.461382][ T4175] loop3: detected capacity change from 0 to 512
[  106.538901][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.564321][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.583951][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.601175][ T4175] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  106.603781][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.640640][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.671775][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.705339][ T4175] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  106.738023][ T3913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.804810][ T3913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.860338][ T3913] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.932056][ T3913] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.993434][ T3913] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.018458][ T3913] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.462989][ T3913] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.599235][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  107.634737][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  107.654803][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  107.736332][ T4184] netlink: 4 bytes leftover after parsing attributes in process `syz.0.85'.
[  107.771641][ T4184] device bridge_slave_1 left promiscuous mode
[  107.800043][ T4184] bridge0: port 2(bridge_slave_1) entered disabled state
[  107.810328][ T4184] device bridge_slave_0 left promiscuous mode
[  107.829723][ T4184] bridge0: port 1(bridge_slave_0) entered disabled state
[  107.884406][ T4188] vivid-002: =================  START STATUS  =================
[  107.892094][ T4188] vivid-002: Radio HW Seek Mode: Bounded
[  107.898289][ T4188] vivid-002: Radio Programmable HW Seek: false
[  107.904834][ T4188] vivid-002: RDS Rx I/O Mode: Block I/O
[  107.910811][ T4188] vivid-002: Generate RBDS Instead of RDS: false
[  107.917617][ T4188] vivid-002: RDS Reception: true
[  107.922626][ T4188] vivid-002: RDS Program Type: 0 inactive
[  107.934429][ T4188] vivid-002: RDS PS Name:  inactive
[  107.943928][ T4188] vivid-002: RDS Radio Text:  inactive
[  107.957067][ T4188] vivid-002: RDS Traffic Announcement: false inactive
[  107.964898][ T4188] vivid-002: RDS Traffic Program: false inactive
[  107.983652][ T4188] vivid-002: RDS Music: false inactive
[  107.991360][ T4188] vivid-002: ==================  END STATUS  ==================
[  108.202676][ T3638] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  108.205532][ T3840] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.220621][ T3638] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  108.230000][ T3638] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  108.237132][ T3652] Bluetooth: hci0: command tx timeout
[  108.245668][ T3638] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  108.257104][ T3638] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  108.264449][ T3638] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  108.283819][ T3840] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.325919][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  108.338307][ T4188] xt_recent: hitcount (262144) is larger than allowed maximum (255)
[  108.420085][ T3928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.451118][ T4195] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  108.471316][ T3928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.534762][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  108.551782][ T4171] chnl_net:caif_netlink_parms(): no params data found
[  108.631201][ T4195] loop0: detected capacity change from 0 to 256
[  109.056826][ T4210] netlink: 4 bytes leftover after parsing attributes in process `syz.3.90'.
[  109.189684][ T3739] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.252226][ T4171] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.266959][ T4171] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.277626][ T4171] device bridge_slave_0 entered promiscuous mode
[  109.966790][ T4220] loop3: detected capacity change from 0 to 512
[  110.025860][ T3739] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.075179][ T4220] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  110.089615][ T4171] bridge0: port 2(bridge_slave_1) entered blocking state
[  110.128636][ T4171] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.143201][ T4171] device bridge_slave_1 entered promiscuous mode
[  110.186164][ T4171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.204980][ T4171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.228390][ T4224] loop0: detected capacity change from 0 to 1024
[  110.246559][ T4224] EXT4-fs: Ignoring removed orlov option
[  110.252335][ T4224] EXT4-fs: quotafile must be on filesystem root
[  110.301385][ T3653] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  110.584004][ T4224] loop0: detected capacity change from 0 to 128
[  110.946162][ T3645] Bluetooth: hci5: command tx timeout
[  110.952129][ T3645] Bluetooth: hci0: command tx timeout
[  110.975065][ T4224] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  111.043165][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  111.290952][ T3739] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  111.376824][ T4191] chnl_net:caif_netlink_parms(): no params data found
[  111.399723][ T4171] team0: Port device team_slave_0 added
[  111.414643][ T4171] team0: Port device team_slave_1 added
[  112.329659][ T3739] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.605438][ T4171] batman_adv: batadv0: Adding interface: batadv_slave_0
[  112.612430][ T4171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.658608][ T4171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  112.701783][ T4247] loop4: detected capacity change from 0 to 512
[  112.736829][ T4171] batman_adv: batadv0: Adding interface: batadv_slave_1
[  112.746597][ T4171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.806103][ T4171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.824871][ T4247] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  112.850576][ T4247] EXT4-fs (loop4): mount failed
[  113.034733][ T3645] Bluetooth: hci0: command tx timeout
[  113.035116][ T3652] Bluetooth: hci5: command tx timeout
[  113.202043][ T4254] loop3: detected capacity change from 0 to 1024
[  113.810768][ T2514] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  113.983075][ T4261] hub 9-0:1.0: USB hub found
[  113.989036][ T4261] hub 9-0:1.0: 8 ports detected
[  114.132960][ T4261] loop4: detected capacity change from 0 to 1764
[  114.154711][ T4261] ISOFS: Logical zone size(2) < hardware blocksize(1024)
[  114.526278][ T4171] device hsr_slave_0 entered promiscuous mode
[  114.568601][ T3653] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  114.613253][ T4171] device hsr_slave_1 entered promiscuous mode
[  114.655864][ T4171] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  114.663469][ T4171] Cannot create hsr debugfs directory
[  114.671284][ T4191] bridge0: port 1(bridge_slave_0) entered blocking state
[  114.684233][ T4191] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.692510][ T4191] device bridge_slave_0 entered promiscuous mode
[  114.710631][ T4265] loop0: detected capacity change from 0 to 1024
[  114.759395][ T4191] bridge0: port 2(bridge_slave_1) entered blocking state
[  114.814090][ T4191] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.851075][ T4191] device bridge_slave_1 entered promiscuous mode
[  115.025311][ T4191] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  115.091626][ T4277] netlink: 4 bytes leftover after parsing attributes in process `syz.3.99'.
[  115.094220][ T4191] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  115.114751][ T3638] Bluetooth: hci5: command tx timeout
[  115.120194][ T3638] Bluetooth: hci0: command tx timeout
[  115.219609][ T4274] loop4: detected capacity change from 0 to 256
[  115.267951][ T4283] loop0: detected capacity change from 0 to 1024
[  115.291489][ T4283] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  115.320535][ T4283] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  115.502305][ T4191] team0: Port device team_slave_0 added
[  115.581844][ T4191] team0: Port device team_slave_1 added
[  115.621337][ T4283] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  115.642716][   T27] audit: type=1326 audit(115.614:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4282 comm="syz.0.100" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f76dbd79ef9 code=0x0
[  115.660473][ T4294] loop4: detected capacity change from 0 to 512
[  115.985562][ T4294] EXT4-fs (loop4): bad s_min_extra_isize: 65528
[  116.281901][ T4191] batman_adv: batadv0: Adding interface: batadv_slave_0
[  116.289760][ T4191] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.412061][ T4191] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  116.462226][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  116.487718][ T4191] batman_adv: batadv0: Adding interface: batadv_slave_1
[  116.503727][ T4191] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  116.562190][ T4191] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  116.698533][ T4171] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  116.756133][ T4191] device hsr_slave_0 entered promiscuous mode
[  116.796264][ T4191] device hsr_slave_1 entered promiscuous mode
[  116.812778][ T4191] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  116.851359][ T4191] Cannot create hsr debugfs directory
[  116.933237][ T4309] netlink: 60 bytes leftover after parsing attributes in process `syz.0.103'.
