last executing test programs:

23m59.519992541s ago: executing program 32 (id=36):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000080)={@my=0x0})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000180)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f00000000c0)={{@hyper, 0x2}, @local, 0x0, 0x0, 0xf7d6, 0x6, 0x10, 0x3})

23m28.911777344s ago: executing program 33 (id=90):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x2, 0x0, {}, [@NHA_OIF={0x8}]}, 0x20}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x19, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {0x0, 0x0, 0x1}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f1, &(0x7f00000000c0)={'sit0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x3, 0x5e55b37311de6d89, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}}}}})

23m10.719752425s ago: executing program 34 (id=120):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect$lan78xx(0x5, 0x3f, &(0x7f0000000dc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r1, 0x0, &(0x7f0000001140)={0x34, &(0x7f0000000040)={0x0, 0x17}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r1, 0x0, 0x0)
syz_usb_control_io$lan78xx(r1, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_connect$lan78xx(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r1, 0x0, &(0x7f0000000540)={0x34, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, &(0x7f0000000400)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x29, 0xf, {0xf, 0x29, 0x2, 0x60, 0xfc, 0x2, "7bd1195e", "7e0813a3"}}, 0x0}, &(0x7f0000000900)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$nl_generic(r0, 0x0, 0xc000)

22m49.252419867s ago: executing program 35 (id=150):
pipe(0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
close(0x3)
close(0x4)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x4)

22m37.139104234s ago: executing program 36 (id=185):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
socket$nl_audit(0x10, 0x3, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000004080)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000000e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000020850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

5m34.011171409s ago: executing program 7 (id=5970):
keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x3})

5m33.565361925s ago: executing program 7 (id=5973):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffafff, 0x1000, 0x2, 0x33d})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f00000006c0), 0x1, 0x603, &(0x7f0000000700)="$eJzs3V1oXGkZAOD3TH5q29hUEcFepVgwaJ00P5YGFFuvhFqpraCoWGMy+SGTTEwm0ASkahEKCu2FqCAWcqGCKAQU7wT1yp8L/9iLdpdCFxZ2C6FLt7AXe5HlTGbS6WaaNJs0Z+k8D5z2+76Zk+898/Y9nfP1dCaAptWV/pKL+EhE3EgiOusea43qg11rz1vqXx5PtyRWVy/eTyJJ9+lfHq89P6n+frC6W3dE/O2HEWfbN847t7A4OVQsFmar/Z7y1EzP3MLiJyemhsYKY4XpvoETg4ODA/2DJ3btWH/2u1+//vGvfO5/V39w9vcr/7j6zSROR0f1sfrj2C1d0VV9TdridP0DScTJ3Z4sY7msA2DbTvYcO95SrfO2SM8BndFSrfrSL7/xoDP+eftJ+y6/efO1vYwV2H1XImIVaFKJ+ocmVXsfkF7/1ra9eu/xmx/v1Uw8ycqZtQvAG9W1naX1/LeurQ3F+yrXhgfeSKpXhmuS2trRDtzKpz/j/gf/k//zn9ItntE6DO9Nyy9nHQFZah/IOgKydORLWUdAlv59LesIyNL/V7KOgCxduJh1BGTpi8/bP4KzLb+4n3UE/OVMRBxvtP6XW1//iQbrPwcjYqd35vzxSERXvPDz+rGN6z+5ezuchk2snIn4dN29XUt1+a863FLtvT/tRFsyOlEspLk/FBHd0bYv7fduMseLx/7++UbjX72b5v/mhdr6X7ql89fWAqtx3Gvd9/h+I0PloZ0eN2tWvh9xpLVR/pP1+k8a1H/65+H8U85Rul663mj80K00/7+6unn+eZZWlyI+1rD+k/XnJJvfn9lTOR/01M4KG1347ytzjcZPHU3z/+BT8p+dtP4PbJ7/yvl//X7dhpnc3GfHOm80Gr/7ozT/b3373Zz/25MvVwKs3Vp8eahcnu2NaE++sHG8b/sxP69qr0ft9Urz3/3Rxn//b3b+3x8R33rKOf/63buvNhr/2mSa/399Xf1nJ83/yBb1nzxW/9tvnP/M0SuN5v7waJr/U/u3rv+BSjDd1RHv/7b2tAnKOk4AAAAAAAAAAAAAAAAAAAAAAIBmk4uIjkhy+fV2LpfPr32+74fiQK5Ymit/YrQ0Pz0Sle/KPhxtudonPXbWfR5sb6X9qN/3jn5/RHwgIq617K/088Ol4kjWBw9NqiPizh++M9zgm/kBAAAAAAAAAAAAAAAAAICsHHzC//9PvdSSdXTAs9ARcWf0Jy3fS9sP1Tk0lbT+f/tw6myof2g66h+al/qH5qX+oXmpf2he6h+al/qH5qX+oXmpf2he9fUPAAAAADyfzp87l26rS/3L42l/ujQ2MTk+M9h3Ij81P5wfLs3O5MdKpbHKN/ZPbf3ziqXSTG9fzF/uKRfmyj1zC4uXpkrz0+VLE1NDY4VLhbY9OCZga7d/OjCedQwAAAAAAAAAAAAAAAAAAMAjcwuLk0PFYmFWQ0NDY72R9ZkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB55OwAA//8t2VDh")

5m32.048629474s ago: executing program 7 (id=5983):
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xfffd, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xe, 0x9}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x12a, 0x12a, 0xc, [@datasec={0x7, 0x6, 0x0, 0xf, 0x2, [{0x3, 0x8, 0x908}, {0x2, 0x4, 0x14b7}, {0x3, 0x3, 0x1}, {0x5, 0x3}, {0x4, 0x2}, {0x3, 0x24a3, 0x10}], "9814"}, @type_tag={0x2, 0x0, 0x0, 0x12, 0x4}, @union={0xd, 0x4, 0x0, 0x5, 0x0, 0x8, [{0x2, 0x0, 0x2}, {0xd, 0x1, 0x3344daa9}, {0x8, 0x4}, {0xe, 0x4, 0x2}]}, @enum={0x4, 0x7, 0x0, 0x6, 0x4, [{0x3, 0x8}, {0xd, 0x3}, {0xb}, {0xc, 0x8}, {0x3, 0x1ff}, {0x6, 0x10001}, {0x6, 0x3}]}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x5, 0x4, 0xff}}, @union={0x1, 0x2, 0x0, 0x5, 0x1, 0xffffffff, [{0x0, 0x4, 0x2}, {0x2, 0x4, 0xa}]}, @ptr={0x8}]}, {0x0, [0x0, 0x5f, 0x2e, 0x61, 0x2e, 0x5f, 0x30, 0x2e, 0x61, 0x30]}}, &(0x7f0000000340)=""/196, 0x150, 0xc4, 0x1, 0xfffffffa, 0x10000}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
unshare(0x64000600)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, 0x25, r0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x3})

5m28.499380431s ago: executing program 7 (id=5988):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
syz_open_pts(r0, 0x28101)

5m27.242887761s ago: executing program 7 (id=5993):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffafff, 0x1000, 0x2, 0x33d})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f00000006c0), 0x1, 0x603, &(0x7f0000000700)="$eJzs3V1oXGkZAOD3TH5q29hUEcFepVgwaJ00P5YGFFuvhFqpraCoWGMy+SGTTEwm0ASkahEKCu2FqCAWcqGCKAQU7wT1yp8L/9iLdpdCFxZ2C6FLt7AXe5HlTGbS6WaaNJs0Z+k8D5z2+76Zk+898/Y9nfP1dCaAptWV/pKL+EhE3EgiOusea43qg11rz1vqXx5PtyRWVy/eTyJJ9+lfHq89P6n+frC6W3dE/O2HEWfbN847t7A4OVQsFmar/Z7y1EzP3MLiJyemhsYKY4XpvoETg4ODA/2DJ3btWH/2u1+//vGvfO5/V39w9vcr/7j6zSROR0f1sfrj2C1d0VV9TdridP0DScTJ3Z4sY7msA2DbTvYcO95SrfO2SM8BndFSrfrSL7/xoDP+eftJ+y6/efO1vYwV2H1XImIVaFKJ+ocmVXsfkF7/1ra9eu/xmx/v1Uw8ycqZtQvAG9W1naX1/LeurQ3F+yrXhgfeSKpXhmuS2trRDtzKpz/j/gf/k//zn9ItntE6DO9Nyy9nHQFZah/IOgKydORLWUdAlv59LesIyNL/V7KOgCxduJh1BGTpi8/bP4KzLb+4n3UE/OVMRBxvtP6XW1//iQbrPwcjYqd35vzxSERXvPDz+rGN6z+5ezuchk2snIn4dN29XUt1+a863FLtvT/tRFsyOlEspLk/FBHd0bYv7fduMseLx/7++UbjX72b5v/mhdr6X7ql89fWAqtx3Gvd9/h+I0PloZ0eN2tWvh9xpLVR/pP1+k8a1H/65+H8U85Rul663mj80K00/7+6unn+eZZWlyI+1rD+k/XnJJvfn9lTOR/01M4KG1347ytzjcZPHU3z/+BT8p+dtP4PbJ7/yvl//X7dhpnc3GfHOm80Gr/7ozT/b3373Zz/25MvVwKs3Vp8eahcnu2NaE++sHG8b/sxP69qr0ft9Urz3/3Rxn//b3b+3x8R33rKOf/63buvNhr/2mSa/399Xf1nJ83/yBb1nzxW/9tvnP/M0SuN5v7waJr/U/u3rv+BSjDd1RHv/7b2tAnKOk4AAAAAAAAAAAAAAAAAAAAAAIBmk4uIjkhy+fV2LpfPr32+74fiQK5Ymit/YrQ0Pz0Sle/KPhxtudonPXbWfR5sb6X9qN/3jn5/RHwgIq617K/088Ol4kjWBw9NqiPizh++M9zgm/kBAAAAAAAAAAAAAAAAAICsHHzC//9PvdSSdXTAs9ARcWf0Jy3fS9sP1Tk0lbT+f/tw6myof2g66h+al/qH5qX+oXmpf2he6h+al/qH5qX+oXmpf2he9fUPAAAAADyfzp87l26rS/3L42l/ujQ2MTk+M9h3Ij81P5wfLs3O5MdKpbHKN/ZPbf3ziqXSTG9fzF/uKRfmyj1zC4uXpkrz0+VLE1NDY4VLhbY9OCZga7d/OjCedQwAAAAAAAAAAAAAAAAAAMAjcwuLk0PFYmFWQ0NDY72R9ZkJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB55OwAA//8t2VDh")

5m25.319133203s ago: executing program 7 (id=6001):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r0}, 0x18)
getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xffffffffffffff54}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x200}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

5m21.116518029s ago: executing program 6 (id=6010):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

5m20.374194201s ago: executing program 6 (id=6013):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
io_uring_enter(0xffffffffffffffff, 0x5b43, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="b40007350060"})
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040))
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

5m19.218920262s ago: executing program 0 (id=6016):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c0000000400000000000000000000030000000003000000030000000000010101"], 0x0, 0x58, 0x0, 0xa}, 0x28)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={0x0, 0x80}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, 0x0, &(0x7f0000000000))

5m16.542064441s ago: executing program 6 (id=6021):
r0 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e08, 0x4a3, @local, 0x4f1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x610)
r1 = socket(0xa, 0x1, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f00000001c0)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0x88f}}, {{0xa, 0x4e08, 0x4a3, @private2, 0x4f0}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000c00)=ANY=[@ANYBLOB="03000000000000000a004e2300000009ff010000000000000000000000000001"], 0x90)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

5m13.621364608s ago: executing program 0 (id=6023):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

5m12.870839607s ago: executing program 0 (id=6025):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="54000000020603000000000000000000000000000d000300686173683a6e65740000000005000400000000000900020073797a31000000000c000780080008400000007005000500020300000500010006"], 0x54}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

5m12.821466435s ago: executing program 6 (id=6026):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="180800000000000000000000000000001812", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085000000a0000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4048884)

5m12.230479077s ago: executing program 6 (id=6027):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x66020000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
syz_clone(0x50a60080, 0x0, 0x0, 0x0, 0x0, 0x0)

5m10.552843975s ago: executing program 37 (id=6001):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={0x0, r0}, 0x18)
getpid()
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xffffffffffffff54}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x200}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

5m1.240465643s ago: executing program 0 (id=6044):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000180)=""/128, 0x80}, {&(0x7f0000000200)=""/200, 0xc8}, {&(0x7f0000000000)=""/15, 0xf}, {&(0x7f0000000300)=""/181, 0xb5}, {&(0x7f00000003c0)=""/177, 0xb1}, {&(0x7f0000000100)=""/26, 0x1a}, {&(0x7f0000000480)=""/244, 0xf4}, {&(0x7f0000000580)=""/132, 0x84}], 0x8, &(0x7f00000006c0)=""/47, 0x2f}, 0x10101)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_genetlink_get_family_id$nfc(&(0x7f0000000780), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000340)=ANY=[@ANYBLOB="000202"], 0x18)

5m1.185690658s ago: executing program 6 (id=6045):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1e0000000000daf41df7e01726e9f09b96071d00000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pipe(&(0x7f0000000380))
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000200)=0x1000000, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000000c0)=0x10089, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x818018, &(0x7f0000000300)={[{@minixdf}, {@grpjquota}]}, 0x1, 0x749, &(0x7f00000008c0)="$eJzs3U1vW8UaAOD3nMbXuWnuTa50QXxIKAhEEVWdJrSquqIsEGwqIlVim0aJE4U4dYjt0kRdpCu2CIFAYgP/gQ0rEGt+AH8BJAQlLMrK6PgjTRO7MWkaV/HzSMd+Z845emfsaEbxWJ4ABtZE9pBGPBsRM0nEWKs+iYhcIxqKuNK8bvvu7fnsSKJev/Zb0rgmK8euezKnI2IrIp6JiB9yEWfT/XkrG5src6VScb1Vnqyurk1WNjbPLa/OLRWXijcuX7gwfeHSxcuXj66vr7373tOFi2+NfjuzOHtm6udvkrgSo61zu/txeCP7apqvSS57CR/w9qMne6Ik/W4AhzIUEadaz0/FWJxqRADASVbPR9QBgAGTmP8BYMC0Pwdor+0dzTpY7359MyKGO+Ufaq2ZDTfWIUe2kxjatciUhePH2VBOpK07EXF9fGL/31+yb832nzp/FA3ksfo+G3+udBp/0p3xJ9rjz677htvfnXhE3ce/+/lPdcifjX8zPeZ45/lauWv+OxHPDXXKn+zkT7rkv95j/u/uLfzV7Vz964hXOs4/yQO5un8/ZHJxuVQ833zsnGOidvv9h/V/pEv+rQP6v9Zj/0c/efHHrYfkf/Wlh7//nfJnc+LHPeb/KPfGZ93OZfkXuvT/oPf/qx7zX3rhg80eLwUAAAAAAAAAAAAAAAAAAAAAAAAAAIATIY2I0UjSwk6cpoVCcw/v/8dIWipXqmcXy7UbC9HYK3s8cmn7p5bHmuUkK0+1fo+/XZ5uxNs75dcj4n8R8Wn+341yYb5cWuh35wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5fSe/f//zDf3/wcATrjhfjcAADh25n8AGDzmfwAYPOZ/ABg8B8//fxxLOwCA4+P/fwAYPIeY//OPox0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIyZq1ezo7599/Z8Vl64uVFbKd88t1CsrBRWa/OF+fL6WmGpXF4qFQvz5dW99yd7yqVyeW16Omq3JqvFSnWysrE5u1qu3ajOLq/OLRVni7lj6xkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9G60cSRpISLSRpymhULEfyJiPHLJ4nKpeD4i/hsRP+Vz+aw81e9GAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMARq2xsrsyVSsX1/gYRE+OHvj19UnohEJyYoN8jEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy/+5t+97slAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBP6S9JRGTHmbGXR/ee/VdyL994jogPv7z2+a25anV9Kqv/fae++kWrfrof7QcADtKep9vzOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0UtnYXJkrlYrrzeBevel+zREE/e4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABH5+8AAAD///St0sU=")
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f00000001c0)=ANY=[@ANYRES16=r6, @ANYRES8=r4, @ANYBLOB="0000000000000000b7048b352f226240d04866f79712d5d129000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x15, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000020000000000004000001800000000", @ANYRES32=r6, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200"/28], 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)

4m59.428589271s ago: executing program 0 (id=6048):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18080000000000000000000000000000181200", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085000000a0000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4048884)

4m58.14564222s ago: executing program 0 (id=6053):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="54000000020603000000000000000000000000000d000300686173683a6e65740000000005000400000000000900020073797a31000000000c000780080008400000007005000500020300000500010006"], 0x54}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

4m54.8871741s ago: executing program 8 (id=6059):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
io_uring_enter(0xffffffffffffffff, 0x5b43, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="b40007350060"})
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040))
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

4m53.285032036s ago: executing program 8 (id=6060):
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r5}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x30, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0x3, 0x0, 0x3}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffffb}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

4m52.19412002s ago: executing program 8 (id=6062):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="18080000000000000000000000000000181200", @ANYRES32=r2, @ANYBLOB="0000000000000000b70300000000000085000000a0000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0)=r3, 0x4)
sendmsg$inet(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4048884)

4m51.13689965s ago: executing program 8 (id=6064):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x51}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x5)
fchdir(r3)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x2)
r5 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r5, 0x2)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937c, 0x0)
epoll_create1(0x80000)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x50)
r6 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
flock(r6, 0x2)
close_range(r4, 0xffffffffffffffff, 0x0)

4m50.613974947s ago: executing program 8 (id=6067):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs\x00')
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000700)={0x0, 0x18, 0xfa00, {0x4000000000000, &(0x7f00000006c0), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000680)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000400), 0x106}}, 0x20)
close_range(r2, 0xffffffffffffffff, 0x0)

4m50.0561671s ago: executing program 8 (id=6069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/slabinfo\x00', 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000001a00010000000000000000001c1412"], 0x1c}}, 0x0)
read$hiddev(r2, &(0x7f00000000c0)=""/4092, 0xffc)
preadv(r2, &(0x7f00000010c0)=[{&(0x7f0000001800)=""/250, 0xfa}], 0x1, 0x40000004, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a320000000005000400000000001400078008001240000000000500150022000000050005000200000005000100"], 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
setreuid(0x0, 0xee01)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000143d56eb000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000002180)=ANY=[@ANYBLOB="180000000000000000000000000000001811000015e11693f433fbbb9371d947a98f1d78560219e82ea345ddda08cbcbe7b158cd7b5ba03d1e5761d8dd063c2f120ab24f6967c070765ec006918a55e938fbb765eb5339431f77b4c6cd35d2acfa8945ec888cc1", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0400"], 0x14}, 0x1, 0x0, 0x0, 0x4044020}, 0x20008800)
recvmmsg(r7, &(0x7f0000002b80)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000001180)=""/4096, 0x1000}], 0x1}, 0xc}], 0x1, 0x30002, 0x0)
request_key(&(0x7f0000000440)='logon\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000500)='\xfddev/vcsu#\x00', 0x0)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000180)={'vcan0\x00'})

