last executing test programs:

2m11.774888921s ago: executing program 1 (id=612):
syz_emit_ethernet(0x7a, &(0x7f0000000040)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x8, 0x6, '\x00\b\x00', 0x44, 0x2f, 0x1, @private1, @mcast2, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x86dd, 0x0, 0x1}, {}, {0x0, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x5, 0x1, 0xe, 0x0, 0x1, 0x1, 0x0, 0xc0}, 0x1, {0x3}}}, {0x8, 0x22eb, 0x4, {{0xf, 0x2, 0x1, 0x3, 0x1, 0x2, 0x2, 0x40}, 0x2, {0x4, 0x2, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}}}, {0x8, 0x6558, 0x204}}}}}}}, 0x0)

2m11.641619868s ago: executing program 1 (id=614):
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000100)='./file2\x00', 0x8, &(0x7f0000000180)={[{@jqfmt_vfsv0}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0x4, 0x52f, &(0x7f00000029c0)="$eJzs3c9vG1kdAPDvOHF+bbrpwh4AAVuWhYKqOom7G632QvcCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1M3sZNAnbiJPx9pMvPeTOb7Xtz3nudV9gtgaF2IiO2IGIuIWxExk+cn+RZX21t63fNn95d2nt1fSqLVuvH3JDuf5kXH76Teyu85ERHf/07Ej5L9cRubW2uL1WplI0/PNmvrs43NrcurhTynvDC/MPfxlY/Kfavre7VfP/326rUf/PY3X3ryh+1v/iQt1vRPz2XnOuvRT+2qF2O6I280Iq4dR7ABGc3//XD6pK3tMxHxftb+Z2IkezUBgLOs1ZqJ1kxnGgA469Ln/+lICqV8LmA6CoVSqT2H925MFar1RvPSTP3uneXI5rDOR7Fwe7VamcvnCs9HMUnT89nxy3T5lfTDypWIeCciHo5PZudLS/Xq8iDf+ADAEHurY/yfjIh/jbfH/07FQRUOADg+E4MuAABw4oz/ADB8jP8AMHz+h/HfpwMB4Izw/A8Aw8f4DwDD59Dx/8HJlAMAOBHfu3493Vo77e+/fvFN3ZeXK421Uu3uUmmpvrFeWqnXV6qV0lKrddj9qvX6+vyHu8nG5tbNWv3unebN1driSuVmxXcJAMDgvfPe4z+lg/72J5PZFh1rORir4WwrDLoAwMCMDLoAwMD4PA8MryM845sGgDOuyxK9bfkEQdLrgkcWf4XT6uLnzf/DsHqd+X9zB3C6/X/z/9/qezmAk2cMh+HVaiW91/wfyy4AAM4Yc/xAz///z/X8ipBH/S8LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBbT2ZYUStla4Nvpz0KpFHEuIs5HMbm9Wq3MRcTbEfHH8eJ4mp4fdKEBgNdU+GuSr/91ceaD6b1nx5J/j2f7iPjxz2/87N5is7kxn+b/Yze/+SjNn2xulMcGUQEAoNPV/VnZ+F3O9x0P8s+f3V96sZ1kEZ9+2l5cNI27k2/tM6Mxmu0nohgRU/9M8nRb+n5lpA/xtx+079Ou+0Tc64gwnc2BtFc+3Rs//Z1zfYofn+v2998bv/BKfQvZuXRfzP4Wn409hQMO9fjTdj+Zt720ieftrxAXsn339j+R9VCvL+3/0ua6s6//K+z2fyP74idZm7+wmz64JE8//N1392W2ZtrnHkR8YbRb/GQ3ftK9/y1+cMQ6/vmLX36/17nWLyIudq3/ixWpa1k3O9usrc82Nrcur9YWVyorlTvl8sL8wtzHVz4qz2Zz1O2fv+8W42+fXHq7V/y0/lM94k8cXP/42hHr/8v/3PrhVw6I/42vdn/93z0gfjomfv2I8RenrvZcvjuNv9yj/oe8/nHpiPGf/GVr+YiXAgAnoLG5tbZYrVY2DjlI32sedo2Dox+kz/ZvQDGyg9iO6NcNs0mJiOh6TfqO+s2o8nEdJAOL/qt+33DQPRNw3F42+l5XJCdbIAAAAAAAAAAAAAAAYJ/G5tbaePdPa/XtYNB1BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Oz6bwAAAP//kCXAMw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$EVIOCGSND(0xffffffffffffffff, 0x8040451a, &(0x7f0000000000)=""/49)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)

2m7.03528642s ago: executing program 1 (id=631):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4040014}, 0x8000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0x0, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4084)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000140)="bad330fbc9b5544972e7a5ea0756", 0x36, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd8, 0x6, @random="98c8ca7122df"}, 0x14)
sendto$packet(r7, &(0x7f0000000400)="c1858aec1d0a21756f66b4805f3a", 0xe, 0x40000, &(0x7f0000000240)={0x11, 0xf8, r6, 0x1, 0x5, 0x6, @random="24f51e8e0a5a"}, 0x14)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r9)
sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)

2m6.533318586s ago: executing program 1 (id=637):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair(0x26, 0x800, 0x6, &(0x7f0000000000))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8)
r2 = socket$kcm(0xa, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x64010101, 0x4e22, 0x3, 'lblcr\x00', 0x1, 0x80005, 0x6f}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x5, 0x8, 0x77}, {@remote, 0x4e20, 0x2, 0xcd}}, 0x44)
sendmsg$sock(r2, &(0x7f00000000c0)={&(0x7f0000000580)=@in6={0x2, 0x4e21, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)