[  116.953813][ T4320] netlink: 16 bytes leftover after parsing attributes in process `syz.3.106'.
[  117.000450][ T4320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.106'.
[  117.025336][ T4171] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.194070][ T3638] Bluetooth: hci5: command tx timeout
[  117.252623][ T4328] loop3: detected capacity change from 0 to 512
[  117.270626][ T4328] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  117.281390][ T4330] x_tables: duplicate underflow at hook 2
[  117.285223][ T4328] EXT4-fs (loop3): mount failed
[  117.294561][ T4171] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.396747][ T4171] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.597134][ T4337] hub 9-0:1.0: USB hub found
[  118.602868][ T4337] hub 9-0:1.0: 8 ports detected
[  118.737618][ T4337] loop3: detected capacity change from 0 to 1764
[  119.130999][ T4337] ISOFS: Logical zone size(2) < hardware blocksize(1024)
[  119.180789][ T3653] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  119.273891][ T3638] Bluetooth: hci5: command tx timeout
[  119.813426][ T4346] netlink: 24 bytes leftover after parsing attributes in process `syz.0.118'.
[  119.928926][ T3739] device hsr_slave_0 left promiscuous mode
[  119.952060][ T3739] device hsr_slave_1 left promiscuous mode
[  119.964567][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  119.980018][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.002358][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.063903][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.897754][ T3739] device veth1_macvtap left promiscuous mode
[  120.918875][ T3739] device veth0_macvtap left promiscuous mode
[  120.939643][ T3739] device veth1_vlan left promiscuous mode
[  121.120660][ T4364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.110'.
[  121.809738][ T3739] team0 (unregistering): Port device team_slave_1 removed
[  121.852605][ T3739] team0 (unregistering): Port device team_slave_0 removed
[  121.887054][ T3739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  121.925222][ T3739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.242858][ T3739] bond0 (unregistering): Released all slaves
[  122.871244][ T4381] loop4: detected capacity change from 0 to 1024
[  123.251502][ T4378] loop3: detected capacity change from 0 to 1024
[  123.288634][ T4378] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  123.465806][ T4389] loop0: detected capacity change from 0 to 1024
[  123.480077][ T4378] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  123.656775][ T4191] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  123.966124][ T4378] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  124.137930][   T27] audit: type=1326 audit(124.114:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4375 comm="syz.3.113" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[  124.460136][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  124.542739][ T4191] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  124.567724][ T4191] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  124.623021][   T56] hfsplus: b-tree write err: -5, ino 4
[  124.631892][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  124.711660][ T4191] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  124.734916][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  124.763769][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  124.812699][ T4384] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  124.833161][ T4171] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  124.869048][ T4384] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  124.875075][ T4171] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  124.893022][ T4403] netlink: 16 bytes leftover after parsing attributes in process `syz.3.117'.
[  124.898608][ T4171] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  124.936055][ T4171] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  124.958976][ T4403] netlink: 4 bytes leftover after parsing attributes in process `syz.3.117'.
[  125.009191][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.039533][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.064867][ T4191] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.099722][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.137977][ T4191] 8021q: adding VLAN 0 to HW filter on device team0
[  125.164086][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  125.172520][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.193280][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.208826][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  125.230636][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.252942][ T3882] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.260300][ T3882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.276030][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.283576][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.291916][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  125.307204][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  125.317316][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.327919][ T3882] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.335087][ T3882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.355832][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  125.380058][ T4171] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.398573][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.419010][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  125.443030][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  125.471825][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  125.498279][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  125.516484][ T4384] ip6gretap0 speed is unknown, defaulting to 1000
[  125.521423][ T4171] 8021q: adding VLAN 0 to HW filter on device team0
[  125.546222][ T4191] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  125.563755][ T4191] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  125.586109][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  125.605350][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  125.623030][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  125.643216][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  125.661388][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  125.686159][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.704899][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  125.713477][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.722267][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  125.779707][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  125.806681][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  125.824549][   T56] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.831700][   T56] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.854273][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  125.863224][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  125.884931][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.892083][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.903845][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  125.924340][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  125.946111][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  125.961633][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  125.980269][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  125.996802][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  126.014964][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  126.032687][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  126.066306][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  126.086003][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.125756][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  126.148468][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.305229][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  126.312771][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  126.338603][ T4191] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.384494][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  126.404628][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.436704][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  126.454653][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.478185][ T4191] device veth0_vlan entered promiscuous mode
[  126.486148][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.505127][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.530840][ T4191] device veth1_vlan entered promiscuous mode
[  126.582975][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  126.605107][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  126.613446][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  126.635332][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  126.651011][ T4171] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.670047][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  126.691477][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.703973][ T4191] device veth0_macvtap entered promiscuous mode
[  126.746989][ T4191] device veth1_macvtap entered promiscuous mode
[  126.755811][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  126.765266][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  126.784614][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  126.807900][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.851810][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  126.872158][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.905316][ T4171] device veth0_vlan entered promiscuous mode
[  126.918707][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.947936][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.967713][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  126.978464][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  126.988962][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.000857][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.011076][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.022041][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.034257][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.051845][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.069897][ T4191] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.089115][ T4171] device veth1_vlan entered promiscuous mode
[  127.102226][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  127.110923][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  127.120539][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  127.131051][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.142490][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.157089][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.168808][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.178934][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.189427][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.199580][ T4191] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.210153][ T4191] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.221238][ T4191] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.241423][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  127.252219][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  127.268927][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  127.300305][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  127.309637][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  127.321740][ T4191] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.331835][ T4191] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.344497][ T4191] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.353311][ T4191] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.370366][ T4171] device veth0_macvtap entered promiscuous mode
[  127.386933][ T4171] device veth1_macvtap entered promiscuous mode
[  127.460397][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.473005][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.483740][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.494552][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.505914][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.517617][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.527547][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.538195][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.548350][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  127.559917][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.572693][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_0
[  127.605433][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  127.614151][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  127.622096][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  127.631206][ T3928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  127.643523][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.655538][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.665430][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.676576][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.687361][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.697940][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.707978][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.718556][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.728456][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  127.739015][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  127.750146][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_1
[  127.762365][ T3840] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.784560][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  127.791321][ T3840] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.793324][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  127.810896][ T3882] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  127.853049][ T4171] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  127.862190][ T4171] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  127.871215][ T4171] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  127.880999][ T4171] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  127.922743][ T3840] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  127.934573][ T3840] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  127.952895][ T3840] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  128.009302][    C1] eth0: bad gso: type: 1, size: 1408
[  128.301016][ T4454] loop0: detected capacity change from 0 to 16
[  128.357036][ T4452] loop3: detected capacity change from 0 to 2048
[  128.507890][ T4456] binder: 4448:4456 ioctl c0306201 20000680 returned -14
[  129.138983][ T4454] erofs: (device loop0): mounted with root inode @ nid 36.
