last executing test programs:

2.890862908s ago: executing program 3 (id=697):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
link(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

2.50028853s ago: executing program 4 (id=703):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000002980)=[{{&(0x7f0000000480)=@ax25={{0x3, @null}, [@default, @bcast, @bcast, @null, @default, @null, @rose, @netrom]}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000640)=""/92, 0x5c}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x3, &(0x7f0000000740)=""/232, 0xe8}, 0xffffff77}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000008c0)=""/197, 0xc5}, {&(0x7f00000009c0)=""/132, 0x84}, {&(0x7f0000000a80)=""/191, 0xbf}, {&(0x7f0000004100)=""/4096, 0x1000}, {&(0x7f0000000b40)=""/225, 0xe1}, {&(0x7f0000000580)=""/5, 0x5}, {&(0x7f0000000c40)=""/65, 0x41}, {&(0x7f0000000cc0)=""/187, 0xbb}], 0x8}, 0x3}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e00)=""/160, 0xa0}, {&(0x7f00000006c0)=""/23, 0x17}, {&(0x7f0000000ec0)=""/92, 0x5c}, {&(0x7f0000000f40)=""/184, 0xb8}, {&(0x7f0000001000)=""/189, 0xbd}, {&(0x7f00000010c0)=""/144, 0x90}], 0x6, &(0x7f0000000840)=""/60, 0x3c}, 0x8}, {{&(0x7f0000001200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000001280)=""/181, 0xb5}, {&(0x7f0000002ac0)=""/70, 0x46}], 0x2, &(0x7f0000001380)=""/230, 0xe6}, 0x5}, {{&(0x7f0000002480)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000002900)=[{&(0x7f0000002500)=""/171, 0xab}, {&(0x7f00000025c0)=""/133, 0x85}, {&(0x7f0000002680)=""/69, 0x45}, {&(0x7f0000002700)=""/129, 0x81}, {0x0}, {&(0x7f0000002800)=""/247, 0xf7}], 0x6}, 0x3}], 0x5, 0x40000001, 0x0)

1.796468206s ago: executing program 2 (id=717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
name_to_handle_at(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x400)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x17, 0xc, &(0x7f0000000640)=ANY=[@ANYRESDEC=r2], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)

1.734232041s ago: executing program 2 (id=719):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000012c0)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0xcc04, &(0x7f0000000880)=ANY=[@ANYBLOB='dots,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6f646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303264382c646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c646f74732c6e6f646f74732c6e6f646f74732c636865636b3d72656c617865642c666c7573682c64656275672c646f74732c73686f77657865632c6e6f646f74732c6572726f72733d636f6e74696e75652c646f74732c71756965742c003fa5bfd3e968f92d300444698c6f8d94d8b46ce3ce652bc8f6"], 0x1, 0x207, &(0x7f0000000500)="$eJzs3b9uUmEUAPBDS/ljHLqZmJhc46BToz5BjamJkcSkhkG3JnYqEyzA0j6Gr+B7+QCmE4v5DF5uQUoRiRe0/n5LTznfufc73HBh4ZAi9+Xep2g0KrFzGIcxqsR+7EThIgCA22SUUnxNud+vrpaxJQCgZCu8/3/b8JYAgJK9e//hzYtW6+g4yxoRlxf9dr+d/83zr163jp5mP+xPqy77/fbuVf5ZNv/ZYZzfizuT/PO8PrtK1yKiXYsnj/L8OPfybSv7ub4eH0vuHQAAAAAAAAAAAAAAAAAAAAAAtuVBZIWF830ODubzzUk+/29mPtDc/J5q3C/GA0/HA6XzTTQFAAAAAAAAAAAAAAAAAAAA/5jeYHh20umcdqdBPSJmH6kuWHNzUJkceKXF2w92Yr3y5qTNNU5amTxF5TbYXHxxVwmi+rdcnXWD7E8dsF5c5uupZlSWlKc0Dha/CoqxGDeW1yJi+cYeH6/b1yil1Pn8sNsbRFq6eHqPqG/sbgQAAAAAAAAAAAAAAAAAAP+3mW99X9PY3caOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDzeoNh8Sv/w7OTTue02xusHJxHxN345eLiXHvR2F6jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3GrfAwAA//8nTRyq")
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x1a, r1, 0x1, 0x1, 0x6, @broadcast}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

1.725679732s ago: executing program 1 (id=721):
ioperm(0x21, 0x1, 0x81)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r1, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)

1.673291546s ago: executing program 2 (id=722):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffd0)
sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x440c1}, 0x8801)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7fd, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x2004}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$llc(0x1a, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="3000000010000108006000"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b0000000000427ff93609d31c1cea532fbb9b5c3a19c1523a51e2cf0d0a8cca89fdee0552d6bf6a49dd32fcdf84130a4a94caac5a3b98fde3467683ab16d7cee6c65506dab17cc22b3f965e47ff52ab74be1879247e00f09c379828f1a74ca1fe0c63e69f6b"], 0x30}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x200}, &(0x7f00000000c0)=0x8)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.636607449s ago: executing program 1 (id=723):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d76b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc7c47f107212eba484c22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000002980)=[{{&(0x7f0000000480)=@ax25={{0x3, @null}, [@default, @bcast, @bcast, @null, @default, @null, @rose, @netrom]}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000640)=""/92, 0x5c}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x3, &(0x7f0000000740)=""/232, 0xe8}, 0xffffff77}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000008c0)=""/197, 0xc5}, {&(0x7f00000009c0)=""/132, 0x84}, {&(0x7f0000000a80)=""/191, 0xbf}, {&(0x7f0000004100)=""/4096, 0x1000}, {&(0x7f0000000b40)=""/225, 0xe1}, {&(0x7f0000000580)=""/5, 0x5}, {&(0x7f0000000c40)=""/65, 0x41}, {&(0x7f0000000cc0)=""/187, 0xbb}], 0x8}, 0x3}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e00)=""/160, 0xa0}, {&(0x7f00000006c0)=""/23, 0x17}, {&(0x7f0000000ec0)=""/92, 0x5c}, {&(0x7f0000000f40)=""/184, 0xb8}, {&(0x7f0000001000)=""/189, 0xbd}, {&(0x7f00000010c0)=""/144, 0x90}], 0x6, &(0x7f0000000840)=""/60, 0x3c}, 0x8}, {{&(0x7f0000001200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000001280)=""/181, 0xb5}, {&(0x7f0000002ac0)=""/70, 0x46}], 0x2, &(0x7f0000001380)=""/230, 0xe6}, 0x5}, {{&(0x7f0000002480)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000002900)=[{&(0x7f0000002500)=""/171, 0xab}, {&(0x7f00000025c0)=""/133, 0x85}, {&(0x7f0000002680)=""/69, 0x45}, {&(0x7f0000002700)=""/129, 0x81}, {&(0x7f0000002800)=""/247, 0xf7}], 0x5}, 0x3}], 0x5, 0x40000001, 0x0)

1.568366494s ago: executing program 4 (id=724):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@noauto_da_alloc}, {@quota}, {@stripe}, {@jqfmt_vfsold}]}, 0xfd, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5ILhxKQckfkSgBomDVzOepG5iN1GT2FH8+UijeW/e1N/3ks579TeNXwBD63pE7EbEWETcjYjp7HouO+KT9pHc92zv4dL+3sOlXLRan/0rl7Yn16LjzySuZa9ZjIgffS/ip7njcRvbO2uL1WplM6vPNmsbs43tnVurtcWVykplvVxemF+Y++j2h+VzG+s7tbGs9NWnf9z91s+Tbk1lVzrHcZ7aQy8cxkmMRsQPLiLYAIxk4xkbdEd4JfmIeDMi3k2f/+kYSb+bAMBV1mpNR2u6sw4AXHX5NAeWy5eyXMBU5POlUjuH91ZM5qv1RvPmvfrW+nI7VzYThfy91WplLssVzkQhl9Tn0/LzevlI/XZEvBERvxyfSOulpXp1eZD/8AGAIXbtyPr/3/H2+g8AXHHFQXcAAOg76z8ADB/rPwAMH+s/AAyf9vo/MehuAAB95P0/AAwf6z8ADJUffvppcrT2s8+/Xr6/vbVWv39rudJYK9W2lkpL9c2N0kq9vpJ+Zk/tpNer1usb8x/E1oOZb280mrON7Z07tfrWevNO+rnedyqF9K7dPowMAOjljXee/CWXrMgfT6RHdOzlUBhoz4CLlh90B4CBGRl0B4CBsdsXDK8zvMeXHoArossWvS8odvsFoVar1bq4LgEX7MaX5P9hWHXk//0vYBgy8v8wvOT/YXi1WrnT7vkfp70RALjc5PiBHj//fzM7/y774cBPlo/e8fgiewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACX28H+v6VsL/CpyOdLpYjXImImCrl7q9XKXES8HhF/Hi+MJ/X5AfcZADir/N9z2f5fN6bfn3qh6e1rh8WxiPjZrz/71YPFZnPzTxFjuX+PH1xvPs6ul/vfewDgZAfrdHrueCP/bO/h0sHRz/7847sRUWzH398bi/3D+KMxmp6LUYiIyf/ksnpbriN3cRa7jyLii93Gn4upNAfS3vn0aPwk9mt9jZ9/IX4+bWufk6/FF86hLzBsniTzzyfdnr98XE/P3Z//YjpDnV02/yUvtbSfzoHP4x/MfyM95r/rp43xwR++3y5NHG97FPHl0YiD2Psd889B/FyP+O+fMv5fv/L2u73aWr+JuBHd43fGmm3WNmYb2zu3VmuLK5WVynq5vDC/MPfR7Q/Ls2mOerb3avDPj2++3qstGf9kj/jFE8b/9Xbx+Bf1iN/+/+6Pv/aS+N98r1v8fLz1kvjJmviNkwJnFid/X+zVlsRf7jH+k77/N08Z/+nfdo5tGw4ADE5je2dtsVqtbCooXP5C8lf2EnSja+E7/Yo1Ft2bfvFe+5k+0tRqvVKsXjPGeWTdgMvg8KGPiP8NujMAAAAAAAAAAAAAAEBX/fiNpUGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKvr8wAAAP//j5zPLA==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0)
unlink(0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb08004500003c00000000000190780a010102ac1414aa03049078640100ff48bdbce6fe868254672700000000000000fc7300000000000000000000440c00b8c05bdb39599508cf223f85fe545b3a5b1973eae0850944d6e36d58ca63e1fba830e85a"], 0x0)
r1 = syz_open_dev$usbfs(0x0, 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r3=>r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$SIOCX25SFACILITIES(r4, 0x89e3, &(0x7f00000000c0)={0x18, 0x81, 0x4, 0xc, 0xd})
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r5 = getpgid(0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
cachestat(r6, &(0x7f00000001c0)={0xb0, 0xf5}, 0xffffffffffffffff, 0x0)
sched_rr_get_interval(r5, 0x0)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES64=r3, @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000100030000010000008500000083002200bf0900800000000055090100000045f7b127000000000000bf91000000000000b7020000000000008500000084000000b700ffff0000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffd}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)

1.567559365s ago: executing program 3 (id=725):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@noauto_da_alloc}, {@quota}, {@stripe}, {@jqfmt_vfsold}]}, 0xfd, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5ILhxKQckfkSgBomDVzOepG5iN1GT2FH8+UijeW/e1N/3ks579TeNXwBD63pE7EbEWETcjYjp7HouO+KT9pHc92zv4dL+3sOlXLRan/0rl7Yn16LjzySuZa9ZjIgffS/ip7njcRvbO2uL1WplM6vPNmsbs43tnVurtcWVykplvVxemF+Y++j2h+VzG+s7tbGs9NWnf9z91s+Tbk1lVzrHcZ7aQy8cxkmMRsQPLiLYAIxk4xkbdEd4JfmIeDMi3k2f/+kYSb+bAMBV1mpNR2u6sw4AXHX5NAeWy5eyXMBU5POlUjuH91ZM5qv1RvPmvfrW+nI7VzYThfy91WplLssVzkQhl9Tn0/LzevlI/XZEvBERvxyfSOulpXp1eZD/8AGAIXbtyPr/3/H2+g8AXHHFQXcAAOg76z8ADB/rPwAMH+s/AAyf9vo/MehuAAB95P0/AAwf6z8ADJUffvppcrT2s8+/Xr6/vbVWv39rudJYK9W2lkpL9c2N0kq9vpJ+Zk/tpNer1usb8x/E1oOZb280mrON7Z07tfrWevNO+rnedyqF9K7dPowMAOjljXee/CWXrMgfT6RHdOzlUBhoz4CLlh90B4CBGRl0B4CBsdsXDK8zvMeXHoArossWvS8odvsFoVar1bq4LgEX7MaX5P9hWHXk//0vYBgy8v8wvOT/YXi1WrnT7vkfp70RALjc5PiBHj//fzM7/y774cBPlo/e8fgiewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACX28H+v6VsL/CpyOdLpYjXImImCrl7q9XKXES8HhF/Hi+MJ/X5AfcZADir/N9z2f5fN6bfn3qh6e1rh8WxiPjZrz/71YPFZnPzTxFjuX+PH1xvPs6ul/vfewDgZAfrdHrueCP/bO/h0sHRz/7847sRUWzH398bi/3D+KMxmp6LUYiIyf/ksnpbriN3cRa7jyLii93Gn4upNAfS3vn0aPwk9mt9jZ9/IX4+bWufk6/FF86hLzBsniTzzyfdnr98XE/P3Z//YjpDnV02/yUvtbSfzoHP4x/MfyM95r/rp43xwR++3y5NHG97FPHl0YiD2Psd889B/FyP+O+fMv5fv/L2u73aWr+JuBHd43fGmm3WNmYb2zu3VmuLK5WVynq5vDC/MPfR7Q/Ls2mOerb3avDPj2++3qstGf9kj/jFE8b/9Xbx+Bf1iN/+/+6Pv/aS+N98r1v8fLz1kvjJmviNkwJnFid/X+zVlsRf7jH+k77/N08Z/+nfdo5tGw4ADE5je2dtsVqtbCooXP5C8lf2EnSja+E7/Yo1Ft2bfvFe+5k+0tRqvVKsXjPGeWTdgMvg8KGPiP8NujMAAAAAAAAAAAAAAEBX/fiNpUGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKvr8wAAAP//j5zPLA==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0)
unlink(0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb08004500003c00000000000190780a010102ac1414aa03049078640100ff48bdbce6fe868254672700000000000000fc7300000000000000000000440c00b8c05bdb39599508cf223f85fe545b3a5b1973eae0850944d6e36d58ca63e1fba830e85a"], 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f00000000c0)={0x18, 0x81, 0x4, 0xc, 0xd})
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r3 = getpgid(0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
cachestat(r4, &(0x7f00000001c0)={0xb0, 0xf5}, 0xffffffffffffffff, 0x0)
sched_rr_get_interval(r3, 0x0)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000100030000010000008500000083002200bf0900800000000055090100000045f7b127000000000000bf91000000000000b7020000000000008500000084000000b700ffff0000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffd}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000240)={'broute\x00', 0x0, 0x0, 0x0, [0x1, 0xfffffffffffffe49, 0x8, 0x6, 0x1, 0x5]}, &(0x7f0000000040)=0x78)

1.232469701s ago: executing program 2 (id=727):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bea}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r1}, 0x18)
r2 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000500)={&(0x7f0000003700)={0xa70, r5, 0x4, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x12c, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x43}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x90}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x81}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x77}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x37}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfe}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x47}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xef}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x55}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x98}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x95}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x98, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xa84}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc9}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x16}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4e}]}]}, @NL80211_ATTR_TID_CONFIG={0x2f4, 0x11d, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x99}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd8}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x56}]}, {0x188, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x93}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x16c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x54, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x32, 0x2, [{0x1, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x6, 0x9}, {0x2, 0x8}, {0x4, 0x1}, {0x0, 0x5}, {0x0, 0x4}, {0x5, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x5, 0x4}, {0x0, 0x5}, {0x4, 0x1}, {0x0, 0x9}, {0x4, 0x2}, {0x6, 0x1}, {0x2, 0x1}, {0x7, 0x8}, {0x7, 0x5}, {0x5, 0x4}, {0x6, 0xa}, {0x2, 0x6}, {0x1, 0x7}, {0x6, 0x7}, {0x7, 0x9}, {0x4, 0x3}, {0x2, 0x7}, {0x1, 0x2}, {0x7, 0x5}, {0x6, 0x9}, {0x6, 0x7}, {0x2, 0x3}, {0x6, 0x7}, {0x7, 0x6}, {0x5, 0x3}, {0x4, 0x1}, {0x2, 0x2}, {0x7}, {0x2, 0x4}, {0x1}, {0x2, 0x9}, {0x4, 0x4}, {0x2, 0x8}, {0x4, 0xa}, {0x6, 0x8}]}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x4, 0x9, 0x30, 0x1, 0x3, 0xc, 0x1, 0x12, 0x24, 0x12, 0x16, 0x6, 0xc, 0x2]}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_2GHZ={0x50, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xb003, 0x3, 0x6, 0x617, 0x7f, 0x1, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa, 0x2, 0xd2, 0x0, 0x3, 0x7, 0x1, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x100, 0x4, 0xb00, 0xf3, 0x8, 0xe, 0x384]}}]}, @NL80211_BAND_6GHZ={0xc4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x18, 0x1b, 0x5, 0x2, 0x18, 0x36, 0x24, 0x1b, 0x6]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4e, 0x2, [{0x2, 0xa}, {0x7, 0x2}, {0x4, 0x9}, {0x6, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0xa}, {0x6, 0x8}, {0x4, 0x1}, {0x7, 0x4}, {0x7, 0x1}, {0x3, 0x2}, {0x0, 0x9}, {0x1, 0x3}, {0x2, 0x6}, {}, {0x7, 0x2}, {0x3, 0x3}, {0x1, 0x2}, {0x5, 0x3}, {0x6, 0x8}, {0x3}, {0x1, 0x2}, {0x1}, {0x2, 0x2}, {0x3, 0x2}, {0x5, 0x7}, {0x4, 0x8}, {0x6}, {0x0, 0x6}, {0x7, 0xa}, {0x4, 0x4}, {0x3, 0x9}, {0x1, 0x9}, {0x6, 0x1}, {0x5, 0x5}, {0x3}, {0x5, 0xa}, {0x4, 0x6}, {0x3, 0x4}, {0x7, 0x6}, {0x0, 0x3}, {0x4, 0x9}, {0x2}, {0x5, 0x4}, {0x5, 0x5}, {0x1, 0x1}, {0x3, 0x1}, {0x0, 0x5}, {0x4, 0x6}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x5}, {0x1, 0x6}, {0x6, 0x3}, {0x4, 0x7}, {0x5, 0x3}, {0x4, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x0, 0x4}, {0x7, 0x7}, {0x7, 0x6}, {0x4, 0x7}, {}, {0x1, 0x5}, {0x6, 0x1}, {0x6, 0x1}, {0x1, 0x2}, {0x6, 0x7}, {0x7}, {0x1, 0x2}, {0x1, 0x8}, {0x1}]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x1b, 0x36, 0x33, 0x36, 0x6, 0x5, 0x1b, 0x30, 0x24, 0xb, 0x2, 0x24, 0x9, 0x24, 0x6c, 0x36, 0x48, 0x1b, 0x5, 0x48, 0x36, 0x18]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x3ff, 0x5, 0x2, 0x34a1, 0x10, 0x9, 0x9]}}]}]}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x41}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4b}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5a}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xf9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1f4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xae}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa000000000000}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5d42}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xf9000000}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}]}]}, @NL80211_ATTR_TID_CONFIG={0x2a4, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xb10}]}, {0x58, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf7}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6ec}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x72}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0xb4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x9c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x6, 0x60, 0x12, 0xb, 0x48, 0x48, 0x6c, 0x9, 0x16, 0x48, 0x1, 0x12, 0x5, 0x6, 0xc, 0x48, 0xb, 0x9, 0xb, 0x9, 0x36, 0x48, 0x30, 0x1, 0xb, 0x30, 0x2, 0x6c, 0x16, 0x30]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x4}]}, @NL80211_BAND_6GHZ={0x4c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x18, 0x5, 0x3ff, 0x7, 0x0, 0x200, 0x99b]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x9, 0x7, 0x9, 0x8000]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbb}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x53}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x13}]}, {0x134, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x28, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5cf4, 0x484, 0x1, 0x1, 0x3ff, 0x6, 0x3, 0x2]}}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xf0, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x1, 0x5, 0x78, 0x1, 0xc, 0x7f, 0x4e0d]}}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_6GHZ={0x58, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4c, 0x2, [{0x5, 0x2}, {0x4, 0x8}, {0x3, 0x4}, {0x1, 0x6}, {0x0, 0x1}, {0x0, 0x4}, {0x2, 0x3}, {0x1, 0x8}, {0x1, 0x1}, {0x0, 0x5}, {0x6, 0xa}, {0x6, 0x8}, {0x0, 0x8}, {0x0, 0x2}, {0x4, 0x3}, {0x4, 0x9}, {0x4, 0x7}, {0x6, 0x5}, {0x2, 0x6}, {0x4, 0x4}, {0x0, 0x6}, {0x1, 0x2}, {0x0, 0x1}, {0x1, 0x2}, {0x7, 0xa}, {0x5, 0xa}, {0x1, 0x7}, {0x0, 0xa}, {0x2, 0x4}, {0x4, 0x8}, {0x1}, {0x7, 0x7}, {0x3, 0x9}, {0x1, 0x2}, {0x7, 0x1}, {0x6, 0x4}, {0x0, 0x4}, {0x0, 0x9}, {0x6, 0x7}, {0x1, 0x9}, {0x3, 0xa}, {0x4, 0x4}, {0x6, 0x4}, {0x6, 0x9}, {0x4, 0x4}, {0x4, 0x1}, {0x6, 0x9}, {0x1}, {0x0, 0x5}, {0x2, 0x2}, {0x3, 0x6}, {0x1, 0x4}, {}, {0x4, 0x8}, {0x5, 0x8}, {0x1, 0x3}, {0x6, 0x6}, {0x5}, {0x1, 0x6}, {0x6}, {0x7, 0x9}, {}, {0x1}, {0x0, 0x9}, {0x5, 0x2}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x7, 0x2}, {0x3, 0x6}, {0x7, 0x1}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0x44, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x5, 0x7c4f, 0x99, 0x0, 0x4, 0x6, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x81, 0x87, 0x8, 0x4, 0x556, 0x81, 0x8]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x3c}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10001}]}]}, @NL80211_ATTR_TID_CONFIG={0x4}, @NL80211_ATTR_TID_CONFIG={0x184, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x9a}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x92}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x47}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xf141}]}, {0x4}, {0x4}, {0x12c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x3c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1dbc, 0x7, 0x3, 0x5, 0x9, 0xe00, 0x400, 0xcb]}}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0xeaa3ba8acb1e78a2, 0x1, 0x60, 0x18, 0x1b, 0x8, 0x1, 0xc, 0x18, 0x2, 0x4, 0x4, 0x9, 0xc, 0x12, 0x6, 0x1]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xbc, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0xac, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x1, 0x9, 0x9, 0x200, 0x9, 0xe3, 0x7]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xf, 0x9, 0xfff, 0x9, 0x5135, 0x9, 0x3ff, 0x6]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x3a, 0x2, [{0x1, 0x6}, {0x6, 0xa}, {0x2, 0x5}, {0x0, 0x3}, {0x2}, {0x6, 0x8}, {0x6, 0x1}, {0x6, 0x9}, {0x1, 0x6}, {0x6, 0x8}, {0x2, 0x3}, {0x6, 0x2}, {0x6}, {0x1, 0x5}, {0x5, 0x3}, {0x1}, {0x0, 0x9}, {0x6, 0x6}, {0x6, 0x5}, {0x6, 0x7}, {0x6, 0x5}, {}, {0x3, 0x2}, {0x1, 0x7}, {0x5, 0x1}, {0x0, 0x5}, {0x3, 0x2}, {0x2}, {0x3, 0x4}, {0x7, 0x7}, {0x4, 0x1}, {0x2}, {0x3, 0x1}, {0x5, 0x4}, {0x7, 0x4}, {0x5, 0x4}, {0x3, 0xa}, {0x5, 0xa}, {0x1, 0x9}, {0x4, 0x6}, {0x1, 0x6}, {0x6, 0xa}, {0x7, 0x4}, {0x5, 0x4}, {0x7, 0x6}, {0x4, 0x6}, {0x6, 0x3}, {0x5, 0x4}, {0x5, 0x5}, {0x4, 0x6}, {0x0, 0x1}, {0x1, 0x1}, {0x6, 0x5}, {0x6, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x3, 0x9, 0x3, 0x401, 0x802, 0x200, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb6}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x66}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x400}]}]}, @NL80211_ATTR_TID_CONFIG={0xf4, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x40}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbd}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1}]}, {0x8c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x78, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x8, 0x6, 0x3, 0x9, 0xd, 0x1]}}, @NL80211_TXRATE_HT={0x2a, 0x2, [{0x3, 0x1}, {0x7, 0x4}, {0x1, 0x5}, {0x0, 0x3}, {0x7}, {0x6, 0x8}, {0x5, 0x9}, {0x2, 0xa}, {0x2, 0x8}, {0x1, 0x9}, {0x4, 0x1}, {0x2, 0x7}, {0x0, 0xa}, {0x1}, {0x4, 0x2}, {0x1, 0x1}, {0x5, 0x1}, {0x0, 0x6}, {0x3, 0x1}, {0x7}, {0x4, 0x7}, {0x1, 0x9}, {0x0, 0xa}, {0x7, 0x6}, {0x3, 0x5}, {0x4, 0x3}, {0x3, 0x1}, {0x3}, {0x1}, {0x5, 0x8}, {0x7}, {}, {0x6, 0x9}, {0x0, 0xa}, {0x0, 0xa}, {0x3, 0x7}, {0x0, 0x2}, {0x6, 0x3}]}]}, @NL80211_BAND_60GHZ={0x30, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x16, 0x2, [{0x7, 0x2}, {0x4, 0x1}, {0x6, 0x5}, {0x5, 0x9}, {0x3, 0x7}, {0x4, 0x6}, {0x1, 0x1}, {0x4, 0x8}, {0x2, 0x6}, {0x6, 0x1}, {}, {0x7, 0x5}, {0x1, 0x1}, {0x7, 0x3}, {0x3, 0x3}, {0x4, 0x9}, {0x5, 0x8}, {0x5, 0x1}]}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0xb, 0x6c, 0xc9389dfd3c62e98c, 0x1b, 0x16, 0x4c, 0x24, 0x18, 0xe, 0xd3e14b057da4b607, 0x5, 0xc, 0x36]}]}]}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x9b}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x64}]}]}, @NL80211_ATTR_TID_CONFIG={0x7c, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd9}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x68}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}]}, 0xa70}, 0x1, 0x0, 0x0, 0x80}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x10, 0x44, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0x2010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x8, [{@remote, 0x4}, {@dev={0xac, 0x14, 0x14, 0x3a}}]}, @ssrr={0x89, 0x3, 0xce}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x400}}}}}}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r7, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x8, 0x13, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289aa57152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
socket$caif_stream(0x25, 0x1, 0x4)
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10001})