4m46.670915087s ago: executing program 38 (id=6045):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1e0000000000daf41df7e01726e9f09b96071d00000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pipe(&(0x7f0000000380))
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
setsockopt$inet_tcp_int(r2, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000000200)=0x1000000, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f00000000c0)=0x10089, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0185879, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000006680))
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x818018, &(0x7f0000000300)={[{@minixdf}, {@grpjquota}]}, 0x1, 0x749, &(0x7f00000008c0)="$eJzs3U1vW8UaAOD3nMbXuWnuTa50QXxIKAhEEVWdJrSquqIsEGwqIlVim0aJE4U4dYjt0kRdpCu2CIFAYgP/gQ0rEGt+AH8BJAQlLMrK6PgjTRO7MWkaV/HzSMd+Z845emfsaEbxWJ4ABtZE9pBGPBsRM0nEWKs+iYhcIxqKuNK8bvvu7fnsSKJev/Zb0rgmK8euezKnI2IrIp6JiB9yEWfT/XkrG5src6VScb1Vnqyurk1WNjbPLa/OLRWXijcuX7gwfeHSxcuXj66vr7373tOFi2+NfjuzOHtm6udvkrgSo61zu/txeCP7apqvSS57CR/w9qMne6Ik/W4AhzIUEadaz0/FWJxqRADASVbPR9QBgAGTmP8BYMC0Pwdor+0dzTpY7359MyKGO+Ufaq2ZDTfWIUe2kxjatciUhePH2VBOpK07EXF9fGL/31+yb832nzp/FA3ksfo+G3+udBp/0p3xJ9rjz677htvfnXhE3ce/+/lPdcifjX8zPeZ45/lauWv+OxHPDXXKn+zkT7rkv95j/u/uLfzV7Vz964hXOs4/yQO5un8/ZHJxuVQ833zsnGOidvv9h/V/pEv+rQP6v9Zj/0c/efHHrYfkf/Wlh7//nfJnc+LHPeb/KPfGZ93OZfkXuvT/oPf/qx7zX3rhg80eLwUAAAAAAAAAAAAAAAAAAAAAAAAAAIATIY2I0UjSwk6cpoVCcw/v/8dIWipXqmcXy7UbC9HYK3s8cmn7p5bHmuUkK0+1fo+/XZ5uxNs75dcj4n8R8Wn+341yYb5cWuh35wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5fSe/f//zDf3/wcATrjhfjcAADh25n8AGDzmfwAYPOZ/ABg8B8//fxxLOwCA4+P/fwAYPIeY//OPox0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADIyZq1ezo7599/Z8Vl64uVFbKd88t1CsrBRWa/OF+fL6WmGpXF4qFQvz5dW99yd7yqVyeW16Omq3JqvFSnWysrE5u1qu3ajOLq/OLRVni7lj6xkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9G60cSRpISLSRpymhULEfyJiPHLJ4nKpeD4i/hsRP+Vz+aw81e9GAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMARq2xsrsyVSsX1/gYRE+OHvj19UnohEJyYoN8jEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy/+5t+97slAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBP6S9JRGTHmbGXR/ee/VdyL994jogPv7z2+a25anV9Kqv/fae++kWrfrof7QcADtKep9vzOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0UtnYXJkrlYrrzeBevel+zREE/e4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABH5+8AAAD///St0sU=")
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f00000001c0)=ANY=[@ANYRES16=r6, @ANYRES8=r4, @ANYBLOB="0000000000000000b7048b352f226240d04866f79712d5d129000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x15, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r7}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b00000000020000000000004000001800000000", @ANYRES32=r6, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200"/28], 0x50)
socket$inet6_tcp(0xa, 0x1, 0x0)

4m42.981210908s ago: executing program 39 (id=6053):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="54000000020603000000000000000000000000000d000300686173683a6e65740000000005000400000000000900020073797a31000000000c000780080008400000007005000500020300000500010006"], 0x54}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

4m35.433845261s ago: executing program 40 (id=6069):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001100)='/proc/slabinfo\x00', 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000001a00010000000000000000001c1412"], 0x1c}}, 0x0)
read$hiddev(r2, &(0x7f00000000c0)=""/4092, 0xffc)
preadv(r2, &(0x7f00000010c0)=[{&(0x7f0000001800)=""/250, 0xfa}], 0x1, 0x40000004, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a320000000005000400000000001400078008001240000000000500150022000000050005000200000005000100"], 0x64}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
setreuid(0x0, 0xee01)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000143d56eb000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000002180)=ANY=[@ANYBLOB="180000000000000000000000000000001811000015e11693f433fbbb9371d947a98f1d78560219e82ea345ddda08cbcbe7b158cd7b5ba03d1e5761d8dd063c2f120ab24f6967c070765ec006918a55e938fbb765eb5339431f77b4c6cd35d2acfa8945ec888cc1", @ANYRES32=r6, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0400"], 0x14}, 0x1, 0x0, 0x0, 0x4044020}, 0x20008800)
recvmmsg(r7, &(0x7f0000002b80)=[{{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000001180)=""/4096, 0x1000}], 0x1}, 0xc}], 0x1, 0x30002, 0x0)
request_key(&(0x7f0000000440)='logon\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000500)='\xfddev/vcsu#\x00', 0x0)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000180)={'vcan0\x00'})

2m29.686311814s ago: executing program 4 (id=6455):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="9f6885550cb99dae1800128008000100767469000c0002800800060005000000140003006970df767469300000000000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x8c5}, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f8b)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000000)={'\x00', 0xc, 0x2, 0x803fd, 0x1, 0x800})
r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r4, 0x108000)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0})
syz_clone(0x21100, 0x0, 0x0, 0x0, 0x0, 0x0)

2m28.632891112s ago: executing program 4 (id=6464):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x6, @empty, 0x4}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
rt_sigprocmask(0x2, 0x0, 0x0, 0x0)
gettid()
socket$tipc(0x1e, 0x2, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2m27.483973001s ago: executing program 4 (id=6475):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={0x0, @in={{0x2, 0xce23, @broadcast}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}}, 0x10, 0x0}}], 0x1, 0x4000000)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000000)={r3, 0xb}, 0x8)

2m26.997266343s ago: executing program 4 (id=6478):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
capset(&(0x7f0000000100)={0x20071026}, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c000000140011f225bd7000fddbcf250284", @ANYRES32], 0x4c}, 0x1, 0x0, 0x0, 0x48000}, 0x40)

2m26.502546126s ago: executing program 4 (id=6483):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001c00070cecfffffffde8df2507000000", @ANYRES32=r3, @ANYBLOB="0200640b0a000200aaaaaaaaaabb00000c000e80"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
write$binfmt_misc(r1, 0x0, 0x0)
splice(r0, 0x0, r4, 0x0, 0x8201, 0x4)

2m25.343307263s ago: executing program 4 (id=6492):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
keyctl$setperm(0x5, 0x0, 0x30925)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030010850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")

2m10.770408993s ago: executing program 41 (id=6492):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
keyctl$setperm(0x5, 0x0, 0x30925)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x6}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030010850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0), 0x6, 0x5fd, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaaNpRcQWxYCHFqRpUotVL7b1YA8FC/Yg4qGhSWro9gdNCrYWTMGDgoKIV5Fe/Ae8S+/eRFBvnoUqUlFQ6crszrabZDfdttmdNPP5wGTnvZnd9747eZn3dvJ2Aiit8exHGrEj4taJJGKsZdtoNDaO5/vd/OPKyWxJolZ78/ckkjyvuX+SP27NE8MR8f3hiMcrq8tduHT59HS11vBBxN7FM+f3Lly6vGf+zPSp2VOzZ6f2vbT/wOTLU/un1iXOrfnjkaNvPP3ph+++OPdDdU8SB+P44PszsSKO9TIe43ErD7E1fyAiDmQrbd6Xh80mCKHUKvnv42BEPBljUamnGsZi/pNCKwf0VK0SUQNKKtH+oaSa/YDm2L67cfDxHvdK+ufGocYAaHX8A43PRmK4PjbacjNpGRk1PtvYtg7lZ2X8d2Xnl9kSyz6H+Pv20RlYh3I6WboaEU+1iz+p121bPdIs/nTZWD+JiMmIGMrr99oD1CFpWe/F5zBruZf4W49DGhEH88cs//B9lj++It3v+AEop+uH8hP5Upa6c/7L+h7N/k+06f+Mtjl33Y+iz3+d+3/N8/1wvd+TruiHZX2WY+1fcnBlxi8fH/m8U/mt/b9sycpv9gX74cbViJ0r4v8oCzbv/2TxJ22Of7bLiYPdlfH6j78d6bSt6Phr1yJ2tR3/3OmVZmtrXJ/cOzdfnZ1s/GxbxrffvfN1p/KLjj87/ls6xN9y/NOVz8vek/NdlvHNsWtnOm0bvWv86a9DSWO8OZTnvDe9uHhhKmIoOZrv0pK/b+26NPdpvkYW/+7n2rf/Zb//V5e/zkjzT2YXzr91+manbfdz/FsuJt+qdVmHTrL4Z+5+/Fe1/yzvsy7L+Ovti8902rZW/CMPEhgAAAAAAACUUFq/BpukE7fX03RiojFf9onYklbPLSw+P3fu4tmZiN31/4ccTJtXusca6SRLT+X/D9tM71uRfiEitkfEF5WRenri5LnqTNHBAwAAAAAAAAAAAAAAAAAAwAaxNZ//37xP9Z+Vxvx/oCR6eYM5YGPT/qG86u1/1S2egDJw/ofy0v6hvLR/KC/tH8pL+4fy0v6hvLR/KC/tHwAAAAA2pe3PXv85iYilV0bqS2Yo32ZGEGxug0VXAChMpegKAIW5felfZx9Kp6v+/z/5lwP2vjpAAZJ2mfXOQW3txn+97TMBAAAAAAAAAAAAgB7YtaPz/H9zg2FzM+0PyusB5v/76gB4yPnqfygvY3zgbrP4hzttMP8fAAAAAAAAAAAAAPpmtL4k6UQ+F3g00nRiIuLRiNgWg8ncfHV2MiIei4ifKoOPZOmpoisNAAAAAAAAAAAAAAAAAAAAm8zCpcunp6vV2QutK/+uytncK827oPahrFfjHp8VSf/flpGIKPyg9GxloCUniVjKjvyGqNiFhdgY1aivFPyHCQAAAAAAAAAAAAAAAAAASqhl7nF7O7/qc40AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP/u3P+/dytFxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJz+DwAA///LLUAr")

9.306495774s ago: executing program 9 (id=7192):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x7}, 0x94)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xb, 0x0, 0x5, 0x0, 0xffffffff, 0x1}, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000600)={{{@in=@local, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@private0}, 0x0, @in6=@dev}}, &(0x7f0000000180)=0xe8)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30100c6, &(0x7f00000004c0)={[], [{@subj_role={'subj_role', 0x3d, ':{&'}}, {@obj_role={'obj_role', 0x3d, '/'}}, {@uid_gt={'uid>', r3}}, {@permit_directio}, {@dont_appraise}, {@fsmagic={'fsmagic', 0x3d, 0x9}}]}, 0x5, 0x572, &(0x7f0000001600)="$eJzs3d9rU+cbAPDnpKm/v99WENnGGAUv5nCmtt0PB7twl2OTCdu9C2ks0tRIk4rthOnFvNnNkMEYE8but3svZf/A/gphCjKkbBe76TjpSW1t0jbamur5fCDyvnlP+p7nvOd5fU9OQgLIrZH0n0LEqxHxXRIxFBFJ1laMrHFkebvFR9cq6SOJpaXP/0pa26X19t9qv+5gVnklIn7/JuJEYX2/jfmF6XKtVp3N6qPNmcujjfmFkxdnylPVqeql8YmJ0+9OjH/w/nvbFutb5/758bO7H5/+9tjiD789OHwriTNxKGtbHcem9nVtub66MhIj2TEZjDNPbDjWy46/AJJ+7wBPZSDL88FI54ChGMiyHnj5fR0RS0BOJfIfcqq9Dmhf2/d0HfwSePjR8gXQ+viLy++NxL7WtdGBxWTNlVF6vTu8Df2nfdy5f/tW+ohe34cAeAbXb0TEqWJx/fyXZPPf0zu1hW2e7MP8B8/P3XT983an9U9hZf0THdY/Bzvk7tPYPP8LD7ahm67S9d+HHde/Kzethgey2v9aa77B5MLFWjWd2/4fEcdjcG9a3+h+zunFe0vd2lav/+6kh/rRtUp7LZjtx4Pi3rWvmSw3y88S82oPb0S81nH9m6yMf9Jh/NPjcW6LfRyt3n6jW9ua+O/fvrW4Lv6dtfRLxJsdx//xHa1k4/uTo63zYbR9Vqz3982jf3Trv9/xp+N/YOP4h5PV92sbvffx875/q93a1sQfneLvfP7vSb5olfdkz10tN5uzYxF7kk/XPz/++LXtenv7NP7jxzae/zqd//sj4sstxn/zyK+vbyn+Po3/ZE/j33vh3idf/dSt/83jT8f/nVbpePZMNv8NbRTXVnfwWY8fAAAAAAAA7CaFiDgUSaG0Ui4USqXlz3cciQOFWr3RPHGhPndpMlrflR2OwUL7TvfQqs9DjGWfh23Xx5+oT0TE4Yj4fmB/q16q1GuT/Q4eAAAAAAAAAAAAAAAAAAAAdomDXb7/n/pzoN97B+w4P/kN+bVp/m/HLz0Bu5L//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAA2+rc2bPpY2nx0bVKWp+8Mj83Xb9ycrLamC7NzFVKlfrs5dJUvT5Vq5Yq9ZnN/l6tXr88Nh5zV0eb1UZztDG/cH6mPnepef7iTHmqer46+FyiAgAAAAAAAAAAAAAAAAAAgBdLY35hulyrVWd3qpDsfBcK/SwUd8du5KdQjOfSV79nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB47L8AAAD//84fMw8=")
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c0000000206010800000000006a2699620000000900020073797a31000000000500010007000000050005000200000011000300686173683a6e65742c6e6574000000000500040000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

7.636595374s ago: executing program 2 (id=7206):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, 0x0, {}, {0x7, 0xb}, {0x9, 0xe}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x79b}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

6.98472748s ago: executing program 2 (id=7211):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
socket$netlink(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000300)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x16, &(0x7f0000000000)={@remote, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@llc={0x4, {@snap={0x1, 0xaa, "ce", "285b94", 0xf5}}}}}, 0x0)

6.854347376s ago: executing program 5 (id=7212):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r1 = syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)
syz_usb_disconnect(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000c00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

6.697702283s ago: executing program 9 (id=7215):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
open(&(0x7f0000000380)='./bus\x00', 0x143c62, 0x48)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

6.502832436s ago: executing program 2 (id=7216):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

6.225113838s ago: executing program 9 (id=7217):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
io_setup(0x6, &(0x7f0000000140)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f0000000600)=[&(0x7f0000000300)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r2, 0x0}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
shutdown(r2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r4}, 0x20)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003110000002cbd7000fcdbdf2503000900800000001cdc0dca159f68846960e56de42944af05000600000000000a00b9b60000000000000000000000000000000000000001020000000000000002000100000000000000070c0000000005000500000000000a"], 0x88}, 0x1, 0x7}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000f700000000001811000000000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="010000000000fcdbcf2554"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xeb, '\x00', 0x0, @tracing=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='fsi_master_acf_crc_rsp_error\x00', r9, 0x0, 0x53}, 0x18)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={<r11=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r10, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0xfffffffc}, r11, 0x400}}, 0x48)
close_range(r8, 0xffffffffffffffff, 0x0)

6.135455333s ago: executing program 2 (id=7218):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400"], 0x48)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
write$binfmt_format(r1, &(0x7f0000000100)='0\x00', 0x2)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35b", 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x2}}, 0x40)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r4, 0x0, 0x20006}, 0x18)

5.620360347s ago: executing program 3 (id=7219):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[c\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\x00\x00\xbf\xd1\xc8\x85\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40043, 0x1fe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0xac7c, 0x10100, 0x2002, 0x4000000}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_LINKAT={0x27, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, r3, 0x400})
io_uring_enter(r0, 0x7330, 0x0, 0x0, 0x0, 0x0)