[  129.398862][ T4454] erofs: (device loop0): find_target_block_classic: corrupted dir block 0 @ nid 36
[  129.422398][ T4454] erofs: (device loop0): find_target_block_classic: corrupted dir block 0 @ nid 36
[  129.440836][ T4454] erofs: (device loop0): find_target_block_classic: corrupted dir block 0 @ nid 36
[  129.456720][ T4454] erofs: (device loop0): find_target_block_classic: corrupted dir block 0 @ nid 36
[  129.470883][ T4454] erofs: (device loop0): find_target_block_classic: corrupted dir block 0 @ nid 36
[  129.721593][ T3702] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.780802][ T3702] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.816518][ T3702] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  129.840396][ T4452] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  130.152054][ T4463] ALSA: seq fatal error: cannot create timer (-22)
[  130.163697][ T4463] ALSA: seq fatal error: cannot create timer (-22)
[  131.047876][ T3652] Bluetooth: hci5: command tx timeout
[  131.449008][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  131.652037][   T51] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.727275][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  133.343807][ T4480] netlink: 40 bytes leftover after parsing attributes in process `syz.0.121'.
[  133.587744][ T4474] loop1: detected capacity change from 0 to 512
[  133.611904][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  133.620755][   T51] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.645634][ T4478] loop4: detected capacity change from 0 to 16
[  133.661110][ T4478] erofs: (device loop4): mounted with root inode @ nid 36.
[  133.671943][ T4478] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  133.682476][ T4474] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  133.693070][ T4478] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -18 in[46, 4050] out[1851]
[  133.706705][ T4478] erofs: (device loop4): z_erofs_read_folio: failed to read, err [-117]
[  133.733986][ T4474] EXT4-fs (loop1): mount failed
[  133.962137][ T3629] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  134.773986][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  134.824735][ T4490] hub 9-0:1.0: USB hub found
[  134.830065][ T4490] hub 9-0:1.0: 8 ports detected
[  134.864778][ T4490] loop1: detected capacity change from 0 to 1764
[  134.923936][ T4490] ISOFS: Logical zone size(2) < hardware blocksize(1024)
[  135.003501][ T4494] netlink: 4 bytes leftover after parsing attributes in process `syz.4.123'.
[  137.244099][ T4513] loop0: detected capacity change from 0 to 512
[  137.287829][ T3638] Bluetooth: hci4: unexpected event 0x01 length: 4 > 1
[  137.290032][ T4513] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  137.414317][ T3638] Bluetooth: Unexpected continuation frame (len 18)
[  137.681014][ T4513] loop0: detected capacity change from 0 to 1024
[  137.833901][ T4522] loop2: detected capacity change from 0 to 1024
[  138.458420][ T4513] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  138.687974][ T3739] device hsr_slave_0 left promiscuous mode
[  138.725083][ T3739] device hsr_slave_1 left promiscuous mode
[  138.765002][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.801500][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.846762][ T3739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.078876][ T3739] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.577390][ T4531] loop2: detected capacity change from 0 to 131072
[  139.590429][ T3638] Bluetooth: hci4: command tx timeout
[  139.616698][ T4531] F2FS-fs (loop2): invalid crc value
[  139.727754][ T3739] device bridge_slave_1 left promiscuous mode
[  139.736831][ T3739] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.746611][ T4540] loop4: detected capacity change from 0 to 4096
[  139.763921][ T4540] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  139.776469][ T4540] ntfs3: loop4: mft corrupted
[  139.781210][ T4540] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  139.788691][ T4540] ntfs3: loop4: Failed to load $MFT.
[  139.807575][ T4531] F2FS-fs (loop2): Found nat_bits in checkpoint
[  139.816283][ T3739] device bridge_slave_0 left promiscuous mode
[  139.831233][ T3739] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.869268][ T4531] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  139.951889][ T3739] device veth1_macvtap left promiscuous mode
[  140.073222][ T4550] netlink: 12 bytes leftover after parsing attributes in process `syz.1.133'.
[  140.193776][ T3739] device veth0_macvtap left promiscuous mode
[  140.253829][ T3739] device veth1_vlan left promiscuous mode
[  140.259721][ T3739] device veth0_vlan left promiscuous mode
[  140.620755][ T4555] ALSA: seq fatal error: cannot create timer (-22)
[  140.633656][ T4555] ALSA: seq fatal error: cannot create timer (-22)
[  141.333171][ T4558] loop4: detected capacity change from 0 to 2048
[  141.456028][ T4558]  loop4: p2 p3 p7
[  141.542170][    C1] operation not supported error, dev loop4, sector 600 op 0x9:(WRITE_ZEROES) flags 0x8000800 phys_seg 0 prio class 2
[  142.082995][ T3739] team0 (unregistering): Port device team_slave_1 removed
[  142.148002][ T3739] team0 (unregistering): Port device team_slave_0 removed
[  142.218954][ T3739] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.322562][ T3739] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.337641][ T4567] loop2: detected capacity change from 0 to 512
[  142.437346][ T4567] EXT4-fs (loop2): 1 orphan inode deleted
[  142.443223][ T4567] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  143.323202][ T4171] EXT4-fs (loop2): unmounting filesystem.
[  143.741953][ T3739] bond0 (unregistering): Released all slaves
[  143.853515][ T4528] ip6gretap0 speed is unknown, defaulting to 1000
[  143.915759][ T3637] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2746: inode #2: comm syz-executor: corrupted in-inode xattr
[  144.010434][ T3637] EXT4-fs (loop0): Remounting filesystem read-only
[  144.046369][ T3637] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2816: Unable to expand inode 2. Delete some EAs or run e2fsck.
[  144.122479][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  144.178999][ T4581] loop1: detected capacity change from 0 to 2048
[  144.321192][ T4585] loop3: detected capacity change from 0 to 8
[  144.531644][ T4587] xt_TCPMSS: Only works on TCP SYN packets
[  144.592442][ T4587] loop4: detected capacity change from 0 to 1024
[  144.603029][ T4587] ext4: Unknown parameter 'obj_user'
[  144.952732][ T4581] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  146.459357][   T27] audit: type=1326 audit(145.374:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4584 comm="syz.3.146" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[  147.165360][ T4597] loop4: detected capacity change from 0 to 2048
[  147.305762][ T3654] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  148.381417][ T4607] capability: warning: `syz.0.151' uses deprecated v2 capabilities in a way that may be insecure
[  148.440852][ T4607] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  148.501356][ T4608] loop3: detected capacity change from 0 to 1024
[  148.551033][ T4613] loop2: detected capacity change from 0 to 512
[  148.659021][ T4613] EXT4-fs (loop2): 1 orphan inode deleted
[  148.659053][ T4613] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  148.803898][ T3684] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  150.258363][ T4627] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  151.019889][ T4171] EXT4-fs (loop2): unmounting filesystem.
[  151.287728][ T4631] loop4: detected capacity change from 0 to 1764
[  151.392325][ T3684] usb 1-1: config 0 has an invalid interface number: 222 but max is 0
[  151.401599][ T3684] usb 1-1: config 0 has no interface number 0
[  151.407906][ T3684] usb 1-1: too many endpoints for config 0 interface 222 altsetting 195: 227, using maximum allowed: 30
[  151.459996][ T3684] usb 1-1: config 0 interface 222 altsetting 195 has 0 endpoint descriptors, different from the interface descriptor's value: 227
[  151.474397][ T3684] usb 1-1: config 0 interface 222 has no altsetting 0
[  151.482193][ T3684] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  151.492198][ T3684] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.605136][ T3684] usb 1-1: config 0 descriptor??
[  152.072595][ T3684] usb 1-1: can't set config #0, error -71
[  152.082529][ T3684] usb 1-1: USB disconnect, device number 2
[  152.133297][ T4639] netlink: 4 bytes leftover after parsing attributes in process `syz.3.155'.