1.107799521s ago: executing program 4 (id=728):
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000002980)=[{{&(0x7f0000000480)=@ax25={{0x3, @null}, [@default, @bcast, @bcast, @null, @default, @null, @rose, @netrom]}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000640)=""/92, 0x5c}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x3, &(0x7f0000000740)=""/232, 0xe8}, 0xffffff77}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000008c0)=""/197, 0xc5}, {&(0x7f00000009c0)=""/132, 0x84}, {&(0x7f0000000a80)=""/191, 0xbf}, {&(0x7f0000004100)=""/4096, 0x1000}, {&(0x7f0000000b40)=""/225, 0xe1}, {&(0x7f0000000580)=""/5, 0x5}, {&(0x7f0000000c40)=""/65, 0x41}, {&(0x7f0000000cc0)=""/187, 0xbb}], 0x8}, 0x3}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e00)=""/160, 0xa0}, {&(0x7f00000006c0)=""/23, 0x17}, {&(0x7f0000000ec0)=""/92, 0x5c}, {&(0x7f0000000f40)=""/184, 0xb8}, {&(0x7f0000001000)=""/189, 0xbd}, {&(0x7f00000010c0)=""/144, 0x90}], 0x6, &(0x7f0000000840)=""/60, 0x3c}, 0x8}, {{&(0x7f0000001200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000001280)=""/181, 0xb5}, {&(0x7f0000002ac0)=""/70, 0x46}], 0x2, &(0x7f0000001380)=""/230, 0xe6}, 0x5}, {{&(0x7f0000002480)=@sco={0x1f, @fixed}, 0x80, &(0x7f0000002900)=[{&(0x7f0000002500)=""/171, 0xab}, {&(0x7f00000025c0)=""/133, 0x85}, {&(0x7f0000002680)=""/69, 0x45}, {&(0x7f0000002700)=""/129, 0x81}, {0x0}, {&(0x7f0000002800)=""/247, 0xf7}], 0x6}, 0x3}], 0x5, 0x40000001, 0x0)

963.465503ms ago: executing program 2 (id=732):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r0, 0xc17a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008001f00000000", @ANYRES64=r1], 0x38}}, 0x0)

938.394285ms ago: executing program 3 (id=733):
ioperm(0x21, 0x1, 0x81)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r1, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)

914.920237ms ago: executing program 0 (id=734):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b\x00\x00\x00\b\x00\x00\x00'], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)="d8000000180081054e81f782db4cb90402200800fe00fe05e8fe55a10a0015000600142603600e1208000f007f370401a8001600200001401c00010003580461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090014d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00350db798262f3d40fad95667e006dcdf63951f215c3b8b6ad2cba0e2375ee535e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6f4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000c5820000000000b30000400000ff00"/28], 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000e80)={0x0, r0}, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000ffffff34eb0000000000000008", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f", 0xbc}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x1}}], 0x3, 0x240080e4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x9)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
r8 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0xc1c42)
unshare(0x28000600)
r9 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
move_mount(0xffffffffffffff9c, 0x0, r9, 0x0, 0x64)
ioctl$SG_GET_VERSION_NUM(r8, 0x2282, &(0x7f0000000100))
sendmsg$nl_xfrm(r7, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600010000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x0)

913.993777ms ago: executing program 2 (id=735):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
link(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)

820.188484ms ago: executing program 3 (id=736):
ioperm(0x21, 0x1, 0x81)
r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r1}, &(0x7f00000008c0), 0x0}, 0x20)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r4}, 0x18)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r2, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(0x4)
ioperm(0x7fffffffffffffff, 0x80000001, 0x7fff)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
splice(r5, 0x0, r8, 0x0, 0x80, 0x6)
write(r8, &(0x7f0000003300)="ac", 0x1)
write(r6, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x1, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3ff}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r9}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)=ANY=[], 0x0)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x4}, 0xfffffffffffffee6, 0x1, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000440)={0x0})

782.014297ms ago: executing program 0 (id=737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x2}, 0x18)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0xe, 0x2, @scatter={0x0, 0x40000, 0x0}, &(0x7f0000000200)="00005022a337f915982425f3ffd4", 0x0, 0x800004, 0x10000, 0x1, 0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x84, 0x5, 0x0, 0x0, 0x0, 0x0, 0x322c6, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x7}, 0x4, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$tipc(r6, &(0x7f00000008c0)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f00000003c0)='rdma.max\x00', 0x2, 0x0)
close(r5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000380)={{r3}, {@void, @max}})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="a18300000000000000000500"], 0x78}}, 0x0)

704.250714ms ago: executing program 1 (id=738):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x6, 0x4, 0xfff, 0x7, 0x88}, 0xa3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000e41621eb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bea}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='tcp_cong_state_set\x00', r1}, 0x18)
r2 = socket$kcm(0x2, 0x1, 0x106)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x3, 0x0}, 0x30004001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x4000, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x33}, @void}}}, 0x1c}}, 0x4000054)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000500)={&(0x7f0000003700)={0x1204, r5, 0x4, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x12c, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x43}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x90}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x10000}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x81}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x77}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x30, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x37}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfe}]}, {0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x47}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xef}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x55}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x98}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x95}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}]}, @NL80211_ATTR_TID_CONFIG={0x98, 0x11d, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xa84}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc9}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x16}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x6d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4e}]}]}, @NL80211_ATTR_TID_CONFIG={0x3b4, 0x11d, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x99}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xd8}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x56}]}, {0x188, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x93}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x16c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x54, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x32, 0x2, [{0x1, 0x5}, {0x1, 0x7}, {0x3, 0x1}, {0x6, 0x9}, {0x2, 0x8}, {0x4, 0x1}, {0x0, 0x5}, {0x0, 0x4}, {0x5, 0x9}, {0x3, 0x5}, {0x0, 0x1}, {0x5, 0x4}, {0x0, 0x5}, {0x4, 0x1}, {0x0, 0x9}, {0x4, 0x2}, {0x6, 0x1}, {0x2, 0x1}, {0x7, 0x8}, {0x7, 0x5}, {0x5, 0x4}, {0x6, 0xa}, {0x2, 0x6}, {0x1, 0x7}, {0x6, 0x7}, {0x7, 0x9}, {0x4, 0x3}, {0x2, 0x7}, {0x1, 0x2}, {0x7, 0x5}, {0x6, 0x9}, {0x6, 0x7}, {0x2, 0x3}, {0x6, 0x7}, {0x7, 0x6}, {0x5, 0x3}, {0x4, 0x1}, {0x2, 0x2}, {0x7}, {0x2, 0x4}, {0x1}, {0x2, 0x9}, {0x4, 0x4}, {0x2, 0x8}, {0x4, 0xa}, {0x6, 0x8}]}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x4, 0x9, 0x30, 0x1, 0x3, 0xc, 0x1, 0x12, 0x24, 0x12, 0x16, 0x6, 0xc, 0x2]}, @NL80211_TXRATE_HE_LTF={0x5}]}, @NL80211_BAND_2GHZ={0x50, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xb003, 0x3, 0x6, 0x617, 0x7f, 0x1, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xa, 0x2, 0xd2, 0x0, 0x3, 0x7, 0x1, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x100, 0x4, 0xb00, 0xf3, 0x8, 0xe, 0x384]}}]}, @NL80211_BAND_6GHZ={0xc4, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x18, 0x1b, 0x5, 0x2, 0x18, 0x36, 0x24, 0x1b, 0x6]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x4f, 0x2, [{0x2, 0xa}, {0x7, 0x2}, {0x4, 0x9}, {0x6, 0x2}, {0x3, 0x9}, {0x0, 0x5}, {0x0, 0xa}, {0x6, 0x8}, {0x4, 0x1}, {0x7, 0x4}, {0x7, 0x1}, {0x3, 0x2}, {0x0, 0x9}, {0x1, 0x3}, {0x2, 0x6}, {}, {0x1, 0x6}, {0x7, 0x2}, {0x3, 0x3}, {0x1, 0x2}, {0x5, 0x3}, {0x6, 0x8}, {0x3}, {0x1, 0x2}, {0x1}, {0x2, 0x2}, {0x3, 0x2}, {0x5, 0x7}, {0x4, 0x8}, {0x6}, {0x0, 0x6}, {0x7, 0xa}, {0x4, 0x4}, {0x3, 0x9}, {0x1, 0x9}, {0x6, 0x1}, {0x5, 0x5}, {0x3}, {0x5, 0xa}, {0x4, 0x6}, {0x3, 0x4}, {0x7, 0x6}, {0x0, 0x3}, {0x4, 0x9}, {0x2}, {0x5, 0x4}, {0x5, 0x5}, {0x1, 0x1}, {0x3, 0x1}, {0x0, 0x5}, {0x4, 0x6}, {0x2, 0x7}, {0x0, 0x5}, {0x1, 0x5}, {0x1, 0x6}, {0x6, 0x3}, {0x4, 0x7}, {0x5, 0x3}, {0x4, 0x8}, {0x6, 0x9}, {0x7, 0x8}, {0x0, 0x4}, {0x7, 0x7}, {0x7, 0x6}, {0x4, 0x7}, {}, {0x1, 0x5}, {0x6, 0x1}, {0x6, 0x1}, {0x1, 0x2}, {0x6, 0x7}, {0x7}, {0x1, 0x2}, {0x1, 0x8}, {0x1}]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x1b, 0x36, 0x33, 0x36, 0x6, 0x5, 0x1b, 0x30, 0x24, 0xb, 0x2, 0x24, 0x9, 0x24, 0x6c, 0x36, 0x48, 0x1b, 0x5, 0x48, 0x36, 0x18]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x3ff, 0x5, 0x2, 0x34a1, 0x10, 0x9, 0x9]}}]}]}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x41}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4b}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x5a}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xf9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x1f4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xae}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xa000000000000}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x5d42}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xf9000000}]}, {0xe4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xc8, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc4, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xff17, 0x101, 0xc, 0x8, 0x71f8, 0x8, 0x7, 0x3]}}, @NL80211_TXRATE_HT={0x1f, 0x2, [{0x6}, {0x1, 0x5}, {0x0, 0x5}, {0x0, 0x2}, {0x3}, {0x6, 0x4}, {0x5, 0x9}, {0x7, 0x2}, {0x6, 0x1}, {0x5, 0x4}, {0x5, 0x4}, {0x0, 0x9}, {0x0, 0x2}, {0x5, 0x19}, {0x5, 0x8}, {0x4, 0x4}, {0x7, 0x1}, {0x1, 0xa}, {0x2, 0x2}, {0x1, 0xa}, {0x0, 0x2}, {0x4, 0x2}, {0x3, 0x3}, {0x7, 0x9}, {0x2, 0x6}, {0x0, 0x5}, {0x1, 0xa}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0xa5, 0x6, 0x9, 0x8, 0x0, 0x401, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x15, 0x0, 0x0, 0x8, 0x0, 0xdbae, 0x13, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HT={0x40, 0x2, [{0x3, 0x3}, {0x5, 0x2}, {0x1}, {0x2, 0x5}, {0x3, 0xa}, {0x2, 0x5}, {0x2, 0x5}, {0x6, 0x5}, {0x1, 0x3}, {0x7}, {0x0, 0x7}, {}, {0x7, 0x7}, {0x2, 0x8}, {0x6, 0x8}, {0x3, 0x6}, {0x5, 0x7}, {0x1, 0x6}, {0x6, 0x4}, {0x5, 0x6}, {0x4, 0x5}, {0x7, 0x8}, {0x4, 0x3}, {0x7, 0xa}, {0x7, 0x1}, {0x1, 0x1}, {0x5, 0x3}, {0x7, 0x4}, {0x3, 0x6}, {0x1, 0x6}, {0x0, 0x5}, {0x5, 0x7}, {0x7, 0x5}, {0x6, 0x1}, {0x4, 0x1}, {0x3, 0x9}, {0x3, 0x8}, {0x0, 0x9}, {0x1, 0x2}, {0x2, 0x8}, {0x5, 0x3}, {0x6, 0x4}, {0x0, 0x8}, {0x1, 0x9}, {0x7, 0x9}, {0x7, 0x5}, {0x4, 0x1}, {0x0, 0xa}, {0x7, 0x1}, {0x5, 0x8}, {0x3, 0x9}, {0x1, 0x1}, {0x7, 0x7}, {0x5, 0x5}, {0x1, 0x6}, {0x7}, {0x7, 0x8}, {0x1, 0x4}, {0x1, 0xa}, {0x5, 0x7}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xae5, 0x594, 0xfffa, 0x5c62, 0x3, 0x8d66, 0x0, 0x7]}}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x7}]}]}, @NL80211_ATTR_TID_CONFIG={0x2ec, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xb10}]}, {0x58, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf7}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6ec}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x72}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0xb4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x9c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x4c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x22, 0x1, [0x6, 0x60, 0x12, 0xb, 0x48, 0x48, 0x6c, 0x9, 0x16, 0x48, 0x1, 0x12, 0x5, 0x6, 0xc, 0x48, 0xb, 0x9, 0xb, 0x9, 0x36, 0x48, 0x30, 0x1, 0xb, 0x30, 0x2, 0x6c, 0x16, 0x30]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x4}]}, @NL80211_BAND_6GHZ={0x4c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x18, 0x5, 0x3ff, 0x7, 0x0, 0x200, 0x99b]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x8, 0x9, 0x7, 0x9, 0x8000]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x4}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbb}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x53}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x13}]}, {0x14c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x28, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x5cf4, 0x484, 0x1, 0x1, 0x3ff, 0x6, 0x3, 0x2]}}]}, @NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x108, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x1, 0x5, 0x78, 0x1, 0xc, 0x7f, 0x4e0d]}}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_6GHZ={0x5c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4d, 0x2, [{0x5, 0x2}, {0x4, 0x8}, {0x3, 0x4}, {0x1, 0x6}, {0x0, 0x1}, {0x0, 0x4}, {0x2, 0x3}, {0x1, 0x8}, {0x1, 0x1}, {0x0, 0x5}, {0x6, 0xa}, {0x6, 0x8}, {0x0, 0x8}, {0x0, 0x2}, {0x4, 0x3}, {0x4, 0x9}, {0x4, 0x7}, {0x6, 0x5}, {0x2, 0x6}, {0x4, 0x4}, {0x0, 0x6}, {0x1, 0x2}, {0x0, 0x1}, {0x1, 0x2}, {0x7, 0xa}, {0x5, 0xa}, {0x1, 0x7}, {0x0, 0xa}, {0x2, 0x4}, {0x4, 0x8}, {0x1}, {0x7, 0x7}, {0x3, 0x9}, {0x1, 0x2}, {0x7, 0x1}, {0x6, 0x4}, {0x0, 0x4}, {0x0, 0x9}, {0x6, 0x7}, {0x1, 0x9}, {0x3, 0xa}, {0x4, 0x4}, {0x6, 0x4}, {0x6, 0x9}, {0x4, 0x4}, {0x4, 0x1}, {0x6, 0x9}, {0x1}, {0x0, 0x5}, {0x2, 0x2}, {0x3, 0x6}, {0x1, 0x4}, {}, {0x4, 0x8}, {0x5, 0x8}, {0x1, 0x3}, {0x6, 0x6}, {0x5}, {0x1, 0x6}, {0x6}, {0x7, 0x9}, {}, {0x1}, {0x0, 0x9}, {0x5, 0x2}, {0x4, 0x1}, {0x4, 0x6}, {0x1, 0x9}, {0x6, 0x6}, {0x0, 0x8}, {0x7, 0x2}, {0x3, 0x6}, {0x7, 0x1}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0x58, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x5, 0x7c4f, 0x99, 0x0, 0x4, 0x6, 0x6]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x0, 0x2, 0x2, 0xd5, 0x4, 0x8, 0x5]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0x81, 0x87, 0x8, 0x4, 0x556, 0x81, 0x8]}}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x183d}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x3c}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10001}]}]}, @NL80211_ATTR_TID_CONFIG={0x4}, @NL80211_ATTR_TID_CONFIG={0x810, 0x11d, 0x0, 0x1, [{0x14c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x9a}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x92}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x10c, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x94, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x18, 0x30, 0xb, 0x36, 0x16, 0xb, 0x48, 0x24, 0x12, 0x9, 0x30, 0x12, 0xb, 0x9, 0x48, 0x6c, 0x1b]}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x1, 0x5}, {0x7, 0x4}, {0x2, 0x8}, {0x2, 0x8}, {}, {0x2}, {0x0, 0x5}, {0x0, 0x6}, {0x6, 0x2}, {0x7, 0x2}, {0x7}, {0x3, 0x5}, {0x1, 0x7}, {0x2}, {0x1, 0x3}, {0x2, 0x3}, {0x2, 0x2}, {0x2, 0x4}, {0x6, 0x5}, {0x7, 0x4}, {0x0, 0x1}, {0x4, 0x6}, {0x6, 0x8}, {0x1, 0x8}, {0x1, 0x4}, {0x6}, {0x2, 0x9}, {0x6, 0x6}, {0x5, 0x6}, {0x4, 0x6}, {0x1, 0x7}, {0x1}, {0x3, 0x9}, {0x6, 0x9}, {0x7, 0x6}, {0x0, 0x2}, {0x1, 0x3}, {0x0, 0x8}, {0x0, 0x7}, {0x2, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0x8, 0x7f, 0xb, 0x40, 0x4, 0x6, 0x1]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x8, 0x4f0, 0x6, 0x7ff, 0x7, 0x3, 0x9b]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3, 0xb554, 0x8, 0xc, 0xff10, 0x0, 0xfffb, 0x7]}}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x26, 0x2, [{0x7, 0x8}, {0x3, 0xa}, {0x2, 0x7}, {0x1, 0x1}, {0x6, 0x9}, {0x2, 0xa}, {0x0, 0x7}, {0x5, 0x4}, {0x1, 0x8}, {0x6, 0x9}, {0x5, 0x5}, {0x5, 0x1}, {0x3, 0x4}, {0x7, 0x9}, {0x4, 0x9}, {0x5, 0x8}, {0x2, 0x9}, {0x1, 0x1}, {0x5, 0x5}, {0x6, 0x9}, {0x2, 0x8}, {0x5, 0x3}, {0x0, 0x6}, {0x4, 0x5}, {0x7}, {0x7, 0xa}, {0x2, 0x8}, {0x5, 0x7}, {0x6}, {0x4, 0xa}, {0x6, 0x5}, {0x4, 0x9}, {0x1}, {0x1, 0x3}]}, @NL80211_TXRATE_HT={0xf, 0x2, [{0x3, 0x3}, {0x6, 0x2}, {0x5, 0x2}, {0x0, 0x4}, {0x6, 0x4}, {0x7, 0x5}, {0x3, 0xa}, {0x5, 0x2}, {0x7, 0x8}, {0x5, 0x3}, {0x3, 0x5}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xdf5c, 0x6, 0x8001, 0x1, 0x81, 0x3, 0x4, 0x18c]}}]}]}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x47}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x35c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x19c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x7c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x38, 0x2, [{0x2, 0x9}, {0x4}, {}, {0x4, 0x2}, {0x0, 0xa}, {0x1, 0xa}, {0x0, 0x6}, {0x0, 0x9}, {0x0, 0x7}, {0x0, 0x4}, {}, {0x5, 0x4}, {0x3, 0x7}, {0x2, 0x1}, {0x4, 0x5}, {0x4, 0x4}, {0x1, 0x2}, {0x6, 0x4}, {0x4, 0x3}, {0x2}, {0x1, 0x4}, {0x2, 0x5}, {0x1, 0xa}, {0x2, 0x7}, {0x0, 0x3}, {0x4, 0x3}, {0x7, 0x1}, {0x7, 0x1}, {0x6, 0xa}, {0x3, 0x6}, {0x6, 0x1}, {0x5, 0x4}, {0x4, 0x4}, {0x4}, {0x5, 0x8}, {0x0, 0x1}, {0x7, 0x9}, {0x1}, {0x2, 0x8}, {0x3, 0xa}, {0x5}, {0x4, 0xa}, {0x1, 0x8}, {0x5, 0x7}, {0x4, 0x9}, {0x5, 0x2}, {0x5, 0x3}, {0x7, 0x9}, {0x3}, {0x0, 0x8}, {0x4, 0x4}, {0x6, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x9, 0xab, 0x7, 0x9, 0x6, 0xfffa, 0x7, 0xf]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0xb, 0x2, [{0x7, 0x4}, {0x2, 0x6}, {0x0, 0x3}, {0x6, 0x5}, {0x1, 0x6}, {0x0, 0x7}, {0x3, 0x4}]}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_2GHZ={0x88, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x25, 0x2, [{0x5, 0x4}, {0x0, 0x7}, {0x5, 0x9}, {0x6, 0x5}, {0x4, 0xa}, {0x2, 0x3}, {0x5}, {0x0, 0x2}, {0x3, 0x4}, {0x7, 0x9}, {0x3, 0x1}, {0x6, 0x4}, {0x1, 0x8}, {0x0, 0x2}, {0x0, 0x3}, {0x5, 0x2}, {0x5, 0x7}, {0x7, 0x1}, {0x1, 0xa}, {0x2, 0x6}, {0x5, 0x6}, {0x6, 0x6}, {0x3, 0x8}, {0x0, 0x3}, {0x1}, {0x3, 0x4}, {0x0, 0x8}, {0x7, 0x3}, {0x5, 0x1}, {0x7}, {0x0, 0x6}, {0x3, 0x4}, {0x3, 0x3}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x100, 0x4, 0x5, 0x1, 0x6, 0xd, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x12, 0x6c, 0x30, 0x9, 0x6, 0xb, 0x10, 0x6, 0x12, 0x6c, 0xb, 0x4, 0x60]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x2d7b, 0x6, 0x2, 0xfffa, 0x1, 0x2cc, 0xb4]}}]}, @NL80211_BAND_60GHZ={0x3c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x3, 0x7a9, 0x5800, 0x8000, 0x4, 0x8, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x2, 0x790f, 0x3, 0x239, 0x9, 0x3, 0x5]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x23, 0x2, [{0x2, 0x4}, {0x0, 0x5}, {0x1, 0x8}, {0x5, 0x3}, {0x2, 0x5}, {0x5, 0x6}, {0x1}, {0x3, 0xa}, {0x3, 0x7}, {0x0, 0x4}, {0x2, 0x1}, {0x2, 0x2}, {0x4, 0x7}, {0x6, 0x9}, {0x1, 0x8}, {0x5, 0x5}, {0x7, 0xa}, {0x0, 0xa}, {0x7, 0x4}, {0x1, 0x8}, {0x2, 0x7}, {0x6, 0x8}, {0x0, 0x9}, {0x1, 0x2}, {0x7, 0x6}, {0x4, 0xa}, {0x0, 0x4}, {0x5, 0x4}, {0x1, 0x5}, {0x2, 0xa}, {0x1, 0xa}]}]}, @NL80211_BAND_60GHZ={0x18, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x14, 0x2, [{0x7}, {0x4, 0x9}, {0x7, 0x3}, {0x7, 0x1}, {0x6}, {0x7}, {0x5, 0x5}, {0x0, 0x7}, {0x4, 0x5}, {0x3, 0xa}, {0x3, 0x6}, {0x7, 0x1}, {0x1, 0x6}, {0x3, 0xa}, {0x6, 0x4}, {0x0, 0x3}]}]}, @NL80211_BAND_2GHZ={0x14, 0x0, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1bc, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x58, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x2, 0x40, 0x9, 0x3, 0x6, 0x3b8, 0x4]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x80, 0x4, 0x55a, 0x3, 0x7, 0x7, 0x8]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0xf}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd9, 0x0, 0x5, 0xf0c8, 0x1000, 0x0, 0x8001, 0x3]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_5GHZ={0x30, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2c, 0x2, [{0x0, 0x6}, {0x6, 0x4}, {0x7, 0xa}, {0x0, 0x1}, {0x3}, {0x7, 0x9}, {0x7, 0x6}, {0x3, 0x1}, {0x0, 0x3}, {0x1, 0xa}, {0x1, 0x1}, {0x0, 0x3}, {0x4, 0x4}, {0x4, 0x4}, {0x7, 0xa}, {0x4, 0x4}, {0x5, 0xa}, {0x6, 0x3}, {0x0, 0x3}, {0x0, 0x1}, {0x4, 0x3}, {0x0, 0x5}, {0x2, 0x3}, {0x6, 0xa}, {0x1, 0x1}, {0x0, 0x18}, {0x7, 0x2}, {0x5, 0xa}, {0x1, 0x6}, {0x1, 0x1}, {0x5, 0x2}, {0x6}, {0x3, 0x3}, {0x2, 0x1}, {0x1, 0x4}, {0x5, 0x3}, {0x3, 0x2}, {0x1, 0x1}, {0x2}, {0x0, 0x1}]}]}, @NL80211_BAND_6GHZ={0x24, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x17, 0x1, [0x60, 0x6c, 0x9, 0x6, 0x16, 0x6, 0x2, 0x2, 0x9, 0x48, 0x1b, 0x16, 0x12, 0x60, 0x6, 0x60, 0x2, 0x4, 0x4]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}]}, @NL80211_BAND_60GHZ={0x34, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x7, 0xff, 0x7, 0x2, 0x788c]}}, @NL80211_TXRATE_LEGACY={0x9, 0x1, [0x2, 0x18, 0x1b, 0x12, 0x37]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_6GHZ={0xd8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3f, 0x2, [{0x5, 0x7}, {0x0, 0x3}, {0x0, 0x7}, {0x6, 0xa}, {0x6, 0x8}, {}, {0x1, 0xa}, {0x5, 0x8}, {0x2, 0xa}, {0x6, 0x7}, {0x5, 0x8}, {0x3, 0xa}, {0x7, 0x5}, {0x0, 0x2}, {0x2, 0x3}, {0x2, 0x7}, {0x6, 0x6}, {0x0, 0x2}, {0x6, 0x7}, {0x7, 0x3}, {0x1, 0x5}, {0x3, 0xa}, {0x7, 0x3}, {0x6, 0x5}, {}, {0x1, 0x4}, {0x0, 0x6}, {0x1, 0x5}, {0x3, 0x2}, {0x0, 0xa}, {0x1, 0x4}, {0x7}, {0x7, 0x4}, {0x4, 0x7}, {0x3, 0x5}, {0x3, 0x3}, {0x7, 0x8}, {0x3, 0x8}, {0x5, 0x2}, {0x7, 0x1}, {0x5, 0x2}, {0x3, 0xa}, {0x6, 0x5}, {0x2, 0x5}, {0x3, 0x7}, {0x1, 0x5}, {0x0, 0xa}, {0x6, 0x2}, {0x1, 0x3}, {0x0, 0x4}, {0x0, 0x3}, {0x1, 0x1}, {0x1, 0x4}, {0x6, 0x6}, {0x6, 0x5}, {0x3, 0x6}, {0x2}, {0x4, 0x2}, {0x6, 0x7}]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x0, 0xffe5, 0x8, 0xf800, 0x5, 0x8, 0xfffe]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x8, 0x0, 0x6, 0xd5b, 0xfffb, 0x5, 0x6]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x3, 0xe93f, 0x2, 0x2a, 0x862, 0xce2, 0x2]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x7, 0x6, 0x400, 0x167, 0x6cb6, 0x4, 0x4003]}}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xd, 0xad63, 0x5, 0xe3c, 0x63a5, 0x7, 0xe, 0x4]}}, @NL80211_TXRATE_LEGACY={0x1c, 0x1, [0xb, 0x4, 0x5, 0x2, 0x16, 0x1b, 0x30, 0x1, 0x3, 0x48, 0x5, 0xc, 0x2, 0x0, 0x6, 0x0, 0x5, 0x16, 0x36, 0x2, 0x3, 0x2, 0xb, 0xc]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xce, 0x0, 0x10, 0x1372, 0x3, 0x1, 0x0, 0x6]}}]}]}]}, {0xf0, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xac, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x24, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x15, 0x1, [0x36, 0xb, 0x9, 0x1, 0x1, 0xb, 0x42, 0x9, 0x2, 0x60, 0x1b, 0x1, 0x24, 0xb, 0xc, 0x6c, 0x36]}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x12, 0x4, 0xb]}]}, @NL80211_BAND_6GHZ={0x28, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x9, 0x48, 0x16, 0x71, 0xb, 0xb, 0x9, 0x9, 0x16, 0x24, 0x30, 0x0, 0x24, 0x30, 0x6, 0x4]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x7, 0x8000, 0xfff, 0x4, 0x3, 0x5, 0x4, 0x1]}}]}, @NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_6GHZ={0x4}, @NL80211_BAND_6GHZ={0x30, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0x7, 0xfd9, 0x1, 0x1f, 0x0, 0x58, 0x1]}}]}, @NL80211_BAND_6GHZ={0x4}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xf141}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x13}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x9b}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xea}]}, {0x90, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x80, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6, 0x3d5a, 0x4, 0x81, 0x0, 0x2]}}]}, @NL80211_BAND_5GHZ={0x5c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xb84, 0x8d1e, 0xaf89, 0xfffb, 0x5, 0x5, 0x3, 0x1]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0x3, 0x80, 0x9, 0x7, 0xfffc, 0xe, 0x3]}}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x9162, 0x181e, 0xfe, 0x4, 0xfc00, 0xff7f, 0x8]}}, @NL80211_TXRATE_HT={0x11, 0x2, [{0x5}, {0x0, 0xa}, {0x4, 0x4}, {0x4, 0x8}, {0x6, 0x2}, {0x6, 0x9}, {0x6, 0x8}, {0x4, 0x3}, {0x2, 0x4}, {0x6, 0x1}, {0x2, 0x4}, {0x1, 0x5}, {0x3, 0x9}]}]}]}]}, {0xd4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xb4, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfff7, 0x800, 0x489, 0x200, 0x1, 0x3, 0x8, 0x7]}}]}, @NL80211_BAND_60GHZ={0x40, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x4, 0x4}, {0x5, 0x2}, {0x0, 0x4}, {0x1, 0x8}, {0x2, 0x4}, {0x2, 0x4}, {0x0, 0x9}, {0x5, 0x8}, {}, {0x3, 0x3}, {0x4, 0x3}, {0x5, 0x6}, {0x5, 0x9}, {0x2, 0x9}, {0x4, 0x3}, {0x7, 0x9}, {0x1, 0x3}, {0x7, 0x3}, {0x1, 0x4}, {0x7, 0x8}, {0x6, 0x9}, {0x0, 0x7}, {0x2, 0x4}, {0x2, 0x2}, {0x1, 0x8}, {0x1, 0x8}, {0x7, 0x3}, {0x6, 0xa}, {0x2}, {0x6}]}]}, @NL80211_BAND_60GHZ={0x4}, @NL80211_BAND_2GHZ={0x2c, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x8, 0x800, 0x2, 0xff9, 0xffff, 0x800, 0xfffb, 0x2]}}, @NL80211_TXRATE_LEGACY={0xa, 0x1, [0x6c, 0x5, 0x30, 0x24, 0x30, 0x9]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_5GHZ={0x14, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x100, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x34, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x30, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x1dbc, 0x7, 0x3, 0x5, 0x9, 0xe00, 0x400, 0xcb]}}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0xeaa3ba8acb1e78a2, 0x1, 0x60, 0x18, 0x1b, 0x8, 0x1, 0xc, 0x18, 0x2, 0x4, 0x4, 0x9, 0xc, 0x12, 0x6, 0x1]}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xa0, 0xd, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x90, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x4, 0x1, 0x9, 0x9, 0x200, 0x9, 0xe3, 0x7]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x39, 0x2, [{0x1, 0x6}, {0x6, 0xa}, {0x2, 0x5}, {0x0, 0x3}, {0x2}, {0x6, 0x8}, {0x6, 0x1}, {0x6, 0x9}, {0x1, 0x6}, {0x6, 0x8}, {0x2, 0x3}, {0x6, 0x2}, {0x6}, {0x1, 0x5}, {0x5, 0x3}, {0x1}, {0x0, 0x9}, {0x6, 0x6}, {0x6, 0x5}, {0x6, 0x7}, {0x6, 0x5}, {}, {0x3, 0x2}, {0x1, 0x7}, {0x5, 0x1}, {0x0, 0x5}, {0x3, 0x2}, {0x2}, {0x3, 0x4}, {0x7, 0x7}, {0x4, 0x1}, {0x2}, {0x3, 0x1}, {0x5, 0x4}, {0x7, 0x4}, {0x5, 0x4}, {0x3, 0xa}, {0x5, 0xa}, {0x1, 0x9}, {0x4, 0x6}, {0x1, 0x6}, {0x6, 0xa}, {0x7, 0x4}, {0x5, 0x4}, {0x7, 0x6}, {0x4, 0x6}, {0x6, 0x3}, {0x5, 0x4}, {0x5, 0x5}, {0x4, 0x6}, {0x0, 0x1}, {0x1, 0x1}, {0x6, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x3, 0x9, 0x3, 0x401, 0x802, 0x200, 0x2]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb6}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x66}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x400}]}]}, @NL80211_ATTR_TID_CONFIG={0xf4, 0x11d, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x40}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xbd}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1}]}, {0x8c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x78, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x1, 0x8, 0x6, 0x3, 0x9, 0xd, 0x1]}}, @NL80211_TXRATE_HT={0x29, 0x2, [{0x3, 0x1}, {0x7, 0x4}, {0x1, 0x5}, {0x0, 0x3}, {0x6, 0x8}, {0x5, 0x9}, {0x2, 0xa}, {0x2, 0x8}, {0x1, 0x9}, {0x4, 0x1}, {0x2, 0x7}, {0x0, 0xa}, {0x1}, {0x4, 0x2}, {0x1, 0x1}, {0x0, 0x6}, {0x3, 0x1}, {0x7}, {0x4, 0x7}, {0x1, 0x9}, {0x0, 0xa}, {0x3, 0x8}, {0x7, 0x6}, {0x3, 0x5}, {0x4, 0x3}, {0x3, 0x1}, {0x3}, {0x1}, {0x5, 0x8}, {0x7}, {}, {0x6, 0x9}, {0x0, 0xa}, {0x0, 0xa}, {0x3, 0x7}, {0x0, 0x2}, {0x6, 0x3}]}]}, @NL80211_BAND_60GHZ={0x30, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HT={0x16, 0x2, [{0x7, 0x2}, {0x4, 0x1}, {0x6, 0x5}, {0x5, 0x9}, {0x3, 0x7}, {0x4, 0x6}, {0x1, 0x1}, {0x4, 0x8}, {0x2, 0x6}, {0x6, 0x1}, {}, {0x7, 0x5}, {0x1, 0x1}, {0x7, 0x3}, {0x3, 0x3}, {0x4, 0x9}, {0x5, 0x8}, {0x5, 0x1}]}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0xb, 0x6c, 0xc9389dfd3c62e98c, 0x1b, 0x16, 0x4c, 0x24, 0x18, 0xe, 0xd3e14b057da4b607, 0x5, 0xc, 0x36]}]}]}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x9b}]}, {0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x64}]}]}, @NL80211_ATTR_TID_CONFIG={0x7c, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd9}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x68}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}]}, 0x1204}, 0x1, 0x0, 0x0, 0x80}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x10, 0x44, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0x2010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x8, [{@remote, 0x4}, {@dev={0xac, 0x14, 0x14, 0x3a}}]}, @ssrr={0x89, 0x3, 0xce}, @generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x400}}}}}}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r7, 0x4b72, &(0x7f0000000040)={0x4, 0x0, 0x8, 0x13, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a2666343392fda11504800f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a90139264a9ee8081973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289aa57152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
socket$caif_stream(0x25, 0x1, 0x4)
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10001})