5.291431255s ago: executing program 5 (id=7221):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, 0x0, {}, {0x7, 0xb}, {0x9, 0xe}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x79b}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.070391837s ago: executing program 1 (id=7222):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0xb6}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b", 0x800}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0x17}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
r2 = dup2(r1, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000008800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000008480)=[{&(0x7f00000062c0)="4bd203afa8a0a820573831475cc1ca6053bd0284b52b6bcd4c502be0ff09b7129c217f3c9d67ba184004f2bf0b7f03b31257bf6d6812b36e1f51908ef687e8251bfbb0b9f69e302edc28ecffd45e833222c77c05fc230977e0d617288a2e66caaaa8778bfa68feadf212a2d744713b1384039886323d0ed34984459e40c4f186588a738c54cbf74af7a6216faa39c19fcfe445a434f39b46800f46b454b868dbbe072b5629a22e12f874b9f2991994434354be6ffd4d80e1f1230011874785146729a948328f155cedb5122aab4347840eb1f13e0b2d6ec445209f07110df6391737694972f66c41281c68a0744e51bcb90e6249946b6c213bb85d6a791235805ec9ddeb03afbbd3a57e2e122a8ec318c8926489e71cc276776d5d0ffc0f16ed590c076c8fd7640738268450aeec1011de0d913ccf3f68395ce63256677302dff0b176686ed4868618d677a5e52ab1996f64e499fb942cf04d0024ec633560d4eec2b71fb6bd774c501b87715f3e1df55ae1f7aa065dece77394069492ad8365e8ea39ead9538d48fb50a08e2af84312b3b30384ff8441c2f51fcabbfe76aee565f413237b77cf3f95ee0884077db0724c195a4d40cf903402da79cf8161bdae5e39f557e67be556424deda2982344edcad4f36f03e197c50c88929e887f57e3b0836e9cd58e1132df47f52e15177e3ed5d9908bdfe42b6fe282f670d2a44165775d19958d5e689c47e444b16911dbc5f0ade56c679aecedfbb9eef16572fdd117f921f9f89c504b4fc1dd6ab8939f2ac7b8057498ad5a9ab09c99f540aa9784767fde91c92fd7209dfa6ba78e9953d5b8cfebfeacde6763af29193601d9a7fc6b73148c3aa3b483297f4881ad2d95b492f1476d4b218ac49c7cfb867b1650ba16d91e9412c1762ceb66531113956096bca757a2fd8cc1ad9a8cdf9615121d5f0d636cfa222fb21deae21f9f1982a8d0ace1f9104785eeb015ad1792b26d475b1bc4a454b63e7c8346a5b2bd40bc7541b2f6c02895f54e2fdb88ec2d678aaa9c783d61473afa2c8f6c2df83cd7491f26c7f527a38f71d4924225fc4ae77ef33d46012fba2d0ef723e39c75908a66e884b936cd17e20d3f59bf48f5cbf9ef2542ef9af618fc7df6daa30de39934acf70c8309382c266761966beec9ee78aecdb6623102776a04ee83b6193c0e4492665092d8c872fd355012d9fa65e4bac319b19e95baefae67b20de2dd3c43c4c5f1708ed0fcfba9fc192bf0868f4490c41befc09a5dd744b028c3ea20cdaa738c272ec7a816eed47bfad2121ebdbb8415755148330fc6778313d9831131c5c0c6ac8dc3f2fd678e4f20ff1e0fcf82d4795797936401b0cdbfd23fcc9c1e76d1d063a23d126faab2a225f0174d39446bc4215d2cece1997b233e4a807b161626aa9c5d507cc260cb7bbc22ae36e8f7b3862e841bdb19a31a5eb169804aaa04c898f14056a04e7089be42fafd5d6bf6f2471546beaf8db492c76482a7acea8eee3dddf017e209f9f99343036236ac6b198b90a78ff1a50eba379940de611ddf06f6eda290f2bde25c9573d105ac8a0fb286f7deaeac6e56d065d198f61daccef695890a5f840222899a55adc6d0cea1b5c296096aafc9f598fa4869edcdf047d72feee3a7c60ef5859f4ad96084160d550a109eaea639e01dab9b98cd7dc54b55d7eb2d213331bba4dee7c2029d47339e68c31800d77f370b42d2497f66907db06a2de988dbd14cd157836ebbc7239a8d218a797c5ba6816b28cf11576b5e4ddacc5ade05848ede263cd0d8d65f112c294309aac0bc76e58f7d99a704ced501795c57db6615ec6128090fc61698dd5d7210f30c05faf505ae0641899faf1babb36789c83d7ed723a9e1f7400a94da511899da552d782a43f42623af305a7284b538b2579db694347f8fc9db65dbac055dfa3333a3c0aceaf054b8576d7b3d14769b0ab0147bc3506310bf91e0ece8a6bd1bd878a4559cff9f8074f9bbaa6a034eaccf1a13a2dcef5cf991b457b7bc68f5a4e65114aa3e79fa732200f29d925a9fbc5ba377771837166ebe749332627f0e6e898ac3dc22df2356eccaa03ee00cf890d951e8fdd32834256ec3cf0eaa2141", 0x5dd}], 0x1}}], 0x6, 0x20004095)

5.013310753s ago: executing program 3 (id=7223):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="fa0008f600000001f0ffff7f399ffcce643b89b8"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRES32], &(0x7f00000007c0)='GPL\x00', 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='objagg_obj_parent_unassign\x00', r1, 0x0, 0x3}, 0x4e)
pipe(&(0x7f0000000080))
pipe2(0x0, 0x80c80)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x48)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0x2c)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETVESABLANK(r4, 0x560e, &(0x7f0000000140))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_ACTIVATE(r5, 0x5606, 0x4)
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000000))
set_tid_address(&(0x7f0000000040))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0137013710ff"})
getpid()
getpid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000010000000000000e020000000000000000000000010000840000000000000000030000000000002100000000000000060434c0fb9f00f8ee175209b3b3295caa9da3af618809b3e3fd22ebbf75eb1c3d98e7623cec0d8b1c07d8b4771abea376"], 0x0, 0x4f, 0x0, 0x8}, 0x28)

4.80114995s ago: executing program 9 (id=7224):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1, 0x0, 0x6}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x58e, &(0x7f0000000140), 0x1, 0x451, &(0x7f0000000780)="$eJzs289vFFUcAPDvTFug/LAV8Qc/1CoaG3+0tKBy8KLRxIMmJl7wWNtCkIUaWhMhRNEYPBoS78ajiX+BJ70Y9WTiVe+GhBguoqc1szvD/mC3tMu2g+znkwx9b+YN7333zdt9M283gIE1kf2TROyMiN8jYqyebS0wUf9z/dqF+X+uXZhPolp9+6+kVu7vaxfmi6LFeTvyzGQakX6WxP4O9S6fO39qrlJZPJvnp1dOvz+9fO78cydPz51YPLF4Zvbo0SOHZ158Yfb5vsR5b9bWfR8tHdj7+juX35w/dvndn78dKuJvi6NPJlY7+GS12ufqyrWrKZ0Ml9gQ1iUbA1l3jdTG/1gMRaPzxuK1T0ttHLChqrkuhy9WgbtYEmW3AChH8UGf3f8W2+bNPsp39eX6DVAW9/V8qx8ZjjQvM9J2f9tPExFx7OK/X2VbbMxzCACAFt9n859nO83/0nigqdw9+drQeL6Wsjsi7ouIPRFxf0St7IMR8dA6629fJLl5/pNe6SmwNcrmfy/la1ut879i9hfjQ3luVy3+keT4ycriofw1mYyRrVl+ZpU6fnj1ty+6HWue/2VbVn8xF8zbcWV4a+s5C3Mrc7cTc7Orn0TsG+4Uf3JjJSCJiL0Rsa/HOk4+/c2BbsduHf8q+rDOVP064ql6/1+MtvgLyerrk9PborJ4aLq4Km72y6+X3upW/23F3wdZ/2/veP3fiH88aV6vXV5/HZf++LzrPc1UT9d/Y8eW/O+HcysrZ2citiRv1BvdvH+2cW6RL8pn8U8e7Dz+d0fjldgfEdlF/HBEPBIRj+Z991hEPB4RB9viar6//umVJ97rFv+d0P8Lbf0/3lqkrf8biS3RvqdzYujUj9+1/o+N5Nre/47UUpP5nrW8/62lXb1dzQAAAPD/k0bEzkjSqRvp0XRqqv4d/j2xPa0sLa88c3zpgzML9d8IjMdIWjzpGmt6HjqT39YX+dm2/OH8ufGXQ6O1/NT8UmWh7OBhwO24afyntfGf+XOo7NYBG87vtWBwNY3/pMx2AJvP5z8MLuMfBleH8T9aRjuAzdfp8//jEtoBbL628W/ZDwaI+38YXMY/DK7m8e8LADAwlkfj1j+S75TYFr2cJXHXJCK9I5rRn0TS4yhYa2Jn2QGuP1H2OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB//BcAAP//pgHvrg==")
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x200)
ioctl$EVIOCGEFFECTS(r2, 0x80044584, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)

4.661202767s ago: executing program 1 (id=7225):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000000)='./file0\x00', 0x2010804, &(0x7f0000000400)={[{@fat=@check_strict}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x5}}, {@fat=@quiet}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x6}}, {@fat=@nfs_nostale_ro}, {@fat=@umask={'umask', 0x3d, 0x87}}, {@nodots}, {@fat=@nfs_stale_rw}, {@nodots}, {@dots}, {@dots}, {}, {@fat=@umask={'umask', 0x3d, 0x1}}]}, 0x1, 0x262, &(0x7f0000000040)="$eJzs3UFr02AYB/BnW9dmA3Fn8RDw4mmo36BIBTEgVHrQk4XpZRMhu1RP/Rh+Bj+SH2On3SouoZ1ZFTvTpprfD0oe8s9b3uTQt4fnbd/e/3B68vH8/ezbl0iSNDoR07iMOIrd2IvCTnncvaq7cd00/tydFa4FANZnOBz3m54DNdq5eSrP++P9iOjdSEZfNzMpAAAAAAAAAAAA6ra0/7/SQ1ZX/z8AsB30////8rw/Piy/v/1M/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQnMvZ7O7sN6+m5wcA1M/6DwDtY/0HgPax/gNA+7x6/eZFP8sGwzRNIi6mk9FkVByL/NnzbPAovXK0GHUxmYz2yzobPC7ytJofluOfLM278fBBkf/Inr7MKnkvTtZ98wAAAAAAAAAAAAAAAAAAALAljtO5yv7+vSI//lVeVNd+H6Cyf78T9zobuw0AAAAAAAAAAAAAAAAAAAD4p51/+nw6Pjt7lysU8+IgbjEqifmZ2wxfrehGxKqjerElj3d9RVLfk2/6kwkAAAAAAAAAAAAAAAAAANpnsem36ZkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQHMW////N8VB+W7Lr2n4FgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICW+B4AAP//C6SJig==")
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r0, 0x2275, &(0x7f0000000040))

4.332774038s ago: executing program 5 (id=7226):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
socket$netlink(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000300)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x16, &(0x7f0000000000)={@remote, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@llc={0x4, {@snap={0x1, 0xaa, "ce", "285b94", 0xf5}}}}}, 0x0)

4.246419426s ago: executing program 9 (id=7227):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)={{0x14, 0x10, 0x7c, 0x0, 0x6000, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}}, 0x40)

4.129474089s ago: executing program 1 (id=7228):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000540)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

3.931302398s ago: executing program 5 (id=7229):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xa}, 0x94)

3.760611928s ago: executing program 3 (id=7230):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x20, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r0, 0xe27, 0x70bd28, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x4000)

3.689011494s ago: executing program 9 (id=7231):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000002c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_disconnect(r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000c00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.671714356s ago: executing program 1 (id=7232):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, &(0x7f00000000c0)=0x13)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x5412, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a00000000000000001812", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x7}, 0x18)
io_uring_enter(0xffffffffffffffff, 0x5b43, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="b40007350060"})
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000040))
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

3.43942436s ago: executing program 5 (id=7233):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
memfd_create(&(0x7f0000000480)='[\v\xdbX\xae[c\x1f\x1a\xa9\xfd\xfa\xad\xd1md\xe7\xe2\x7f\x9b\xd5R\x10\xf3\xb6\x00\x00\xbf\xd1\xc8\x85\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\x9fc\xda\xa9\x83r\xd8\x98\x00\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9', 0x1)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40043, 0x1fe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0xac7c, 0x10100, 0x2002, 0x4000000}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_LINKAT={0x27, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, r3, 0x400})
io_uring_enter(r0, 0x7330, 0x0, 0x0, 0x0, 0x0)

3.398405517s ago: executing program 3 (id=7234):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0xa}, 0x80, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000a40)="294f28dfe56d2c8ba23606bc", 0xc}], 0x2}, 0x8001)

3.004822567s ago: executing program 3 (id=7235):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f00000003c0)={&(0x7f0000000180), 0x10, &(0x7f0000000380)=[{&(0x7f0000000480)="c3e972bd85a6d84136d6dd55048d3593a74f338ce6772ab9a6f64041c2f6fbbecdc08ebcd3192b6a53662dae7c8e9c665e80a5d0925f728dcac30c29793992e588952653d414cb8ccdabc38767fee819ec5af0c5ee936880fe8549b4ed347779cab4ffd4e0b62c53a1c01db28f2b3f91c34211c9353bc1dece61511917c2245fd66cb8dffeacb4d46d627c97b498bf1ff6b313bfbc9765457c831771d5eec7997ec242e4505f01c1bb3e069b2e630f42a2be86598a61", 0xb6}, {&(0x7f0000000300)='V', 0x1}, {&(0x7f0000001600)="3eed50d0125719a810f88e3f47186fe4dae74182dfd109a2587c4797410c9b8e39bd3d9aa144d5908647c30c8db69b5c17084c9b1bfbb8680737c4f88abcdbc7d294d72ab1b344270915df9ddf5635644c351c22b29d948ac4106bce7107570beed63077cfbc98ef71699eae65d37724d995b553e7a3ade619b522313ab382caf879feb48942878e605ee3ee2872794e3abe22a3f025068b628a5d92468092a5cc649bbbd978b5772e537939432a502122235ced312dafd108c9ffeb0b38cc16da9418ca01d485a6afb5827da4df6e1121ec307de14bb32b6a977608e4576a998182dd93d592ff43e55bfdbbce23ecd501e43b3e93ef8d9d01711dff54c301e299d3801a3cffe6c9883fbd0e47124dc02569f62d48b878fcb58ce99fcffcd2a5166eff3ad93cf1d137274993d86a3b3730d63ded759f6ca88fa449e5575b15321e5a58a1f888eed7466db4976ce35f6d2efb5ad05d99a66482dc607cb5acb24d326803bd337519cc98103f59c63b5962cd72e4497d1b00817d6e09de70270a09b493c2226617b1c9ef9d506be00d6e07f14633a966f04ecca90fb8d2b963ad6f3817935bd6534fa3da1c5dc468789cbf1192f3c0bff3777f1edd2ada5d35f88f12f29e952c44445ce623509d66811c80a9e0f13ad85aba37d86ff0da4dda601d9e8acb264233bc939fb056316612cff687d5c44157be05bcc88b333ff2a40041d98f1acfe6e2231a84e09bd7a54a0442cf87ce3ee8fd8da39da1862862ae40fc3cb3055c8b70e62f243850707341f51426bb3e71c7a4fffefab060db786000618b05eb087a424a2f30f6a232ff44b605f70ceec0a8f70e37907f6e0bbba21e9d5b7ecb6d287742b75c101ba79525918c3473eae38f3c177249dfa8816661c9921f0b0c858d53ab87c8407b97950c842111002edd1d1e80b801b495da28bcd5409bc971e55dab1857e188ac9728efc8f9a4543945f86ade13b445eacecbbf848a96410ac37c57e3e9e8bc8b8fadd559d225c7468639da2b5d1208558b51e94c14faa7947a7c60e81a96bb5d194cc7289adbc02ebb4b49be1f1efc429db2f9b79b5a22919dba0c35341042c5776942c52365367c4bfc95b42be383cca7107161ded7e851d0126da33d581f1e2b08d0c061e86d31e7a83f9b51c79b4034c7deda7697034e1404c6e8e459f76c2efe64350146c7437ef808e04ca14df5f6f500264fd977272bbf8fc096774e8eb61d0963430751ac1425a073f84346b0eba368cba7fa34adc420800d4f99927280eba199f9695cf88124fafc3a2b1226d2f2ab3ea27c69a127650cf5c725b54c02bd8729033cf699ce7f030f9a3442056244da3cfb61a8126dba11377624f39eb009242152fd7b8b88de7dd86057f29bfcb7b7df0e65e7e9ac9eeaa41afa62743698bff03d5b2d51fb6bca2d92294e8e177cfa3661b26f1c040e9bed983b7bc0aa154eb9c92e4ee25091318c53113a1c23ac62d2d71504cba99041f29a4f332133292cf20abec9222a2acca57cac48fa6c0668ee5eecb494741a64d33b011dcca74696d4614c5b45a5d20983b1708d365ed3ffa60f9161972a611c22642c3c259b41f943f6d7a8b60f284d325e38fe76f0645e069ff70cae38850ccf973193b6232c987df26239a574691f7f07fffa6deae1eb0324fe546573c36f2a2c31cd442517a9b036ae6a2a491e7343864693c107a5dc2585820863c146c1ba6caa4fea9b87d567716f4c8ca1a9d2848055cd750512d3b7415d090019dc8a04a1a1d28931093cd8f00e94c407ca1fa2a5ce903d9df26e008c07cd13afa783220e1bd5e6b60645f3dbb6ecb4156fedafa2dd25498c6a99d94f0b38125ea7741b75109dcac9f80635f79f5c8a0483bb9f05a3a5bf721c7541edb252449f8b13e63c370a6146332f03ca1f1b6fe0bed984f13744bb7fa0fe322e83ddf9ffb2083e94f33604a0a199220c450dad94bf154805e7f9e4350ca2d81adf2978c87dcc8a8a7d56297ec124bfef0d28f35777205e973272c87e01070f14f5b14daa3b5104d9ff6b296c4f16ed49eb42d35e7ba3bccb7a26c33a263df88aadd596e9d9de0abbd4d449df11081f2cd62e1d8962b9b9feb25a3b8e03537d61a61c11ac22b7211d12c84e60a6abcc219e558b2513d8c530b3c7a57cdc47de545aafbb2a13c0e6c75b1b92fa241c713c83a09c92b2b61d565120372a9143415583c9596f27a663d4967cd653b08cebd6cb96c1f0dc80d57267ac9a8281d7149bde880828ee27d69a6818db58320db29d1b044eaf6ab8a5108bc522de406990b5393b1f7e7bab71bf6cf8eed1cd59c7607d662e8b313f5c4fce0f59b1027371381011b63dd5b2b09739082c0d62ffad96e30153a395234937d377c32fe7af82aca3a19d0ebc4a5c5fb5ff190f14d5695c703b571fb4bf03756635cafc6cf6267eab836c347a9d07e8089fc105346934cf3364e5be370b3c42b94bc5ae3d17a817398566a2953251eb91697d67278145df9a4b917bcca1bf211780b22f4caacfcb7604c84f943d05f6fdf8edbd258d7d8dbf84f9d99e57472c5b1c2337d749a1f345e662e2536d23c7a63bbbbf00f8b5b0a2106a0342ab27b9a10b82e82668cd49e0cbb09d7be0217645f1dda3be59c8232fa290d34791cda52aa5b5cec6339ab96a2eb3f5328cc7c0e6717c2824344547a2ed518f6b2b4e4fe5b684596aa6a9d3988fc5d5ff4cb46cec99d951b8386b10949a163af974b7543df97b4882a4ed60e927a1deb67c5f814235bef65fea79a2c712815be7403c93a3707fb90d4604ec3a6a3b0928f253f6ab6bd56c958e026c8c58172c4ac2a3efe2ecd5cea70c8313f9ac2d638bc296ba99e2ca86d2fd06b5402cdcddc3f3c9845d5ae77f6f36963b", 0x800}, {&(0x7f0000000340)="b768eb20304f2fdc5a9694a4867840d93170ca1a86406f", 0x17}], 0x4, 0x0, 0x0, 0x8010}, 0x0)
r2 = dup2(r1, r0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmmsg(r2, &(0x7f0000008800)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000008480)=[{&(0x7f00000062c0)="4bd203afa8a0a820573831475cc1ca6053bd0284b52b6bcd4c502be0ff09b7129c217f3c9d67ba184004f2bf0b7f03b31257bf6d6812b36e1f51908ef687e8251bfbb0b9f69e302edc28ecffd45e833222c77c05fc230977e0d617288a2e66caaaa8778bfa68feadf212a2d744713b1384039886323d0ed34984459e40c4f186588a738c54cbf74af7a6216faa39c19fcfe445a434f39b46800f46b454b868dbbe072b5629a22e12f874b9f2991994434354be6ffd4d80e1f1230011874785146729a948328f155cedb5122aab4347840eb1f13e0b2d6ec445209f07110df6391737694972f66c41281c68a0744e51bcb90e6249946b6c213bb85d6a791235805ec9ddeb03afbbd3a57e2e122a8ec318c8926489e71cc276776d5d0ffc0f16ed590c076c8fd7640738268450aeec1011de0d913ccf3f68395ce63256677302dff0b176686ed4868618d677a5e52ab1996f64e499fb942cf04d0024ec633560d4eec2b71fb6bd774c501b87715f3e1df55ae1f7aa065dece77394069492ad8365e8ea39ead9538d48fb50a08e2af84312b3b30384ff8441c2f51fcabbfe76aee565f413237b77cf3f95ee0884077db0724c195a4d40cf903402da79cf8161bdae5e39f557e67be556424deda2982344edcad4f36f03e197c50c88929e887f57e3b0836e9cd58e1132df47f52e15177e3ed5d9908bdfe42b6fe282f670d2a44165775d19958d5e689c47e444b16911dbc5f0ade56c679aecedfbb9eef16572fdd117f921f9f89c504b4fc1dd6ab8939f2ac7b8057498ad5a9ab09c99f540aa9784767fde91c92fd7209dfa6ba78e9953d5b8cfebfeacde6763af29193601d9a7fc6b73148c3aa3b483297f4881ad2d95b492f1476d4b218ac49c7cfb867b1650ba16d91e9412c1762ceb66531113956096bca757a2fd8cc1ad9a8cdf9615121d5f0d636cfa222fb21deae21f9f1982a8d0ace1f9104785eeb015ad1792b26d475b1bc4a454b63e7c8346a5b2bd40bc7541b2f6c02895f54e2fdb88ec2d678aaa9c783d61473afa2c8f6c2df83cd7491f26c7f527a38f71d4924225fc4ae77ef33d46012fba2d0ef723e39c75908a66e884b936cd17e20d3f59bf48f5cbf9ef2542ef9af618fc7df6daa30de39934acf70c8309382c266761966beec9ee78aecdb6623102776a04ee83b6193c0e4492665092d8c872fd355012d9fa65e4bac319b19e95baefae67b20de2dd3c43c4c5f1708ed0fcfba9fc192bf0868f4490c41befc09a5dd744b028c3ea20cdaa738c272ec7a816eed47bfad2121ebdbb8415755148330fc6778313d9831131c5c0c6ac8dc3f2fd678e4f20ff1e0fcf82d4795797936401b0cdbfd23fcc9c1e76d1d063a23d126faab2a225f0174d39446bc4215d2cece1997b233e4a807b161626aa9c5d507cc260cb7bbc22ae36e8f7b3862e841bdb19a31a5eb169804aaa04c898f14056a04e7089be42fafd5d6bf6f2471546beaf8db492c76482a7acea8eee3dddf017e209f9f99343036236ac6b198b90a78ff1a50eba379940de611ddf06f6eda290f2bde25c9573d105ac8a0fb286f7deaeac6e56d065d198f61daccef695890a5f840222899a55adc6d0cea1b5c296096aafc9f598fa4869edcdf047d72feee3a7c60ef5859f4ad96084160d550a109eaea639e01dab9b98cd7dc54b55d7eb2d213331bba4dee7c2029d47339e68c31800d77f370b42d2497f66907db06a2de988dbd14cd157836ebbc7239a8d218a797c5ba6816b28cf11576b5e4ddacc5ade05848ede263cd0d8d65f112c294309aac0bc76e58f7d99a704ced501795c57db6615ec6128090fc61698dd5d7210f30c05faf505ae0641899faf1babb36789c83d7ed723a9e1f7400a94da511899da552d782a43f42623af305a7284b538b2579db694347f8fc9db65dbac055dfa3333a3c0aceaf054b8576d7b3d14769b0ab0147bc3506310bf91e0ece8a6bd1bd878a4559cff9f8074f9bbaa6a034eaccf1a13a2dcef5cf991b457b7bc68f5a4e65114aa3e79fa732200f29d925a9fbc5ba377771837166ebe749332627f0e6e898ac3dc22df2356eccaa03ee00cf890d951e8fdd32834256ec3cf0eaa2141", 0x5dd}], 0x1}}], 0x6, 0x20004095)