[  154.148720][ T4649] input: syz1 as /devices/virtual/input/input5
[  155.819880][ T4654] loop4: detected capacity change from 0 to 1024
[  155.860508][ T4661] binder: 4658:4661 ioctl c018620c 20000600 returned -1
[  156.095866][ T4665] loop3: detected capacity change from 0 to 512
[  156.152074][ T4665] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  157.571082][ T4669] netlink: 40 bytes leftover after parsing attributes in process `syz.1.162'.
[  157.879154][ T4676] loop1: detected capacity change from 0 to 512
[  157.887124][   T27] audit: type=1326 audit(157.864:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4672 comm="syz.4.165" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x0
[  157.887638][ T4671] loop2: detected capacity change from 0 to 2048
[  157.952296][ T4671] UDF-fs: bad mount option "gid=ÿÿÿÿ" or missing value
[  157.978196][ T4676] EXT4-fs (loop1): 1 orphan inode deleted
[  158.000032][ T3653] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.032287][   T27] audit: type=1326 audit(157.964:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4664 comm="syz.3.161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[  158.057649][ T4676] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  158.119395][ T4677] loop0: detected capacity change from 0 to 2048
[  158.174570][ T4677] ext4: Unknown parameter 'context'
[  158.308786][ T3653] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.955461][ T4191] EXT4-fs (loop1): unmounting filesystem.
[  159.026053][ T4687] loop3: detected capacity change from 0 to 256
[  159.542557][   T27] audit: type=1326 audit(159.514:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4670 comm="syz.2.163" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x0
[  159.630233][ T4700] loop0: detected capacity change from 0 to 512
[  159.685649][ T4700] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  159.715621][ T4688] loop2: detected capacity change from 0 to 164
[  159.732132][ T4702] loop1: detected capacity change from 0 to 1024
[  159.895056][ T4705] loop4: detected capacity change from 0 to 2048
[  159.957064][ T4705] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  159.979171][ T4700] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.169: Directory hole found for htree leaf block 0
[  160.164697][ T4700] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz.0.169: path /45/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[  160.333151][ T4714] loop1: detected capacity change from 0 to 256
[  160.416362][ T4700] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz.0.169: path /45/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  160.453209][ T4714] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00006005)
[  160.539912][ T4714] FAT-fs (loop1): Filesystem has been set read-only
[  160.566386][ T4711] can: request_module (can-proto-0) failed.
[  160.585019][ T4714] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006005)
[  160.602580][ T4719] loop2: detected capacity change from 0 to 512
[  160.663088][ T4710] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.169: Directory hole found for htree leaf block 0
[  160.689759][ T4700] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz.0.169: path /45/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  164.589937][ T4719] EXT4-fs: error -4 creating inode table initialization thread
[  164.601673][ T4719] EXT4-fs (loop2): mount failed
[  164.709685][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  164.925601][ T4727] netlink: 24 bytes leftover after parsing attributes in process `syz.2.172'.
[  164.931279][ T4729] loop0: detected capacity change from 0 to 256
[  165.085993][ T4733] netlink: 12 bytes leftover after parsing attributes in process `syz.4.174'.
[  165.163735][ T4729] netlink: 124 bytes leftover after parsing attributes in process `syz.0.173'.
[  165.189577][ T4729] tipc: Enabling of bearer <eth:bridge0> rejected, failed to enable media
[  165.444196][   T27] audit: type=1326 audit(165.424:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  165.719064][ T4748] netlink: 40 bytes leftover after parsing attributes in process `syz.3.176'.
[  166.191846][   T27] audit: type=1326 audit(165.714:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  166.206485][ T4743] mmap: syz.2.177 (4743) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  166.226657][   T27] audit: type=1326 audit(166.164:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff5e91789df code=0x7ffc0000
[  166.336521][   T27] audit: type=1326 audit(166.164:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  166.403278][   T27] audit: type=1326 audit(166.164:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  166.590224][   T27] audit: type=1326 audit(166.164:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  167.458391][   T27] audit: type=1326 audit(166.164:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  167.467336][ T4756] loop3: detected capacity change from 0 to 512
[  167.499602][ T4743] 9pnet_fd: Insufficient options for proto=fd
[  167.514886][ T3638] Bluetooth: hci0: command tx timeout
[  167.541437][   T27] audit: type=1326 audit(166.164:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  167.563797][   T27] audit: type=1326 audit(166.164:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  167.586376][   T27] audit: type=1326 audit(166.164:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4738 comm="syz.2.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5e9179ef9 code=0x7ffc0000
[  167.629144][ T4756] EXT4-fs (loop3): 1 orphan inode deleted
[  167.691826][ T4756] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  168.627453][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  168.643745][    C1] sd 0:0:1:0: [sda] tag#5700 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  168.654254][    C1] sd 0:0:1:0: [sda] tag#5700 CDB: Read(6) 08 00 00 00 00 00 00 00 8b 00 00 01
[  169.037349][ T4776] netlink: 'syz.1.183': attribute type 10 has an invalid length.
[  169.407811][ T4778] loop3: detected capacity change from 0 to 65536
[  169.443708][ T4776] batman_adv: batadv0: Adding interface: team0
[  169.450383][ T4776] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.475651][ T4776] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  169.776495][ T4776] netlink: 'syz.1.183': attribute type 10 has an invalid length.
[  169.784608][ T4776] netlink: 2 bytes leftover after parsing attributes in process `syz.1.183'.
[  169.793789][ T4776] device team0 entered promiscuous mode
[  169.799492][ T4776] device team_slave_0 entered promiscuous mode
[  169.808879][ T4776] device team_slave_1 entered promiscuous mode
[  169.906804][ T4776] 8021q: adding VLAN 0 to HW filter on device team0
[  169.985139][ T4776] batman_adv: batadv0: Interface activated: team0
[  169.991947][ T4776] batman_adv: batadv0: Interface deactivated: team0
[  169.999413][ T4776] batman_adv: batadv0: Removing interface: team0
[  170.089847][ T4783] loop0: detected capacity change from 0 to 2048
[  170.174033][ T4778] XFS (loop3): Mounting V5 Filesystem
[  170.182010][ T4776] bridge0: port 3(team0) entered blocking state
[  170.211998][ T4783] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  170.241570][ T4776] bridge0: port 3(team0) entered disabled state
[  170.246645][ T4778] XFS (loop3): Ending clean mount
[  170.263131][ T4776] bridge0: port 3(team0) entered blocking state
[  170.269868][ T4776] bridge0: port 3(team0) entered forwarding state
[  170.284920][ T4778] XFS (loop3): Quotacheck needed: Please wait.
[  170.355271][ T4783] EXT4-fs error (device loop0): __ext4_new_inode:1071: comm syz.0.185: reserved inode found cleared - inode=1
[  170.725874][ T4778] XFS (loop3): Quotacheck: Done.
[  170.950728][ T4801] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  171.055435][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  171.269940][ T4803] loop1: detected capacity change from 0 to 2048
[  171.475778][ T4806] sd 0:0:1:0: device reset
[  171.851197][ T4803] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.229083][ T3641] XFS (loop3): Unmounting Filesystem
[  174.242539][ T4831] netlink: 20 bytes leftover after parsing attributes in process `syz.2.194'.
[  174.269866][ T4831] netlink: 'syz.2.194': attribute type 5 has an invalid length.
[  174.301463][ T4827] loop1: detected capacity change from 0 to 512
[  174.969168][ T4834] netlink: 4 bytes leftover after parsing attributes in process `syz.2.194'.