673.992136ms ago: executing program 3 (id=739):
r0 = creat(&(0x7f0000000300)='./file0\x00', 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000400000e0000000000000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001cc0)={0x40, 0x19, 0x1, 0x0, 0x25dfdbfb, {0x1d, 0xd601, 0x9}, [@nested={0x2c, 0x12, 0x0, 0x1, [@nested={0x27, 0xe1, 0x0, 0x1, [@generic="9e1b73d1fa90f57f0c5dfb57d1f2332ea6db698943ebbbe64c0cbb59b43d4d13905a96"]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x5}, 0x0)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r4}, &(0x7f0000000080), &(0x7f0000000200)=r5}, 0x20)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6004, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20c006, &(0x7f0000000480)={[{@debug}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2000006, 0x31, 0xffffffffffffffff, 0xd0fb6000)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r6, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x3000, 0x3)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
write$qrtrtun(r0, &(0x7f0000000900)="9d8d645e53b6183d874f9e93a18dd009a09560ff682bd07dc3d28385a8f3f9e18418950d4dfe49f13a19e24320444a7d6c121741ba3dc510dba4f980bbd9a315544fa0a1622d949faba79788908354e467989e8458e6f5f76e0e4e781bfca4c928c956321dd514877569805db6602f1584a8bd051f13bad882bea021ffb5ce918a1f87f1d439ec93772d6ecaaf8891f7678f2037ccced78ea5c1aa805f1b9f5a2c3974c5124cac5e163d9b6f5b998c1c7263fa2331d1241523986dccbd4e1f32b2f521380a2ea4732132264de6d26ce40177a780df98cbf94b96d900a2dfc5c877db675ebb1d7cbc398ca422ddbadc24ee6f3bf036f62cdb056502a6b657ff95930ea668649ad0003afe9a912179ce61631b3dab94642d2768f1f22299deb9eddb917fc0076b74406149024514d07417c6007e8cd4dc4e2295be71f412044b52b1ce32aac048cad9c413a8c19528dc1b432fe7f9fda7182a47243af427a76ede78aa5c6ef75ea1f48e2e9e9d203d4760a1ff6a0119b39a2458a050f9519d4bbd821684ef8356985e8f5b8d86346f428788fc374e7eaa0c2a2ef8478a13b4a56d0821201c37a0066fb9f5cc583005b9f71b67daa300311066bacbf43630a8388aff734a568a123a48ba1344a5500e5c6f8cef539617cd3970ffb873579a3b76bd529f1626d1f90543b2a0190df38bb1e8b6fc9bfc5c42693814665679e78ed8adce4d23b8725416101ae4113fee000cb92b32c6a74851a6c4af4625f28810ec16834a1589063af1bf0b29aa57e06dddc0fddf408fab63c536d5afd9ba5a71f9e534f99e5ea9c1eaaaad710ef30a37df0f87978894333850f4feac3740a3b010da7c250d060c8046cab40d0527234d4b4b28366bc7d5899948ddbfac66c848ef0f842eab95248e9d064c0ec4247483f0aa0cad7ca970365e474fe73cf79cf8c70fc7a015caa273ce41723453632cf5b809584d227f7e98e8ec41494518b0b8a8adbaf5ead6529451b116fab06529b653bffdd6d98f8322265305bdc0ff69f4a70dea414fcc63d149c564c834f24b8f7495cd9ccafa1e3f652cd3270935800ee0d5598afcaa41c150dac263408d77a61b5c77e2c3644dda1b8c333a36c30ce893140ce133827dde34d896d35c498bf6dda965a27cc77e2872fcedaf9dcb89614c758cf62ad769ac05a4fb9e27b421b82c1761f1322b03cc9ea586d15f7d2ffb6ed63c639cee97d9eea8f3934045e60b15eca5c13ebe002467c09815712165cee2af784f9e5db9f7227701ca9a3de588503c84c490f4986aa26e7b63d4c5a30157cdf82e433a1b64496392a1990b2a46b910d9a16429736308f71d8e78824a26f25f21829546b973c0905b20c2ef751eb0064eaf831874f0b58ef8779cafd02bcf075a212e79e07c73c49fc240d6845877fda649d1ab59ea06b907ec5031299a0e1fa2f8cbc241a8531ad241302b569d4581dcc944f27799f25593b97ea7681ba74d6cde9c8f58840ac4c4be3aa90e6273a64e549c47c7232f423406604c9c210eabe3d6a2343bd6c2ae72ab013ce2af32467bcfa8cbf0769f9156e35424", 0x45c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x40)
dup2(r0, r3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

670.933676ms ago: executing program 0 (id=740):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a7000000080000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000000)=0xa)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})

579.872694ms ago: executing program 0 (id=741):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
pwritev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)="de", 0x1}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
select(0x40, &(0x7f0000000000), 0x0, &(0x7f0000000080)={0x6}, &(0x7f00000000c0)={0x0, 0x2})
r1 = socket(0x10, 0x803, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x200, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x2, 0x0)
sendfile(r3, r2, 0x0, 0x6)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000006c0)={<r6=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r6, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="fdffffffffcf3b316b9cffffffffffff7f"])
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r8=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000780)={'tunl0\x00', &(0x7f0000000740)={'syztnl0\x00', r8, 0x700, 0x1, 0x6, 0xb, {{0x6, 0x4, 0x1, 0x2, 0x18, 0x66, 0x0, 0x4, 0x29, 0x0, @loopback, @multicast2, {[@noop]}}}}})
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000480)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000000c0)='scsi_dispatch_cmd_start\x00', r9, 0x0, 0x6db3}, 0x18)
r10 = open$dir(&(0x7f0000000000)='./file0\x00', 0x44002, 0x2)
fchmodat(r10, &(0x7f0000000040)='./file0\x00', 0x40)
r11 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000840)={[{@bh}, {@nolazytime}, {@noblock_validity}, {@barrier}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2N2Iw7JICE6VgHIvIXGiKE4cxU7bRBWk4gMgIQRInODCBYkPgIQqceGIkCrBGQQIhKCFAwforMaepGlqJ27rxmn8+0mTee/NjP/vOZrxvJmnmQCG1msR8V5EPEjT9FJEjOflxYgoZImd9pStd//erflsSiJNr/4ziSQv2/2sJJ+fzzc7GxFf+3LEN5PH4za2tlfmarXqRp6vNFfXK42t7cvLq3NL1aXq2szM9Nuz78y+NTvVl3ZeiIh3v/jXH3z3Z19691efufGna3+/+K2sWmP58v3teELFwxa2m15qfRf7N9h4ymAnUbHVwtxopzVGHiu5/ZzrBABAZ9k5/gcj4pMRcSnGY+Tw01kAAADgBZR+fiz+l0SknZ3pUg4AAAC8QAqtMbBJoZyPBRiLQqFcbo/h/XCcK9TqjeanF+ubawvtsbITUSosLteqU/lY4YkoJVl+upV+mH/zQH4mIl6OiO+Pj7by5fl6bWHQFz8AAABgSJw/0P//z3i7/w8AAACcMhODrgAAAADw3On/AwAAwOmn/w8AAACn2leuXMmmdPf91wvXtzZX6tcvL1QbK+XVzfnyfH1jvbxUry+1ntm3etTn1er19c/G2ubNSrPaaFYaW9vXVuuba81ry4+8AhsAAAA4Ri9//M4fkojY+dxoa8qc6W3THlcDTqriXirJ5x126z++1J7/5ZgqBRyLkUFXABiY4qArAAxMadAVAAYuOWJ518E7v83nn+hvfQAAgP6b/Gj3+/+FQ7fcOXwxcOLZiWF4uf8Pw6t1/7/XkbxOFuBUKTkDgKH3zPf/j5SmT1QhAACg78ZaU1Io55f3xqJQKJcjLrReC1BKFpdr1amIeCkifj9e+kCWn25tmRzZZwAAAAAAAAAAAAAAAAAAAAAAAAAA2tI0iRQAAAA41SIKf0t+3X6W/+T4G2MHrw+cSf47HvkrQm/8+OoPb841mxvTWfm/9sqbP8rL3xzEFQwAAAAYCk/0Av/dfvpuPx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+un+vVvzu9Nxxv3HFyJiolP8Ypxtzc9GKSLO/TuJ4r7tkogY6UP80ezPRzrFT7Jq7YXsFH+0D/F3bh8aPybyb6FT/PN9iA/D7E52/Hmv0/5XiNda8877XzHikfzT6n78i73j30iX/f9CjzFeufuLStf4tyNeKXY+/uzGT7rEf73H+N/4+vZ2t2XpTyImO/7+JI/EqjRX1yuNre3Ly6tzS9Wl6trMzPTbs+/MvjU7VVlcrlXzvx1jfO9jv3xwWPvPdYk/cUT73+ix/f+/e/Peh9rJUqf4F1/vEP83P83XeDx+If/t+1SezpZP7qZ32un9Xv357149rP0LXdp/1P//Yo/tv/TV7/y5x1UBgGPQ2NpemavVqhunNpH10k9ANSROYOLbff3ANE3TbJ96hs9J4iR8La3EoI9MAABAvz086R90TQAAAAAAAAAAAAAAAAAAAGB4HcfjxA7G3NlLJf14hDYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQF+8HwAA//9+SdlX")
mknodat(r11, &(0x7f0000000a80)='./file0\x00', 0x80, 0x6)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000940)={'erspan0\x00', &(0x7f00000008c0)={'syztnl0\x00', r7, 0x10, 0x700, 0x2, 0x8, {{0x10, 0x4, 0x2, 0x38, 0x40, 0x64, 0x0, 0x9, 0x2f, 0x0, @broadcast, @private=0xa010100, {[@ssrr={0x89, 0x7, 0xa7, [@multicast2]}, @generic={0x7, 0x7, "bef42487ef"}, @lsrr={0x83, 0x7, 0xdd, [@local]}, @noop, @generic={0x94, 0x12, "ef00aa5687bfe40fdc2abd5b88a4a561"}, @noop]}}}}})
perf_event_open(&(0x7f0000000140)={0x8, 0x80, 0x7, 0x0, 0x0, 0x3, 0x82, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xf}, 0x8080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x10000000000007}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2)