2.782576424s ago: executing program 5 (id=7236):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, 0x0, {}, {0x7, 0xb}, {0x9, 0xe}}, [@qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x79b}}]}, 0x38}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

2.409698085s ago: executing program 3 (id=7237):
socket(0x2000000000000021, 0x2, 0x10000000000002)
socket(0x2b, 0x1, 0x1)
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00000001c0), 0x0)
syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000680)='./file0\x00', 0x14c0e, &(0x7f0000000b40)=ANY=[@ANYRES8=0x0], 0xfd, 0x6b1, &(0x7f0000001f80)="$eJzs3V1vG1kdx/Hf2E7iZFFVAapWVbc5bVkpFcW1nW2qqFzsMBknA7bHmnEgkZBWhSarqk6Btkg0NyU3PEjLG+Bub7jgRazE9b4LuAJpBXcgJDRoZjx+iB9St0m6D99P1Ho8c+ac/5zj+t+JPWcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkORvlcsVS3Wtu75jJnI3Ab2RP8hrZntY2p5vpws1pbc7F7UpW/EfFot5OV7/9zX6RS/Ff13UlfXZFxfihqMO3Ll28941CLtt/SsCvQrNW+PT54aP7nc7ek5com9fM1b9Jyr1EoU236YW+17A3XeOFvllfWyvf3qqFpubV3XA3bLsN4wRuru0HZsW5aSrr66vGLe36283NDbvuZivvfqdaLq+Z7y+kAy2pFDpbXr3uNTeTMvHmuMxd89GP0wKu3TBm/2Fnb3Ugnhfj+jguVDnpSOJC1ZMKVcvVaqVSrVbW7qzfuVsuF0ZWlGNWuUcjJU79RYsvmNN9AwdeQy7O/3+1pLqKampbOzJjfxxtKJCvxoTtXVn+f/e2O7XdwfyfZfm5/ubLSvL/1fTZ1Un5f0IsRibZYdwWa8L62X7mkoiMnuq5DvVI99VRR3t6cgp1G5nlU6nlHH425aopT6F8eWrITtaY7hqjda1pTWV9oC3VFMqoJk91uQq1q1BtufEraj4eLVe22vIVyGhFjm7KqKJ1rWtVRq5K2pWvbTW1qQ3Z+ncURft6mPT7aj+m/PGRV1aoMuEgFlTIXnd7qk452kn5/ycv0r27+b9M/v+qSl8HC+nDp9PKAJ8DUff8f0bLZxMNAAAAAAA4C1by23cr+VT+HUmRal7dLb/psAAAAAAAwCmyFC3oiqz0W/l6Rxbn/wAAAAAAfNlYyTV2lqSl5Ev9Vv9yqZf5JUD+HEIEAAAAAACvKbny/+q8FCWTVizLmun8HwAAAAAAfAH8bmCO/UI2x26Ufayfk7T8twXrk38uKJizjlo737IO7HiLfdAtM/INgHbtsnWhO1Fv8jAvKXnmuFesbmvdSTB78w5+tn/SXP9WcCyA+fxgBRMCsOKW1wrdZ/pI19JdrnXnmX9wmFOyJW1lqebV3ZLj1+9VZNsXcm13p/3Lxw9/JQW949x/2Nkr/fRnnQdJLEfxqqODuNIXQ+HkxndGP5ZnyXwLyTUX4454UbWsyd83G0tW0m45O/687IPcYEPTBqDf5m90PR2z61FadumwN+O+JS0nkz9USsmQDR19MGf1o6gcP/JxAzEhimISxY20zI2VG+lDFl9cT84qfjsvVUujYzAURXUwipP7wvrXSF9Mi0JWMe6L1TiKv8QVHYviR5+kO6/OFsXIiADAm7Lfz0LJJOYjeTdLD9mb2ivlnZOz+/vD2f3ZH6M0Q+WlQveziamtFBW/o69YSR6aTyd0L1we845eLv0niiL7QlGD7+j/i1K9HPty2e0oiqLjx/rn/j2QumGPRPHfKIruVZJM8odjWfXjeIePJ7Yb1qv5uAtvPzv4eTIBfuzDvQ/3Hlerq2vl98rlO1XNJf9V6D7kRe4BAIw4+R47SYnclBLWe7qW1nHtwT/eTZeGMt7Xu18pyHT0QLeyWwgsj691aeBrCLfSs1bp+lL6uHRoLl28tygNlLUKyR1ebk08q0ty6UC91V7Z7L5Dx88A+2VXz3IIAAA4d9cn5GFpKP9rOP8Xh/L/La2kJVYujz3vHs7l3bPj3in9pLKVk4N//5Q7AwCArwg3+Mxaav/WCgKv9UFlfb1it7dcE/jOD0zgbWy6xmu23cDZspubrmkFftt3/LppBVrwFt3QhNutlh+0Tc0PTMsPvZ3kzu+me+v30G3YzbbnhK26a4eucfxm23baZsMLHdPa/l7dC7fcINk5bLmOV/Mcu+35TRP624HjlowJXXegoLfhNttezYsXm6YVeA072DU/9OvbDddsuKETeK22n1aYteU1a37QSKotKZr5RocAAHwZPX1++Oh+p7P35PjCYnxqnq450oQyowvzYypkjiAAAD5n+ul6hp2KZxgQAAAAAAAAAAAAAAAAAAAAAAAYcfIlfTMuzI27WFDqrfnFhe4a/Vr9SwxH6rF02oHNspCbda/skojDR59OKbzYW5N1/2CZo1ka1UXplQ/w71+T3krWKF1TOP0+XJwyuGex8N39tEcn95gm9NhCbywKp//PIV54/KcJm6IoiqbvvjDch/PTDnB4oSDpyfxrDMH5vxcBOF//DwAA//9wiz37")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2202)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1.744782087s ago: executing program 2 (id=7238):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_opts(r0, 0x29, 0x37, 0x0, &(0x7f0000001040))

1.568114963s ago: executing program 2 (id=7239):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
socket$netlink(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000300)='GPL\x00'}, 0x94)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000006c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r5, r2, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x16, &(0x7f0000000000)={@remote, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@llc={0x4, {@snap={0x1, 0xaa, "ce", "285b94", 0xf5}}}}}, 0x0)

993.26804ms ago: executing program 1 (id=7240):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="fa0008f600000001f0ffff7f399ffcce643b89b8"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x13, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYRES32], &(0x7f00000007c0)='GPL\x00', 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='objagg_obj_parent_unassign\x00', r1, 0x0, 0x3}, 0x4e)
pipe(&(0x7f0000000080))
pipe2(0x0, 0x80c80)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[], 0x48)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0x2c)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
ioctl$TIOCL_SETVESABLANK(r4, 0x560e, &(0x7f0000000140))
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$VT_ACTIVATE(r5, 0x5606, 0x4)
ioctl$TIOCL_BLANKSCREEN(r5, 0x541c, &(0x7f0000000000))
set_tid_address(&(0x7f0000000040))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8923, &(0x7f00000000c0)={'bond_slave_0\x00', @random="0137013710ff"})
getpid()
getpid()
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002d00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000003000000010000000000000e020000000000000000000000010000840000000000000000030000000000002100000000000000060434c0fb9f00f8ee175209b3b3295caa9da3af618809b3e3fd22ebbf75eb1c3d98e7623cec0d8b1c07d8b4771abea376"], 0x0, 0x4f, 0x0, 0x8}, 0x28)

0s ago: executing program 1 (id=7241):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7105056d0301820656bf77fa630fc4285b5b25"], 0x12)

kernel console output (not intermixed with test programs):