[  174.989429][ T4827] EXT4-fs: old and new quota format mixing
[  175.545362][ T4840] loop0: detected capacity change from 0 to 1024
[  175.550290][ T4842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'.
[  175.612462][ T4843] loop2: detected capacity change from 0 to 128
[  175.673963][ T3643] Bluetooth: hci1: command 0x1003 tx timeout
[  175.673989][ T3652] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  175.756874][ T3652] Bluetooth: hci3: command 0x0406 tx timeout
[  175.764432][ T3638] Bluetooth: hci2: command 0x0406 tx timeout
[  175.800996][ T4843] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  176.094722][ T4850] loop1: detected capacity change from 0 to 1024
[  176.190598][ T4858] 9pnet_fd: Insufficient options for proto=fd
[  176.455104][ T4864] xt_hashlimit: invalid interval
[  178.556766][ T4876] loop1: detected capacity change from 0 to 1024
[  178.564090][ T4876] hfsplus: unable to parse mount options
[  178.608881][ T4810] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  178.772731][ T4875] ip6gretap0 speed is unknown, defaulting to 1000
[  179.055805][ T4879] loop4: detected capacity change from 0 to 1024
[  179.091655][ T4879] EXT4-fs: Invalid want_extra_isize 31
[  179.784758][ T4171] EXT4-fs (loop2): unmounting filesystem.
[  179.801079][ T4880] loop3: detected capacity change from 0 to 8
[  179.889957][ T4887] loop1: detected capacity change from 0 to 256
[  180.781023][ T4891] loop0: detected capacity change from 0 to 128
[  180.849953][ T4891] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  180.867055][ T4506] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.906905][   T27] kauditd_printk_skb: 54 callbacks suppressed
[  180.906920][   T27] audit: type=1326 audit(180.884:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b15d79ef9 code=0x0
[  181.552208][   T27] audit: type=1326 audit(181.084:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  181.729942][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  181.763713][   T27] audit: type=1326 audit(181.094:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  181.887143][   T27] audit: type=1326 audit(181.104:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  182.055736][ T4506] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.082448][   T27] audit: type=1326 audit(181.104:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  183.790261][ T4903] loop0: detected capacity change from 0 to 131072
[  183.798936][ T4906] netlink: 'syz.1.212': attribute type 4 has an invalid length.
[  183.842356][   T27] audit: type=1326 audit(181.104:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  184.104813][ T4903] F2FS-fs (loop0): Unrecognized mount option "inline_da" or missing value
[  184.110143][   T27] audit: type=1326 audit(181.114:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  184.375253][ T4506] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.402669][   T27] audit: type=1326 audit(181.114:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  184.570918][   T27] audit: type=1326 audit(181.114:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  184.632722][ T4911] loop0: detected capacity change from 0 to 1024
[  184.646306][   T27] audit: type=1326 audit(181.124:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4873 comm="syz.4.202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b15d79ef9 code=0x7ffc0000
[  184.715613][ T4506] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.717430][ T4915] netlink: 56 bytes leftover after parsing attributes in process `syz.3.215'.
[  184.900355][ T3638] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  184.925109][ T3638] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  184.938842][ T3638] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  184.950970][ T3638] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  184.960679][ T3638] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  184.968903][ T3638] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  185.194746][ T4919] ip6gretap0 speed is unknown, defaulting to 1000
[  185.560190][ T4927] loop0: detected capacity change from 0 to 1024
[  185.686790][ T4930] loop3: detected capacity change from 0 to 512
[  185.784960][ T4930] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.218: inode #1: comm syz.3.218: iget: illegal inode #
[  185.868644][ T4930] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.218: error while reading EA inode 1 err=-117
[  185.926614][ T4930] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.218: inode #1: comm syz.3.218: iget: illegal inode #
[  186.049224][ T4930] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.218: error while reading EA inode 1 err=-117
[  186.100302][ T4930] EXT4-fs (loop3): 1 orphan inode deleted
[  186.113796][ T4930] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  186.252544][ T4930] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.218: invalid indirect mapped block 234881024 (level 0)
[  186.306234][ T4949] loop1: detected capacity change from 0 to 16
[  186.373247][ T4919] chnl_net:caif_netlink_parms(): no params data found
[  186.396703][ T4949] erofs: (device loop1): mounted with root inode @ nid 36.
[  186.567142][ T4930] EXT4-fs error (device loop3): ext4_find_dest_de:2113: inode #2: block 13: comm syz.3.218: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  186.677876][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  187.130492][ T3652] Bluetooth: hci0: command tx timeout
[  187.597424][ T4970] netlink: 40 bytes leftover after parsing attributes in process `syz.1.221'.
[  188.658768][ T4919] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.684498][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  188.684513][   T27] audit: type=1326 audit(188.664:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.3.222" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[  188.693847][ T4919] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.764779][ T4919] device bridge_slave_0 entered promiscuous mode
[  188.804061][ T4962] netlink: 156 bytes leftover after parsing attributes in process `syz.0.223'.
[  189.039588][ T4981] loop1: detected capacity change from 0 to 512
[  189.121109][ T4981] EXT4-fs (loop1): 1 orphan inode deleted
[  189.193772][ T3652] Bluetooth: hci0: command tx timeout
[  189.209526][ T4981] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  189.228329][ T4984] loop3: detected capacity change from 0 to 512
[  189.313262][ T3652] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  189.323746][ T3652] Bluetooth: hci5: Injecting HCI hardware error event
[  189.332983][ T3638] Bluetooth: hci5: hardware error 0x00
[  189.694909][ T4993] netlink: 40 bytes leftover after parsing attributes in process `syz.0.227'.
[  190.263836][ T4919] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.281704][ T4919] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.639460][ T4984] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  190.658646][ T4984] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  190.665845][ T4191] EXT4-fs (loop1): unmounting filesystem.
[  190.683835][ T4984] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.226: Corrupt directory, running e2fsck is recommended
[  190.690934][ T4919] device bridge_slave_1 entered promiscuous mode
[  190.725734][ T4984] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2
[  190.813999][ T4984] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2219: inode #15: comm syz.3.226: corrupted in-inode xattr
[  190.853668][ T4984] EXT4-fs (loop3): Remounting filesystem read-only
[  190.860391][ T4984] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.226: couldn't read orphan inode 15 (err -117)
[  190.884267][ T4984] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  191.020631][ T3645] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  191.028682][ T5002] loop1: detected capacity change from 0 to 256
[  191.053169][ T3650] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  191.173784][ T3650] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  191.184372][ T3650] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  191.184724][ T5006] loop0: detected capacity change from 0 to 1024
[  191.191999][ T3650] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  191.208706][ T3650] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  191.276494][ T5008] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  191.288615][ T5008] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  191.299092][ T5008] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.226: Corrupt directory, running e2fsck is recommended
[  192.472831][ T3650] Bluetooth: hci0: command tx timeout
[  192.783773][ T3638] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  193.174080][ T3641] EXT4-fs (loop3): unmounting filesystem.