576.788264ms ago: executing program 1 (id=742):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r0, 0xc17a)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='mm_page_free\x00', r1, 0x0, 0xfffffffff7fffffc}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r2, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x38}}, 0x0)

503.54764ms ago: executing program 1 (id=743):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b80)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0xffffffff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getpgrp(0x0)

440.701475ms ago: executing program 1 (id=744):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@grpquota}, {@noauto_da_alloc}, {@quota}, {@stripe}, {@jqfmt_vfsold}]}, 0xfd, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSG0EmKPILUhcaModhzFTmlCD+mZKxKVOMGRP4BzT9y5ILhxKQckfkSgBomDVzOepG5iN1GT2FH8+UijeW/e1N/3ks579TeNXwBD63pE7EbEWETcjYjp7HouO+KT9pHc92zv4dL+3sOlXLRan/0rl7Yn16LjzySuZa9ZjIgffS/ip7njcRvbO2uL1WplM6vPNmsbs43tnVurtcWVykplvVxemF+Y++j2h+VzG+s7tbGs9NWnf9z91s+Tbk1lVzrHcZ7aQy8cxkmMRsQPLiLYAIxk4xkbdEd4JfmIeDMi3k2f/+kYSb+bAMBV1mpNR2u6sw4AXHX5NAeWy5eyXMBU5POlUjuH91ZM5qv1RvPmvfrW+nI7VzYThfy91WplLssVzkQhl9Tn0/LzevlI/XZEvBERvxyfSOulpXp1eZD/8AGAIXbtyPr/3/H2+g8AXHHFQXcAAOg76z8ADB/rPwAMH+s/AAyf9vo/MehuAAB95P0/AAwf6z8ADJUffvppcrT2s8+/Xr6/vbVWv39rudJYK9W2lkpL9c2N0kq9vpJ+Zk/tpNer1usb8x/E1oOZb280mrON7Z07tfrWevNO+rnedyqF9K7dPowMAOjljXee/CWXrMgfT6RHdOzlUBhoz4CLlh90B4CBGRl0B4CBsdsXDK8zvMeXHoArossWvS8odvsFoVar1bq4LgEX7MaX5P9hWHXk//0vYBgy8v8wvOT/YXi1WrnT7vkfp70RALjc5PiBHj//fzM7/y774cBPlo/e8fgiewUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACX28H+v6VsL/CpyOdLpYjXImImCrl7q9XKXES8HhF/Hi+MJ/X5AfcZADir/N9z2f5fN6bfn3qh6e1rh8WxiPjZrz/71YPFZnPzTxFjuX+PH1xvPs6ul/vfewDgZAfrdHrueCP/bO/h0sHRz/7847sRUWzH398bi/3D+KMxmp6LUYiIyf/ksnpbriN3cRa7jyLii93Gn4upNAfS3vn0aPwk9mt9jZ9/IX4+bWufk6/FF86hLzBsniTzzyfdnr98XE/P3Z//YjpDnV02/yUvtbSfzoHP4x/MfyM95r/rp43xwR++3y5NHG97FPHl0YiD2Psd889B/FyP+O+fMv5fv/L2u73aWr+JuBHd43fGmm3WNmYb2zu3VmuLK5WVynq5vDC/MPfR7Q/Ls2mOerb3avDPj2++3qstGf9kj/jFE8b/9Xbx+Bf1iN/+/+6Pv/aS+N98r1v8fLz1kvjJmviNkwJnFid/X+zVlsRf7jH+k77/N08Z/+nfdo5tGw4ADE5je2dtsVqtbCooXP5C8lf2EnSja+E7/Yo1Ft2bfvFe+5k+0tRqvVKsXjPGeWTdgMvg8KGPiP8NujMAAAAAAAAAAAAAAEBX/fiNpUGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKvr8wAAAP//j5zPLA==")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0, 0x0)
unlink(0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x50)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb08004500003c00000000000190780a010102ac1414aa03049078640100ff48bdbce6fe868254672700000000000000fc7300000000000000000000440c00b8c05bdb39599508cf223f85fe545b3a5b1973eae0850944d6e36d58ca63e1fba830e85a"], 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
ioctl$SIOCX25SFACILITIES(r2, 0x89e3, &(0x7f00000000c0)={0x18, 0x81, 0x4, 0xc, 0xd})
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
r3 = getpgid(0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
cachestat(r4, &(0x7f00000001c0)={0xb0, 0xf5}, 0xffffffffffffffff, 0x0)
sched_rr_get_interval(r3, 0x0)
kexec_load(0x3e00, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xff600000, 0x1000000}], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000100030000010000008500000083002200bf0900800000000055090100000045f7b127000000000000bf91000000000000b7020000000000008500000084000000b700ffff0000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffd}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000240)={'broute\x00', 0x0, 0x0, 0x0, [0x1, 0xfffffffffffffe49, 0x8, 0x6, 0x1, 0x5]}, &(0x7f0000000040)=0x78)

359.537031ms ago: executing program 0 (id=745):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f00000000c0)='\f7', 0x2}, {&(0x7f0000000000)='0', 0x1}], 0x2)

217.101523ms ago: executing program 0 (id=746):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="1600000000008c9853a9545fb77505a6a36a1658964800000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000d40)={0x3, 0xc, &(0x7f0000002000)=ANY=[@ANYBLOB="17e200"/13, @ANYBLOB="47b9504e0cd50d1de39de2515eb15b3cb140bbcb9e4d7024555040bae84f80ec400e427b08ed19faea8281ff625086acb50029bc5c36bcd3fe7d17b319ab9c01f225a73ccf6b494fbc173b7349b49469a30a552da163230c0bd6db7ab54ae73f78d00c22df1588c39b46d0701a3dd97c6e074af6ba9fa4e22ea0ca805f004525f6e7e31c18f867a63093bc6f76853b6e814053a3a37ba16f0755c9924577b275c0759966e40d19756db17788500955b2332b0ae5c7881d826e6cc5a51d01131364b8fd68ee9e449dc54036949c011bdc671269f2bd42ba8ef947c302fc48b72428febba944c77ebfeecbfba09e5f3aa5e2a319b4cefea3516f540782df9e3f4b0c90e42a9d31696631a7d69c78756b78e6f4cec0ecb3f5ed256928fc9800be34d7c4e87e77b9f350c06a730c50df13e45cd9bf92597fc2afdec5d2b8fcf9607cc1da512e0d154ab7ffdf9dbc914dfc16cedde9e3c3785f5931e502e798a81f492da2cdcfa18b8d06c68f37bad198282263f984e3a36645a71873b1edda115ade6e7d2b18d8cb1550b76a8fbdb11f266f8d9b8cd368339b4ca3c94be547eba8c58bd250717648b28a81de4c43f961e0dafa0481247db8c9e6e23a0719adea5e723b88fe2d7494101b4d70f159afc22532e16f5eeef99a539550db5f7ec593f3b96eb32debba3b84cb123cb466961edc396d4491b1a89954fbaac787a17bca6364e177484377afa7f8a461f51d50fc43f34666ba67b7ec30f1aa3d1c00bfca36780e44fbe09a16f1de069c001dea46c2b9fe535ce916d713514104a69f9b35db8c809c28da8e3f0a86e69ea1da112e147a2fabac49d17bb4cd450f43ad3ba43244d01e2bf6b8d09542f614376098f4e4d08ae96d6c1d12afe2570749200a51856830a6748cd1bd60302a9a73133d60be0fdf983a884f959e13cdce1da8684d20199534d75b3eb2835764de3c949adc544ccfe1fff2d49954be615d58018de0a158aa0626603a057b642db3aa21578667cd79857eb8cc19773ebc17f1505af4e81c19c58b77e7604083280c4bd603000174fac157d1665caa8c20dbcff9dd48939caf07ab76bec20ec2ad2250d7abd07c9690ec5d0fcc953116646a07121e6310a7ac43cea905fc89f632e0d2b902dba79e8b7736b82254a4ea26c99efd66a16beab7bafda1b09497011c3ca444fed6dabd309a51f6d8319079dbed2181785179200b13d5497b3ae1e5751cabbc23a71c18399edf18a9adbebbac1f10cf605728bc957368e5251163704cca1399001d35e141ef38cd0c936c3ff5fd526f0d9edd7fe930c6489e9a4c9ef36a8baff66564eef67f189bd39e0cb53d66c6d53cb92582ee9db0a17d61a01b4e99182a9ab60305512eeacac67fad94d8dea08533b165d54ba59e5784e2692ea94bd5a270816375b7a598f4aa83ade44d73f292c1acc58d474b32cd1919e62c6a6d1fc95bbe228ea0312b282e88a9f0fcb43bfdc20a42b71f8e19d1a4dcb17f8655c3b6d54396f1160a32c7435991d9d1915f974cf6951551b863f1f4a61fb727da30341c42dbd82f496ba63a059042c9a3de1f0e613abc3578dec8a5802934dad00b717ebc45c086c67b8c36ab2c8c23921d6b87591f2a5d347e7a2f9a8cc457ad3dfb1623112710f25c7fbc3862a474f369aecfdbaab67d6ac9c70c161a53dd97d7639e21190c2a967a97c3526792ad3617c75328a9340d2175d06b69e102c974c75ec92189b06b5c09cdb42d44f72297b9227b1f1e33abc6bbbb8827afd72e4cf2dde6f2c1446d852dedec23f536fdc6f43df0909af8aa8f01d7a72dda11c38a088c6e16f8956e473d06676ed8488ac36eadaafc16cd94c791652eaaecd6a3a7d6938429d7bc3d9d47e6ea1c1b6d9777a61daabe60afb6a2811a2884ddbae61d6762974e6b8fd6a98aca4d9f324092f7d40e7dafdf8bdfdabf2a6849c73d64197b89f08bf8caa89288aa5ed7968e9ee2e329d58f63f103556f8188bfa15e6df54b1f462ef8aaa293eda0cfd385b28ef6aaa39c810ec8e10d930d14543a7ee119376785aa99da51cf60a1f89d8ff541ff1950b51741242000e0f5d2a538ddae59f23a6e7041e3d2ed3a1e7e29258d22da4428b6f2dd1f24d4412fde179d91c13531b940b1016023e494c74ff466a4d480bcff7bc371ab7534cdcb8838c1e8a08875eba3547f9077c22ad475b3e21778895f44459498e7321ee9ba68088926e1a2ed0863ad0168fc7f9258e4db3fc5b5432c0945e9ff2261dbf4cbc8544ac4b96c19169e0e3318554e972b9dd5692a2ed8af280f5ddbb2da0876a4e334cb9dadb2c02fcca03d80bc0b03eeb21239c3f2a0173d9432421759c2642d870f561ce46298b96d6b807afb361db3da1a9973efcc8c9816db4349630685e147ef8bac8dbe2ac6e6785a3d124db3cd12a4960421c03946c9bf66ce532f97062121d16ac54c71980cfad7c8eb9b8d16a0fe315c6fcbc479948e9b9e17516869b90bee7c3a5fd55a4bc719ed118053fe6840bc12842be40095ea687fcbecaba1de6948443cace45a2194d09c41efcc911ef0cb6f1eb84fc8134c888db2ed93963e57b6ac8c3fe82866cf4404433cec9de8acffacbd9ac4692882e0ac2eb73b1a7f94b36d11a72112fb062e6da88fc9e0eebd8a478baea90aa73907dda756263e5978e62cb436641d3e07f24af9170fde12bc7c55601c606a2be36dd2474e7031999fe8dd6bc8339b676cef7fb5a0a84f49a27ded938a804377cd1a361d7d514638b7d47f90572e24e7816b19f2eed0d280792f1ea361cda876c5043918d1771c17dae2fa1d9d4a29d1c28a0f60dcdaf6ddb8af704da975462770ebdb1e5b1d16d6425d9e51baeb0aa78c383d3205f2373d3ebe7c72e50372dc5a90fbfba58e6752a2bf9e2bbb9369aa2ec5b94e2b8ea33e6e5e894355fc997263b9f09c21e59e3757cd79c811f2be3955305b7bec0c11c063e5d887d0679f1a44ee68d8856bcab5853dc1e1ef54041a2ae30390c27f8a0fe53988eecda79dd66db1a3a1765b5119b0a62ad000994c5e27c97fa0d22b9cf13c8f5eb6137baab1d7ef2568e3d277e69ce25df84e25c4182c4b6951daa6550dd8649e2197d27884668e505baa6c70a393673659ada11f52abe57085b4a9ef1ba1e202573f7f3e81c33345226992b4074c17ddd064909a48b446c1441bc02a2e509ed59a35dade5c14dae4d1c409610534d493d2e662e3b1a7eae7123b0ef7306fb54d6ade5301e6ebd69c44b7e63926c8eb4b3b9dace9eb3697a248af73a10ce9a6e15f64015c2911fd18e9e632b0c40fd924d6b4ed08944a2ba48c2a38859d68b33d458c8b874cd4f347ace356c51daee020385d2bb367343100e92b83d30b7297c2edc5f0e9ef83a9aef03b635df4572a7534d228c831a70af3936e077941e41fc4e320c9ad99e7b47b6c336869f3a8e91c9e9e3ce179f6db32625480bb24e648a0f8bcb74d46f8d979218cf426e9c046764542aace7fb2d337e0248b5a2e2ddbf2e403b7495859898dc6acf2036702cd9639bc5dbe46740d2d5d3148a57083a278f930cfbc7db5878e0fb54c59c9172e099eced0414a4b948f85791452048221671e5329dab0ccde0865638146af05ef45a499023a825204c98a148a67b356e68fad094523aff070b074c0cc8a7beee3c47ea98dd31eb4205ef4c3dc1068748026ce4cfb147880254900a9400ec7fa0704f7309733148412264c9f1b9304db2a52063bd0080df72f2da67892d676ca11c37e802f9b18b43cf8da7edfa1cc53e16eca306c9a2beb98a715780d3fd00f5ee7d6d6de0302c9422f68784528cdd98170ed063d5625685fb3b7cd1f364062a82a8f4cc1d2782afc6a3ba017040c22483444eddf813c315675ad3b76a40bd458acf37d50167021d92960f148e440f76183aab4660e963599761030a82e4153e19ac61ef4e7e9c81fd868b60a5a322db54fa1714655a8d99bef3af1eab7e66cb97b15c0727c85963d64bc0e529de89108478524d883fdb69726331dc991b4ca33b7f33ea38dd8f5b1b4cb34eafadb19c47efa5888e9e7f998f123fe25e2453c07530c312fadbc636738850ea1707d7d4772e24b327e1eeb2156dd33d9415bef2766f0b324bb3ea59a78dc1a199ec01dab702780dc58ac15cd25de0d2fa4b1a578b722b73900e4579024d14dfeaaa8834ca374625d2ad7f511ef13be3e62d7adf9b9ce19b9a48b576949de3ba12ba8d82495f08036b05521d9eca69ffe0b5b36977d076cb611284624eae4b5b5b7892a993bccbd2aeafd259d465cc95b3c8d2913ff22e696e0057167fbcb91ebcd158af3da577e6c3be0c34140655ddcf31a78a3fb924c3fc6087b117c14c54c19e5c25f9e7fcd09cad60e240310af12ba9fb5284103e2e31ef70ae3f5577bc2391556432de8c2fa20435f83c069188eb3120923624cca9ad3347b881d6b37502a6467a426a6360bdf799a6bcd9c075550766cc3ec0ce485b4d022b4ab6b689b8d98427ed46f36d6d3abae550e38a8a4958da3e22a19b553fb0dcc73c2e8bb1d971832cb46031eccb2800aa190ce115bc5a5af8844d40b9572afe91b5e8f2e52423d0200fff49e21c79cbb8410c1711217f5b99ba2151f1b4f659219b36b8541ca5f3da461ad7407e1fdc0ed3963f1f486c7e7127011aac02db4405506bfa2f229150e9a0006603dbc4964241fc9eac72c2fbdb483271851e466dc2d7de07c61e81563ace7e972cd7bf75ff1bfb78a6957ed3d6e531bcfe37aecaf3784f5589452b10139d2f66af179549180f42600aa038cf6f0094cdda9e4e86238eb767372c0e1c859c4d3922042acd06ac20f56ee36961ee2bae718b29176b7fe28dcefa53de27eb34810e468836b6849e8c834fa4f58ccf9721212c3afc85c63214323a380af5121dc83a29e3af4a6be96c00e9d63d42085d87733cb8815e842279f6f82d943ed226b8f068ab45dd040f9926870ae326468f1b218595f6c3633612adb0fd234a12ac322f278c76533b7f8c09b29f26fd7f5c719e774ec398de5bf86619c9c0a138b86d26fd49822c63068c4fd04c9d60ec76819bf05c814b2ad035b6a1570045353a4035dc9a7063fc9d31cdf88bd1fade0b4549f84f6c21b49d5746d41f38187793a1046bae19f8af6944d5095217bc4015cb98c4bf6eabb8d4c8511cdc08e80d04888b8198aa729a39e4853678d3884c4ec11135928bebe4c7e885b6fd3f8f5bc6187f1e389a09aba0fd7eea944f30ac0b72bf303608d4f5ea1648b6e0fa69bf9e2340d32070e4c1dcd39d1d6b689d2b46ea61d75d3b57dc42ace113801ca79462b0f8313452381b6de2ef4bff84606da2f4f15bb5ad7127cab612df508f0b139d72789ec050ec2456c0ace709c7616cc437876ed8594d9f5a0b3de3341243b1df9e5e599f5f6db1db3d0e227424c92575f9268e184813e24bf96174041cbd70dbb063b87a18498c36f746d820b2aa0f668c31fad2e3920f335595ea9e7fac30f8e285b8081b7b055acc769f309da93f78be5d1736e22f490b5363f79aa2f16c507bcf749945b0edb57364d3efc7d4203f860d99d7f66d4a7831aaa3b7df0e56cad5fdf8f5087b07d0408f1b25d116748d8316b6bd039d71fb0676b405a462dddb6221c6c57f10e4384a10f8ffb0697a445bfdef11a6947379441ac92b87ee3978801c66021a42040d381bc48ce20ac332e44c21489fc22aa92cdd332a177fa4eea13b89826c320fa45df5c7d4dd4ea234ceaea38b56271e38890ad4e20ee98f24fe517b0e22b536fb6", @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000001811", @ANYRES16=0x0], 0x0}, 0x94)
r1 = fsmount(0xffffffffffffffff, 0x0, 0x70)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000000)=0x32)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f00000005c0)={[{@jqfmt_vfsv0}, {@errors_continue}, {@dioread_lock}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@nobh}, {@debug}, {@usrjquota_path={'usrjquota', 0x3d, './file1'}}]}, 0x1, 0x57b, &(0x7f0000000640)="$eJzs3T9sG9UfAPDvXeJf/+VHigQSVB0qQCpSVScpLRSmdkUUVeqAxAKR40ZVnDiKHWiiDOleITogQF3KBgMjiIEBsTCysoCYkSoagdR0AKPznzRN7OC0TYziz0e6+L17Z3/f+fx99p3ucgH0rWPZnzTi2Yi4mEQMr2sbjGbjscZyqytLhXsrS4UkarVLvyeRRMTdlaVCa/mk+XgoIpYj4pmI+D4XcSLdHLeysDg1XioV55r1ker07EhlYfHklenxyeJkcealV149c/b0mbFTY+ufdq+2vpbb3rpe/+XGB9d/fP3WjS++PLpc+Gg8iXMx1Gxbvx6PU+M9ycW5DfNP70SwHkp63QEeykAzz7NUejqGY6CZ9e3Uhne1a8AOq+2LqAF9KpH/0KdavwOy/d/WtJu/P26fb+yAZHFXm1OjZbBxbCL21/dNDv6RPLBnku1vHt7NjrInLV+LiNHBwc2f/6T5+Xt4o4+jg+yo7843NtTm7Z+ujT/RZvwZah07fUSt8W910/h3P/5Ah/HvYpcx/nr71087xr8WcaRt/GQtftImfhoR73YZ/+Zb35zt1Fb7LOJ4tI/fkmx9fHjk8pVScbTxt22Mb48ffW2r9T/YIX7jmO3++tdMu/d/tsv1//qHr55b3iL+i89vvf3bvf8HIuLDLuM/effzNzq13b6W3Ml+BWx3+2fzbnUZ/+Vzx37uclEAAAAAAAAAAGAb0vq5bEmaXyunaT7fuIb3qTiYlsqV6onL5fmZicY5b4cjl7bOtBpu1JOsPtY8H7dVP7Whvnbu0MCBej1fKJcmervqAAAAAAAAAAAAAAAAAAAA8J9xaMP1/38O1K//33i7amCv6nzLb2Cvk//Qvx7M/6Rn/QB2n+9/6Fs1+Q/9S/5D/5L/0L/kP/SvDvmf2+1+ALvP9z/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74uKFC9lUu7eyVMjqE4ML81Pl905OFCtT+en5Qr5QnpvNT5bLk6VivlCe/rfXS8rl2dGYmb86Ui1WqiOVhcV3psvzM617ihb9T3EAAAAAAAAAAAAAAAAAAADYbKg+JWk+ItJ6OU3z+Yj/R8ThyCWXr5SKoxHxRET8NJDbl9XHet1pAAAAAAAAAAAAAAAAAAAA2GMqC4tT46VSca5PCoPbWTgilh9vN7JX3Pazcs1t1abpzSMdmxQUHqXQy1EJAAAAAAAAAAAAAAAAAAD60/2Lfrt9xt872yEAAAAAAAAAAAAAAAAAAADoS+lvSURk0/HhF4Y2tv4vWR2oP0bE+zcvfXx1vFqdG8vm31mbX/2kOf9UL/oPdKuVp608BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rLCxOjZdKxbkdLPR6HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexj8BAAD//+q51EI=")
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0x9, 0x17, 0xa, 0x40, 0x42, 0x1, 0x5}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100), &(0x7f00000003c0), 0x1000, r2}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)={r2, &(0x7f0000000140)="85cdd8b68f", &(0x7f00000005c0)=""/4096}, 0x20)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

196.196014ms ago: executing program 4 (id=747):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
sendto$inet(r0, 0x0, 0x19, 0x8000, &(0x7f00000003c0)={0x2, 0x4e20, @empty}, 0x10)

104.611242ms ago: executing program 4 (id=748):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)

26.046968ms ago: executing program 3 (id=749):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r2 = dup3(r1, r0, 0x0)
recvmmsg(r2, &(0x7f0000002980)=[{{&(0x7f0000000480)=@ax25={{0x3, @null}, [@default, @bcast, @bcast, @null, @default, @null, @rose, @netrom]}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000640)=""/92, 0x5c}, {&(0x7f0000003100)=""/4096, 0x1000}], 0x3, &(0x7f0000000740)=""/232, 0xe8}, 0xffffff77}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f00000008c0)=""/197, 0xc5}, {&(0x7f00000009c0)=""/132, 0x84}, {&(0x7f0000000a80)=""/191, 0xbf}, {&(0x7f0000004100)=""/4096, 0x1000}, {&(0x7f0000000b40)=""/225, 0xe1}, {&(0x7f0000000580)=""/5, 0x5}, {&(0x7f0000000c40)=""/65, 0x41}, {&(0x7f0000000cc0)=""/187, 0xbb}], 0x8}, 0x3}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000e00)=""/160, 0xa0}, {&(0x7f00000006c0)=""/23, 0x17}, {&(0x7f0000000ec0)=""/92, 0x5c}, {&(0x7f0000000f40)=""/184, 0xb8}, {&(0x7f0000001000)=""/189, 0xbd}, {&(0x7f00000010c0)=""/144, 0x90}], 0x6, &(0x7f0000000840)=""/60, 0x3c}, 0x8}, {{&(0x7f0000001200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000001280)=""/181, 0xb5}, {&(0x7f0000002ac0)=""/70, 0x46}], 0x2, &(0x7f0000001380)=""/230, 0xe6}, 0x5}, {{&(0x7f0000002480)=@sco={0x1f, @fixed}, 0x80, 0x0}, 0x3}], 0x5, 0x40000001, 0x0)