: left promiscuous mode
[ 1365.783213][T22870] bond0 (unregistering): Released all slaves
[ 1365.884250][T23076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1365.925646][T21678] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1366.041855][T21678] EXT4-fs error (device loop0): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1366.077057][T21678] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6334: Corrupt filesystem
[ 1366.129264][T21678] EXT4-fs error (device loop0): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[ 1366.346925][T22870] tipc: Disabling bearer <udp:syz2>
[ 1366.353265][T22870] tipc: Left network mode
[ 1366.370241][T23076] team0: Port device team_slave_0 added
[ 1366.529750][T23076] team0: Port device team_slave_1 added
[ 1367.209498][T23076] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1367.216800][T23076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1367.243502][T23076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1367.598753][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1367.623336][T23076] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1367.631032][T23076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1367.657507][T23076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1368.651654][T22870] hsr_slave_0: left promiscuous mode
[ 1368.688891][T22870] hsr_slave_1: left promiscuous mode
[ 1368.696973][T22870] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1368.705007][T22870] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1368.746518][T22870] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1368.755397][T22870] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1368.909081][T22870] veth1_macvtap: left promiscuous mode
[ 1368.915230][T22870] veth0_macvtap: left allmulticast mode
[ 1368.921145][T22870] veth0_macvtap: left promiscuous mode
[ 1368.927030][T22870] veth1_vlan: left promiscuous mode
[ 1368.932949][T22870] veth0_vlan: left promiscuous mode
[ 1370.026807][T22870] pim6reg (unregistering): left allmulticast mode
[ 1370.768597][T22870] team0 (unregistering): Port device team_slave_1 removed
[ 1370.823928][T22870] team0 (unregistering): Port device team_slave_0 removed
[ 1370.948876][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1370.948962][   T30] audit: type=1326 audit(1757555112.090:3008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1370.978700][   T30] audit: type=1326 audit(1757555112.090:3009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.006038][   T30] audit: type=1326 audit(1757555112.090:3010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.029129][   T30] audit: type=1326 audit(1757555112.100:3011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.052195][   T30] audit: type=1326 audit(1757555112.100:3012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.075473][   T30] audit: type=1326 audit(1757555112.100:3013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.101797][   T30] audit: type=1326 audit(1757555112.132:3014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.127826][   T30] audit: type=1326 audit(1757555112.132:3015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.152151][   T30] audit: type=1326 audit(1757555112.153:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.175100][   T30] audit: type=1326 audit(1757555112.153:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23454 comm="syz.8.6059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1371.589429][T23076] hsr_slave_0: entered promiscuous mode
[ 1371.600556][T23076] hsr_slave_1: entered promiscuous mode
[ 1372.362527][T23484] netlink: 'syz.8.6060': attribute type 4 has an invalid length.
[ 1372.380501][T22870] IPVS: stop unused estimator thread 0...
[ 1375.016763][T23076] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1375.104840][T23076] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1375.195734][T23076] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1375.264394][T23076] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1375.733469][   T30] kauditd_printk_skb: 37 callbacks suppressed
[ 1375.733552][   T30] audit: type=1326 audit(1757555117.224:3055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.763226][   T30] audit: type=1326 audit(1757555117.224:3056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.793546][   T30] audit: type=1326 audit(1757555117.224:3057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.816814][   T30] audit: type=1326 audit(1757555117.234:3058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.839947][   T30] audit: type=1326 audit(1757555117.234:3059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.869546][   T30] audit: type=1326 audit(1757555117.234:3060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.894376][   T30] audit: type=1326 audit(1757555117.234:3061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.917435][   T30] audit: type=1326 audit(1757555117.255:3062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.940734][   T30] audit: type=1326 audit(1757555117.287:3063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1375.968988][   T30] audit: type=1326 audit(1757555117.287:3064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23566 comm="syz.8.6069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd6fd8eba9 code=0x7ffc0000
[ 1376.501556][T23076] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1376.609098][T23076] 8021q: adding VLAN 0 to HW filter on device team0
[ 1376.671517][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.679156][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1376.786443][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.793981][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1376.834037][T23577] netlink: 'syz.9.6071': attribute type 4 has an invalid length.
[ 1378.149252][T23076] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1378.531873][T23076] veth0_vlan: entered promiscuous mode
[ 1378.650922][T23076] veth1_vlan: entered promiscuous mode
[ 1378.951652][T23076] veth0_macvtap: entered promiscuous mode
[ 1379.031676][T23076] veth1_macvtap: entered promiscuous mode
[ 1379.202423][T23076] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1379.260123][T23076] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1379.357394][T22870] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1379.413444][T22882] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1379.461954][   T58] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1379.520404][   T58] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1379.818655][T12348] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1379.830224][T12348] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1379.841166][T12348] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1379.857123][T12348] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1379.875070][T12348] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1381.711418][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1381.711501][   T30] audit: type=1326 audit(1757555123.481:3069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23608 comm="syz.9.6078" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7fc00000
[ 1381.890563][T16395] Bluetooth: hci0: command tx timeout
[ 1382.274209][T23597] chnl_net:caif_netlink_parms(): no params data found
[ 1383.464877][T12348] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1383.485366][T12348] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1383.495016][T12348] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1383.516734][T12348] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1383.538320][T12348] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1383.946893][T16395] Bluetooth: hci0: command tx timeout
[ 1384.285490][   T30] audit: type=1326 audit(1757555126.179:3070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.309871][   T30] audit: type=1326 audit(1757555126.179:3071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.333921][   T30] audit: type=1326 audit(1757555126.190:3072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.359994][   T30] audit: type=1326 audit(1757555126.190:3073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.386449][   T30] audit: type=1326 audit(1757555126.200:3074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.411205][   T30] audit: type=1326 audit(1757555126.200:3075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.434926][   T30] audit: type=1326 audit(1757555126.347:3076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.457870][   T30] audit: type=1326 audit(1757555126.347:3077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.484080][   T30] audit: type=1326 audit(1757555126.347:3078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23770 comm="syz.9.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1384.577782][T23597] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1384.585398][T23597] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1384.594069][T23597] bridge_slave_0: entered allmulticast mode
[ 1384.612996][T23597] bridge_slave_0: entered promiscuous mode
[ 1384.665133][T23597] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1384.672925][T23597] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1384.680712][T23597] bridge_slave_1: entered allmulticast mode
[ 1384.692233][T23597] bridge_slave_1: entered promiscuous mode
[ 1385.008190][T23597] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1385.202813][T23597] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1385.543387][T16395] Bluetooth: hci6: command tx timeout
[ 1385.600735][T23597] team0: Port device team_slave_0 added
[ 1385.631614][T23597] team0: Port device team_slave_1 added
[ 1385.934009][T16395] Bluetooth: hci0: command tx timeout
[ 1385.942588][T23597] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1385.949901][T23597] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1385.976193][T23597] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1385.997254][T23597] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1386.004418][T23597] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1386.036974][T23597] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1386.440613][T23597] hsr_slave_0: entered promiscuous mode
[ 1386.451728][T23597] hsr_slave_1: entered promiscuous mode
[ 1386.461237][T23597] debugfs: 'hsr0' already exists in 'hsr'
[ 1386.467507][T23597] Cannot create hsr debugfs directory
[ 1387.383676][T23746] chnl_net:caif_netlink_parms(): no params data found
[ 1387.481770][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1387.491107][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1387.512304][T16395] Bluetooth: hci6: command tx timeout
[ 1387.680878][T22870] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1387.689912][T22870] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1387.883557][T16395] Bluetooth: hci0: command tx timeout
[ 1388.725903][T23597] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1388.821424][T23597] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1388.874254][T23597] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1388.908703][T23597] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1389.182363][T23746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1389.190282][T23746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1389.198342][T23746] bridge_slave_0: entered allmulticast mode
[ 1389.208634][T23746] bridge_slave_0: entered promiscuous mode
[ 1389.307398][T23746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1389.316778][T23746] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1389.334874][T23746] bridge_slave_1: entered allmulticast mode
[ 1389.345156][T23746] bridge_slave_1: entered promiscuous mode
[ 1389.483643][T16395] Bluetooth: hci6: command tx timeout
[ 1389.752582][T23746] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1389.881365][T23746] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1390.345054][T23746] team0: Port device team_slave_0 added
[ 1390.455358][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1390.455445][   T30] audit: type=1326 audit(1757555132.647:3082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.486483][   T30] audit: type=1326 audit(1757555132.657:3083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.614150][T23746] team0: Port device team_slave_1 added
[ 1390.681151][   T30] audit: type=1326 audit(1757555132.752:3084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.711194][   T30] audit: type=1326 audit(1757555132.762:3085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.737004][   T30] audit: type=1326 audit(1757555132.773:3086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.760116][   T30] audit: type=1326 audit(1757555132.773:3087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.783318][   T30] audit: type=1326 audit(1757555132.783:3088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1390.814461][   T30] audit: type=1326 audit(1757555132.783:3089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f7d84f8ebe3 code=0x7ffc0000
[ 1390.837385][   T30] audit: type=1326 audit(1757555132.794:3090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f7d84f8d65f code=0x7ffc0000
[ 1390.860288][   T30] audit: type=1326 audit(1757555132.794:3091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24214 comm="syz.9.6097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f7d84f8ec37 code=0x7ffc0000
[ 1391.154080][T23746] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1391.161660][T23746] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1391.197048][T23746] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1391.544250][T16395] Bluetooth: hci6: command tx timeout
[ 1391.698383][T23746] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1391.705881][T23746] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1391.732664][T23746] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1391.828911][T24217] usb usb8: usbfs: process 24217 (syz.3.6098) did not claim interface 0 before use
[ 1392.165985][T23597] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1392.399545][T12348] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1392.430381][T12348] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1392.487669][T12348] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1392.596327][T12348] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1392.646171][T12348] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1392.785139][T23746] hsr_slave_0: entered promiscuous mode
[ 1392.795803][T23746] hsr_slave_1: entered promiscuous mode
[ 1392.805139][T23746] debugfs: 'hsr0' already exists in 'hsr'
[ 1392.811181][T23746] Cannot create hsr debugfs directory
[ 1393.119481][    C0] I/O error, dev loop6, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1393.158499][T23334] FAT-fs (loop6): unable to read inode block for updating (i_pos 1050)
[ 1393.180672][T23597] 8021q: adding VLAN 0 to HW filter on device team0
[ 1393.188058][    C0] I/O error, dev loop6, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1393.246361][T23334] FAT-fs (loop6): unable to read inode block for updating (i_pos 1050)
[ 1393.255863][T23334] FAT-fs (loop6): Failed to update on disk inode for unused fallocated blocks, inode could be corrupted. Please run fsck
[ 1393.416851][ T3986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1393.424516][ T3986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1393.690056][ T3986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1393.697881][ T3986] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1394.669713][T16395] Bluetooth: hci7: command tx timeout
[ 1396.134811][T23572] syz_tun (unregistering): left allmulticast mode
[ 1396.653202][T16395] Bluetooth: hci7: command tx timeout
[ 1396.892513][T23746] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1397.088768][T23746] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1397.357060][T23597] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1397.386388][T23746] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1397.481763][T23746] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1397.536769][ T3986] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1397.737453][ T3986] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1397.915266][ T3986] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1398.041228][ T3986] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1398.229745][T23334] syz_tun (unregistering): left allmulticast mode
[ 1398.627744][T16395] Bluetooth: hci7: command tx timeout
[ 1399.030132][ T3986] bridge_slave_1: left allmulticast mode
[ 1399.038075][ T3986] bridge_slave_1: left promiscuous mode
[ 1399.045024][ T3986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1399.181364][ T3986] bridge_slave_0: left allmulticast mode
[ 1399.187505][ T3986] bridge_slave_0: left promiscuous mode
[ 1399.194332][ T3986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.018501][ T3986] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1400.060498][ T3986] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1400.084882][ T3986] bond0 (unregistering): Released all slaves
[ 1400.206194][T24261] chnl_net:caif_netlink_parms(): no params data found
[ 1400.627644][T16395] Bluetooth: hci7: command tx timeout
[ 1400.783311][T23746] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1401.103731][T23597] veth0_vlan: entered promiscuous mode
[ 1401.148307][T23746] 8021q: adding VLAN 0 to HW filter on device team0
[ 1401.211588][T23597] veth1_vlan: entered promiscuous mode
[ 1401.472303][ T3885] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1401.479922][ T3885] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1401.666081][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1401.673592][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1401.858118][ T3986] hsr_slave_0: left promiscuous mode
[ 1401.884847][ T3986] hsr_slave_1: left promiscuous mode
[ 1401.918574][ T3986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1401.929352][ T3986] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1401.971851][ T3986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1401.982966][ T3986] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1402.083908][T24601] loop3: detected capacity change from 0 to 512
[ 1402.113505][ T3986] veth1_macvtap: left promiscuous mode
[ 1402.116392][T24601] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1402.119259][ T3986] veth0_macvtap: left promiscuous mode
[ 1402.136589][ T3986] veth1_vlan: left promiscuous mode
[ 1402.142326][ T3986] veth0_vlan: left promiscuous mode
[ 1402.144647][T24601] EXT4-fs (loop3): filesystem is read-only
[ 1402.186935][T24601] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[ 1402.253248][T24601] EXT4-fs (loop3): filesystem is read-only
[ 1402.261210][T24601] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1402.322658][T24601] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #16: comm syz.3.6115: iget: bad i_size value: 648518346341360424
[ 1402.375699][T24601] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.6115: couldn't read orphan inode 16 (err -117)
[ 1402.442292][T24601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1402.709297][T23076] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1403.034059][ T3986] team0 (unregistering): Port device team_slave_1 removed
[ 1403.063506][ T3986] team0 (unregistering): Port device team_slave_0 removed
[ 1403.564707][T23597] veth0_macvtap: entered promiscuous mode
[ 1403.721523][T23597] veth1_macvtap: entered promiscuous mode
[ 1403.843280][T24619] loop3: detected capacity change from 0 to 1024
[ 1404.098598][T24619] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #2: comm syz.3.6119: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[ 1404.144237][T23597] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1404.230649][T24619] EXT4-fs (loop3): get root inode failed
[ 1404.236809][T24619] EXT4-fs (loop3): mount failed
[ 1404.278077][T23597] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1404.337324][ T3885] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1404.364369][T24261] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.372084][T24261] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.379900][T24261] bridge_slave_0: entered allmulticast mode
[ 1404.390059][T24261] bridge_slave_0: entered promiscuous mode
[ 1404.424412][ T3885] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1404.482074][   T58] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1404.528226][T16418] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1404.554652][T24261] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.562465][T24261] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.570455][T24261] bridge_slave_1: entered allmulticast mode
[ 1404.581192][T24261] bridge_slave_1: entered promiscuous mode
[ 1405.181022][T24261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1405.385056][T24261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1406.051417][T24619] loop3: detected capacity change from 0 to 128
[ 1406.063143][T24619] EXT4-fs: Ignoring removed nobh option
[ 1406.128054][T24619] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1406.168191][T24619] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1406.216962][T24619] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6119'.
[ 1406.417969][T24619] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1406.627543][T24619] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1406.744962][T24715] random: crng reseeded on system resumption
[ 1406.814542][T24715] Restarting kernel threads ...
[ 1406.821031][T24715] Done restarting kernel threads.
[ 1407.637931][T24261] team0: Port device team_slave_0 added
[ 1408.081403][T23076] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1409.558084][T24261] team0: Port device team_slave_1 added
[ 1409.618710][ T3986] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1409.628933][ T3986] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1409.852867][ T3986] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1409.863619][ T3986] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.086193][ T3986] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1410.100258][ T3986] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1410.376952][ T3986] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1410.391470][ T3986] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.157698][ T3986] bond2: left allmulticast mode
[ 1411.163119][ T3986] bond2: left promiscuous mode
[ 1411.173578][ T3986] bridge0: port 2(bond2) entered disabled state
[ 1411.307933][ T3986] bond1: left allmulticast mode
[ 1411.313731][ T3986] bond1: left promiscuous mode
[ 1411.319579][ T3986] bridge0: port 1(bond1) entered disabled state
[ 1411.492368][ T3986] tipc: Resetting bearer <eth:syzkaller0>
[ 1412.760244][T24754] loop3: detected capacity change from 0 to 512
[ 1412.935533][T24754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1412.948867][T24754] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1413.487078][T23076] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1413.642054][ T3986] tipc: Disabling bearer <eth:syzkaller0>
[ 1413.726083][ T3986] bond0 (unregistering): Released all slaves
[ 1413.749928][ T3986] bond1 (unregistering): Released all slaves
[ 1413.774180][ T3986] bond2 (unregistering): Released all slaves
[ 1414.127609][T23746] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1414.365895][ T3986] tipc: Left network mode
[ 1414.427252][T24261] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1414.434670][T24261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1414.461129][T24261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1414.763978][T24261] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1414.771405][T24261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1414.803157][T24261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1414.954793][   T30] kauditd_printk_skb: 20 callbacks suppressed
[ 1414.954887][   T30] audit: type=1326 audit(1757555158.401:3112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24793 comm="syz.9.6128" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x0
[ 1415.349400][T24261] hsr_slave_0: entered promiscuous mode
[ 1415.430563][T24261] hsr_slave_1: entered promiscuous mode
[ 1415.433680][T24261] debugfs: 'hsr0' already exists in 'hsr'
[ 1415.433767][T24261] Cannot create hsr debugfs directory
[ 1416.322439][ T3986] hsr_slave_0: left promiscuous mode
[ 1416.332792][ T3986] hsr_slave_1: left promiscuous mode
[ 1416.344937][ T3986] batman_adv: batadv0: Interface deactivated: vlan0
[ 1416.351739][ T3986] batman_adv: batadv0: Removing interface: vlan0
[ 1416.382597][ T3986] veth1_macvtap: left promiscuous mode
[ 1416.388495][ T3986] veth0_macvtap: left promiscuous mode
[ 1416.394874][ T3986] veth1_vlan: left promiscuous mode
[ 1416.401296][ T3986] veth0_vlan: left promiscuous mode
[ 1417.113606][ T3628] smc: removing ib device syz!
[ 1419.087290][T23746] veth0_vlan: entered promiscuous mode
[ 1419.214240][T23746] veth1_vlan: entered promiscuous mode
[ 1419.248261][T24876] lo speed is unknown, defaulting to 1000
[ 1419.259531][T24876] lo speed is unknown, defaulting to 1000
[ 1419.269782][T24876] lo speed is unknown, defaulting to 1000
[ 1419.698950][T23746] veth0_macvtap: entered promiscuous mode
[ 1419.717601][T24876] infiniband s
z1: set active
[ 1419.722498][T24876] infiniband s
z1: added lo
[ 1419.729146][T12854] lo speed is unknown, defaulting to 1000
[ 1419.778103][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1419.786448][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1419.965069][T23023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1419.973448][T23023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1420.023899][T23746] veth1_macvtap: entered promiscuous mode
[ 1420.043173][T24876] RDS/IB: s
z1: added
[ 1420.051384][T24876] smc: adding ib device s