[  193.299365][ T5011] capability: warning: `syz.1.228' uses 32-bit capabilities (legacy support in use)
[  193.362922][ T5013] loop3: detected capacity change from 0 to 128
[  193.421882][ T4919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  193.527529][ T4919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  193.599938][ T5013] loop3: detected capacity change from 0 to 2048
[  193.660461][ T5013] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  193.722691][ T5017] loop0: detected capacity change from 0 to 1024
[  193.732046][ T5013] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  193.831162][ T5017] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.231: Invalid block bitmap block 0 in block_group 0
[  193.944185][ T5017] Quota error (device loop0): write_blk: dquota write failed
[  193.961952][ T5017] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  193.977122][   T27] audit: type=1326 audit(193.954:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.029873][ T5017] EXT4-fs error (device loop0): ext4_acquire_dquot:6777: comm syz.0.231: Failed to acquire dquot type 0
[  194.075645][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  194.082114][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  194.104873][ T5017] EXT4-fs error (device loop0): ext4_free_blocks:6212: comm syz.0.231: Freeing blocks not in datazone - block = 0, count = 4096
[  194.129036][ T5032] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  194.130332][   T27] audit: type=1326 audit(193.974:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.182654][ T5017] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.231: Invalid inode bitmap blk 0 in block_group 0
[  194.245155][ T3840] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-8
[  194.256689][ T5017] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem
[  194.274594][   T27] audit: type=1326 audit(194.144:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.300095][ T3840] EXT4-fs error (device loop0): ext4_release_dquot:6800: comm kworker/u4:9: Failed to release dquot type 0
[  194.338568][ T5017] EXT4-fs (loop0): 1 orphan inode deleted
[  194.363788][ T5017] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  194.373121][   T27] audit: type=1326 audit(194.144:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.423729][   T27] audit: type=1326 audit(194.144:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.479165][ T5000] ip6gretap0 speed is unknown, defaulting to 1000
[  194.508876][ T4919] team0: Port device team_slave_0 added
[  194.563675][   T27] audit: type=1326 audit(194.144:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.646206][ T4919] team0: Port device team_slave_1 added
[  194.662069][   T27] audit: type=1326 audit(194.144:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5012 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7fc00000
[  194.849364][ T4506] device hsr_slave_0 left promiscuous mode
[  194.874592][ T3638] Bluetooth: hci0: command tx timeout
[  194.953773][ T3638] Bluetooth: hci1: command tx timeout
[  195.003266][ T4506] device hsr_slave_1 left promiscuous mode
[  195.073846][ T4506] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.091730][ T4506] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.227356][ T5045] loop1: detected capacity change from 0 to 8
[  195.247510][ T4506] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.301357][ T4506] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.325946][ T5043] loop3: detected capacity change from 0 to 2048
[  195.335812][ T4506] device bridge_slave_1 left promiscuous mode
[  195.357536][ T4506] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.409124][ T5043]  loop3: p1 < > p4
[  195.445294][ T4506] device bridge_slave_0 left promiscuous mode
[  195.451665][ T4506] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.530209][ T5043] loop3: p4 size 8388608 extends beyond EOD, truncated
[  195.608543][ T4506] device veth1_macvtap left promiscuous mode
[  195.623731][ T4506] device veth0_macvtap left promiscuous mode
[  195.968696][ T4506] device veth1_vlan left promiscuous mode
[  196.284015][ T4506] device veth0_vlan left promiscuous mode
[  196.390086][ T4191] SQUASHFS error: Unable to read directory block [631:72]
[  196.421032][ T4191] SQUASHFS error: Unable to read directory block [631:72]
[  196.772411][ T5055] overlayfs: missing 'lowerdir'
[  197.036070][ T3638] Bluetooth: hci1: command tx timeout
[  197.386619][ T4506] team0 (unregistering): Port device team_slave_1 removed
[  197.461855][ T4506] team0 (unregistering): Port device team_slave_0 removed
[  197.516804][ T4506] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.570879][ T4506] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.999602][ T4506] bond0 (unregistering): Released all slaves
[  198.092183][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.099574][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.126141][ T4919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.155163][ T4919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.165588][ T4919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.213818][ T4919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.292411][ T5017] netlink: 20 bytes leftover after parsing attributes in process `syz.0.231'.
[  198.313535][ T5017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.231'.
[  198.343804][ T5017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.231'.
[  198.354009][ T5017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.231'.
[  199.199168][ T3638] Bluetooth: hci1: command tx timeout
[  199.297092][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  199.418990][ T4919] device hsr_slave_0 entered promiscuous mode
[  199.430989][ T4919] device hsr_slave_1 entered promiscuous mode
[  199.489320][ T4919] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  199.508087][ T4919] Cannot create hsr debugfs directory
[  199.528630][ T5065] netlink: 5 bytes leftover after parsing attributes in process `syz.0.238'.
[  199.579948][ T5066] ip6gretap0 speed is unknown, defaulting to 1000
[  199.751836][ T3638] Bluetooth: hci2: Malformed Event: 0x2f
[  199.781263][ T5068] loop1: detected capacity change from 0 to 1024
[  200.217642][ T5000] chnl_net:caif_netlink_parms(): no params data found
[  201.374197][ T3638] Bluetooth: hci1: command tx timeout
[  202.200173][ T5102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.242'.
[  202.321641][ T5106] syz.1.243 (5106) used greatest stack depth: 18776 bytes left
[  202.486435][ T5000] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.600303][ T5000] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.739883][ T5000] device bridge_slave_0 entered promiscuous mode
[  202.844343][ T5000] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.912493][ T5000] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.240820][ T5000] device bridge_slave_1 entered promiscuous mode
[  203.450026][ T5000] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.472669][   T27] kauditd_printk_skb: 61 callbacks suppressed
[  203.472681][   T27] audit: type=1326 audit(203.444:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  203.474323][   T27] audit: type=1326 audit(203.454:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  203.539398][ T5000] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.641973][ T5123] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  203.986092][ T5132] netlink: 40 bytes leftover after parsing attributes in process `syz.0.247'.
[  204.018500][ T5000] team0: Port device team_slave_0 added
[  204.308760][ T5000] team0: Port device team_slave_1 added
[  204.383505][ T4919] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  204.471719][ T4919] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  204.509606][ T5000] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.521317][ T5136] netlink: 16 bytes leftover after parsing attributes in process `syz.0.250'.
[  204.533555][   T27] audit: type=1326 audit(203.594:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.563718][ T5000] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.597237][   T27] audit: type=1326 audit(203.594:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.621263][ T5000] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.634433][   T27] audit: type=1326 audit(203.594:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.659732][ T5139] loop1: detected capacity change from 0 to 1024
[  204.666233][ T4919] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  204.674260][   T27] audit: type=1326 audit(203.594:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.709758][   T27] audit: type=1326 audit(203.594:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.746914][ T4919] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  204.778468][ T5000] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.787595][ T5000] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.859991][   T27] audit: type=1326 audit(203.594:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.895000][ T5000] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.912500][   T27] audit: type=1326 audit(203.594:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  204.955615][   T27] audit: type=1326 audit(203.594:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5120 comm="syz.3.248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x7ffc0000
[  205.800378][ T5000] device hsr_slave_0 entered promiscuous mode
[  205.874089][ T5000] device hsr_slave_1 entered promiscuous mode
[  205.944192][ T5000] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  205.952023][ T5000] Cannot create hsr debugfs directory
[  206.215546][ T5167] fuse: Bad value for 'fd'
[  206.301136][ T4919] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.388156][ T5172] xt_socket: unknown flags 0x50
[  206.417240][ T5000] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.478566][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  206.519237][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  206.554215][ T4919] 8021q: adding VLAN 0 to HW filter on device team0
[  206.616288][ T5000] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.665446][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  206.686603][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  206.734314][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.741449][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.942871][ T5000] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.006432][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  207.032064][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  207.067994][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  207.110159][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.117563][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.300047][ T5000] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.952505][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  207.973305][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  208.065137][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  208.067505][ T5204] netlink: 16 bytes leftover after parsing attributes in process `syz.1.261'.