0s ago: executing program 4 (id=750):
ioperm(0x21, 0x1, 0x81)
r0 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r1}, &(0x7f00000008c0), 0x0}, 0x20)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r4}, 0x18)
sendmsg$SMC_PNETID_ADD(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x34, r2, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}]}, 0x34}}, 0xc800)
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x14, r2, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
pipe(&(0x7f00000001c0)={<r5=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(0x4)
ioperm(0x7fffffffffffffff, 0x80000001, 0x7fff)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0xf3a, 0x0)
splice(r5, 0x0, r8, 0x0, 0x80, 0x6)
write(r8, &(0x7f0000003300)="ac", 0x1)
write(r6, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x1, 0x1, 0x301, 0x0, 0x0, {0x3, 0x0, 0x1}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3ff}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x3000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4840}, 0x4000000)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r9}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)=ANY=[], 0x0)
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x4}, 0xfffffffffffffee6, 0x1, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000440)={0x0})

kernel console output (not intermixed with test programs):

op3p3, 10) failed: No such file or directory
[   41.087668][ T3837] loop0: detected capacity change from 0 to 1024
[   41.095454][ T3837] EXT4-fs: Ignoring removed orlov option
[   41.107689][ T3830] bio_check_eod: 1740 callbacks suppressed
[   41.107761][ T3830] syz.3.86: attempt to access beyond end of device
[   41.107761][ T3830] loop3: rw=2049, sector=145, nr_sectors = 8 limit=128
[   41.127650][ T3830] syz.3.86: attempt to access beyond end of device
[   41.127650][ T3830] loop3: rw=2049, sector=161, nr_sectors = 8 limit=128
[   41.141439][ T3830] syz.3.86: attempt to access beyond end of device
[   41.141439][ T3830] loop3: rw=2049, sector=177, nr_sectors = 8 limit=128
[   41.166174][ T3837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.169823][ T3830] syz.3.86: attempt to access beyond end of device
[   41.169823][ T3830] loop3: rw=2049, sector=193, nr_sectors = 8 limit=128
[   41.192067][ T3830] syz.3.86: attempt to access beyond end of device
[   41.192067][ T3830] loop3: rw=2049, sector=209, nr_sectors = 8 limit=128
[   41.206026][ T3830] syz.3.86: attempt to access beyond end of device
[   41.206026][ T3830] loop3: rw=2049, sector=225, nr_sectors = 8 limit=128
[   41.207349][   T29] kauditd_printk_skb: 943 callbacks suppressed
[   41.207366][   T29] audit: type=1400 audit(1754737661.164:1368): avc:  denied  { read write } for  pid=3836 comm="syz.0.88" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   41.222941][ T3830] syz.3.86: attempt to access beyond end of device
[   41.222941][ T3830] loop3: rw=2049, sector=241, nr_sectors = 8 limit=128
[   41.225607][   T29] audit: type=1400 audit(1754737661.164:1369): avc:  denied  { open } for  pid=3836 comm="syz.0.88" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[   41.292980][ T3830] syz.3.86: attempt to access beyond end of device
[   41.292980][ T3830] loop3: rw=2049, sector=257, nr_sectors = 8 limit=128
[   41.307944][ T3830] syz.3.86: attempt to access beyond end of device
[   41.307944][ T3830] loop3: rw=2049, sector=273, nr_sectors = 8 limit=128
[   41.333348][ T3830] syz.3.86: attempt to access beyond end of device
[   41.333348][ T3830] loop3: rw=2049, sector=289, nr_sectors = 8 limit=128
[   41.353345][   T29] audit: type=1326 audit(1754737661.314:1370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3829 comm="syz.3.86" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   41.394754][   T29] audit: type=1326 audit(1754737661.354:1371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3829 comm="syz.3.86" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   41.445255][   T29] audit: type=1400 audit(1754737661.404:1372): avc:  denied  { create } for  pid=3836 comm="syz.0.88" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   41.447515][ T3846] syzkaller1: entered promiscuous mode
[   41.470305][ T3846] syzkaller1: entered allmulticast mode
[   41.491096][ T3849] netlink: 'syz.3.91': attribute type 10 has an invalid length.
[   41.506290][ T3849] team0: Port device dummy0 added
[   41.518677][   T29] audit: type=1400 audit(1754737661.404:1373): avc:  denied  { ioctl } for  pid=3836 comm="syz.0.88" path="socket:[5615]" dev="sockfs" ino=5615 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   41.524698][ T3849] netlink: 'syz.3.91': attribute type 10 has an invalid length.
[   41.606979][ T3849] team0: Port device dummy0 removed
[   41.665976][ T3849] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   41.902759][   T29] audit: type=1400 audit(1754737661.854:1374): avc:  denied  { watch watch_reads } for  pid=3850 comm="syz.3.92" path="/19" dev="tmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   41.928369][ T3851] loop3: detected capacity change from 0 to 128
[   41.940919][ T3851] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   41.956607][ T3851] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   42.075175][ T3300] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   42.086237][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.107104][   T29] audit: type=1326 audit(1754737662.064:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3612855ba7 code=0x7ffc0000
[   42.161847][   T29] audit: type=1326 audit(1754737662.104:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f36127fadd9 code=0x7ffc0000
[   42.170644][ T3857] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[   42.170644][ T3857]    program syz.3.94 not setting count and/or reply_len properly
[   42.185089][   T29] audit: type=1326 audit(1754737662.104:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.3.94" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3612855ba7 code=0x7ffc0000
[   42.226662][ T3860] loop0: detected capacity change from 0 to 1024
[   42.256422][ T3860] EXT4-fs: Ignoring removed nobh option
[   42.263060][ T3860] EXT4-fs: quotafile must be on filesystem root
[   42.310376][ T3861] loop3: detected capacity change from 0 to 8192
[   42.384444][ T3866] smc: net device bond0 applied user defined pnetid SYZ2
[   42.392100][ T3866] smc: net device bond0 erased user defined pnetid SYZ2
[   42.431535][ T3869] netlink: 12 bytes leftover after parsing attributes in process `syz.0.97'.
[   42.440484][ T3869] netlink: 40 bytes leftover after parsing attributes in process `syz.0.97'.
[   42.496324][ T3871] netlink: 'syz.1.98': attribute type 4 has an invalid length.
[   42.577545][ T3875] loop1: detected capacity change from 0 to 512
[   42.578522][ T3873] loop0: detected capacity change from 0 to 8192
[   42.584904][ T3875] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   42.599607][ T3877] random: crng reseeded on system resumption
[   42.610862][ T3875] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.619384][ T3873] buffer_io_error: 1740 callbacks suppressed
[   42.619404][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.623447][ T3875] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   42.655415][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.663669][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.671863][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.690123][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.698412][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.706764][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.715023][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.715137][ T3875] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.100: iget: bad i_size value: 2533274857506816
[   42.723573][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.743927][ T3873] Buffer I/O error on dev loop0, logical block 57847, async page read
[   42.756353][ T3881] netlink: 'syz.2.102': attribute type 10 has an invalid length.
[   42.766877][ T3875] hub 9-0:1.0: USB hub found
[   42.771707][ T3877] loop3: detected capacity change from 0 to 8192
[   42.780115][ T3875] hub 9-0:1.0: 8 ports detected
[   42.807220][ T3882] netlink: 'syz.2.102': attribute type 10 has an invalid length.
[   42.935602][ T3881] bond0: (slave dummy0): Releasing backup interface
[   42.944114][ T3881] team0: Port device dummy0 added
[   42.968722][ T3886] loop4: detected capacity change from 0 to 512
[   43.006145][ T3886] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.051108][ T3886] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   43.084831][ T3886] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   43.108770][ T3886] System zones: 1-12
[   43.374859][ T3886] EXT4-fs (loop4): 1 truncate cleaned up
[   43.381071][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.398608][ T3886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.470715][ T3897] loop1: detected capacity change from 0 to 512
[   43.520227][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.534428][ T3897] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   43.536862][ T3901] loop0: detected capacity change from 0 to 512
[   43.580504][ T3897] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.597533][ T3905] loop4: detected capacity change from 0 to 512
[   43.606015][ T3901] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   43.623304][ T3897] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.640157][ T3905] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   43.673948][ T3901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.675362][ T3905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.703462][ T3905] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.721813][ T3912] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.105: iget: bad i_size value: 2533274857506816
[   43.741584][ T3901] ext4 filesystem being mounted at /16/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   43.786901][ T3901] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.108: iget: bad i_size value: 2533274857506816
[   43.801233][ T3916] netlink: 'syz.3.112': attribute type 3 has an invalid length.
[   43.816899][ T3918] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.109: iget: bad i_size value: 2533274857506816
[   43.832224][ T3912] hub 9-0:1.0: USB hub found
[   43.863917][ T3912] hub 9-0:1.0: 8 ports detected
[   43.886654][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.932585][ T3920] loop3: detected capacity change from 0 to 512
[   43.958136][ T3922] loop4: detected capacity change from 0 to 512
[   43.975338][ T3922] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.982567][ T3920] EXT4-fs: Ignoring removed mblk_io_submit option
[   43.992355][ T3920] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   44.003501][ T3922] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   44.013838][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.034674][ T3920] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   44.042210][ T3922] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   44.052310][ T3920] System zones: 1-12
[   44.058868][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.069584][ T3920] EXT4-fs (loop3): 1 truncate cleaned up
[   44.075384][ T3922] System zones: 1-12
[   44.089769][ T3920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.104884][ T3922] EXT4-fs (loop4): 1 truncate cleaned up
[   44.110982][ T3922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.173348][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.185683][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.304437][ T3936] netlink: 12 bytes leftover after parsing attributes in process `syz.3.118'.
[   44.305520][ T3938] smc: net device bond0 applied user defined pnetid SYZ2
[   44.313514][ T3936] netlink: 40 bytes leftover after parsing attributes in process `syz.3.118'.
[   44.331770][ T3938] smc: net device bond0 erased user defined pnetid SYZ2
[   44.379521][ T3941] smc: net device bond0 applied user defined pnetid SYZ2
[   44.387318][ T3941] smc: net device bond0 erased user defined pnetid SYZ2
[   44.412371][ T3948] loop0: detected capacity change from 0 to 512
[   44.420280][ T3948] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   44.435831][ T3951] loop3: detected capacity change from 0 to 512
[   44.456408][ T3948] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.472291][ T3951] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   44.476078][ T3948] ext4 filesystem being mounted at /18/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   44.502984][ T3957] netlink: 'syz.4.126': attribute type 3 has an invalid length.
[   44.508677][ T3948] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.124: iget: bad i_size value: 2533274857506816
[   44.535681][ T3951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.573977][ T3965] loop1: detected capacity change from 0 to 512
[   44.580800][ T3965] EXT4-fs: Ignoring removed mblk_io_submit option
[   44.595422][ T3951] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   44.618256][ T3951] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.125: iget: bad i_size value: 2533274857506816
[   44.643562][ T3965] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   44.672088][ T3965] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   44.681194][ T3965] System zones: 1-12
[   44.683811][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.697643][ T3965] EXT4-fs (loop1): 1 truncate cleaned up
[   44.699621][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.704297][ T3965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.728116][ T3972] netlink: 12 bytes leftover after parsing attributes in process `syz.4.133'.
[   44.737124][ T3972] netlink: 40 bytes leftover after parsing attributes in process `syz.4.133'.
[   44.788362][ T3974] loop0: detected capacity change from 0 to 512
[   44.802995][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.814802][ T3974] EXT4-fs: Ignoring removed mblk_io_submit option
[   44.839845][ T3974] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   44.897298][ T3974] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   44.905818][ T3974] System zones: 1-12
[   44.911967][ T3974] EXT4-fs (loop0): 1 truncate cleaned up
[   44.932368][ T3974] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.966823][ T3989] netlink: 'syz.4.139': attribute type 3 has an invalid length.
[   44.994919][ T3986] netlink: 8 bytes leftover after parsing attributes in process `syz.2.138'.
[   45.011612][ T3993] loop4: detected capacity change from 0 to 512
[   45.014637][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.033906][ T3993] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   45.087467][ T3993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.116744][ T3993] ext4 filesystem being mounted at /35/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   45.187898][ T4007] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.141: iget: bad i_size value: 2533274857506816
[   45.217780][ T4002] loop2: detected capacity change from 0 to 256
[   45.257488][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.020968][ T4043] loop0: detected capacity change from 0 to 1024
[   46.046076][ T4043] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.058288][ T4043] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.071518][ T4043] netlink: 100 bytes leftover after parsing attributes in process `syz.0.160'.
[   46.091640][ T4050] loop3: detected capacity change from 0 to 512
[   46.098485][ T4050] EXT4-fs: Ignoring removed mblk_io_submit option
[   46.107690][ T4050] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   46.121707][ T4050] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   46.139776][ T4050] System zones: 1-12
[   46.145505][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.156512][ T4050] EXT4-fs (loop3): 1 truncate cleaned up
[   46.162744][ T4050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.194249][ T4055] loop1: detected capacity change from 0 to 512
[   46.201295][ T4055] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   46.233247][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.233972][ T4055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.253766][   T29] kauditd_printk_skb: 341 callbacks suppressed
[   46.253793][   T29] audit: type=1326 audit(1754737666.214:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4058 comm="syz.4.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4add13ebe9 code=0x7ffc0000
[   46.255216][ T4055] ext4 filesystem being mounted at /33/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.260863][   T29] audit: type=1326 audit(1754737666.214:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4058 comm="syz.4.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4add13ebe9 code=0x7ffc0000
[   46.317648][   T29] audit: type=1326 audit(1754737666.214:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4058 comm="syz.4.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f4add13ebe9 code=0x7ffc0000
[   46.317676][   T29] audit: type=1326 audit(1754737666.214:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4058 comm="syz.4.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4add13ebe9 code=0x7ffc0000
[   46.317704][   T29] audit: type=1326 audit(1754737666.214:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4058 comm="syz.4.165" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4add13ebe9 code=0x7ffc0000
[   46.318862][   T29] audit: type=1326 audit(1754737666.244:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.1.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   46.318891][   T29] audit: type=1326 audit(1754737666.244:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.1.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   46.318955][   T29] audit: type=1326 audit(1754737666.244:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.1.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   46.318988][   T29] audit: type=1326 audit(1754737666.244:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.1.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   46.319176][   T29] audit: type=1326 audit(1754737666.274:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4054 comm="syz.1.164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   46.320052][ T4055] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.164: iget: bad i_size value: 2533274857506816
[   46.527999][ T4063] loop0: detected capacity change from 0 to 256
[   46.554422][ T4068] loop3: detected capacity change from 0 to 256
[   46.565212][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.617707][ T4075] loop0: detected capacity change from 0 to 512
[   46.625408][ T4075] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   46.653066][ T4075] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.672557][ T4075] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   46.739317][ T4075] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.172: iget: bad i_size value: 2533274857506816
[   46.760311][ T4091] netlink: 8 bytes leftover after parsing attributes in process `syz.1.174'.
[   46.795237][ T4096] FAULT_INJECTION: forcing a failure.
[   46.795237][ T4096] name failslab, interval 1, probability 0, space 0, times 1
[   46.807967][ T4096] CPU: 0 UID: 0 PID: 4096 Comm: syz.3.175 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   46.808084][ T4096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   46.808097][ T4096] Call Trace:
[   46.808105][ T4096]  <TASK>
[   46.808114][ T4096]  __dump_stack+0x1d/0x30
[   46.808139][ T4096]  dump_stack_lvl+0xe8/0x140
[   46.808195][ T4096]  dump_stack+0x15/0x1b
[   46.808215][ T4096]  should_fail_ex+0x265/0x280
[   46.808234][ T4096]  should_failslab+0x8c/0xb0
[   46.808256][ T4096]  __kmalloc_noprof+0xa5/0x3e0
[   46.808361][ T4096]  ? alloc_pipe_info+0x1c9/0x350
[   46.808391][ T4096]  alloc_pipe_info+0x1c9/0x350
[   46.808420][ T4096]  splice_direct_to_actor+0x592/0x680
[   46.808443][ T4096]  ? kstrtouint_from_user+0x9f/0xf0
[   46.808493][ T4096]  ? __pfx_direct_splice_actor+0x10/0x10
[   46.808588][ T4096]  ? __rcu_read_unlock+0x4f/0x70
[   46.808633][ T4096]  ? get_pid_task+0x96/0xd0
[   46.808658][ T4096]  ? avc_policy_seqno+0x15/0x30
[   46.808682][ T4096]  ? selinux_file_permission+0x1e4/0x320
[   46.808705][ T4096]  do_splice_direct+0xda/0x150
[   46.808728][ T4096]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   46.808758][ T4096]  do_sendfile+0x380/0x650
[   46.808841][ T4096]  __x64_sys_sendfile64+0x105/0x150
[   46.808921][ T4096]  x64_sys_call+0x2bb0/0x2ff0
[   46.808939][ T4096]  do_syscall_64+0xd2/0x200
[   46.809031][ T4096]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   46.809086][ T4096]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   46.809190][ T4096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   46.809213][ T4096] RIP: 0033:0x7f361285ebe9
[   46.809233][ T4096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   46.809252][ T4096] RSP: 002b:00007f36112c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   46.809271][ T4096] RAX: ffffffffffffffda RBX: 00007f3612a85fa0 RCX: 00007f361285ebe9
[   46.809282][ T4096] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[   46.809340][ T4096] RBP: 00007f36112c7090 R08: 0000000000000000 R09: 0000000000000000
[   46.809353][ T4096] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[   46.809443][ T4096] R13: 00007f3612a86038 R14: 00007f3612a85fa0 R15: 00007fff53f5efd8
[   46.809464][ T4096]  </TASK>
[   47.135582][ T4112] netlink: 20 bytes leftover after parsing attributes in process `syz.3.176'.
[   47.144487][ T4112] netlink: 'syz.3.176': attribute type 2 has an invalid length.
[   47.251939][ T4117] loop3: detected capacity change from 0 to 512
[   47.253337][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.263858][ T4117] EXT4-fs: Ignoring removed mblk_io_submit option
[   47.280283][ T4117] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   47.306387][ T4117] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   47.333371][ T4117] System zones: 1-12
[   47.339355][ T4122] loop0: detected capacity change from 0 to 512
[   47.347452][ T4117] EXT4-fs (loop3): 1 truncate cleaned up
[   47.363422][ T4117] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.377475][ T4122] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   47.403694][ T4122] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.417486][ T4122] ext4 filesystem being mounted at /27/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   47.447866][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.482808][ T4126] loop2: detected capacity change from 0 to 512
[   47.506348][ T4126] EXT4-fs: test_dummy_encryption option not supported
[   47.517063][ T4122] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.180: iget: bad i_size value: 2533274857506816
[   47.624435][ T4135] loop4: detected capacity change from 0 to 256
[   47.801343][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.854283][ T4147] smc: net device bond0 applied user defined pnetid SYZ2
[   47.884223][ T4147] smc: net device bond0 erased user defined pnetid SYZ2
[   47.898883][ T4152] smc: net device bond0 applied user defined pnetid SYZ2
[   47.906274][ T4152] smc: net device bond0 erased user defined pnetid SYZ2
[   48.110368][ T4175] loop4: detected capacity change from 0 to 256
[   48.225540][ T4180] loop3: detected capacity change from 0 to 512
[   48.240060][ T4180] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   48.296265][ T4180] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.332097][ T4180] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.378054][ T4180] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.200: iget: bad i_size value: 2533274857506816
[   48.441980][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.491762][ T4197] smc: net device bond0 applied user defined pnetid SYZ2
[   48.500333][ T4197] smc: net device bond0 erased user defined pnetid SYZ2
[   48.528198][ T4203] loop1: detected capacity change from 0 to 512
[   48.536710][ T4203] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   48.565069][ T4203] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.577974][ T4203] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   48.597389][ T4203] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.209: iget: bad i_size value: 2533274857506816
[   48.683974][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.750091][ T4217] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   48.758775][ T4217] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   48.808523][ T4217] loop1: detected capacity change from 0 to 512
[   48.825156][ T4217] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   48.833484][ T4217] EXT4-fs (loop1): orphan cleanup on readonly fs
[   48.854169][ T4217] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   48.870004][ T4217] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   48.880527][ T4217] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.213: bg 0: block 40: padding at end of block bitmap is not set
[   48.899209][ T4217] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   48.911291][ T4217] EXT4-fs (loop1): 1 truncate cleaned up
[   48.917454][ T4217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   48.937142][ T4217] netlink: 'syz.1.213': attribute type 39 has an invalid length.
[   48.946886][ T4228] loop3: detected capacity change from 0 to 512
[   48.960799][ T4230] __nla_validate_parse: 2 callbacks suppressed
[   48.960815][ T4230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.218'.
[   48.968752][ T4228] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   48.995293][ T4228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.008246][ T4228] ext4 filesystem being mounted at /52/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   49.030646][ T4228] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.217: iget: bad i_size value: 2533274857506816
[   49.101942][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.140186][ T4238] smc: net device bond0 applied user defined pnetid SYZ2
[   49.147675][ T4238] smc: net device bond0 erased user defined pnetid SYZ2
[   49.403682][ T4250] netlink: 'syz.0.223': attribute type 21 has an invalid length.
[   49.411531][ T4250] netlink: 132 bytes leftover after parsing attributes in process `syz.0.223'.
[   49.420593][ T4250] netlink: 'syz.0.223': attribute type 1 has an invalid length.
[   49.432777][ T4250] netlink: 268 bytes leftover after parsing attributes in process `syz.0.223'.
[   49.441943][ T4250] unsupported nla_type 65024
[   49.496844][ T4251] loop3: detected capacity change from 0 to 512
[   49.503805][ T4251] EXT4-fs: Ignoring removed i_version option
[   49.634770][ T4253] netlink: 'syz.0.225': attribute type 21 has an invalid length.
[   49.643934][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.662111][ T4253] netlink: 132 bytes leftover after parsing attributes in process `syz.0.225'.
[   49.671131][ T4253] netlink: 'syz.0.225': attribute type 1 has an invalid length.
[   49.745510][ T4256] netlink: 268 bytes leftover after parsing attributes in process `syz.0.225'.
[   49.830194][ T4258] loop0: detected capacity change from 0 to 512
[   49.854011][ T4260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.229'.
[   49.898716][ T4258] EXT4-fs: Ignoring removed mblk_io_submit option
[   50.011091][ T4264] loop2: detected capacity change from 0 to 256
[   50.071818][ T4258] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   50.084208][ T4251] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.222: corrupted in-inode xattr: invalid ea_ino