z1 with port count 1
[ 1420.057931][T24876] smc:    ib device s
z1 port 1 has pnetid 
[ 1420.065825][T24876] lo speed is unknown, defaulting to 1000
[ 1421.171933][T12854] lo speed is unknown, defaulting to 1000
[ 1421.178219][T24876] lo speed is unknown, defaulting to 1000
[ 1421.734339][T24876] lo speed is unknown, defaulting to 1000
[ 1422.301694][T24876] lo speed is unknown, defaulting to 1000
[ 1422.837270][T23746] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1422.940055][T24876] lo speed is unknown, defaulting to 1000
[ 1423.492482][T23746] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1423.502077][T24876] lo speed is unknown, defaulting to 1000
[ 1423.598294][T24932] serio: Serial port ptm0
[ 1424.222532][   T73] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.287983][   T73] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.371315][   T73] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1424.414458][   T73] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1425.633321][T24946] bridge0: port 3(gretap0) entered blocking state
[ 1425.640577][T24946] bridge0: port 3(gretap0) entered disabled state
[ 1425.648247][T24946] gretap0: entered allmulticast mode
[ 1425.906507][T24946] gretap0: entered promiscuous mode
[ 1425.914035][T24946] bridge0: port 3(gretap0) entered blocking state
[ 1425.921048][T24946] bridge0: port 3(gretap0) entered forwarding state
[ 1425.938797][T24876] lo speed is unknown, defaulting to 1000
[ 1425.945133][T24947] gretap0: left allmulticast mode
[ 1425.945243][T24947] gretap0: left promiscuous mode
[ 1425.946280][T24947] bridge0: port 3(gretap0) entered disabled state
[ 1426.030505][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.365555][ T3986] IPVS: stop unused estimator thread 0...
[ 1428.636860][ T3986] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1428.801815][ T3986] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1428.952499][ T3986] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.179783][ T3986] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1429.260808][T24988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6145'.
[ 1429.348174][T24261] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1429.388427][   T30] audit: type=1326 audit(1757555173.551:3113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24989 comm="syz.9.6146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1429.417759][   T30] audit: type=1326 audit(1757555173.551:3114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24989 comm="syz.9.6146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1429.514259][T24261] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1429.611598][T24261] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1429.751795][T24996] loop4: detected capacity change from 0 to 512
[ 1429.815854][T24996] EXT4-fs: Ignoring removed nobh option
[ 1429.863492][T24261] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1429.917341][ T3986] bridge_slave_1: left allmulticast mode
[ 1429.923269][ T3986] bridge_slave_1: left promiscuous mode
[ 1429.930449][ T3986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1429.968617][ T3986] bridge_slave_0: left allmulticast mode
[ 1429.975295][ T3986] bridge_slave_0: left promiscuous mode
[ 1429.977082][T24996] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13
[ 1429.982659][ T3986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1430.018517][ T3986] bond2: left allmulticast mode
[ 1430.026697][ T3986] bond2: left promiscuous mode
[ 1430.035452][ T3986] bridge0: port 3(bond2) entered disabled state
[ 1430.039693][T24996] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.6147: attempt to clear invalid blocks 2 len 1
[ 1430.100696][ T3986] bridge_slave_1: left allmulticast mode
[ 1430.107020][ T3986] bridge_slave_1: left promiscuous mode
[ 1430.113797][ T3986] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1430.156839][T24996] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1430.173149][T24996] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.6147: invalid indirect mapped block 1819239214 (level 0)
[ 1430.226080][ T3986] bridge_slave_0: left allmulticast mode
[ 1430.232496][ T3986] bridge_slave_0: left promiscuous mode
[ 1430.239327][ T3986] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1430.268451][T24996] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.6147: invalid indirect mapped block 1819239214 (level 1)
[ 1430.394888][T24996] EXT4-fs (loop4): 1 truncate cleaned up
[ 1430.407682][T24996] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1430.555352][T24996] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.6147: corrupted in-inode xattr: e_value out of bounds
[ 1430.906082][T23597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1431.517752][ T3986] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1431.573009][ T3986] bond_slave_0: left promiscuous mode
[ 1431.597647][ T3986] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1431.630330][ T3986] bond_slave_1: left promiscuous mode
[ 1431.663460][ T3986] bond0 (unregistering): Released all slaves
[ 1431.812016][T25026] random: crng reseeded on system resumption
[ 1431.882050][ T3986] dvmrp8 (unregistering): left allmulticast mode
[ 1432.191913][ T3986] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1432.212687][ T3986] bond_slave_0: left promiscuous mode
[ 1432.307126][ T3986] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1432.344633][ T3986] bond_slave_1: left promiscuous mode
[ 1432.361059][ T3986] bond0 (unregistering): Released all slaves
[ 1432.386416][ T3986] bond1 (unregistering): Released all slaves
[ 1432.418759][ T3986] bond2 (unregistering): Released all slaves
[ 1432.420330][T25030] serio: Serial port ptm0
[ 1433.073157][T25039] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6155'.
[ 1433.232881][ T3986] tipc: Left network mode
[ 1433.349873][T24261] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1433.925100][T24261] 8021q: adding VLAN 0 to HW filter on device team0
[ 1434.003838][ T3885] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1434.011493][ T3885] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1434.270711][T23023] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1434.278331][T23023] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1435.843147][ T3986] hsr_slave_0: left promiscuous mode
[ 1435.959581][ T3986] hsr_slave_1: left promiscuous mode
[ 1436.141658][ T3986] hsr_slave_0: left promiscuous mode
[ 1436.222136][ T3986] hsr_slave_1: left promiscuous mode
[ 1436.237287][ T3986] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1436.248961][ T3986] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1436.318901][ T3986] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1436.326970][ T3986] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1436.496191][ T3986] veth1_macvtap: left promiscuous mode
[ 1436.503309][ T3986] veth0_macvtap: left promiscuous mode
[ 1436.509663][ T3986] veth1_vlan: left promiscuous mode
[ 1436.515200][ T3986] veth0_vlan: left promiscuous mode
[ 1436.525626][ T3986] veth1_macvtap: left promiscuous mode
[ 1436.537149][ T3986] veth0_macvtap: left promiscuous mode
[ 1436.543120][ T3986] veth1_vlan: left promiscuous mode
[ 1436.549155][ T3986] veth0_vlan: left promiscuous mode
[ 1436.959346][T25085] serio: Serial port ptm0
[ 1437.272310][T25091] loop3: detected capacity change from 0 to 512
[ 1437.311459][T25091] EXT4-fs: Ignoring removed nobh option
[ 1437.340250][   T30] audit: type=1326 audit(1757555181.898:3115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.395588][T25091] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[ 1437.468914][   T30] audit: type=1326 audit(1757555181.930:3116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.492675][   T30] audit: type=1326 audit(1757555181.940:3117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.519621][   T30] audit: type=1326 audit(1757555181.940:3118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.544465][   T30] audit: type=1326 audit(1757555181.940:3119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.570410][   T30] audit: type=1326 audit(1757555181.940:3120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.594511][   T30] audit: type=1326 audit(1757555181.940:3121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.621157][   T30] audit: type=1326 audit(1757555181.951:3122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.640261][T25091] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.6168: attempt to clear invalid blocks 2 len 1
[ 1437.646339][   T30] audit: type=1326 audit(1757555181.951:3123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.663058][T25091] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, 
[ 1437.680976][   T30] audit: type=1326 audit(1757555181.951:3124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25092 comm="syz.9.6169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f7d84f8eba9 code=0x7ffc0000
[ 1437.713822][T25091] block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1437.724397][T25091] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6168: invalid indirect mapped block 1819239214 (level 0)
[ 1437.837075][T25091] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.6168: invalid indirect mapped block 1819239214 (level 1)
[ 1437.876309][T25091] EXT4-fs (loop3): 1 truncate cleaned up
[ 1437.884375][T25091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1438.014995][T25091] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.6168: corrupted in-inode xattr: e_value out of bounds
[ 1438.243243][ T3986] team0 (unregistering): Port device team_slave_1 removed
[ 1438.345860][ T3986] team0 (unregistering): Port device team_slave_0 removed
[ 1438.586531][T23076] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1439.129085][ T3986] team0 (unregistering): Port device team_slave_1 removed
[ 1439.179201][ T3986] team0 (unregistering): Port device team_slave_0 removed
[ 1439.190898][T15492] smc: removing ib device !yz!
[ 1441.515402][ T3986] IPVS: stop unused estimator thread 0...
[ 1441.702124][T25132] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6177'.
[ 1441.807849][T24261] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1443.032735][T24261] veth0_vlan: entered promiscuous mode
[ 1443.254024][T24261] veth1_vlan: entered promiscuous mode
[ 1444.178948][T24261] veth0_macvtap: entered promiscuous mode
[ 1444.313676][T24261] veth1_macvtap: entered promiscuous mode
[ 1444.641758][T12348] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1444.658407][T12348] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1444.703062][T12348] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1444.717786][T12348] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1444.745124][T12348] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1444.995852][T24261] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1445.092664][T24261] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1445.231252][T25145] lo speed is unknown, defaulting to 1000
[ 1445.265595][ T1888] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.327565][ T1888] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.422975][   T58] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1445.482424][ T3986] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1446.028460][T25160] loop7: detected capacity change from 0 to 8191
[ 1446.112278][T25160] Dev loop7: unable to read RDB block 8
[ 1446.118894][T25160]  loop7: unable to read partition table
[ 1446.133937][T25160] loop_reread_partitions: partition scan of loop7 ((õÉêä¾A«ÒÚi½åŒ×¯@ýpªÁ.½[ºvcÄ5¯ùG“Ýתà~ó_¿
“;Ûo×ìÝ‘µœ¨Õ) failed (rc=-5)
[ 1446.150784][   T30] kauditd_printk_skb: 6 callbacks suppressed
[ 1446.150887][   T30] audit: type=1326 audit(1757555191.064:3131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.187074][   T30] audit: type=1326 audit(1757555191.064:3132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.211445][   T30] audit: type=1326 audit(1757555191.074:3133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.234560][   T30] audit: type=1326 audit(1757555191.074:3134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.257539][   T30] audit: type=1326 audit(1757555191.074:3135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.284061][   T30] audit: type=1326 audit(1757555191.074:3136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.308368][   T30] audit: type=1326 audit(1757555191.221:3137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.331825][   T30] audit: type=1326 audit(1757555191.221:3138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.354797][   T30] audit: type=1326 audit(1757555191.242:3139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.381237][   T30] audit: type=1326 audit(1757555191.242:3140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25184 comm="syz.3.6186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1446.784678][T16395] Bluetooth: hci2: command tx timeout
[ 1446.912850][T23023] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.279874][T23023] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.639483][T23023] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.852637][T23023] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1448.385436][T25145] chnl_net:caif_netlink_parms(): no params data found
[ 1448.438568][T23023] bridge_slave_1: left allmulticast mode
[ 1448.445013][T23023] bridge_slave_1: left promiscuous mode
[ 1448.451903][T23023] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1448.567832][T23023] bridge_slave_0: left allmulticast mode
[ 1448.574006][T23023] bridge_slave_0: left promiscuous mode
[ 1448.580830][T23023] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.829495][T16395] Bluetooth: hci2: command tx timeout
[ 1449.239120][T12348] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1449.267497][T12348] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1449.279035][T12348] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1449.299733][T12348] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1449.314064][T23023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1449.327560][T12348] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1449.455535][T23023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1449.504479][T23023] bond0 (unregistering): Released all slaves
[ 1449.686204][T25318] lo speed is unknown, defaulting to 1000
[ 1450.845257][T16395] Bluetooth: hci2: command tx timeout
[ 1450.932473][T23023] hsr_slave_0: left promiscuous mode
[ 1450.983728][T23023] hsr_slave_1: left promiscuous mode
[ 1450.992078][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1450.999877][T23023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1451.022824][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1451.030505][T23023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1451.293112][T23023] veth1_macvtap: left promiscuous mode
[ 1451.299120][T23023] veth0_macvtap: left promiscuous mode
[ 1451.305098][T23023] veth1_vlan: left promiscuous mode
[ 1451.310844][T23023] veth0_vlan: left promiscuous mode
[ 1451.392363][T16395] Bluetooth: hci3: command tx timeout
[ 1452.295462][T23023] team0 (unregistering): Port device team_slave_1 removed
[ 1452.322638][T23023] team0 (unregistering): Port device team_slave_0 removed
[ 1452.875182][T16395] Bluetooth: hci2: command tx timeout
[ 1453.141622][T23023] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1453.336413][T16395] Bluetooth: hci3: command tx timeout
[ 1453.357059][T23023] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1453.544163][T23023] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1453.606699][T25145] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1453.607172][T25145] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.607812][T25145] bridge_slave_0: entered allmulticast mode
[ 1453.611227][T25145] bridge_slave_0: entered promiscuous mode
[ 1453.776215][T23023] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1453.782471][T25145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1453.782835][T25145] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1453.784465][T25145] bridge_slave_1: entered allmulticast mode
[ 1453.787819][T25145] bridge_slave_1: entered promiscuous mode
[ 1454.075063][T25145] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1454.131745][T25145] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1454.420296][T25145] team0: Port device team_slave_0 added
[ 1454.471992][T25145] team0: Port device team_slave_1 added
[ 1454.709278][T25318] chnl_net:caif_netlink_parms(): no params data found
[ 1454.738571][T25604] netlink: 'syz.3.6214': attribute type 4 has an invalid length.
[ 1454.751055][T23023] bridge_slave_1: left allmulticast mode
[ 1454.757246][T23023] bridge_slave_1: left promiscuous mode
[ 1454.763726][T23023] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1454.830617][T23023] bridge_slave_0: left allmulticast mode
[ 1454.837155][T23023] bridge_slave_0: left promiscuous mode
[ 1454.843931][T23023] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1455.318035][T16395] Bluetooth: hci3: command tx timeout
[ 1455.403841][T23023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1455.454069][T23023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1455.476153][T23023] bond0 (unregistering): Released all slaves
[ 1455.775704][T25145] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1455.782832][T25145] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1455.809340][T25145] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1456.007666][T25145] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1456.015842][T25145] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1456.043349][T25145] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1456.921399][T23023] hsr_slave_0: left promiscuous mode
[ 1456.936821][T23023] hsr_slave_1: left promiscuous mode
[ 1456.944927][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1456.955630][T23023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1457.140250][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1457.148400][T23023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1457.340699][T23023] veth1_macvtap: left promiscuous mode
[ 1457.347092][T23023] veth0_macvtap: left promiscuous mode
[ 1457.352973][T23023] veth1_vlan: left promiscuous mode
[ 1457.358601][T23023] veth0_vlan: left promiscuous mode
[ 1457.365763][T16395] Bluetooth: hci3: command tx timeout
[ 1458.260911][T23023] team0 (unregistering): Port device team_slave_1 removed
[ 1458.283711][T23023] team0 (unregistering): Port device team_slave_0 removed
[ 1458.634790][T25691] netlink: 'syz.3.6224': attribute type 4 has an invalid length.
[ 1458.655673][T25145] hsr_slave_0: entered promiscuous mode
[ 1458.659891][T25145] hsr_slave_1: entered promiscuous mode
[ 1458.662990][T25145] debugfs: 'hsr0' already exists in 'hsr'
[ 1458.663081][T25145] Cannot create hsr debugfs directory
[ 1459.424409][T25318] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1459.432995][T25318] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1459.440702][T25318] bridge_slave_0: entered allmulticast mode
[ 1459.456981][T25318] bridge_slave_0: entered promiscuous mode
[ 1459.560143][T25318] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1459.567972][T25318] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1459.576024][T25318] bridge_slave_1: entered allmulticast mode
[ 1459.585691][T25318] bridge_slave_1: entered promiscuous mode
[ 1459.796465][T25318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1459.976549][T25318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1460.245084][T25318] team0: Port device team_slave_0 added
[ 1460.276280][T25318] team0: Port device team_slave_1 added
[ 1460.602099][T25318] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1460.609490][T25318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1460.640423][T25318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1460.676851][T25318] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1460.684367][T25318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1460.710890][T25318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1461.381279][T25145] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1461.440058][T25318] hsr_slave_0: entered promiscuous mode
[ 1461.450368][T25318] hsr_slave_1: entered promiscuous mode
[ 1461.459260][T25318] debugfs: 'hsr0' already exists in 'hsr'
[ 1461.465330][T25318] Cannot create hsr debugfs directory
[ 1461.471981][T25145] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1461.526829][T25927] netlink: 'syz.4.6234': attribute type 4 has an invalid length.
[ 1461.678651][T25145] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1461.989316][T25145] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1463.373041][T25145] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1463.498381][T26019] netlink: 'syz.4.6243': attribute type 4 has an invalid length.
[ 1463.515311][T25318] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1463.638764][T25145] 8021q: adding VLAN 0 to HW filter on device team0
[ 1463.653404][T25318] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1463.736680][T22882] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1463.744593][T22882] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1463.783481][T25318] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1463.885682][T25318] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1463.987200][T22882] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1463.994807][T22882] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1465.614831][T25318] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1465.954256][T25318] 8021q: adding VLAN 0 to HW filter on device team0
[ 1466.107313][T22870] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1466.115249][T22870] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1466.164067][T22870] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1466.171701][T22870] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1466.345636][T25145] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1466.412702][T26050] loop3: detected capacity change from 0 to 8192
[ 1466.564113][T26050] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1466.886389][T26050] loop3: detected capacity change from 8192 to 2
[ 1467.201767][T25145] veth0_vlan: entered promiscuous mode
[ 1467.322595][T25145] veth1_vlan: entered promiscuous mode
[ 1467.611430][T25145] veth0_macvtap: entered promiscuous mode
[ 1467.690661][T25145] veth1_macvtap: entered promiscuous mode
[ 1467.930522][T25145] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1468.015697][T25145] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1468.166425][T23023] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.221769][T22882] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.276527][T22882] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.327542][T22882] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1468.780655][T25318] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1469.217875][T26087] program syz.9.6259 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1469.320966][T25318] veth0_vlan: entered promiscuous mode
[ 1469.459391][T25318] veth1_vlan: entered promiscuous mode
[ 1469.862775][T25318] veth0_macvtap: entered promiscuous mode
[ 1469.943737][T25318] veth1_macvtap: entered promiscuous mode
[ 1470.297034][T25318] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1470.335708][T25318] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1470.403003][T22882] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.438846][T22882] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.460698][   T73] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1470.575897][   T73] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1472.093378][T26121] loop4: detected capacity change from 0 to 2048
[ 1472.226712][T26121] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1472.486973][T23597] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1474.835906][T15492] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1474.844141][T15492] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1475.127541][ T1888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1475.136772][ T1888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1476.731636][T16395] Bluetooth: hci5: command 0x0406 tx timeout
[ 1477.814089][T26222] syzkaller0: entered promiscuous mode
[ 1477.819969][T26222] syzkaller0: entered allmulticast mode
[ 1477.979209][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1477.979292][   T30] audit: type=1326 audit(1757555224.556:3152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.008841][   T30] audit: type=1326 audit(1757555224.556:3153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.031925][   T30] audit: type=1326 audit(1757555224.556:3154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.070032][   T30] audit: type=1326 audit(1757555224.661:3155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=195 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.095035][   T30] audit: type=1326 audit(1757555224.661:3156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.118636][   T30] audit: type=1326 audit(1757555224.661:3157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26225 comm="syz.4.6292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff34c18eba9 code=0x7ffc0000
[ 1478.282879][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1478.292584][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1478.450092][ T1888] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1478.459132][ T1888] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1479.619781][T26266] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6300'.
[ 1479.885285][    C0] I/O error, dev loop9, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1479.895460][T25081] FAT-fs (loop9): unable to read inode block for updating (i_pos 1050)