[  208.134441][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  208.143099][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  208.188679][ T5204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.261'.
[  208.205197][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  208.227968][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  208.252488][ T4919] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  208.271784][ T4919] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  209.076791][ T5206] netlink: 4 bytes leftover after parsing attributes in process `syz.3.262'.
[  209.086288][ T5212] netlink: 12 bytes leftover after parsing attributes in process `syz.3.262'.
[  209.109753][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  209.139780][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  209.166801][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  209.200226][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  209.228139][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  209.259002][ T5216] netlink: 20 bytes leftover after parsing attributes in process `syz.0.263'.
[  210.211431][   T27] kauditd_printk_skb: 45 callbacks suppressed
[  210.211447][   T27] audit: type=1326 audit(210.184:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5231 comm="syz.3.267" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff617779ef9 code=0x0
[  210.276517][ T5000] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  210.325213][ T5000] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  210.402123][ T5241] Invalid ELF section header overflow
[  210.404005][ T5229] can: request_module (can-proto-0) failed.
[  210.430951][ T4125] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  210.450467][ T5000] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  210.485667][ T5000] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  210.645903][ T3739] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  210.660408][ T3739] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  210.675823][ T4919] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.790192][ T5000] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.807205][ T3883] ip6gretap0 speed is unknown, defaulting to 1000
[  210.825669][ T3883] ==================================================================
[  210.828659][ T4125] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  210.833750][ T3883] BUG: KASAN: use-after-free in siw_query_port+0x342/0x430
[  210.833779][ T3883] Read of size 4 at addr ffff888076a8e0e0 by task kworker/0:8/3883
[  210.833792][ T3883] 
[  210.833809][ T3883] CPU: 0 PID: 3883 Comm: kworker/0:8 Not tainted 6.1.106-syzkaller #0
[  210.833827][ T3883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  210.833839][ T3883] Workqueue: infiniband ib_cache_event_task
[  210.833859][ T3883] Call Trace:
[  210.833870][ T3883]  <TASK>
[  210.833878][ T3883]  dump_stack_lvl+0x1e3/0x2cb
[  210.843043][ T4125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.850048][ T3883]  ? nf_tcp_handle_invalid+0x642/0x642
[  210.850081][ T3883]  ? panic+0x764/0x764
[  210.850095][ T3883]  ? _printk+0xd1/0x111
[  210.850110][ T3883]  ? __virt_addr_valid+0x17f/0x530
[  210.850134][ T3883]  ? __virt_addr_valid+0x17f/0x530
[  210.927782][ T3883]  print_report+0x15f/0x4f0
[  210.932523][ T3883]  ? __virt_addr_valid+0x17f/0x530
[  210.937824][ T3883]  ? __virt_addr_valid+0x17f/0x530
[  210.942953][ T3883]  ? __virt_addr_valid+0x45b/0x530
[  210.948176][ T3883]  ? __phys_addr+0xb6/0x170
[  210.952684][ T3883]  ? siw_query_port+0x342/0x430
[  210.957699][ T3883]  kasan_report+0x136/0x160
[  210.962400][ T3883]  ? siw_query_port+0x342/0x430
[  210.967289][ T3883]  siw_query_port+0x342/0x430
[  210.971975][ T3883]  ? ib_query_port+0x344/0x7c0
[  210.976736][ T3883]  ib_cache_update+0x1a8/0xaf0
[  210.981510][ T3883]  ? ib_cache_setup_one+0x5a0/0x5a0
[  210.986702][ T3883]  ? read_lock_is_recursive+0x10/0x10
[  210.992077][ T3883]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  210.998073][ T3883]  ? print_irqtrace_events+0x210/0x210
[  211.003578][ T3883]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  211.009595][ T3883]  ib_cache_event_task+0xef/0x1e0
[  211.014650][ T3883]  ? process_one_work+0x7a9/0x11d0
[  211.019872][ T3883]  process_one_work+0x8a9/0x11d0
[  211.025044][ T3883]  ? worker_detach_from_pool+0x260/0x260
[  211.030714][ T3883]  ? _raw_spin_lock_irqsave+0x120/0x120
[  211.036287][ T3883]  ? kthread_data+0x4e/0xc0
[  211.040815][ T3883]  ? wq_worker_running+0x97/0x190
[  211.045914][ T3883]  worker_thread+0xa47/0x1200
[  211.050639][ T3883]  ? _raw_spin_unlock+0x40/0x40
[  211.055652][ T3883]  kthread+0x28d/0x320
[  211.059887][ T3883]  ? worker_clr_flags+0x190/0x190
[  211.065114][ T3883]  ? kthread_blkcg+0xd0/0xd0
[  211.069749][ T3883]  ret_from_fork+0x1f/0x30
[  211.074177][ T3883]  </TASK>
[  211.077187][ T3883] 
[  211.079506][ T3883] Allocated by task 3913:
[  211.083876][ T3883]  kasan_set_track+0x4b/0x70
[  211.088810][ T3883]  __kasan_kmalloc+0x97/0xb0
[  211.093383][ T3883]  __kmalloc_node+0xb3/0x230
[  211.097958][ T3883]  kvmalloc_node+0x6e/0x180
[  211.102466][ T3883]  alloc_netdev_mqs+0x85/0xeb0
[  211.107254][ T3883]  rtnl_create_link+0x2e9/0xa30
[  211.112105][ T3883]  rtnl_newlink+0x1403/0x2050
[  211.116779][ T3883]  rtnetlink_rcv_msg+0x818/0xff0
[  211.121729][ T3883]  netlink_rcv_skb+0x1cd/0x410
[  211.126771][ T3883]  netlink_unicast+0x7d8/0x970
[  211.131534][ T3883]  netlink_sendmsg+0xa26/0xd60
[  211.136378][ T3883]  __sys_sendto+0x480/0x600
[  211.140886][ T3883]  __x64_sys_sendto+0xda/0xf0
[  211.145550][ T3883]  do_syscall_64+0x3b/0xb0
[  211.149956][ T3883]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.155856][ T3883] 
[  211.158172][ T3883] Freed by task 4506:
[  211.162137][ T3883]  kasan_set_track+0x4b/0x70
[  211.166726][ T3883]  kasan_save_free_info+0x27/0x40
[  211.171938][ T3883]  ____kasan_slab_free+0xd6/0x120
[  211.176966][ T3883]  __kmem_cache_free+0x25c/0x3c0
[  211.181894][ T3883]  device_release+0x91/0x1c0
[  211.186840][ T3883]  kobject_put+0x224/0x460
[  211.191308][ T3883]  netdev_run_todo+0xe56/0xf40
[  211.196172][ T3883]  ip6gre_exit_batch_net+0x41a/0x460
[  211.201452][ T3883]  cleanup_net+0x763/0xb60
[  211.205857][ T3883]  process_one_work+0x8a9/0x11d0