[   50.119355][ T4251] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.222: couldn't read orphan inode 15 (err -117)
[   50.133396][ T4251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.189996][ T4258] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   50.204150][ T4258] System zones: 1-12
[   50.209201][ T4258] EXT4-fs (loop0): 1 truncate cleaned up
[   50.222156][ T4258] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.401952][ T4271] loop4: detected capacity change from 0 to 512
[   50.421343][ T4271] EXT4-fs: Ignoring removed bh option
[   50.459773][ T4271] EXT4-fs (loop4): bad block size 16384
[   50.588481][ T4276] loop4: detected capacity change from 0 to 512
[   50.603799][ T4276] EXT4-fs: Ignoring removed bh option
[   50.629105][ T4276] EXT4-fs (loop4): bad block size 16384
[   50.636960][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.757306][ T4283] netlink: 8 bytes leftover after parsing attributes in process `syz.1.237'.
[   50.821041][ T4285] loop1: detected capacity change from 0 to 512
[   50.830589][ T4285] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   50.855478][ T4285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.869433][ T4285] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   50.891381][ T4285] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.238: iget: bad i_size value: 2533274857506816
[   50.965829][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.030490][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.066897][ T4293] netlink: 'syz.0.235': attribute type 21 has an invalid length.
[   51.081009][ T4295] loop3: detected capacity change from 0 to 512
[   51.088244][ T4293] netlink: 132 bytes leftover after parsing attributes in process `syz.0.235'.
[   51.097329][ T4293] netlink: 'syz.0.235': attribute type 1 has an invalid length.
[   51.107553][ T4295] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.109127][ T4293] netlink: 268 bytes leftover after parsing attributes in process `syz.0.235'.
[   51.126510][ T4292] netlink: 8 bytes leftover after parsing attributes in process `syz.4.241'.
[   51.179109][ T4295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.209796][ T4295] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.235915][ T4295] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.240: iget: bad i_size value: 2533274857506816
[   51.290927][   T29] kauditd_printk_skb: 545 callbacks suppressed
[   51.290941][   T29] audit: type=1400 audit(1754737671.224:2273): avc:  denied  { getopt } for  pid=4289 comm="syz.1.239" laddr=::1 lport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   51.318593][   T29] audit: type=1326 audit(1754737671.224:2274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   51.342050][   T29] audit: type=1326 audit(1754737671.224:2275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   51.365509][   T29] audit: type=1326 audit(1754737671.224:2276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   51.388978][   T29] audit: type=1326 audit(1754737671.224:2277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   51.397077][ T4298] loop0: detected capacity change from 0 to 8192
[   51.412369][   T29] audit: type=1326 audit(1754737671.224:2278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4294 comm="syz.3.240" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   51.441471][ T4305] loop2: detected capacity change from 0 to 512
[   51.458149][   T29] audit: type=1326 audit(1754737671.254:2279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.0.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc50d86d69f code=0x7ffc0000
[   51.481309][   T29] audit: type=1326 audit(1754737671.304:2280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.0.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc50d86ec77 code=0x7ffc0000
[   51.504713][   T29] audit: type=1326 audit(1754737671.354:2281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.0.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc50d86d550 code=0x7ffc0000
[   51.506363][ T4305] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.528226][   T29] audit: type=1326 audit(1754737671.354:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4297 comm="syz.0.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc50d86e7eb code=0x7ffc0000
[   51.563398][ T4305] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   51.569419][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.598555][ T4305] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   51.621077][ T4305] System zones: 1-12
[   51.629923][ T4298] bio_check_eod: 30549 callbacks suppressed
[   51.629957][ T4298] syz.0.242: attempt to access beyond end of device
[   51.629957][ T4298] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   51.657233][ T4298] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[   51.660890][ T4305] EXT4-fs (loop2): 1 truncate cleaned up
[   51.665161][ T4298] FAT-fs (loop0): Filesystem has been set read-only
[   51.696351][ T4298] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[   51.707010][ T4312] netlink: 'syz.0.242': attribute type 4 has an invalid length.
[   51.715144][ T4298] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1)
[   51.792956][ T4319] loop1: detected capacity change from 0 to 512
[   51.812068][ T4319] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.823661][ T4321] loop0: detected capacity change from 0 to 256
[   51.836094][ T4319] ext4 filesystem being mounted at /46/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.870066][ T4319] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.249: iget: bad i_size value: 2533274857506816
[   51.976141][ T4328] netlink: 'syz.1.252': attribute type 10 has an invalid length.
[   51.989460][ T4330] netlink: 'syz.2.253': attribute type 27 has an invalid length.
[   51.998731][ T4328] bond0: (slave dummy0): Releasing backup interface
[   52.005590][ T4331] loop2: detected capacity change from 0 to 736
[   52.014756][ T4328] team0: Port device dummy0 added
[   52.111494][ T4347] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   52.191838][ T4345] loop4: detected capacity change from 0 to 8192
[   52.201751][ T4345] syz.4.259: attempt to access beyond end of device
[   52.201751][ T4345] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192
[   52.241928][ T4359] mmap: syz.0.268 (4359) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   52.244608][ T4345] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[   52.261439][ T4358] loop2: detected capacity change from 0 to 512
[   52.261663][ T4345] FAT-fs (loop4): Filesystem has been set read-only
[   52.278001][ T4359] FAULT_INJECTION: forcing a failure.
[   52.278001][ T4359] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   52.291241][ T4359] CPU: 0 UID: 0 PID: 4359 Comm: syz.0.268 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   52.291358][ T4359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   52.291449][ T4359] Call Trace:
[   52.291458][ T4359]  <TASK>
[   52.291467][ T4359]  __dump_stack+0x1d/0x30
[   52.291549][ T4359]  dump_stack_lvl+0xe8/0x140
[   52.291586][ T4359]  dump_stack+0x15/0x1b
[   52.291603][ T4359]  should_fail_ex+0x265/0x280
[   52.291627][ T4359]  should_fail+0xb/0x20
[   52.291645][ T4359]  should_fail_usercopy+0x1a/0x20
[   52.291669][ T4359]  _copy_to_user+0x20/0xa0
[   52.291739][ T4359]  simple_read_from_buffer+0xb5/0x130
[   52.291824][ T4359]  proc_fail_nth_read+0x10e/0x150
[   52.291854][ T4359]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   52.291885][ T4359]  vfs_read+0x1a8/0x770
[   52.291906][ T4359]  ? __rcu_read_unlock+0x4f/0x70
[   52.291929][ T4359]  ? __fget_files+0x184/0x1c0
[   52.292031][ T4359]  ksys_read+0xda/0x1a0
[   52.292055][ T4359]  __x64_sys_read+0x40/0x50
[   52.292078][ T4359]  x64_sys_call+0x27bc/0x2ff0
[   52.292170][ T4359]  do_syscall_64+0xd2/0x200
[   52.292198][ T4359]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   52.292224][ T4359]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.292293][ T4359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.292315][ T4359] RIP: 0033:0x7fc50d86d5fc
[   52.292331][ T4359] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   52.292349][ T4359] RSP: 002b:00007fc50c295030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   52.292426][ T4359] RAX: ffffffffffffffda RBX: 00007fc50da96180 RCX: 00007fc50d86d5fc
[   52.292453][ T4359] RDX: 000000000000000f RSI: 00007fc50c2950a0 RDI: 0000000000000009
[   52.292519][ T4359] RBP: 00007fc50c295090 R08: 0000000000000000 R09: 0000000000000000
[   52.292531][ T4359] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001
[   52.292542][ T4359] R13: 00007fc50da96218 R14: 00007fc50da96180 R15: 00007ffe23b763c8
[   52.292560][ T4359]  </TASK>
[   52.497524][ T4345] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[   52.499336][ T4357] loop1: detected capacity change from 0 to 512
[   52.511979][ T4358] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   52.512476][ T4357] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.532669][ T4357] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   52.553257][ T4357] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   52.570340][ T4345] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1)
[   52.584164][ T4358] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.604264][ T4357] System zones: 1-12
[   52.635975][ T4358] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.263: iget: bad i_size value: 2533274857506816
[   52.660630][ T4372] team0: Port device dummy0 added
[   52.701497][ T4357] EXT4-fs (loop1): 1 truncate cleaned up
[   52.745352][ T4375] smc: net device bond0 applied user defined pnetid SYZ2
[   52.762848][ T4382] Zero length message leads to an empty skb
[   52.772525][ T4375] smc: net device bond0 erased user defined pnetid SYZ2
[   52.928551][ T4401] loop2: detected capacity change from 0 to 512
[   52.937023][ T4401] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   52.958904][ T4401] ext4 filesystem being mounted at /54/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   52.970720][ T4403] loop0: detected capacity change from 0 to 512
[   52.980992][ T4403] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   53.021546][ T4401] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.282: iget: bad i_size value: 2533274857506816
[   53.094040][ T4403] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.120852][ T4403] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.283: iget: bad i_size value: 2533274857506816
[   53.229253][ T4421] loop4: detected capacity change from 0 to 512
[   53.242645][ T4421] EXT4-fs: Ignoring removed bh option
[   53.254853][ T4421] EXT4-fs (loop4): bad block size 16384
[   53.294103][ T4427] smc: net device bond0 applied user defined pnetid SYZ2
[   53.319879][ T4427] smc: net device bond0 erased user defined pnetid SYZ2
[   53.434338][ T4442] loop4: detected capacity change from 0 to 512
[   53.442163][ T4445] loop0: detected capacity change from 0 to 512
[   53.453894][ T4442] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   53.464289][ T4445] EXT4-fs: Ignoring removed bh option
[   53.470120][ T4445] EXT4-fs (loop0): bad block size 16384
[   53.491462][ T4442] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   53.534582][ T4442] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.298: iget: bad i_size value: 2533274857506816
[   53.551422][ T4456] loop1: detected capacity change from 0 to 512
[   53.559654][ T4456] EXT4-fs: Ignoring removed bh option
[   53.576715][ T4457] loop0: detected capacity change from 0 to 256
[   53.602103][ T4456] EXT4-fs (loop1): bad block size 16384
[   53.708620][ T4468] loop3: detected capacity change from 0 to 512
[   53.726722][ T4472] FAULT_INJECTION: forcing a failure.
[   53.726722][ T4472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   53.739903][ T4472] CPU: 1 UID: 0 PID: 4472 Comm: syz.0.308 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   53.739932][ T4472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   53.739944][ T4472] Call Trace:
[   53.739950][ T4472]  <TASK>
[   53.739957][ T4472]  __dump_stack+0x1d/0x30
[   53.739978][ T4472]  dump_stack_lvl+0xe8/0x140
[   53.740019][ T4472]  dump_stack+0x15/0x1b
[   53.740041][ T4472]  should_fail_ex+0x265/0x280
[   53.740067][ T4472]  should_fail+0xb/0x20
[   53.740136][ T4472]  should_fail_usercopy+0x1a/0x20
[   53.740164][ T4472]  _copy_from_user+0x1c/0xb0
[   53.740200][ T4472]  ___sys_sendmsg+0xc1/0x1d0
[   53.740243][ T4472]  __x64_sys_sendmsg+0xd4/0x160
[   53.740359][ T4472]  x64_sys_call+0x191e/0x2ff0
[   53.740398][ T4472]  do_syscall_64+0xd2/0x200
[   53.740431][ T4472]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   53.740534][ T4472]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   53.740564][ T4472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.740590][ T4472] RIP: 0033:0x7fc50d86ebe9
[   53.740607][ T4472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.740628][ T4472] RSP: 002b:00007fc50c2b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   53.740718][ T4472] RAX: ffffffffffffffda RBX: 00007fc50da96090 RCX: 00007fc50d86ebe9
[   53.740733][ T4472] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   53.740747][ T4472] RBP: 00007fc50c2b6090 R08: 0000000000000000 R09: 0000000000000000
[   53.740761][ T4472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.740776][ T4472] R13: 00007fc50da96128 R14: 00007fc50da96090 R15: 00007ffe23b763c8
[   53.740817][ T4472]  </TASK>
[   53.747220][ T4468] loop3: detected capacity change from 0 to 512
[   53.945265][ T4468] loop3: detected capacity change from 0 to 512
[   53.974279][ T4479] smc: net device bond0 applied user defined pnetid SYZ2
[   53.987849][ T4481] loop4: detected capacity change from 0 to 256
[   54.003082][ T4479] smc: net device bond0 erased user defined pnetid SYZ2
[   54.023801][ T4468] loop3: detected capacity change from 0 to 512
[   54.039181][ T4468] loop3: detected capacity change from 0 to 512
[   54.068525][ T4468] loop3: detected capacity change from 0 to 512
[   54.101324][ T4468] loop3: detected capacity change from 0 to 512
[   54.177958][ T4468] loop3: detected capacity change from 0 to 512
[   54.187614][ T4468] loop3: detected capacity change from 0 to 512
[   54.197443][ T4468] loop3: detected capacity change from 0 to 512
[   54.207407][ T4468] loop3: detected capacity change from 0 to 512
[   54.221130][ T4468] loop3: detected capacity change from 0 to 512
[   54.240568][ T4468] loop3: detected capacity change from 0 to 512
[   54.256964][ T4488] loop2: detected capacity change from 0 to 1024
[   54.343598][ T4490] __nla_validate_parse: 6 callbacks suppressed
[   54.343618][ T4490] netlink: 4 bytes leftover after parsing attributes in process `syz.1.315'.
[   54.524543][ T4495] loop2: detected capacity change from 0 to 512
[   54.558796][ T4468] loop3: detected capacity change from 0 to 512
[   54.578369][ T4495] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   54.589216][ T4497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.318'.
[   54.605331][ T4468] loop3: detected capacity change from 0 to 512
[   54.624622][ T4495] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   54.658436][ T4501] loop0: detected capacity change from 0 to 256
[   54.659795][ T4468] loop3: detected capacity change from 0 to 512
[   54.672205][ T4495] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.317: iget: bad i_size value: 2533274857506816
[   54.687891][ T4468] loop3: detected capacity change from 0 to 512
[   54.772033][ T4468] loop3: detected capacity change from 0 to 512
[   54.819333][ T4468] loop3: detected capacity change from 0 to 512
[   54.839239][ T4505] loop2: detected capacity change from 0 to 512
[   54.847637][ T4468] loop3: detected capacity change from 0 to 512
[   54.865663][ T4505] EXT4-fs: Ignoring removed bh option
[   54.873227][ T4468] loop3: detected capacity change from 0 to 512
[   54.890459][ T4505] EXT4-fs (loop2): bad block size 16384
[   54.903984][ T4468] loop3: detected capacity change from 0 to 512
[   54.936361][ T4468] loop3: detected capacity change from 0 to 512
[   54.982381][ T4468] loop3: detected capacity change from 0 to 512
[   55.004894][ T4468] loop3: detected capacity change from 0 to 512
[   55.053612][ T4468] loop3: detected capacity change from 0 to 512
[   55.056101][ T4511] loop2: detected capacity change from 0 to 512
[   55.084540][ T4511] EXT4-fs: Ignoring removed mblk_io_submit option
[   55.094950][ T4511] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   55.107766][ T4511] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   55.110774][ T4468] loop3: detected capacity change from 0 to 512
[   55.116010][ T4511] System zones: 1-12
[   55.127516][ T4511] EXT4-fs (loop2): 1 truncate cleaned up
[   55.146232][ T4468] loop3: detected capacity change from 0 to 512
[   55.166999][ T4468] loop3: detected capacity change from 0 to 512
[   55.195413][ T4468] loop3: detected capacity change from 0 to 512
[   55.232149][ T4468] loop3: detected capacity change from 0 to 512
[   55.462294][ T4521] validate_nla: 8 callbacks suppressed
[   55.462312][ T4521] netlink: 'syz.3.326': attribute type 3 has an invalid length.
[   55.547817][ T4525] FAULT_INJECTION: forcing a failure.
[   55.547817][ T4525] name failslab, interval 1, probability 0, space 0, times 0
[   55.560607][ T4525] CPU: 0 UID: 0 PID: 4525 Comm: syz.3.328 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   55.560685][ T4525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   55.560701][ T4525] Call Trace:
[   55.560708][ T4525]  <TASK>
[   55.560717][ T4525]  __dump_stack+0x1d/0x30
[   55.560742][ T4525]  dump_stack_lvl+0xe8/0x140
[   55.560771][ T4525]  dump_stack+0x15/0x1b
[   55.560786][ T4525]  should_fail_ex+0x265/0x280
[   55.560883][ T4525]  should_failslab+0x8c/0xb0
[   55.560913][ T4525]  kmem_cache_alloc_noprof+0x50/0x310
[   55.560942][ T4525]  ? skb_clone+0x151/0x1f0
[   55.560962][ T4525]  skb_clone+0x151/0x1f0
[   55.561006][ T4525]  __netlink_deliver_tap+0x2c9/0x500
[   55.561046][ T4525]  netlink_unicast+0x66b/0x690
[   55.561101][ T4525]  netlink_sendmsg+0x58b/0x6b0
[   55.561121][ T4525]  ? __pfx_netlink_sendmsg+0x10/0x10
[   55.561155][ T4525]  __sock_sendmsg+0x142/0x180
[   55.561193][ T4525]  ____sys_sendmsg+0x31e/0x4e0
[   55.561238][ T4525]  ___sys_sendmsg+0x17b/0x1d0
[   55.561275][ T4525]  __x64_sys_sendmsg+0xd4/0x160
[   55.561299][ T4525]  x64_sys_call+0x191e/0x2ff0
[   55.561391][ T4525]  do_syscall_64+0xd2/0x200
[   55.561419][ T4525]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   55.561448][ T4525]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   55.561473][ T4525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.561562][ T4525] RIP: 0033:0x7f361285ebe9
[   55.561580][ T4525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.561601][ T4525] RSP: 002b:00007f36112c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   55.561621][ T4525] RAX: ffffffffffffffda RBX: 00007f3612a85fa0 RCX: 00007f361285ebe9
[   55.561633][ T4525] RDX: 0000000000000894 RSI: 0000200000000000 RDI: 0000000000000006
[   55.561676][ T4525] RBP: 00007f36112c7090 R08: 0000000000000000 R09: 0000000000000000
[   55.561691][ T4525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.561705][ T4525] R13: 00007f3612a86038 R14: 00007f3612a85fa0 R15: 00007fff53f5efd8
[   55.561726][ T4525]  </TASK>
[   55.561742][ T4525] netlink: 'syz.3.328': attribute type 6 has an invalid length.
[   55.837412][ T4537] loop2: detected capacity change from 0 to 512
[   55.853300][ T4537] EXT4-fs: Ignoring removed bh option
[   55.874509][ T4534] smc: net device bond0 applied user defined pnetid SYZ2
[   55.882549][ T4537] EXT4-fs (loop2): bad block size 16384
[   55.894373][ T4539] netlink: 8 bytes leftover after parsing attributes in process `syz.3.334'.
[   55.908829][ T4534] smc: net device bond0 erased user defined pnetid SYZ2
[   55.949740][ T4541] loop2: detected capacity change from 0 to 512
[   56.000613][ T4541] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   56.027817][ T4541] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.045365][ T4549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'.
[   56.050330][ T4541] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.335: iget: bad i_size value: 2533274857506816
[   56.149955][ T4555] netlink: 'syz.3.339': attribute type 3 has an invalid length.
[   56.281284][ T4563] loop0: detected capacity change from 0 to 512
[   56.293289][ T4565] netlink: 8 bytes leftover after parsing attributes in process `syz.3.344'.
[   56.324030][   T29] kauditd_printk_skb: 456 callbacks suppressed
[   56.324043][   T29] audit: type=1400 audit(1754737676.284:2739): avc:  denied  { mounton } for  pid=4562 comm="syz.0.343" path="/57/bus" dev="tmpfs" ino=331 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   56.373183][ T4563] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   56.418563][   T29] audit: type=1400 audit(1754737676.314:2740): avc:  denied  { read } for  pid=4560 comm="syz.1.342" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   56.449247][ T4572] loop3: detected capacity change from 0 to 1024
[   56.459080][ T4563] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   56.511211][ T4563] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.343: iget: bad i_size value: 2533274857506816
[   56.524973][   T29] audit: type=1326 audit(1754737676.464:2741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.548384][   T29] audit: type=1326 audit(1754737676.464:2742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.571782][   T29] audit: type=1326 audit(1754737676.464:2743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.595026][   T29] audit: type=1326 audit(1754737676.464:2744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.618549][   T29] audit: type=1326 audit(1754737676.464:2745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.641923][   T29] audit: type=1326 audit(1754737676.464:2746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.665252][   T29] audit: type=1326 audit(1754737676.464:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.688662][   T29] audit: type=1326 audit(1754737676.464:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4562 comm="syz.0.343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   56.776537][ T4577] loop0: detected capacity change from 0 to 256
[   56.935524][ T4583] FAULT_INJECTION: forcing a failure.
[   56.935524][ T4583] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   56.948763][ T4583] CPU: 1 UID: 0 PID: 4583 Comm: syz.0.349 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   56.948795][ T4583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   56.948888][ T4583] Call Trace:
[   56.948897][ T4583]  <TASK>
[   56.948907][ T4583]  __dump_stack+0x1d/0x30
[   56.948934][ T4583]  dump_stack_lvl+0xe8/0x140
[   56.948954][ T4583]  dump_stack+0x15/0x1b
[   56.948972][ T4583]  should_fail_ex+0x265/0x280
[   56.949074][ T4583]  should_fail+0xb/0x20
[   56.949097][ T4583]  should_fail_usercopy+0x1a/0x20
[   56.949123][ T4583]  _copy_from_user+0x1c/0xb0
[   56.949152][ T4583]  __copy_msghdr+0x244/0x300
[   56.949235][ T4583]  ___sys_sendmsg+0x109/0x1d0
[   56.949327][ T4583]  __x64_sys_sendmsg+0xd4/0x160
[   56.949362][ T4583]  x64_sys_call+0x191e/0x2ff0
[   56.949427][ T4583]  do_syscall_64+0xd2/0x200
[   56.949455][ T4583]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   56.949479][ T4583]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   56.949530][ T4583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.949559][ T4583] RIP: 0033:0x7fc50d86ebe9
[   56.949578][ T4583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.949683][ T4583] RSP: 002b:00007fc50c2d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.949704][ T4583] RAX: ffffffffffffffda RBX: 00007fc50da95fa0 RCX: 00007fc50d86ebe9
[   56.949717][ T4583] RDX: 0000000004000004 RSI: 0000200000000740 RDI: 0000000000000003
[   56.949729][ T4583] RBP: 00007fc50c2d7090 R08: 0000000000000000 R09: 0000000000000000
[   56.949775][ T4583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.949792][ T4583] R13: 00007fc50da96038 R14: 00007fc50da95fa0 R15: 00007ffe23b763c8
[   56.949814][ T4583]  </TASK>
[   57.162234][ T4585] loop0: detected capacity change from 0 to 512
[   57.170323][ T4585] EXT4-fs: Ignoring removed mblk_io_submit option
[   57.182137][ T4587] netlink: 'syz.1.351': attribute type 21 has an invalid length.
[   57.190282][ T4587] netlink: 132 bytes leftover after parsing attributes in process `syz.1.351'.
[   57.199290][ T4587] netlink: 'syz.1.351': attribute type 1 has an invalid length.
[   57.213638][ T4585] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   57.229822][ T4585] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   57.238287][ T4585] System zones: 1-12
[   57.246703][ T4585] EXT4-fs (loop0): 1 truncate cleaned up
[   57.252726][ T4587] netlink: 268 bytes leftover after parsing attributes in process `syz.1.351'.
[   57.458653][ T4591] loop1: detected capacity change from 0 to 8192
[   57.504739][ T3292]  loop1: p1 < > p2 p4
[   57.508853][ T3292] loop1: partition table partially beyond EOD, truncated
[   57.520034][ T3292] loop1: p1 start 408832 is beyond EOD, truncated
[   57.526529][ T3292] loop1: p2 size 8388352 extends beyond EOD, truncated
[   57.542670][ T4593] loop2: detected capacity change from 0 to 256
[   57.578795][ T4595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.354'.
[   57.603154][ T4591]  loop1: p1 < > p2 p4
[   57.607285][ T4591] loop1: partition table partially beyond EOD, truncated
[   57.629803][ T4597] netlink: 'syz.2.355': attribute type 3 has an invalid length.
[   57.658840][ T4591] loop1: p1 start 408832 is beyond EOD, truncated
[   57.664319][ T4599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.352'.
[   57.665349][ T4591] loop1: p2 size 8388352 extends beyond EOD, 
[   57.674219][ T4599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.352'.
[   57.689268][ T4591] truncated
[   57.704166][ T4601] loop3: detected capacity change from 0 to 512
[   57.712403][ T4601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.755969][ T4601] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.770300][ T4603] loop2: detected capacity change from 0 to 512
[   57.821246][ T4601] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.356: iget: bad i_size value: 2533274857506816
[   57.846018][ T4603] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   57.861412][ T3616] udevd[3616]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   57.872761][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   57.899956][ T4603] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   57.948860][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[   57.948985][ T3616] udevd[3616]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   57.970040][ T4603] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.357: iget: bad i_size value: 2533274857506816
[   58.033555][ T4616] capability: warning: `syz.3.361' uses deprecated v2 capabilities in a way that may be insecure
[   58.085861][ T4622] loop2: detected capacity change from 0 to 512
[   58.097282][ T4622] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   58.117361][ T4622] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.158915][ T4626] loop3: detected capacity change from 0 to 512
[   58.176307][ T4626] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   58.195339][ T4626] ext4 filesystem being mounted at /75/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   58.219964][ T4622] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.362: iget: bad i_size value: 2533274857506816