[ 1479.921434][    C0] I/O error, dev loop9, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1479.978612][T25081] FAT-fs (loop9): unable to read inode block for updating (i_pos 1050)
[ 1479.987733][T25081] FAT-fs (loop9): Failed to update on disk inode for unused fallocated blocks, inode could be corrupted. Please run fsck
[ 1480.182776][T26274] 9pnet_fd: Insufficient options for proto=fd
[ 1480.939759][T26284] syzkaller0: entered promiscuous mode
[ 1480.945672][T26284] syzkaller0: entered allmulticast mode
[ 1481.229053][T16395] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1481.243966][T16395] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1481.254967][T16395] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1481.279231][T16395] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1481.303151][T16395] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1481.578573][T26292] lo speed is unknown, defaulting to 1000
[ 1482.945929][T26347] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6312'.
[ 1483.282389][T12348] Bluetooth: hci4: command tx timeout
[ 1483.393433][T26292] chnl_net:caif_netlink_parms(): no params data found
[ 1484.369872][T23023] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.592930][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.720265][T23023] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.915703][T23023] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1485.265879][T12348] Bluetooth: hci4: command tx timeout
[ 1485.365930][T23023] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1485.435756][T26292] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1485.436311][T26292] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1485.437138][T26292] bridge_slave_0: entered allmulticast mode
[ 1485.440905][T26292] bridge_slave_0: entered promiscuous mode
[ 1485.511667][T26292] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1485.512303][T26292] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1485.512987][T26292] bridge_slave_1: entered allmulticast mode
[ 1485.516905][T26292] bridge_slave_1: entered promiscuous mode
[ 1486.323339][T26292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1486.341129][T26292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1486.571899][T23023] bond1: left allmulticast mode
[ 1486.572037][T23023] bond1: left promiscuous mode
[ 1486.573010][T23023] bridge0: port 3(bond1) entered disabled state
[ 1486.578158][T23023] bridge_slave_1: left allmulticast mode
[ 1486.578265][T23023] bridge_slave_1: left promiscuous mode
[ 1486.579269][T23023] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1486.584897][T23023] bridge_slave_0: left allmulticast mode
[ 1486.585009][T23023] bridge_slave_0: left promiscuous mode
[ 1486.585831][T23023] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1487.247510][T12348] Bluetooth: hci4: command tx timeout
[ 1487.484551][T23023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1487.551588][T23023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1487.591501][T26606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6322'.
[ 1487.596340][T23023] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1487.624197][T23023] bond0 (unregistering): Released all slaves
[ 1487.656704][T23023] bond1 (unregistering): Released all slaves
[ 1487.690699][T26292] team0: Port device team_slave_0 added
[ 1487.699490][T26602] bridge_slave_1: left allmulticast mode
[ 1487.705801][T26602] bridge_slave_1: left promiscuous mode
[ 1487.712811][T26602] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1487.837251][T26602] bridge_slave_0: left allmulticast mode
[ 1487.843993][T26602] bridge_slave_0: left promiscuous mode
[ 1487.850870][T26602] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1488.061028][T26292] team0: Port device team_slave_1 added
[ 1488.070352][T23023] tipc: Disabling bearer <udp:s >
[ 1488.076491][T23023] tipc: Left network mode
[ 1488.108926][T26614] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6325'.
[ 1488.546881][T26292] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1488.556036][T26292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1488.582662][T26292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1488.632380][T26650] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1488.856104][T26292] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1488.863732][T26292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1488.890462][T26292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1489.276146][T12348] Bluetooth: hci4: command tx timeout
[ 1489.680900][T23023] hsr_slave_0: left promiscuous mode
[ 1489.749972][T23023] hsr_slave_1: left promiscuous mode
[ 1489.757899][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1489.766201][T23023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1489.806154][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1489.814084][T23023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1489.823139][T26649] loop3: detected capacity change from 0 to 8192
[ 1489.873825][T23023] veth1_macvtap: left promiscuous mode
[ 1489.885887][T23023] veth0_macvtap: left promiscuous mode
[ 1489.892164][T23023] veth1_vlan: left promiscuous mode
[ 1489.897685][T23023] veth0_vlan: left promiscuous mode
[ 1489.929275][T26649] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1490.360883][T26649] loop3: detected capacity change from 8192 to 0
[ 1490.372411][    C1] I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1490.382537][T26702] FAT-fs (loop3): FAT read failed (blocknr 1)
[ 1490.797355][T26708] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6336'.
[ 1490.886517][T26710] loop2: detected capacity change from 0 to 256
[ 1490.934224][T23023] team0 (unregistering): Port device team_slave_1 removed
[ 1490.946854][T26710] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ18446744073709551615'
[ 1490.970044][T23023] team0 (unregistering): Port device team_slave_0 removed
[ 1491.263983][T26710] loop2: detected capacity change from 0 to 1024
[ 1491.335327][T26292] hsr_slave_0: entered promiscuous mode
[ 1491.348738][T26292] hsr_slave_1: entered promiscuous mode
[ 1491.357836][T26292] debugfs: 'hsr0' already exists in 'hsr'
[ 1491.361724][T26713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6338'.
[ 1491.364095][T26292] Cannot create hsr debugfs directory
[ 1491.690727][T26710] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1491.886615][T26710] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[ 1491.987402][T26710] EXT4-fs (loop2): Remounting filesystem read-only
[ 1492.007168][T26760] syzkaller1: entered promiscuous mode
[ 1492.013812][T26760] syzkaller1: entered allmulticast mode
[ 1492.331202][T25318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1493.431212][T26292] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1493.513482][T26845] 9pnet_fd: Insufficient options for proto=fd
[ 1493.532186][T26292] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1493.539700][T26844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6350'.
[ 1493.603242][T26292] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1493.641942][T26822] loop4: detected capacity change from 0 to 8192
[ 1493.702811][T26292] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1493.767971][T26822] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1494.817733][T26292] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1494.996582][T26292] 8021q: adding VLAN 0 to HW filter on device team0
[ 1495.089863][T23023] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1495.097705][T23023] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1495.181594][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1495.189345][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1496.185647][T26877] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6363'.
[ 1496.236883][T16395] Bluetooth: hci0: command 0x0406 tx timeout
[ 1496.657925][T26888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6364'.
[ 1496.669180][T26888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6364'.
[ 1497.373184][T26292] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1497.617026][T26891] loop2: detected capacity change from 0 to 8192
[ 1497.665585][T26891] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1497.925962][T26908] loop2: detected capacity change from 8192 to 0
[ 1497.926780][    C0] I/O error, dev loop2, sector 1 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[ 1497.942140][    C0] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1497.959148][    C0] I/O error, dev loop2, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1497.975961][T26908] FAT-fs (loop2): Directory bread(block 65) failed
[ 1497.987853][    C0] I/O error, dev loop2, sector 66 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.007083][T26908] FAT-fs (loop2): Directory bread(block 66) failed
[ 1498.025869][    C0] I/O error, dev loop2, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.035476][    C0] I/O error, dev loop2, sector 67 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.045741][T26908] FAT-fs (loop2): Directory bread(block 67) failed
[ 1498.045827][T26891] FAT-fs (loop2): FAT read failed (blocknr 1)
[ 1498.054149][    C1] I/O error, dev loop2, sector 68 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.110148][    C0] I/O error, dev loop2, sector 65 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.131864][T26891] FAT-fs (loop2): unable to read inode block for updating (i_pos 1050)
[ 1498.159107][T26908] FAT-fs (loop2): Directory bread(block 68) failed
[ 1498.169804][    C1] I/O error, dev loop2, sector 69 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.186931][T26908] FAT-fs (loop2): Directory bread(block 69) failed
[ 1498.195199][    C1] I/O error, dev loop2, sector 70 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.224879][T26908] FAT-fs (loop2): Directory bread(block 70) failed
[ 1498.236097][    C1] I/O error, dev loop2, sector 71 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1498.261640][T26908] FAT-fs (loop2): Directory bread(block 71) failed
[ 1500.204144][T26938] lo speed is unknown, defaulting to 1000
[ 1500.210827][T26938] lo speed is unknown, defaulting to 1000
[ 1500.220247][T26938] lo speed is unknown, defaulting to 1000
[ 1500.271209][T26938] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1500.364281][T26938] lo speed is unknown, defaulting to 1000
[ 1500.372929][T26938] lo speed is unknown, defaulting to 1000
[ 1500.381684][T26938] lo speed is unknown, defaulting to 1000
[ 1500.390414][T26938] lo speed is unknown, defaulting to 1000
[ 1500.399313][T26938] lo speed is unknown, defaulting to 1000
[ 1501.223384][T26292] veth0_vlan: entered promiscuous mode
[ 1501.354762][T26292] veth1_vlan: entered promiscuous mode
[ 1501.805444][T26292] veth0_macvtap: entered promiscuous mode
[ 1501.916912][T26292] veth1_macvtap: entered promiscuous mode
[ 1502.141810][T26292] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1502.248453][T26292] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1502.367585][T23023] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.389055][T23023] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.474810][T23023] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.527981][T23023] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1503.170036][   T30] audit: type=1326 audit(1757555251.013:3158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.193442][   T30] audit: type=1326 audit(1757555251.024:3159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.310477][   T30] audit: type=1326 audit(1757555251.160:3160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.334076][   T30] audit: type=1326 audit(1757555251.160:3161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.358764][   T30] audit: type=1326 audit(1757555251.160:3162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.382684][   T30] audit: type=1326 audit(1757555251.160:3163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.586034][   T30] audit: type=1326 audit(1757555251.307:3164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.609165][   T30] audit: type=1326 audit(1757555251.307:3165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26961 comm="syz.2.6390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.924491][   T30] audit: type=1326 audit(1757555251.790:3166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26971 comm="syz.2.6393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1503.948761][   T30] audit: type=1326 audit(1757555251.790:3167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26971 comm="syz.2.6393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1505.723859][T26995] netlink: 36 bytes leftover after parsing attributes in process `syz.3.6402'.
[ 1506.259977][T27009] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6406'.
[ 1506.319232][T27009] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6406'.
[ 1510.631550][T27060] loop2: detected capacity change from 0 to 2
[ 1512.677132][ T1888] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1512.685623][ T1888] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1512.943963][ T3628] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1512.952231][ T3628] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1516.006119][T27177] netlink: 'syz.9.6457': attribute type 10 has an invalid length.
[ 1516.045537][T27177] team0: Port device netdevsim3 added
[ 1517.143449][T27196] loop9: detected capacity change from 0 to 1764
[ 1518.817561][T27237] rdma_op ffff88812a4aa180 conn xmit_rdma 0000000000000000
[ 1519.076032][T27241] loop9: detected capacity change from 0 to 1764
[ 1519.696612][T27256] netdevsim0: mtu less than device minimum
[ 1521.062228][T27283] loop9: detected capacity change from 0 to 1764
[ 1521.355600][T27289] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6500'.
[ 1523.792502][T27328] rdma_op ffff888050cbc980 conn xmit_rdma 0000000000000000
[ 1524.202090][T27330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6514'.
[ 1524.265518][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1524.265600][   T30] audit: type=1326 audit(1757555273.156:3170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27331 comm="syz.9.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1524.299023][   T30] audit: type=1326 audit(1757555273.177:3171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27331 comm="syz.9.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1524.327396][   T30] audit: type=1326 audit(1757555273.177:3172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27331 comm="syz.9.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1524.352453][   T30] audit: type=1326 audit(1757555273.177:3173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27331 comm="syz.9.6515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1526.487173][ T3986] FAT-fs (loop2): unable to read inode block for updating (i_pos 1050)
[ 1526.641133][T27363] netlink: 'syz.3.6525': attribute type 4 has an invalid length.
[ 1526.871451][T27368] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6527'.
[ 1527.207914][T27371] FAT-fs (loop7): bogus number of FAT structure
[ 1527.214848][T27371] FAT-fs (loop7): Can't find a valid FAT filesystem
[ 1529.567842][T27393] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1529.577430][T27393] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1529.791211][T27410] netlink: 'syz.1.6538': attribute type 4 has an invalid length.
[ 1529.816742][T27393] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1529.823576][T27393] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1529.936372][T27393] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1529.942715][T27393] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1529.984822][T27393] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1530.014529][T27393] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1530.022334][T27393] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1530.033704][T27393] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1530.046091][T27393] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1530.052713][T27393] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1530.099389][T27393] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1531.136364][T12348] Bluetooth: hci5: command 0x0406 tx timeout
[ 1531.591254][T27438] syzkaller0: entered promiscuous mode
[ 1531.596934][T27438] syzkaller0: entered allmulticast mode
[ 1531.798818][T12348] Bluetooth: hci0: command 0x0406 tx timeout
[ 1531.943400][T12348] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1531.979272][T12348] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1531.979558][T16395] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1532.265078][T27457] netlink: 'syz.1.6550': attribute type 4 has an invalid length.
[ 1532.912476][T27467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6554'.
[ 1533.115243][T16395] Bluetooth: hci5: command 0x0406 tx timeout
[ 1533.753260][T16395] Bluetooth: hci0: command 0x0406 tx timeout
[ 1533.889491][T16395] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1533.953282][T16395] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1533.967156][T16395] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1535.689476][T27510] loop9: detected capacity change from 0 to 1024
[ 1535.749444][T27510] EXT4-fs: Ignoring removed orlov option
[ 1535.755939][T27510] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1535.868669][T16395] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1535.934855][T16395] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1535.941461][T12348] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1535.965799][T12348] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1535.976153][T12348] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1535.985832][T12348] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1535.999449][T12348] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1536.057128][T12348] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1536.171062][T27516] lo speed is unknown, defaulting to 1000
[ 1536.566172][T27520] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6569'.
[ 1536.579108][T27516] lo speed is unknown, defaulting to 1000
[ 1536.913480][ T1631] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1537.265126][ T1631] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1537.275561][ T1631] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1537.290295][ T1631] usb 10-1: Product: syz
[ 1537.294803][ T1631] usb 10-1: Manufacturer: syz
[ 1537.301810][ T1631] usb 10-1: SerialNumber: syz
[ 1537.464183][ T1631] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1537.541724][T10665] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1537.877931][T12854] usb 10-1: USB disconnect, device number 12
[ 1537.914802][    C0] dummy_hcd dummy_hcd.9: timer fired with no URBs pending?
[ 1537.991563][T12348] Bluetooth: hci1: command tx timeout
[ 1538.070455][T27530] netlink: 'syz.9.6571': attribute type 13 has an invalid length.
[ 1538.603367][T10665] ath9k_htc 10-1:1.0: ath9k_htc: Target is unresponsive
[ 1538.611736][T10665] ath9k_htc: Failed to initialize the device
[ 1538.715419][T12854] usb 10-1: ath9k_htc: USB layer deinitialized
[ 1538.807812][T27530] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1538.933136][T27516] chnl_net:caif_netlink_parms(): no params data found
[ 1539.984217][T12348] Bluetooth: hci1: command tx timeout
[ 1540.622902][T27516] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.630601][T27516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.638399][T27516] bridge_slave_0: entered allmulticast mode
[ 1540.649489][T27516] bridge_slave_0: entered promiscuous mode
[ 1540.773088][T27516] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.780669][T27516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.792850][T27516] bridge_slave_1: entered allmulticast mode
[ 1540.802934][T27516] bridge_slave_1: entered promiscuous mode
[ 1541.310676][T27516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1541.339354][T27516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1541.833339][T27516] team0: Port device team_slave_0 added
[ 1541.922579][T27516] team0: Port device team_slave_1 added
[ 1541.966686][T12348] Bluetooth: hci1: command tx timeout
[ 1542.221958][T27516] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1542.230633][T27516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1542.264475][T27516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1542.375996][T27516] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1542.383732][T27516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1542.410996][T27516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1542.871770][T27516] hsr_slave_0: entered promiscuous mode
[ 1542.882217][T27516] hsr_slave_1: entered promiscuous mode
[ 1542.891250][T27516] debugfs: 'hsr0' already exists in 'hsr'
[ 1542.897398][T27516] Cannot create hsr debugfs directory
[ 1543.067891][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1543.944439][T12348] Bluetooth: hci1: command tx timeout
[ 1545.632354][T27516] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1545.732978][T27516] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1545.833369][T27516] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1545.957097][T27516] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1545.991416][T27999] netlink: 'syz.9.6616': attribute type 10 has an invalid length.
[ 1547.466081][T27516] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1547.667422][T27516] 8021q: adding VLAN 0 to HW filter on device team0
[ 1547.779367][ T3986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1547.787022][ T3986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1547.954194][ T3986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1547.961744][ T3986] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1551.927927][T28068] netlink: 'syz.9.6638': attribute type 10 has an invalid length.
[ 1551.954987][T28068] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1551.970349][T28068] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1551.993422][T27516] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1552.147800][T28070] serio: Serial port ptm0
[ 1555.318348][T27516] veth0_vlan: entered promiscuous mode
[ 1555.497853][T27516] veth1_vlan: entered promiscuous mode
[ 1556.049551][T27516] veth0_macvtap: entered promiscuous mode
[ 1556.209430][T27516] veth1_macvtap: entered promiscuous mode
[ 1556.535291][T27516] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1556.664797][T27516] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1556.913607][T22870] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1556.993849][T22870] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.060914][T16418] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1557.131319][T16418] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.765695][T28167] serio: Serial port ptm0
[ 1565.704866][T28246] serio: Serial port ptm0
[ 1566.584836][ T5019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1566.593053][ T5019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1566.901210][ T3885] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1566.909961][ T3885] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1567.518918][T28292] netlink: 'syz.5.6563': attribute type 4 has an invalid length.
[ 1570.486503][T28313] serio: Serial port ptm0
[ 1571.727427][T28329] netlink: 'syz.5.6710': attribute type 4 has an invalid length.
[ 1575.853075][T28310] Set syz1 is full, maxelem 65536 reached
[ 1575.962059][T16418] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1576.228864][T16418] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1576.523368][T16418] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1576.690929][T16418] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1577.391428][T16418] bridge_slave_1: left allmulticast mode
[ 1577.399520][T16418] bridge_slave_1: left promiscuous mode
[ 1577.406226][T16418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1577.512059][T16418] bridge_slave_0: left allmulticast mode
[ 1577.518042][T16418] bridge_slave_0: left promiscuous mode
[ 1577.526181][T16418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1577.870335][T28404] loop5: detected capacity change from 0 to 512
[ 1578.116800][T28404] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1578.130110][T28404] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1578.235840][T16418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1578.292027][T16418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1578.335626][T16418] bond0 (unregistering): Released all slaves
[ 1579.561452][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1579.893101][T16418] hsr_slave_0: left promiscuous mode
[ 1579.938893][T16418] hsr_slave_1: left promiscuous mode
[ 1579.947014][T16418] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1579.955012][T16418] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1580.045779][T16418] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1580.055562][T16418] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1580.204345][T16418] veth1_macvtap: left promiscuous mode
[ 1580.210532][T16418] veth0_macvtap: left promiscuous mode
[ 1580.216898][T16418] veth1_vlan: left promiscuous mode
[ 1580.222450][T16418] veth0_vlan: left promiscuous mode
[ 1580.298677][T28453] serio: Serial port ptm1
[ 1580.309627][T28447] serio: Serial port ptm0
[ 1580.678579][T28454] loop9: detected capacity change from 0 to 1024
[ 1580.722634][T28454] EXT4-fs: Ignoring removed orlov option
[ 1581.540494][T16418] team0 (unregistering): Port device team_slave_1 removed
[ 1581.709898][T16418] team0 (unregistering): Port device team_slave_0 removed
[ 1583.833215][T28511] serio: Serial port ptm0