[  211.210800][ T3883]  worker_thread+0xa47/0x1200
[  211.215464][ T3883]  kthread+0x28d/0x320
[  211.219516][ T3883]  ret_from_fork+0x1f/0x30
[  211.223947][ T3883] 
[  211.226432][ T3883] The buggy address belongs to the object at ffff888076a8e000
[  211.226432][ T3883]  which belongs to the cache kmalloc-cg-4k of size 4096
[  211.241195][ T3883] The buggy address is located 224 bytes inside of
[  211.241195][ T3883]  4096-byte region [ffff888076a8e000, ffff888076a8f000)
[  211.254737][ T3883] 
[  211.257066][ T3883] The buggy address belongs to the physical page:
[  211.263611][ T3883] page:ffffea0001daa200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76a88
[  211.274010][ T3883] head:ffffea0001daa200 order:3 compound_mapcount:0 compound_pincount:0
[  211.282347][ T3883] memcg:ffff888079b67701
[  211.286567][ T3883] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  211.294541][ T3883] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff88801284c280
[  211.303108][ T3883] raw: 0000000000000000 0000000000040004 00000001ffffffff ffff888079b67701
[  211.311670][ T3883] page dumped because: kasan: bad access detected
[  211.318095][ T3883] page_owner tracks the page as allocated
[  211.323802][ T3883] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 3635, tgid 3635 (syz-executor), ts 59257075243, free_ts 59248473203
[  211.346558][ T3883]  post_alloc_hook+0x18d/0x1b0
[  211.351319][ T3883]  get_page_from_freelist+0x322e/0x33b0
[  211.356879][ T3883]  __alloc_pages+0x28d/0x770
[  211.361453][ T3883]  alloc_slab_page+0x6a/0x150
[  211.366129][ T3883]  new_slab+0x84/0x2d0
[  211.370271][ T3883]  ___slab_alloc+0xc20/0x1270
[  211.375017][ T3883]  __kmem_cache_alloc_node+0x19f/0x260
[  211.380460][ T3883]  __kmalloc_node_track_caller+0xa0/0x220
[  211.386163][ T3883]  kmemdup+0x26/0x60
[  211.390041][ T3883]  __addrconf_sysctl_register+0xad/0x3e0
[  211.395747][ T3883]  addrconf_sysctl_register+0x128/0x180
[  211.401277][ T3883]  ipv6_add_dev+0xb8e/0x1180
[  211.405854][ T3883]  addrconf_notify+0x7a6/0xf60
[  211.410599][ T3883]  raw_notifier_call_chain+0xd0/0x170
[  211.415956][ T3883]  call_netdevice_notifiers+0x145/0x1b0
[  211.421498][ T3883]  register_netdevice+0x12f2/0x1720
[  211.426687][ T3883] page last free stack trace:
[  211.431346][ T3883]  free_unref_page_prepare+0xf63/0x1120
[  211.437233][ T3883]  free_unref_page+0x33/0x3e0
[  211.442018][ T3883]  __unfreeze_partials+0x1b7/0x210
[  211.447391][ T3883]  put_cpu_partial+0x17b/0x250
[  211.452255][ T3883]  qlist_free_all+0x76/0xe0
[  211.456778][ T3883]  kasan_quarantine_reduce+0x156/0x170
[  211.462241][ T3883]  __kasan_slab_alloc+0x1f/0x70
[  211.467093][ T3883]  slab_post_alloc_hook+0x52/0x3a0
[  211.472277][ T3883]  kmem_cache_alloc+0x10c/0x2d0
[  211.477136][ T3883]  getname_flags+0xb8/0x4f0
[  211.481655][ T3883]  do_sys_openat2+0xd2/0x4f0
[  211.486369][ T3883]  __x64_sys_openat+0x243/0x290
[  211.491427][ T3883]  do_syscall_64+0x3b/0xb0
[  211.496045][ T3883]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.502210][ T3883] 
[  211.504558][ T3883] Memory state around the buggy address:
[  211.510171][ T3883]  ffff888076a8df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.518234][ T3883]  ffff888076a8e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.526371][ T3883] >ffff888076a8e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.534419][ T3883]                                                        ^
[  211.541682][ T3883]  ffff888076a8e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.549735][ T3883]  ffff888076a8e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.558388][ T3883] ==================================================================
[  211.585882][ T4125] usb 1-1: config 0 descriptor??
[  211.636592][ T4125] cp210x 1-1:0.0: cp210x converter detected
[  211.649047][ T3883] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  211.656274][ T3883] CPU: 0 PID: 3883 Comm: kworker/0:8 Not tainted 6.1.106-syzkaller #0
[  211.664428][ T3883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  211.674593][ T3883] Workqueue: infiniband ib_cache_event_task
[  211.680687][ T3883] Call Trace:
[  211.683987][ T3883]  <TASK>
[  211.686947][ T3883]  dump_stack_lvl+0x1e3/0x2cb
[  211.691918][ T3883]  ? nf_tcp_handle_invalid+0x642/0x642
[  211.697423][ T3883]  ? panic+0x764/0x764
[  211.701525][ T3883]  ? preempt_schedule_common+0xa6/0xd0
[  211.707027][ T3883]  ? vscnprintf+0x59/0x80
[  211.711419][ T3883]  panic+0x318/0x764
[  211.715343][ T3883]  ? check_panic_on_warn+0x1d/0xa0
[  211.720567][ T3883]  ? memcpy_page_flushcache+0xfc/0xfc
[  211.725964][ T3883]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  211.732143][ T3883]  ? _raw_spin_unlock+0x40/0x40
[  211.737032][ T3883]  ? print_report+0x4a3/0x4f0
[  211.741830][ T3883]  check_panic_on_warn+0x7e/0xa0
[  211.746806][ T3883]  ? siw_query_port+0x342/0x430
[  211.751681][ T3883]  end_report+0x66/0x110
[  211.755990][ T3883]  kasan_report+0x143/0x160
[  211.760637][ T3883]  ? siw_query_port+0x342/0x430
[  211.765496][ T3883]  siw_query_port+0x342/0x430
[  211.770279][ T3883]  ? ib_query_port+0x344/0x7c0
[  211.775217][ T3883]  ib_cache_update+0x1a8/0xaf0
[  211.780007][ T3883]  ? ib_cache_setup_one+0x5a0/0x5a0
[  211.785856][ T3883]  ? read_lock_is_recursive+0x10/0x10
[  211.791263][ T3883]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  211.797249][ T3883]  ? print_irqtrace_events+0x210/0x210
[  211.802707][ T3883]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  211.808620][ T3883]  ib_cache_event_task+0xef/0x1e0
[  211.813650][ T3883]  ? process_one_work+0x7a9/0x11d0
[  211.819273][ T3883]  process_one_work+0x8a9/0x11d0
[  211.824224][ T3883]  ? worker_detach_from_pool+0x260/0x260
[  211.829878][ T3883]  ? _raw_spin_lock_irqsave+0x120/0x120
[  211.835433][ T3883]  ? kthread_data+0x4e/0xc0
[  211.840128][ T3883]  ? wq_worker_running+0x97/0x190
[  211.845174][ T3883]  worker_thread+0xa47/0x1200
[  211.849881][ T3883]  ? _raw_spin_unlock+0x40/0x40
[  211.854747][ T3883]  kthread+0x28d/0x320
[  211.858832][ T3883]  ? worker_clr_flags+0x190/0x190
[  211.863939][ T3883]  ? kthread_blkcg+0xd0/0xd0
[  211.868526][ T3883]  ret_from_fork+0x1f/0x30
[  211.872945][ T3883]  </TASK>
[  211.876252][ T3883] Kernel Offset: disabled
[  211.880568][ T3883] Rebooting in 86400 seconds..