[   58.229915][ T4626] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.365: iget: bad i_size value: 2533274857506816
[   58.672387][ T4638] loop0: detected capacity change from 0 to 256
[   58.762372][ T4640] loop1: detected capacity change from 0 to 512
[   58.790336][ T4640] EXT4-fs: Ignoring removed mblk_io_submit option
[   58.819218][ T4640] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   58.855159][ T4640] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   58.863328][ T4640] System zones: 1-12
[   58.874377][ T4640] EXT4-fs (loop1): 1 truncate cleaned up
[   58.901674][ T4642] loop0: detected capacity change from 0 to 8192
[   58.950811][ T4645] netlink: 'syz.1.371': attribute type 4 has an invalid length.
[   58.983707][ T4642]  loop0: p1 < > p2 p4
[   58.987840][ T4642] loop0: partition table partially beyond EOD, truncated
[   59.003132][ T4642] loop0: p1 start 408832 is beyond EOD, truncated
[   59.009679][ T4642] loop0: p2 size 8388352 extends beyond EOD, truncated
[   59.122538][ T4652] loop0: detected capacity change from 0 to 512
[   59.142085][ T4652] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.175003][ T3292] udevd[3292]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[   59.193183][ T3834] udevd[3834]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   59.220610][ T4652] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.317981][ T4652] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.373: iget: bad i_size value: 2533274857506816
[   59.458072][ T4668] netlink: 'syz.2.378': attribute type 4 has an invalid length.
[   59.498570][ T4673] loop0: detected capacity change from 0 to 512
[   59.508084][ T4666] smc: net device bond0 applied user defined pnetid SYZ2
[   59.515604][ T4666] smc: net device bond0 erased user defined pnetid SYZ2
[   59.526899][ T4673] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.550136][ T4673] ext4 filesystem being mounted at /67/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.574657][ T4673] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.379: iget: bad i_size value: 2533274857506816
[   59.620731][ T4680] smc: net device bond0 applied user defined pnetid SYZ2
[   59.629340][ T4680] smc: net device bond0 erased user defined pnetid SYZ2
[   59.674544][ T4686] loop4: detected capacity change from 0 to 512
[   59.685838][ T4686] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.713086][ T4686] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.735189][ T4686] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.385: iget: bad i_size value: 2533274857506816
[   59.844800][ T4697] loop4: detected capacity change from 0 to 256
[   59.851455][ T4699] __nla_validate_parse: 5 callbacks suppressed
[   59.851467][ T4699] netlink: 8 bytes leftover after parsing attributes in process `syz.2.388'.
[   60.055774][ T4708] netlink: 'syz.2.392': attribute type 4 has an invalid length.
[   60.092977][ T4709] loop1: detected capacity change from 0 to 256
[   60.177609][ T4716] smc: net device bond0 applied user defined pnetid SYZ2
[   60.186337][ T4716] smc: net device bond0 erased user defined pnetid SYZ2
[   60.334942][ T4722] loop1: detected capacity change from 0 to 512
[   60.405306][ T4722] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.414537][ T4724] loop0: detected capacity change from 0 to 512
[   60.425571][ T4724] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.446270][ T4722] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.459060][ T4724] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   60.497426][ T4722] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.395: iget: bad i_size value: 2533274857506816
[   60.551880][ T4729] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.396: iget: bad i_size value: 2533274857506816
[   60.730345][ T4731] openvswitch: netlink: Message has 6 unknown bytes.
[   60.758220][ T4731] rpc_pipefs: Unknown parameter 'trans'
[   60.922710][ T4746] loop3: detected capacity change from 0 to 256
[   60.955652][ T4744] netlink: 8 bytes leftover after parsing attributes in process `syz.1.403'.
[   61.063306][ T4752] loop2: detected capacity change from 0 to 512
[   61.069942][ T4752] EXT4-fs: Ignoring removed bh option
[   61.111263][ T4752] EXT4-fs (loop2): bad block size 16384
[   61.145054][ T4754] smc: net device bond0 applied user defined pnetid SYZ2
[   61.152449][ T4754] smc: net device bond0 erased user defined pnetid SYZ2
[   61.209491][ T4760] netlink: 8 bytes leftover after parsing attributes in process `syz.4.408'.
[   61.234482][ T4759] loop3: detected capacity change from 0 to 512
[   61.251260][ T4759] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   61.274088][ T4763] loop4: detected capacity change from 0 to 1024
[   61.285198][ T4763] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   61.299777][ T4759] ext4 filesystem being mounted at /82/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.317562][ T4769] loop1: detected capacity change from 0 to 512
[   61.334810][   T29] kauditd_printk_skb: 541 callbacks suppressed
[   61.334828][   T29] audit: type=1400 audit(1754737681.294:3290): avc:  denied  { write } for  pid=4762 comm="syz.4.411" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.337931][ T4759] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.409: iget: bad i_size value: 2533274857506816
[   61.341057][   T29] audit: type=1400 audit(1754737681.294:3291): avc:  denied  { open } for  pid=4762 comm="syz.4.411" name="file0" dev="loop4" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   61.385133][ T4766] smc: net device bond0 applied user defined pnetid SYZ2
[   61.405889][   T29] audit: type=1326 audit(1754737681.294:3292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.407927][ T4759] hub 9-0:1.0: USB hub found
[   61.429226][   T29] audit: type=1326 audit(1754737681.294:3293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.457261][   T29] audit: type=1326 audit(1754737681.294:3294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.480690][   T29] audit: type=1326 audit(1754737681.294:3295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.481283][ T4769] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   61.504058][   T29] audit: type=1326 audit(1754737681.294:3296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.504097][   T29] audit: type=1326 audit(1754737681.294:3297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4758 comm="syz.3.409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   61.525100][ T4759] hub 9-0:1.0: 8 ports detected
[   61.536101][   T29] audit: type=1400 audit(1754737681.294:3298): avc:  denied  { add_name } for  pid=4758 comm="syz.3.409" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   61.584814][   T29] audit: type=1400 audit(1754737681.294:3299): avc:  denied  { create } for  pid=4758 comm="syz.3.409" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   61.630432][ T4769] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.662444][ T4769] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.412: iget: bad i_size value: 2533274857506816
[   61.677896][ T4769] hub 9-0:1.0: USB hub found
[   61.686189][ T4769] hub 9-0:1.0: 8 ports detected
[   61.750474][ T4789] netlink: 'syz.2.416': attribute type 4 has an invalid length.
[   61.787452][ T4791] netlink: 'syz.3.417': attribute type 21 has an invalid length.
[   61.808575][ T4791] netlink: 132 bytes leftover after parsing attributes in process `syz.3.417'.
[   61.817719][ T4791] netlink: 'syz.3.417': attribute type 1 has an invalid length.
[   61.832787][ T4791] netlink: 268 bytes leftover after parsing attributes in process `syz.3.417'.
[   61.860479][ T4795] loop1: detected capacity change from 0 to 512
[   61.885129][ T4795] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   61.940958][ T4795] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   61.952425][ T4799] loop3: detected capacity change from 0 to 512
[   61.961331][ T4795] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.418: iget: bad i_size value: 2533274857506816
[   61.990261][ T4799] EXT4-fs: Ignoring removed bh option
[   62.023161][ T4803] netlink: 8 bytes leftover after parsing attributes in process `syz.0.422'.
[   62.035319][ T4799] EXT4-fs (loop3): bad block size 16384
[   62.271563][ T4824] netlink: 'syz.0.431': attribute type 21 has an invalid length.
[   62.304203][ T4824] netlink: 132 bytes leftover after parsing attributes in process `syz.0.431'.
[   62.313310][ T4824] netlink: 'syz.0.431': attribute type 1 has an invalid length.
[   62.382775][ T4831] team0: Port device dummy0 removed
[   62.406452][ T4831] bridge_slave_0: left allmulticast mode
[   62.412164][ T4831] bridge_slave_0: left promiscuous mode
[   62.417946][ T4831] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.428252][ T4831] bridge_slave_1: left allmulticast mode
[   62.434009][ T4831] bridge_slave_1: left promiscuous mode
[   62.439714][ T4831] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.454524][ T4831] bond0: (slave bond_slave_0): Releasing backup interface
[   62.464424][ T4831] bond0: (slave bond_slave_1): Releasing backup interface
[   62.478523][ T4831] team0: Port device team_slave_0 removed
[   62.517292][ T4831] team0: Port device team_slave_1 removed
[   62.531777][ T4831] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   62.539258][ T4831] batman_adv: batadv0: Removing interface: batadv_slave_0
[   62.567668][ T4831] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   62.575237][ T4831] batman_adv: batadv0: Removing interface: batadv_slave_1
[   62.655226][ T4847] netlink: 'syz.0.440': attribute type 4 has an invalid length.
[   63.000419][ T4885] netlink: 'syz.0.455': attribute type 4 has an invalid length.
[   63.135151][ T4903] loop4: detected capacity change from 0 to 1024
[   63.179462][ T4905] loop0: detected capacity change from 0 to 1024
[   63.198953][ T4905] EXT4-fs: Ignoring removed nobh option
[   63.208960][ T4909] netlink: 'syz.1.465': attribute type 21 has an invalid length.
[   63.209337][ T4905] EXT4-fs: quotafile must be on filesystem root
[   63.246380][ T4909] netlink: 132 bytes leftover after parsing attributes in process `syz.1.465'.
[   63.255455][ T4909] netlink: 'syz.1.465': attribute type 1 has an invalid length.
[   63.279018][ T4909] netlink: 268 bytes leftover after parsing attributes in process `syz.1.465'.
[   63.280191][ T4912] loop2: detected capacity change from 0 to 512
[   63.320976][ T4914] smc: net device bond0 erased user defined pnetid SYZ2
[   63.345520][ T4912] EXT4-fs: Ignoring removed mblk_io_submit option
[   63.374414][ T4923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.467'.
[   63.394471][ T4912] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   63.407201][ T4924] loop1: detected capacity change from 0 to 512
[   63.415603][ T4912] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   63.424785][ T4924] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   63.435273][ T4912] System zones: 1-12
[   63.439968][ T4912] EXT4-fs (loop2): 1 truncate cleaned up
[   63.484225][ T4932] loop3: detected capacity change from 0 to 512
[   63.493996][ T4932] EXT4-fs: Ignoring removed mblk_io_submit option
[   63.502270][ T4924] ext4 filesystem being mounted at /100/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   63.519277][ T4932] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   63.579421][ T4932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   63.588231][ T4932] System zones: 1-12
[   63.645107][ T4932] EXT4-fs (loop3): 1 truncate cleaned up
[   63.659118][ T4940] smc: net device bond0 applied user defined pnetid SYZ2
[   63.668416][ T4940] smc: net device bond0 erased user defined pnetid SYZ2
[   63.689276][ T4947] loop2: detected capacity change from 0 to 1024
[   63.798795][ T4960] netlink: 'syz.0.492': attribute type 4 has an invalid length.
[   64.128325][ T4964] loop3: detected capacity change from 0 to 512
[   64.138964][ T4964] EXT4-fs: Ignoring removed mblk_io_submit option
[   64.149833][ T4964] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   64.164346][ T4964] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   64.172465][ T4964] System zones: 1-12
[   64.177210][ T4964] EXT4-fs (loop3): 1 truncate cleaned up
[   64.210611][ T4970] loop3: detected capacity change from 0 to 512
[   64.217689][ T4970] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.244838][ T4970] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.260122][ T4970] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.484: iget: bad i_size value: 2533274857506816
[   64.274778][ T4970] hub 9-0:1.0: USB hub found
[   64.279517][ T4970] hub 9-0:1.0: 8 ports detected
[   64.325364][ T4974] loop3: detected capacity change from 0 to 512
[   64.336801][ T4974] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.354898][ T4974] ext4 filesystem being mounted at /95/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.393553][ T4978] loop3: detected capacity change from 0 to 512
[   64.401033][ T4978] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.416151][ T4978] ext4 filesystem being mounted at /96/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.436287][ T4978] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.486: iget: bad i_size value: 2533274857506816
[   64.625824][ T4990] smc: net device bond0 applied user defined pnetid SYZ2
[   64.642823][ T4992] smc: net device bond0 erased user defined pnetid SYZ2
[   65.087137][ T5011] loop4: detected capacity change from 0 to 512
[   65.159594][ T5015] loop1: detected capacity change from 0 to 512
[   65.161870][ T5011] EXT4-fs: Ignoring removed bh option
[   65.185320][ T5015] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.195244][ T5011] EXT4-fs (loop4): bad block size 16384
[   65.237437][ T5015] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.270686][ T5015] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.501: iget: bad i_size value: 2533274857506816
[   65.338266][ T5028] smc: net device bond0 applied user defined pnetid SYZ2
[   65.375372][ T5026] loop4: detected capacity change from 0 to 256
[   65.382993][ T5028] smc: net device bond0 erased user defined pnetid SYZ2
[   65.419928][ T5033] loop3: detected capacity change from 0 to 512
[   65.465017][ T5033] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.492675][ T5033] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.568085][ T5046] loop4: detected capacity change from 0 to 512
[   65.578195][ T5033] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.508: iget: bad i_size value: 2533274857506816
[   65.600677][ T5046] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.638205][ T5051] loop1: detected capacity change from 0 to 512
[   65.644996][ T5051] EXT4-fs: Ignoring removed bh option
[   65.655366][ T5033] hub 9-0:1.0: USB hub found
[   65.662994][ T5051] EXT4-fs (loop1): bad block size 16384
[   65.672948][ T5033] hub 9-0:1.0: 8 ports detected
[   65.686640][ T5046] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.739221][ T5046] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.512: iget: bad i_size value: 2533274857506816
[   65.791188][ T5059] smc: net device bond0 applied user defined pnetid SYZ2
[   65.798778][ T5059] smc: net device bond0 erased user defined pnetid SYZ2
[   65.841991][ T5065] loop1: detected capacity change from 0 to 512
[   65.850950][ T5065] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.857185][ T5062] smc: net device bond0 applied user defined pnetid SYZ2
[   65.875467][ T5062] smc: net device bond0 erased user defined pnetid SYZ2
[   65.890219][ T5071] loop4: detected capacity change from 0 to 512
[   65.905625][ T5065] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.917803][ T5071] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   65.968031][ T5071] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   65.983591][ T5085] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.519: iget: bad i_size value: 2533274857506816
[   65.990936][ T5071] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.521: iget: bad i_size value: 2533274857506816
[   66.016988][ T5084] __nla_validate_parse: 3 callbacks suppressed
[   66.017003][ T5084] netlink: 8 bytes leftover after parsing attributes in process `syz.3.525'.
[   66.209163][ T5099] loop1: detected capacity change from 0 to 1024
[   66.221016][ T5099] EXT4-fs: Ignoring removed nobh option
[   66.227073][ T5099] EXT4-fs: quotafile must be on filesystem root
[   66.325627][ T5106] netlink: 132 bytes leftover after parsing attributes in process `syz.1.533'.
[   66.337048][ T5106] netlink: 268 bytes leftover after parsing attributes in process `syz.1.533'.
[   66.411015][ T5110] netlink: 8 bytes leftover after parsing attributes in process `syz.0.535'.
[   66.499459][   T29] kauditd_printk_skb: 702 callbacks suppressed
[   66.499476][   T29] audit: type=1404 audit(1754737686.454:4002): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   66.521292][   T29] audit: type=1404 audit(1754737686.474:4003): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[   66.566673][   T29] audit: type=1400 audit(1754737686.524:4004): avc:  denied  { read write } for  pid=3299 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   66.590935][   T29] audit: type=1400 audit(1754737686.524:4005): avc:  denied  { open } for  pid=3299 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   66.615113][   T29] audit: type=1400 audit(1754737686.524:4006): avc:  denied  { ioctl } for  pid=3299 comm="syz-executor" path="/dev/loop0" dev="devtmpfs" ino=100 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   66.646361][ T5116] loop1: detected capacity change from 0 to 256
[   66.719087][   T29] audit: type=1400 audit(1754737686.594:4007): avc:  denied  { map_create } for  pid=5107 comm="syz.1.534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   66.738347][   T29] audit: type=1400 audit(1754737686.594:4008): avc:  denied  { map_read map_write } for  pid=5107 comm="syz.1.534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   66.758116][   T29] audit: type=1400 audit(1754737686.594:4009): avc:  denied  { prog_load } for  pid=5107 comm="syz.1.534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   66.777190][   T29] audit: type=1400 audit(1754737686.604:4010): avc:  denied  { bpf } for  pid=5107 comm="syz.1.534" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   66.797749][   T29] audit: type=1400 audit(1754737686.604:4011): avc:  denied  { perfmon } for  pid=5107 comm="syz.1.534" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   66.895395][ T5118] netlink: 8 bytes leftover after parsing attributes in process `syz.0.537'.
[   67.760185][ T5122] loop4: detected capacity change from 0 to 512
[   67.794630][ T5122] EXT4-fs: Ignoring removed bh option
[   67.847082][ T5122] EXT4-fs (loop4): bad block size 16384
[   67.983519][ T5132] loop3: detected capacity change from 0 to 1024
[   67.990373][ T5132] EXT4-fs: Ignoring removed nobh option
[   67.997643][ T5132] EXT4-fs: quotafile must be on filesystem root
[   68.004968][ T5130] loop1: detected capacity change from 0 to 512
[   68.019009][ T5130] EXT4-fs: Ignoring removed bh option
[   68.044898][ T5130] EXT4-fs (loop1): bad block size 16384
[   68.049354][ T5139] loop0: detected capacity change from 0 to 512
[   68.088030][ T5139] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.133815][ T5144] smc: net device bond0 applied user defined pnetid SYZ2
[   68.138861][ T5145] loop1: detected capacity change from 0 to 512
[   68.143528][ T5144] smc: net device bond0 erased user defined pnetid SYZ2
[   68.157334][ T5139] ext4 filesystem being mounted at /103/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   68.169768][ T5145] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.207710][ T5145] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   68.236401][ T5154] netlink: 8 bytes leftover after parsing attributes in process `syz.0.550'.
[   68.349742][ T5162] loop2: detected capacity change from 0 to 512
[   68.361044][ T5162] EXT4-fs: Ignoring removed mblk_io_submit option
[   68.374775][ T5162] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   68.386031][ T5162] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   68.395688][ T5162] System zones: 1-12
[   68.400266][ T5162] EXT4-fs (loop2): 1 truncate cleaned up
[   68.421452][ T5167] loop0: detected capacity change from 0 to 512
[   68.428277][ T5167] EXT4-fs: Ignoring removed bh option
[   68.441402][ T5167] EXT4-fs (loop0): bad block size 16384
[   68.535491][ T5177] loop0: detected capacity change from 0 to 512
[   68.544641][ T5177] EXT4-fs: Ignoring removed bh option
[   68.556619][ T5177] EXT4-fs (loop0): bad block size 16384
[   68.563153][ T5179] loop1: detected capacity change from 0 to 512
[   68.575302][ T5179] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.600948][ T5179] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   68.651313][ T5179] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.559: iget: bad i_size value: 2533274857506816
[   68.670684][ T5183] loop0: detected capacity change from 0 to 1024
[   68.728380][ T5183] EXT4-fs: Ignoring removed nobh option
[   68.734139][ T5183] EXT4-fs: quotafile must be on filesystem root
[   68.770123][ T3301] EXT4-fs unmount: 91 callbacks suppressed
[   68.770137][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.835262][ T5190] loop1: detected capacity change from 0 to 512
[   68.861837][ T5190] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   68.889156][ T5193] smc: net device bond0 applied user defined pnetid SYZ2
[   68.897751][ T5190] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.917373][ T5202] netlink: 8 bytes leftover after parsing attributes in process `syz.4.565'.
[   68.918844][ T5193] smc: net device bond0 erased user defined pnetid SYZ2
[   68.929307][ T5203] validate_nla: 3 callbacks suppressed
[   68.929323][ T5203] netlink: 'syz.0.566': attribute type 21 has an invalid length.
[   68.933418][ T5190] ext4 filesystem being mounted at /124/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   68.955220][ T5203] netlink: 132 bytes leftover after parsing attributes in process `syz.0.566'.
[   68.965725][ T5203] netlink: 'syz.0.566': attribute type 1 has an invalid length.
[   68.982322][ T5203] netlink: 268 bytes leftover after parsing attributes in process `syz.0.566'.
[   69.072309][ T5209] loop0: detected capacity change from 0 to 256
[   69.082948][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.112764][ T5213] netlink: 8 bytes leftover after parsing attributes in process `syz.4.571'.
[   69.142272][ T5217] loop1: detected capacity change from 0 to 512
[   69.157414][ T5217] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   69.190324][ T5219] loop0: detected capacity change from 0 to 512
[   69.208444][ T5219] EXT4-fs: Ignoring removed bh option
[   69.225108][ T5217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.231082][ T5219] EXT4-fs (loop0): bad block size 16384
[   69.266049][ T5217] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.298175][ T5228] loop3: detected capacity change from 0 to 1024
[   69.301927][ T5217] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.570: iget: bad i_size value: 2533274857506816
[   69.306531][ T5228] EXT4-fs: Ignoring removed nobh option
[   69.322926][ T5228] EXT4-fs: quotafile must be on filesystem root
[   69.331279][ T5217] hub 9-0:1.0: USB hub found
[   69.347894][ T5217] hub 9-0:1.0: 8 ports detected
[   69.392209][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.468288][ T5238] smc: net device bond0 applied user defined pnetid SYZ2
[   69.475651][ T5238] smc: net device bond0 erased user defined pnetid SYZ2
[   69.606794][ T5244] loop1: detected capacity change from 0 to 512
[   69.615229][ T5244] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   69.645168][ T5244] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.657988][ T5244] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.733128][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.774963][ T5256] loop1: detected capacity change from 0 to 512
[   69.781725][ T5256] EXT4-fs: Ignoring removed bh option
[   69.787918][ T5256] EXT4-fs (loop1): bad block size 16384
[   69.887389][ T5262] loop1: detected capacity change from 0 to 512
[   69.895408][ T5262] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   69.916253][ T5262] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.929292][ T5262] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   69.950582][ T5262] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.589: iget: bad i_size value: 2533274857506816
[   69.963997][ T5262] hub 9-0:1.0: USB hub found
[   69.968747][ T5262] hub 9-0:1.0: 8 ports detected
[   70.002238][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.043503][ T5268] smc: net device bond0 applied user defined pnetid SYZ2
[   70.050776][ T5268] smc: net device bond0 erased user defined pnetid SYZ2
[   70.116669][ T5272] loop0: detected capacity change from 0 to 512
[   70.127739][ T5272] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.151751][ T5274] loop4: detected capacity change from 0 to 1024
[   70.168188][ T5272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.181074][ T5272] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.182422][ T5274] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.216856][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.238078][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.314591][ T5291] loop0: detected capacity change from 0 to 512
[   70.314994][ T5286] loop3: detected capacity change from 0 to 256
[   70.344125][ T5291] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.377108][ T5297] netlink: 'syz.1.600': attribute type 21 has an invalid length.
[   70.385886][ T5297] netlink: 'syz.1.600': attribute type 1 has an invalid length.
[   70.398195][ T5291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.411166][ T5291] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.437710][ T5300] loop4: detected capacity change from 0 to 512
[   70.449541][ T5300] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.478388][ T5291] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.596: iget: bad i_size value: 2533274857506816
[   70.503725][ T5300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.517928][ T5300] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.570773][ T5300] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.601: iget: bad i_size value: 2533274857506816
[   70.584765][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.585600][ T5300] hub 9-0:1.0: USB hub found
[   70.619381][ T5300] hub 9-0:1.0: 8 ports detected
[   70.630639][ T5313] loop2: detected capacity change from 0 to 512
[   70.665945][ T5313] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.685972][ T5315] loop0: detected capacity change from 0 to 512
[   70.693874][ T5315] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.706686][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.725456][ T5315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.739390][ T5313] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.752192][ T5315] ext4 filesystem being mounted at /115/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.776543][ T5313] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   70.792786][ T5315] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.606: iget: bad i_size value: 2533274857506816
[   70.807405][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.914465][ T5333] loop2: detected capacity change from 0 to 512