[ 1584.895865][T28535] syzkaller0: entered promiscuous mode
[ 1584.901909][T28535] syzkaller0: entered allmulticast mode
[ 1587.297742][T28582] syzkaller0: entered promiscuous mode
[ 1587.303555][T28582] syzkaller0: entered allmulticast mode
[ 1588.556547][T28613] loop5: detected capacity change from 0 to 512
[ 1588.564865][T28615] netlink: 'syz.2.6790': attribute type 10 has an invalid length.
[ 1588.636007][T28615] team0: Port device netdevsim3 added
[ 1588.711278][T28613] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1588.724727][T28613] ext4 filesystem being mounted at /19/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1589.590865][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1590.129682][T28646] syzkaller0: entered promiscuous mode
[ 1590.135398][T28646] syzkaller0: entered allmulticast mode
[ 1591.385564][T28666] netlink: 2048 bytes leftover after parsing attributes in process `syz.9.6805'.
[ 1591.396576][T28666] netlink: 24 bytes leftover after parsing attributes in process `syz.9.6805'.
[ 1591.839182][T28670] netlink: 'syz.5.6807': attribute type 4 has an invalid length.
[ 1593.841865][T28695] syzkaller0: entered promiscuous mode
[ 1593.854442][T28695] syzkaller0: entered allmulticast mode
[ 1594.135359][T28709] netlink: 'syz.3.6819': attribute type 4 has an invalid length.
[ 1594.348561][T28712] netlink: 2048 bytes leftover after parsing attributes in process `syz.1.6820'.
[ 1594.359007][T28712] netlink: 24 bytes leftover after parsing attributes in process `syz.1.6820'.
[ 1595.174912][T28733] loop5: detected capacity change from 0 to 512
[ 1595.333904][T28733] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1595.347002][T28733] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1596.342778][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1597.597036][T28791] loop5: detected capacity change from 0 to 512
[ 1597.701837][T28791] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1597.715102][T28791] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1597.736011][T28799] program syz.1.6845 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1598.742450][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1599.299643][T28825] bridge_slave_1: left allmulticast mode
[ 1599.306558][T28825] bridge_slave_1: left promiscuous mode
[ 1599.320131][T28825] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1599.392791][T28825] bridge_slave_0: left allmulticast mode
[ 1599.398865][T28825] bridge_slave_0: left promiscuous mode
[ 1599.411664][T28825] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1599.522059][T28834] program syz.1.6858 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1600.200532][T28846] syzkaller0: entered promiscuous mode
[ 1600.206523][T28846] syzkaller0: entered allmulticast mode
[ 1600.317529][T28852] 9pnet: p9_errstr2errno: server reported unknown error 
[ 1601.243670][ T1631] kernel write not supported for file /335/oom_adj (pid: 1631 comm: kworker/0:2)
[ 1601.604928][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1602.687428][T28901] syzkaller0: entered promiscuous mode
[ 1602.693371][T28901] syzkaller0: entered allmulticast mode
[ 1606.522350][   T30] audit: type=1326 audit(1757555359.521:3174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.630345][   T30] audit: type=1326 audit(1757555359.574:3175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.653966][   T30] audit: type=1326 audit(1757555359.574:3176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.677479][   T30] audit: type=1326 audit(1757555359.584:3177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.700580][   T30] audit: type=1326 audit(1757555359.584:3178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.728330][   T30] audit: type=1326 audit(1757555359.584:3179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.753046][   T30] audit: type=1326 audit(1757555359.584:3180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.776034][   T30] audit: type=1326 audit(1757555359.584:3181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1606.799334][   T30] audit: type=1326 audit(1757555359.584:3182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28944 comm="syz.5.6892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1607.268144][T28954] loop5: detected capacity change from 0 to 512
[ 1607.427973][T28954] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1607.441318][T28954] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1607.559736][T28954] sd 0:0:1:0: device reset
[ 1607.810894][T28965] syzkaller0: entered promiscuous mode
[ 1607.816781][T28965] syzkaller0: entered allmulticast mode
[ 1607.933273][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1608.299885][T28982] loop5: detected capacity change from 0 to 512
[ 1608.441917][T28982] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1608.455825][T28982] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1609.335238][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1610.249134][T29026] loop5: detected capacity change from 0 to 1024
[ 1610.305888][T29026] EXT4-fs: Ignoring removed orlov option
[ 1610.312245][T29026] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1610.553708][T29026] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1610.982467][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1613.171693][T29079] s
z1: rxe_newlink: already configured on lo
[ 1614.774457][T29075] loop9: detected capacity change from 0 to 1024
[ 1617.338868][T29138] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1617.362857][T29137] IPVS: stopping master sync thread 29138 ...
[ 1617.584245][   T30] audit: type=1326 audit(1757555371.133:3183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.666343][   T30] audit: type=1326 audit(1757555371.175:3184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.689409][   T30] audit: type=1326 audit(1757555371.175:3185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.712580][   T30] audit: type=1326 audit(1757555371.175:3186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.736020][   T30] audit: type=1326 audit(1757555371.175:3187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.763542][   T30] audit: type=1326 audit(1757555371.186:3188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.788170][   T30] audit: type=1326 audit(1757555371.186:3189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.811245][   T30] audit: type=1326 audit(1757555371.186:3190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.835496][   T30] audit: type=1326 audit(1757555371.186:3191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1617.835750][   T30] audit: type=1326 audit(1757555371.186:3192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29139 comm="syz.3.6951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1618.234290][T29158] program syz.2.6955 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1618.995122][T29172] serio: Serial port ptm0
[ 1620.292771][T29201] loop9: detected capacity change from 0 to 1024
[ 1620.304984][T29205] program syz.5.6970 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1620.332960][T29201] EXT4-fs: Ignoring removed orlov option
[ 1620.339151][T29201] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1624.165291][   T30] kauditd_printk_skb: 112 callbacks suppressed
[ 1624.165377][   T30] audit: type=1326 audit(1757555378.041:3305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.198340][   T30] audit: type=1326 audit(1757555378.041:3306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.222196][   T30] audit: type=1326 audit(1757555378.052:3307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.245455][   T30] audit: type=1326 audit(1757555378.052:3308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.268431][   T30] audit: type=1326 audit(1757555378.052:3309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.291468][   T30] audit: type=1326 audit(1757555378.073:3310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.317462][   T30] audit: type=1326 audit(1757555378.115:3311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.341359][   T30] audit: type=1326 audit(1757555378.115:3312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.364644][   T30] audit: type=1326 audit(1757555378.125:3313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1624.458792][T29288] sd 0:0:1:0: device reset
[ 1624.493174][   T30] audit: type=1326 audit(1757555378.293:3314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29278 comm="syz.2.6998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f799578eba9 code=0x7ffc0000
[ 1630.450004][   T30] kauditd_printk_skb: 76 callbacks suppressed
[ 1630.450091][   T30] audit: type=1326 audit(1757555384.645:3391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29403 comm="syz.9.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1630.590318][   T30] audit: type=1326 audit(1757555384.698:3392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29403 comm="syz.9.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1630.613864][   T30] audit: type=1326 audit(1757555384.719:3393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29403 comm="syz.9.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1630.639852][   T30] audit: type=1326 audit(1757555384.719:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29403 comm="syz.9.7041" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1630.860906][   T30] audit: type=1326 audit(1757555384.897:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1630.884469][   T30] audit: type=1326 audit(1757555384.897:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1630.911979][   T30] audit: type=1326 audit(1757555384.897:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1630.938002][   T30] audit: type=1326 audit(1757555384.897:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1630.962089][   T30] audit: type=1326 audit(1757555384.897:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1630.984973][   T30] audit: type=1326 audit(1757555384.897:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29405 comm="syz.5.7042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f660ad8eba9 code=0x7ffc0000
[ 1632.779215][T29446] netlink: 'syz.2.7054': attribute type 3 has an invalid length.
[ 1632.788174][T29446] netlink: 'syz.2.7054': attribute type 3 has an invalid length.
[ 1635.899102][T29515] loop9: detected capacity change from 0 to 1024
[ 1635.922783][T29515] EXT4-fs: Ignoring removed orlov option
[ 1635.929091][T29515] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1636.072470][T29524] netlink: 2048 bytes leftover after parsing attributes in process `syz.2.7081'.
[ 1636.087895][T29524] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7081'.
[ 1636.752055][T29534] @: renamed from vlan0 (while UP)
[ 1636.842532][T29540] loop5: detected capacity change from 0 to 1024
[ 1636.902372][   T30] kauditd_printk_skb: 94 callbacks suppressed
[ 1636.902450][   T30] audit: type=1326 audit(1757555391.417:3495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1636.932452][   T30] audit: type=1326 audit(1757555391.417:3496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1636.955431][   T30] audit: type=1326 audit(1757555391.417:3497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1636.984717][   T30] audit: type=1326 audit(1757555391.428:3498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1637.081007][   T30] audit: type=1326 audit(1757555391.543:3499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1637.107355][   T30] audit: type=1326 audit(1757555391.543:3500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29541 comm="syz.3.7087" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc4f98eba9 code=0x7ffc0000
[ 1637.134446][T29540] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1637.317929][T29540] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.7086: Allocating blocks 497-513 which overlap fs metadata
[ 1637.427670][T29540] EXT4-fs (loop5): pa ffff888122e835b0: logic 16, phys. 145, len 23
[ 1637.436228][T29540] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[ 1637.844445][T29560] 9pnet_fd: Insufficient options for proto=fd
[ 1637.845140][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1638.316860][T29572] loop5: detected capacity change from 0 to 1024
[ 1638.376696][T29572] EXT4-fs: Ignoring removed orlov option
[ 1638.382904][T29572] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1638.499785][T29572] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1638.738027][   T30] audit: type=1326 audit(1757555393.338:3501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29579 comm="syz.9.7099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1638.764739][   T30] audit: type=1326 audit(1757555393.349:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29579 comm="syz.9.7099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1638.788384][   T30] audit: type=1326 audit(1757555393.349:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29579 comm="syz.9.7099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1638.815983][   T30] audit: type=1326 audit(1757555393.349:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29579 comm="syz.9.7099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1638.961084][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1639.503230][T29607] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7105'.
[ 1639.602434][T29609] loop9: detected capacity change from 0 to 512
[ 1640.435672][T29629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7113'.
[ 1640.883151][T29632] loop9: detected capacity change from 0 to 1024
[ 1640.923327][T29632] EXT4-fs: Ignoring removed orlov option
[ 1640.929540][T29632] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1641.572322][T29649] loop5: detected capacity change from 0 to 512
[ 1641.646900][T29649] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1642.457126][T29649] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.7120: invalid indirect mapped block 4294967295 (level 0)
[ 1642.563782][T29649] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.7120: invalid indirect mapped block 4294967295 (level 1)
[ 1642.669719][T29649] EXT4-fs (loop5): 1 orphan inode deleted
[ 1642.675687][T29649] EXT4-fs (loop5): 1 truncate cleaned up
[ 1642.684092][T29649] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1643.036871][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1643.751396][   T30] kauditd_printk_skb: 41 callbacks suppressed
[ 1643.751478][   T30] audit: type=1326 audit(1757555398.535:3546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.780875][   T30] audit: type=1326 audit(1757555398.556:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.808336][   T30] audit: type=1326 audit(1757555398.556:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.808567][   T30] audit: type=1326 audit(1757555398.567:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.808802][   T30] audit: type=1326 audit(1757555398.567:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.809022][   T30] audit: type=1326 audit(1757555398.577:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.906279][   T30] audit: type=1326 audit(1757555398.598:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.930805][   T30] audit: type=1326 audit(1757555398.598:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.953835][   T30] audit: type=1326 audit(1757555398.598:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1643.976773][   T30] audit: type=1326 audit(1757555398.598:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29682 comm="syz.9.7132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x7ffc0000
[ 1645.639878][T29708] loop5: detected capacity change from 0 to 512
[ 1645.671175][T29708] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1645.730268][T29708] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.7141: invalid indirect mapped block 4294967295 (level 0)
[ 1645.780732][T29708] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.7141: invalid indirect mapped block 4294967295 (level 1)
[ 1645.815864][T29708] EXT4-fs (loop5): 1 orphan inode deleted
[ 1645.822008][T29708] EXT4-fs (loop5): 1 truncate cleaned up
[ 1645.830123][T29708] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1646.045145][T27516] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1647.110848][T29691] random: crng reseeded on system resumption
[ 1648.282256][T29763] loop9: detected capacity change from 0 to 1024
[ 1648.309872][T29763] ext4: Unknown parameter 'subj_role'
[ 1653.055713][T29806] tipc: Started in network mode
[ 1653.061111][T29806] tipc: Node identity 7a8dd5fd895, cluster identity 4711
[ 1653.069490][T29806] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1653.127478][T29811] syzkaller0: entered promiscuous mode
[ 1653.133378][T29811] syzkaller0: entered allmulticast mode
[ 1653.509507][T29805] tipc: Resetting bearer <eth:syzkaller0>
[ 1653.577959][T29805] tipc: Disabling bearer <eth:syzkaller0>
[ 1654.598483][T29763] Set syz1 is full, maxelem 65536 reached
[ 1655.637386][T29844] loop5: detected capacity change from 0 to 512
[ 1655.661747][T29844] EXT4-fs: Ignoring removed orlov option
[ 1655.667890][T29844] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[ 1655.798054][T29844] tipc: Cannot configure node identity twice
[ 1655.993861][T29857] tipc: Started in network mode
[ 1655.999204][T29857] tipc: Node identity 4e157503d708, cluster identity 4711
[ 1656.007398][T29857] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1656.052473][T29862] syzkaller0: entered promiscuous mode
[ 1656.058152][T29862] syzkaller0: entered allmulticast mode
[ 1656.147682][T29855] tipc: Resetting bearer <eth:syzkaller0>
[ 1656.209193][T29855] tipc: Disabling bearer <eth:syzkaller0>
[ 1656.773596][T29865] loop9: detected capacity change from 0 to 1024
[ 1656.798049][T29865] ext4: Unknown parameter 'subj_role'
[ 1657.164450][T29837] Bluetooth: hci1: command 0x0406 tx timeout
[ 1657.898314][T29909] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1657.915167][T29909] syzkaller0: entered promiscuous mode
[ 1657.921744][T29909] syzkaller0: entered allmulticast mode
[ 1657.976415][T29909] tipc: Resetting bearer <eth:syzkaller0>
[ 1658.035628][T29907] tipc: Resetting bearer <eth:syzkaller0>
[ 1658.054901][T29907] tipc: Disabling bearer <eth:syzkaller0>
[ 1658.838476][T29923] netlink: 'syz.5.7212': attribute type 13 has an invalid length.
[ 1659.179415][T29923] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1659.306102][   T30] kauditd_printk_skb: 39 callbacks suppressed
[ 1659.306183][   T30] audit: type=1326 audit(1757555414.935:3595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29935 comm="syz.9.7217" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f202218eba9 code=0x0
[ 1660.085671][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[ 1660.226311][T29946] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1660.250670][T29946] syzkaller0: entered promiscuous mode
[ 1660.256462][T29946] syzkaller0: entered allmulticast mode
[ 1660.371302][T29946] tipc: Resetting bearer <eth:syzkaller0>
[ 1660.445045][T29945] tipc: Resetting bearer <eth:syzkaller0>
[ 1660.517417][T29945] tipc: Disabling bearer <eth:syzkaller0>
[ 1660.786876][T29958] loop9: detected capacity change from 0 to 512
[ 1661.724670][T29938] ref_ctr increment failed for inode: 0x455 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff8880226d4800
[ 1661.822276][   T30] audit: type=1326 audit(1757555417.570:3596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.852140][   T30] audit: type=1326 audit(1757555417.570:3597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.877560][   T30] audit: type=1326 audit(1757555417.570:3598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.900825][   T30] audit: type=1326 audit(1757555417.570:3599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.901063][   T30] audit: type=1326 audit(1757555417.581:3600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.901294][   T30] audit: type=1326 audit(1757555417.591:3601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.901522][   T30] audit: type=1326 audit(1757555417.591:3602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.901752][   T30] audit: type=1326 audit(1757555417.591:3603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.901990][   T30] audit: type=1326 audit(1757555417.591:3604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29979 comm="syz.1.7232" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815d8eba9 code=0x7ffc0000
[ 1661.963790][T29938] uprobe: syz.2.7218:29938 failed to unregister, leaking uprobe
[ 1662.051336][   T24] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1662.241650][   T24] usb 10-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1662.241826][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1662.241957][   T24] usb 10-1: Product: syz
[ 1662.242070][   T24] usb 10-1: Manufacturer: syz
[ 1662.244230][   T24] usb 10-1: SerialNumber: syz
[ 1662.270586][   T24] usb 10-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1662.345745][T12854] usb 10-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1662.847693][T30000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1662.872954][T30000] syzkaller0: entered promiscuous mode
[ 1662.873064][T30000] syzkaller0: entered allmulticast mode
[ 1662.970484][T30000] tipc: Resetting bearer <eth:syzkaller0>
[ 1663.019866][T30005] netlink: 'syz.9.7231': attribute type 13 has an invalid length.
[ 1663.793252][ T1631] tipc: Node number set to 4091401725
[ 1665.430342][ T5019] =====================================================
[ 1665.443459][ T5019] BUG: KMSAN: uninit-value in nci_ntf_packet+0x2753/0x42b0
[ 1665.452546][ T5019]  nci_ntf_packet+0x2753/0x42b0
[ 1665.457670][ T5019]  nci_rx_work+0x403/0x750
[ 1665.462620][ T5019]  process_scheduled_works+0xb8e/0x1d80
[ 1665.468419][ T5019]  worker_thread+0xedf/0x1590
[ 1665.473441][ T5019]  kthread+0xd59/0xf00
[ 1665.477653][ T5019]  ret_from_fork+0x1e3/0x310
[ 1665.482577][ T5019]  ret_from_fork_asm+0x1a/0x30
[ 1665.487531][ T5019] 
[ 1665.490052][ T5019] Uninit was created at:
[ 1665.494503][ T5019]  kmem_cache_alloc_node_noprof+0x818/0xf00
[ 1665.500847][ T5019]  kmalloc_reserve+0x13c/0x4b0
[ 1665.505787][ T5019]  __alloc_skb+0x347/0x7d0
[ 1665.510632][ T5019]  virtual_ncidev_write+0x6b/0x430
[ 1665.515918][ T5019]  vfs_write+0x487/0x15d0
[ 1665.520686][ T5019]  __x64_sys_write+0x1fb/0x4d0
[ 1665.525628][ T5019]  x64_sys_call+0x3014/0x3e20
[ 1665.530668][ T5019]  do_syscall_64+0xd9/0x210
[ 1665.540434][ T5019]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1665.548152][ T5019] 
[ 1665.550596][ T5019] CPU: 0 UID: 0 PID: 5019 Comm: kworker/u8:29 Tainted: G        W           syzkaller #0 PREEMPT(none) 
[ 1665.562289][ T5019] Tainted: [W]=WARN
[ 1665.566266][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1665.576544][ T5019] Workqueue: nfc2_nci_rx_wq nci_rx_work
[ 1665.582271][ T5019] =====================================================
[ 1665.589503][ T5019] Disabling lock debugging due to kernel taint
[ 1665.595992][ T5019] Kernel panic - not syncing: kmsan.panic set ...
[ 1665.602541][ T5019] CPU: 0 UID: 0 PID: 5019 Comm: kworker/u8:29 Tainted: G    B   W           syzkaller #0 PREEMPT(none) 
[ 1665.613858][ T5019] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1665.618969][ T5019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1665.629161][ T5019] Workqueue: nfc2_nci_rx_wq nci_rx_work
[ 1665.635061][ T5019] Call Trace:
[ 1665.638437][ T5019]  <TASK>
[ 1665.641451][ T5019]  __dump_stack+0x26/0x30
[ 1665.645966][ T5019]  dump_stack_lvl+0x53/0x270
[ 1665.650752][ T5019]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1665.656773][ T5019]  dump_stack+0x1e/0x25
[ 1665.661144][ T5019]  vpanic+0x361/0xc50
[ 1665.665343][ T5019]  panic+0x15d/0x160
[ 1665.669466][ T5019]  kmsan_report+0x31c/0x320
[ 1665.674230][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.679597][ T5019]  ? __msan_warning+0x1b/0x30
[ 1665.684420][ T5019]  ? nci_ntf_packet+0x2753/0x42b0
[ 1665.689616][ T5019]  ? nci_rx_work+0x403/0x750
[ 1665.694343][ T5019]  ? process_scheduled_works+0xb8e/0x1d80
[ 1665.700279][ T5019]  ? worker_thread+0xedf/0x1590
[ 1665.705348][ T5019]  ? kthread+0xd59/0xf00
[ 1665.709741][ T5019]  ? ret_from_fork+0x1e3/0x310
[ 1665.714667][ T5019]  ? ret_from_fork_asm+0x1a/0x30
[ 1665.719804][ T5019]  ? ret_from_fork_asm+0x1a/0x30
[ 1665.724942][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.730232][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.735523][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.740806][ T5019]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1665.747314][ T5019]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1665.753568][ T5019]  ? _raw_spin_unlock_irqrestore+0x3f/0x60
[ 1665.759771][ T5019]  ? stack_depot_save_flags+0x615/0x7b0
[ 1665.765669][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.770955][ T5019]  ? kmsan_internal_memmove_metadata+0x181/0x230
[ 1665.777486][ T5019]  ? kmsan_get_metadata+0xfb/0x160
[ 1665.782874][ T5019]  __msan_warning+0x1b/0x30
[ 1665.787532][ T5019]  nci_ntf_packet+0x2753/0x42b0
[ 1665.792565][ T5019]  ? advisor_target_scan_time_store+0x120/0x180
[ 1665.799045][ T5019]  ? sk_skb_reason_drop+0x12b/0x440
[ 1665.804489][ T5019]  nci_rx_work+0x403/0x750
[ 1665.809072][ T5019]  ? __pfx_nci_rx_work+0x10/0x10
[ 1665.814177][ T5019]  process_scheduled_works+0xb8e/0x1d80
[ 1665.820004][ T5019]  worker_thread+0xedf/0x1590
[ 1665.824931][ T5019]  kthread+0xd59/0xf00
[ 1665.829159][ T5019]  ? __pfx_worker_thread+0x10/0x10
[ 1665.834500][ T5019]  ? __pfx_kthread+0x10/0x10
[ 1665.839252][ T5019]  ret_from_fork+0x1e3/0x310
[ 1665.843991][ T5019]  ? __pfx_kthread+0x10/0x10
[ 1665.848741][ T5019]  ret_from_fork_asm+0x1a/0x30
[ 1665.853742][ T5019]  </TASK>
[ 1665.859031][ T5019] Kernel Offset: disabled
[ 1665.863415][ T5019] Rebooting in 86400 seconds..