[   70.930667][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.943620][ T5333] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   70.965049][ T5333] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.986031][ T5333] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.006834][ T5333] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.613: iget: bad i_size value: 2533274857506816
[   71.026897][ T5343] loop3: detected capacity change from 0 to 512
[   71.034875][ T5343] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.060950][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.067703][ T5343] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.082903][ T5343] ext4 filesystem being mounted at /121/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.113146][ T5347] loop2: detected capacity change from 0 to 512
[   71.114952][ T5343] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.617: iget: bad i_size value: 2533274857506816
[   71.122009][ T5347] EXT4-fs: Ignoring removed bh option
[   71.139970][ T5347] EXT4-fs (loop2): bad block size 16384
[   71.207031][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.229952][ T5351] loop3: detected capacity change from 0 to 512
[   71.238585][ T5351] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.255611][ T5351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.269755][ T5351] ext4 filesystem being mounted at /122/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.287381][ T5351] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.620: iget: bad i_size value: 2533274857506816
[   71.300746][ T5351] hub 9-0:1.0: USB hub found
[   71.305584][ T5351] hub 9-0:1.0: 8 ports detected
[   71.323763][ T5355] loop1: detected capacity change from 0 to 512
[   71.343873][ T5355] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.364475][ T5355] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.379025][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.382128][ T5355] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.410004][ T5359] loop3: detected capacity change from 0 to 256
[   71.425417][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.475547][ T5363] smc: net device bond0 applied user defined pnetid SYZ2
[   71.482981][ T5363] smc: net device bond0 erased user defined pnetid SYZ2
[   71.518031][ T5368] loop1: detected capacity change from 0 to 512
[   71.524741][ T5368] EXT4-fs: Ignoring removed bh option
[   71.530638][ T5368] EXT4-fs (loop1): bad block size 16384
[   71.539276][   T29] kauditd_printk_skb: 651 callbacks suppressed
[   71.539291][   T29] audit: type=1400 audit(1754737691.494:4663): avc:  denied  { open } for  pid=5367 comm="syz.1.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   71.564824][   T29] audit: type=1400 audit(1754737691.494:4664): avc:  denied  { kernel } for  pid=5367 comm="syz.1.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   71.601218][   T29] audit: type=1400 audit(1754737691.554:4665): avc:  denied  { allowed } for  pid=5370 comm="syz.1.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   71.638557][   T29] audit: type=1400 audit(1754737691.574:4666): avc:  denied  { sqpoll } for  pid=5370 comm="syz.1.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[   71.657790][   T29] audit: type=1400 audit(1754737691.574:4667): avc:  denied  { create } for  pid=5370 comm="syz.1.627" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   71.678984][   T29] audit: type=1400 audit(1754737691.574:4668): avc:  denied  { map } for  pid=5370 comm="syz.1.627" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=10016 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   71.703231][   T29] audit: type=1400 audit(1754737691.574:4669): avc:  denied  { read write } for  pid=5370 comm="syz.1.627" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=10016 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   71.712129][ T5377] loop1: detected capacity change from 0 to 512
[   71.740736][ T5377] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.769585][ T5380] loop3: detected capacity change from 0 to 512
[   71.777074][ T5380] EXT4-fs: Ignoring removed bh option
[   71.782743][ T5375] loop4: detected capacity change from 0 to 1024
[   71.789971][ T5380] EXT4-fs (loop3): bad block size 16384
[   71.797863][ T5377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.823794][ T5375] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.840525][ T5375] ext4 filesystem being mounted at /123/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.848517][ T5377] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.876494][ T5377] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.628: iget: bad i_size value: 2533274857506816
[   71.889114][   T29] audit: type=1326 audit(1754737691.834:4670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5376 comm="syz.1.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   71.890740][ T5389] __nla_validate_parse: 6 callbacks suppressed
[   71.890760][ T5389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'.
[   71.912514][   T29] audit: type=1326 audit(1754737691.834:4671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5376 comm="syz.1.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   71.912612][   T29] audit: type=1326 audit(1754737691.834:4672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5376 comm="syz.1.628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2a03e9ebe9 code=0x7ffc0000
[   72.003471][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.024772][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.077804][ T5392] loop3: detected capacity change from 0 to 1024
[   72.085821][ T5396] loop1: detected capacity change from 0 to 512
[   72.104974][ T5396] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.115658][ T5392] EXT4-fs: Ignoring removed nobh option
[   72.128917][ T5400] loop0: detected capacity change from 0 to 512
[   72.137321][ T5400] EXT4-fs: Ignoring removed bh option
[   72.143484][ T5400] EXT4-fs (loop0): bad block size 16384
[   72.149332][ T5392] EXT4-fs: quotafile must be on filesystem root
[   72.171832][ T5396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.216540][ T5396] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.250573][ T5413] smc: net device bond0 applied user defined pnetid SYZ2
[   72.251355][ T5396] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.633: iget: bad i_size value: 2533274857506816
[   72.272446][ T5413] smc: net device bond0 erased user defined pnetid SYZ2
[   72.278281][ T5396] hub 9-0:1.0: USB hub found
[   72.284192][ T5396] hub 9-0:1.0: 8 ports detected
[   72.330955][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.372779][ T5422] loop3: detected capacity change from 0 to 512
[   72.386071][ T5422] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.399963][ T5424] loop1: detected capacity change from 0 to 512
[   72.417087][ T5424] EXT4-fs: Ignoring removed bh option
[   72.424583][ T5422] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.440033][ T5429] netlink: 'syz.2.646': attribute type 21 has an invalid length.
[   72.441469][ T5424] EXT4-fs (loop1): bad block size 16384
[   72.448295][ T5429] netlink: 132 bytes leftover after parsing attributes in process `syz.2.646'.
[   72.458916][ T5422] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.462514][ T5429] netlink: 'syz.2.646': attribute type 1 has an invalid length.
[   72.487562][ T5429] netlink: 268 bytes leftover after parsing attributes in process `syz.2.646'.
[   72.518607][ T5431] netlink: 8 bytes leftover after parsing attributes in process `syz.2.647'.
[   72.541260][ T5433] smc: net device bond0 applied user defined pnetid SYZ2
[   72.548795][ T5433] smc: net device bond0 erased user defined pnetid SYZ2
[   72.576173][ T5436] loop1: detected capacity change from 0 to 256
[   72.627046][ T5439] loop2: detected capacity change from 0 to 512
[   72.634849][ T5439] EXT4-fs: Ignoring removed mblk_io_submit option
[   72.641801][ T5439] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   72.658300][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.697998][ T5444] loop1: detected capacity change from 0 to 1024
[   72.704512][ T5439] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   72.705264][ T5444] EXT4-fs: Ignoring removed nobh option
[   72.719037][ T5444] EXT4-fs: quotafile must be on filesystem root
[   72.733071][ T5439] System zones: 1-12
[   72.740563][ T5439] EXT4-fs (loop2): 1 truncate cleaned up
[   72.760240][ T5439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.781732][ T5447] loop3: detected capacity change from 0 to 1024
[   72.809850][ T5447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.832786][ T5451] loop1: detected capacity change from 0 to 512
[   72.840921][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.856520][ T5451] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   72.906297][ T5451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.924653][ T5451] ext4 filesystem being mounted at /152/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   72.949493][ T5458] smc: net device bond0 applied user defined pnetid SYZ2
[   72.957649][ T5458] smc: net device bond0 erased user defined pnetid SYZ2
[   72.960956][ T5461] netlink: 'syz.3.657': attribute type 21 has an invalid length.
[   72.978249][ T5451] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.654: iget: bad i_size value: 2533274857506816
[   72.992083][ T5451] hub 9-0:1.0: USB hub found
[   72.996957][ T5451] hub 9-0:1.0: 8 ports detected
[   73.034037][ T5461] netlink: 132 bytes leftover after parsing attributes in process `syz.3.657'.
[   73.043265][ T5461] netlink: 'syz.3.657': attribute type 1 has an invalid length.
[   73.043789][ T5463] netlink: 268 bytes leftover after parsing attributes in process `syz.3.657'.
[   73.052920][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.074920][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.101467][ T5466] loop0: detected capacity change from 0 to 512
[   73.143626][ T5474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.662'.
[   73.163414][ T5466] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   73.190572][ T5472] smc: net device bond0 applied user defined pnetid SYZ2
[   73.207943][ T5477] loop3: detected capacity change from 0 to 512
[   73.211363][ T5466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.242797][ T5472] smc: net device bond0 erased user defined pnetid SYZ2
[   73.270782][ T5466] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.281877][ T5477] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   73.295546][ T5481] loop1: detected capacity change from 0 to 512
[   73.302408][ T5481] EXT4-fs: Ignoring removed bh option
[   73.324639][ T5481] EXT4-fs (loop1): bad block size 16384
[   73.359659][ T5477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.376872][ T5492] loop4: detected capacity change from 0 to 256
[   73.413984][ T5477] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   73.435262][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.456621][ T5494] loop4: detected capacity change from 0 to 512
[   73.470249][ T5494] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.484713][ T5494] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   73.485018][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.508682][ T5494] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   73.519077][ T5494] System zones: 1-12
[   73.524432][ T5494] EXT4-fs (loop4): 1 truncate cleaned up
[   73.530668][ T5494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.548459][ T5503] netlink: 'syz.3.672': attribute type 21 has an invalid length.
[   73.558009][ T5503] netlink: 132 bytes leftover after parsing attributes in process `syz.3.672'.
[   73.567045][ T5503] netlink: 'syz.3.672': attribute type 1 has an invalid length.
[   73.577165][ T5503] netlink: 268 bytes leftover after parsing attributes in process `syz.3.672'.
[   73.744089][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.897881][ T5514] team0: Failed to send options change via netlink (err -105)
[   73.919615][ T5514] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   73.943023][ T5514] team0: Port device dummy0 removed
[   73.962763][ T5514] bridge_slave_0: left allmulticast mode
[   73.968547][ T5514] bridge_slave_0: left promiscuous mode
[   73.974258][ T5514] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.984908][ T5514] bridge_slave_1: left allmulticast mode
[   73.990741][ T5514] bridge_slave_1: left promiscuous mode
[   73.996454][ T5514] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.007654][ T5514] bond0: (slave bond_slave_0): Releasing backup interface
[   74.027082][ T5514] bond0: (slave bond_slave_1): Releasing backup interface
[   74.043479][ T5514] team0: Failed to send options change via netlink (err -105)
[   74.051892][ T5514] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   74.065597][ T5514] team0: Port device team_slave_0 removed
[   74.076025][ T5518] netlink: 8 bytes leftover after parsing attributes in process `syz.0.676'.
[   74.088667][ T5514] team0: Failed to send options change via netlink (err -105)
[   74.096842][ T5514] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   74.106464][ T5514] team0: Port device team_slave_1 removed
[   74.113857][ T5514] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   74.121278][ T5514] batman_adv: batadv0: Removing interface: batadv_slave_0
[   74.137891][ T5514] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   74.145403][ T5514] batman_adv: batadv0: Removing interface: batadv_slave_1
[   74.245094][ T5522] loop0: detected capacity change from 0 to 1024
[   74.251922][ T5522] EXT4-fs: Ignoring removed nobh option
[   74.259758][ T5522] EXT4-fs: quotafile must be on filesystem root
[   74.276237][ T5524] loop2: detected capacity change from 0 to 512
[   74.311454][ T5527] loop1: detected capacity change from 0 to 512
[   74.318204][ T5527] EXT4-fs: Ignoring removed bh option
[   74.324225][ T5527] EXT4-fs (loop1): bad block size 16384
[   74.335301][ T5524] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   74.360690][ T5531] loop4: detected capacity change from 0 to 512
[   74.370813][ T5531] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   74.384124][ T5524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.399229][ T5535] netlink: 'syz.1.683': attribute type 21 has an invalid length.
[   74.400666][ T5524] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.407713][ T5530] loop0: detected capacity change from 0 to 512
[   74.438569][ T5524] EXT4-fs error (device loop2): ext4_lookup:1787: inode #12: comm syz.2.679: iget: bad i_size value: 2533274857506816
[   74.438897][ T5535] netlink: 'syz.1.683': attribute type 1 has an invalid length.
[   74.503081][ T5531] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.527353][ T5530] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   74.535551][ T5531] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.557549][ T5530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.570508][ T5530] ext4 filesystem being mounted at /124/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.583352][ T3298] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.644459][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.671225][ T5550] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.682: iget: bad i_size value: 2533274857506816
[   74.697010][ T5552] loop4: detected capacity change from 0 to 512
[   74.703682][ T5552] EXT4-fs: Ignoring removed mblk_io_submit option
[   74.710515][ T5552] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   74.777997][ T5552] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   74.792982][ T5552] System zones: 1-12
[   74.800714][ T5552] EXT4-fs (loop4): 1 truncate cleaned up
[   74.812950][ T5561] loop3: detected capacity change from 0 to 256
[   74.851337][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.866181][ T5552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.881863][ T5563] loop2: detected capacity change from 0 to 1024
[   74.920954][ T5563] EXT4-fs: Ignoring removed nobh option
[   74.946886][ T5563] EXT4-fs: quotafile must be on filesystem root
[   74.961282][ T5570] netlink: 'syz.3.695': attribute type 21 has an invalid length.
[   74.967884][ T5568] loop0: detected capacity change from 0 to 1024
[   74.987890][ T5570] netlink: 'syz.3.695': attribute type 1 has an invalid length.
[   75.045429][ T5568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.177857][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.220946][ T5586] loop1: detected capacity change from 0 to 512
[   75.229913][ T5586] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.274836][ T5589] loop0: detected capacity change from 0 to 512
[   75.286137][ T5586] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.299808][ T5589] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.335817][ T5586] ext4 filesystem being mounted at /160/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.361521][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.373588][ T5589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.388358][ T5589] ext4 filesystem being mounted at /126/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.408852][ T5586] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.700: iget: bad i_size value: 2533274857506816
[   75.506206][ T5589] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.699: iget: bad i_size value: 2533274857506816
[   75.534360][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.545603][ T5589] hub 9-0:1.0: USB hub found
[   75.569979][ T5589] hub 9-0:1.0: 8 ports detected
[   75.579364][ T5601] loop1: detected capacity change from 0 to 512
[   75.605710][ T5601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.647079][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.658887][ T5601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.671530][ T5601] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.713799][ T5601] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.704: iget: bad i_size value: 2533274857506816
[   75.846307][ T5612] loop0: detected capacity change from 0 to 512
[   75.856606][ T5614] loop1: detected capacity change from 0 to 512
[   75.864601][ T5614] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.885290][ T5612] EXT4-fs: Ignoring removed bh option
[   75.885554][ T5614] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.915034][ T5612] EXT4-fs (loop0): bad block size 16384
[   75.977159][ T5614] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.709: iget: bad i_size value: 2533274857506816
[   76.008116][ T5620] loop0: detected capacity change from 0 to 1024
[   76.026194][ T5614] hub 9-0:1.0: USB hub found
[   76.031078][ T5614] hub 9-0:1.0: 8 ports detected
[   76.039915][ T5622] loop2: detected capacity change from 0 to 512
[   76.046896][ T5622] EXT4-fs: Ignoring removed bh option
[   76.054580][ T5622] EXT4-fs (loop2): bad block size 16384
[   76.271185][ T5641] smc: net device bond0 applied user defined pnetid SYZ2
[   76.280131][ T5641] smc: net device bond0 erased user defined pnetid SYZ2
[   76.290045][ T5639] loop2: detected capacity change from 0 to 256
[   76.320729][ T5644] smc: net device bond0 applied user defined pnetid SYZ2
[   76.328000][ T5644] smc: net device bond0 erased user defined pnetid SYZ2
[   76.377003][ T5647] team0: Failed to send options change via netlink (err -105)
[   76.384737][ T5647] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   76.393864][ T5647] team0: Port device dummy0 removed
[   76.399377][ T5647] bridge_slave_0: left allmulticast mode
[   76.405181][ T5647] bridge_slave_0: left promiscuous mode
[   76.410939][ T5647] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.431628][ T5651] loop4: detected capacity change from 0 to 512
[   76.438129][ T5655] loop3: detected capacity change from 0 to 512
[   76.445080][ T5651] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.454587][ T5647] bridge_slave_1: left allmulticast mode
[   76.460238][ T5647] bridge_slave_1: left promiscuous mode
[   76.465986][ T5647] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.480360][ T5647] bond0: (slave bond_slave_0): Releasing backup interface
[   76.488635][ T5647] bond0: (slave bond_slave_1): Releasing backup interface
[   76.496125][ T5655] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.509995][ T5647] team0: Failed to send options change via netlink (err -105)
[   76.514444][ T5658] loop0: detected capacity change from 0 to 512
[   76.518129][ T5647] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   76.533174][ T5658] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.542821][ T5647] team0: Port device team_slave_0 removed
[   76.544769][ T5651] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.560062][ T5647] team0: Failed to send options change via netlink (err -105)
[   76.568023][ T5647] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   76.577675][ T5647] team0: Port device team_slave_1 removed
[   76.583801][ T5647] batman_adv: batadv0: Removing interface: batadv_slave_0
[   76.591643][ T5647] batman_adv: batadv0: Removing interface: batadv_slave_1
[   76.598128][ T5651] EXT4-fs error (device loop4): ext4_lookup:1787: inode #12: comm syz.4.724: iget: bad i_size value: 2533274857506816
[   76.607755][ T5655] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.622771][ T5658] ext4 filesystem being mounted at /136/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.640312][   T29] kauditd_printk_skb: 487 callbacks suppressed
[   76.640327][   T29] audit: type=1326 audit(1754737696.594:5160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5654 comm="syz.3.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f361285ebe9 code=0x7ffc0000
[   76.669899][   T29] audit: type=1326 audit(1754737696.594:5161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5654 comm="syz.3.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f361285d550 code=0x7ffc0000
[   76.692590][ T5658] EXT4-fs error (device loop0): ext4_lookup:1787: inode #12: comm syz.0.726: iget: bad i_size value: 2533274857506816
[   76.696908][ T5655] EXT4-fs error (device loop3): ext4_lookup:1787: inode #12: comm syz.3.725: iget: bad i_size value: 2533274857506816
[   76.708661][ T5658] hub 9-0:1.0: USB hub found
[   76.722954][   T29] audit: type=1326 audit(1754737696.624:5162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.742457][ T5658] hub 9-0:1.0: 8 ports detected
[   76.746327][   T29] audit: type=1326 audit(1754737696.624:5163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc50d86d550 code=0x7ffc0000
[   76.774474][   T29] audit: type=1326 audit(1754737696.624:5164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.797862][   T29] audit: type=1326 audit(1754737696.624:5165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.821205][   T29] audit: type=1326 audit(1754737696.624:5166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.844464][   T29] audit: type=1326 audit(1754737696.624:5167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.867823][   T29] audit: type=1326 audit(1754737696.624:5168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.891173][   T29] audit: type=1326 audit(1754737696.624:5169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5657 comm="syz.0.726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc50d86ebe9 code=0x7ffc0000
[   76.918150][ T5668] __nla_validate_parse: 7 callbacks suppressed
[   76.918164][ T5668] netlink: 8 bytes leftover after parsing attributes in process `syz.2.727'.
[   77.029233][ T5680] netlink: 20 bytes leftover after parsing attributes in process `syz.2.732'.
[   77.080389][ T5682] smc: net device bond0 applied user defined pnetid SYZ2
[   77.099463][ T5682] smc: net device bond0 erased user defined pnetid SYZ2
[   77.119492][ T5687] netlink: 'syz.0.734': attribute type 21 has an invalid length.
[   77.135190][ T5687] netlink: 132 bytes leftover after parsing attributes in process `syz.0.734'.
[   77.144270][ T5687] netlink: 'syz.0.734': attribute type 1 has an invalid length.
[   77.157161][ T5687] netlink: 268 bytes leftover after parsing attributes in process `syz.0.734'.
[   77.180792][ T5689] smc: net device bond0 applied user defined pnetid SYZ2
[   77.189344][ T5689] smc: net device bond0 erased user defined pnetid SYZ2
[   77.221308][ T5693] netlink: 100 bytes leftover after parsing attributes in process `syz.0.737'.
[   77.317384][ T5698] netlink: 8 bytes leftover after parsing attributes in process `syz.1.738'.
[   77.346294][ T5702] loop3: detected capacity change from 0 to 512
[   77.356506][ T5702] EXT4-fs: Ignoring removed mblk_io_submit option
[   77.372491][ T5702] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   77.434110][ T5702] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[   77.442204][ T5702] System zones: 1-12
[   77.458046][ T5708] loop0: detected capacity change from 0 to 512
[   77.472974][ T5702] EXT4-fs (loop3): 1 truncate cleaned up
[   77.518978][ T5708] EXT4-fs: Ignoring removed bh option
[   77.546903][ T5708] EXT4-fs (loop0): bad block size 16384
[   77.605000][ T5714] loop1: detected capacity change from 0 to 512
[   77.634473][ T5714] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   77.749893][ T5714] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   77.850813][ T5714] EXT4-fs error (device loop1): ext4_lookup:1787: inode #12: comm syz.1.744: iget: bad i_size value: 2533274857506816
[   77.876023][ T5722] loop0: detected capacity change from 0 to 1024
[   77.898391][ T5714] hub 9-0:1.0: USB hub found
[   77.905536][ T5714] hub 9-0:1.0: 8 ports detected
[   77.963502][ T5722] EXT4-fs: Ignoring removed nobh option
[   77.987803][ T5722] EXT4-fs: quotafile must be on filesystem root
[   78.023313][ T5722] ==================================================================
[   78.031449][ T5722] BUG: KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event
[   78.040324][ T5722] 
[   78.042649][ T5722] write to 0xffff88811da694f4 of 4 bytes by task 3616 on cpu 1:
[   78.050280][ T5722]  fsnotify_detach_mark+0xba/0x160
[   78.055403][ T5722]  fsnotify_destroy_mark+0x70/0x150
[   78.060608][ T5722]  __se_sys_inotify_rm_watch+0xe8/0x170
[   78.066196][ T5722]  __x64_sys_inotify_rm_watch+0x31/0x40
[   78.071749][ T5722]  x64_sys_call+0x2e86/0x2ff0
[   78.076430][ T5722]  do_syscall_64+0xd2/0x200
[   78.080943][ T5722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.086841][ T5722] 
[   78.089161][ T5722] read to 0xffff88811da694f4 of 4 bytes by task 5722 on cpu 0:
[   78.096694][ T5722]  fsnotify_handle_inode_event+0x125/0x220
[   78.102520][ T5722]  fsnotify+0x13c9/0x14b0
[   78.106871][ T5722]  __fsnotify_parent+0x2ed/0x330
[   78.111837][ T5722]  __fput+0x1de/0x650
[   78.115845][ T5722]  fput_close_sync+0x6e/0x120
[   78.120549][ T5722]  __x64_sys_close+0x56/0xf0
[   78.125135][ T5722]  x64_sys_call+0x2738/0x2ff0
[   78.129821][ T5722]  do_syscall_64+0xd2/0x200
[   78.134339][ T5722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.140252][ T5722] 
[   78.142567][ T5722] value changed: 0x00000003 -> 0x00000000
[   78.148280][ T5722] 
[   78.150686][ T5722] Reported by Kernel Concurrency Sanitizer on:
[   78.156834][ T5722] CPU: 0 UID: 0 PID: 5722 Comm: syz.0.746 Not tainted 6.16.0-syzkaller-12245-g2988dfed8a5d #0 PREEMPT(voluntary) 
[   78.168811][ T5722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   78.178872][ T5722] ==================================================================
[   78.215888][ T5729] smc: net device bond0 applied user defined pnetid SYZ2
[   78.223330][ T5729] smc: net device bond0 erased user defined pnetid SYZ2