2m4.596832258s ago: executing program 1 (id=643):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
mkdirat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x11)
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
connect$unix(r1, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='pids.current\x00', 0x275a, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, 0x4e24, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x87}, {0x0, 0x2}, {0x0, 0x400000000000000, 0xfffffffffffffffa}, 0xffffffff, 0x0, 0x1}, {{@in=@broadcast, 0x40000, 0x3c}, 0xa, @in6=@loopback, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x207}}, 0x12c)
madvise(&(0x7f0000103000/0x4000)=nil, 0x4000, 0x4)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r4, &(0x7f0000001c80), 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)
setreuid(0x0, 0xee00)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000440)={0x3, 'vlan0\x00', {0x140}, 0x7})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'geneve1\x00', 0x2})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x17)
close(0xffffffffffffffff)
write$tun(0xffffffffffffffff, &(0x7f00000000c0)={@val={0x0, 0x2}, @void, @mpls={[{0xc5, 0x0, 0x1}, {0x1ec0}, {0x7}, {0x5, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0x1}, {0x8}], @llc={@llc={0xff, 0x2, "9e", "a444068614e6f45f4675504300ac61b138957552879090315d0b95bae9a3a3ea1ba5318e5263592f4bcbb561f0e7f2a066a103391561a8a2f37d4bb48bed0f89a700d3d3a5854790"}}}}, 0x6f)

2m3.583188881s ago: executing program 1 (id=645):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000680)={[{@subsystem='memory'}]})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x14, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x59}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a00))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}, {@noquota}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")

1m48.320379194s ago: executing program 32 (id=645):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$cgroup(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000680)={[{@subsystem='memory'}]})
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x14, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x59}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a00))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}, {@noquota}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")

1m16.381840962s ago: executing program 5 (id=805):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1", 0x83}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f", 0x91}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9", 0x5d}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec4898205", 0xa6}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c", 0x89}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, 0x0}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x3, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1m16.177463812s ago: executing program 5 (id=808):
unshare(0xc000480)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, 0x0, 0x0)

1m16.005809022s ago: executing program 5 (id=811):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
mmap$binder(&(0x7f00006ff000/0x4000)=nil, 0x4000, 0x1, 0x11, r3, 0x6000)
userfaultfd(0x80001)

1m14.554669928s ago: executing program 5 (id=819):
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000180)="6fe4dd9e", 0x4}], 0x1}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x2, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r5, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8810}, 0x8000)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=@newtfilter={0x58, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x9, 0x4}, {}, {0x7, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0xceb, 0x7, 0x4}, {{0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1}}}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r7, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x5dc}], 0x1}, 0x4)

1m14.305763771s ago: executing program 5 (id=822):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x90010022}]}, 0x90)
close(r2)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000100008877fbac141416e000030a89079f03b180ff83080520e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c)

1m14.112735941s ago: executing program 5 (id=825):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000180000000000000000000000711203000000000095"], &(0x7f0000001200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@fallback=r1, 0x0, 0x0, 0x9, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000340)={'syztnl2\x00', <r3=>0x0, 0x7, 0x10, 0x4e3, 0x6, {{0x1a, 0x4, 0x0, 0x6, 0x68, 0x68, 0x0, 0x9, 0x29, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x14, 0xc8, 0x3, 0x6, [{@local}, {@broadcast, 0xffff}]}, @ssrr={0x89, 0x7, 0x3d, [@multicast1]}, @noop, @timestamp_prespec={0x44, 0x24, 0x49, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x1d}, 0x5}, {@multicast1, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@multicast1, 0x80000000}]}, @lsrr={0x83, 0xf, 0x8, [@empty, @remote, @empty]}, @noop, @ra={0x94, 0x4, 0x1}]}}}}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0], 0x0, 0xaa, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xbd, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000a80)=ANY=[@ANYRES32=r3, @ANYRES32=r0, @ANYBLOB=')\x00\x00\x00(\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="80263e164a4bbcb64b9672d37b6e10f907af81e73fe12a7e39583bf674a62031ed00fbdf49f50d52749952dd247d13b184cbdb926345c40404bb3bfb70d6cfe14eb8a636bb22439e75df3bb0951682901465b46a32d604a5b705eced77b416b088b091531b93adb3d9edbb46377ed04c701c8b7c2f235e3d32e509186d8d76b7829a14c08e97957d67dc3b9193d3e1ca9c6865f449d86d56278f92d84f1c8f95a0d1b41e93a7ee28b04342e29d727a9258d115471bdcc0de2b1563c44454a5031e0d6766804976d81154f985951e2715f55df3a7349de8071a3b28f4ad407f2adda1c5e1496c1fd4944aab01901e4b8d8a6807d486fbb2449f9715f4de2e7d013d82a85d015e1d6ec21a", @ANYRES32=r4, @ANYRES64=r2], 0x20)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000002740)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000980)=""/223}, {&(0x7f0000000800)=""/89}, {&(0x7f0000000880)=""/154}, {&(0x7f0000000940)=""/14}, {&(0x7f0000000cc0)=""/4096}, {&(0x7f0000001cc0)=""/108}, {&(0x7f0000001d40)=""/101}], 0x0, &(0x7f0000001e40)=""/133}, 0x1000}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000001f00)=""/17}, {&(0x7f0000001f40)=""/48}, {&(0x7f0000001f80)=""/133}]}, 0xff}, {{0x0, 0x0, &(0x7f0000002640), 0x0, &(0x7f00000026c0)=""/71}, 0x1}], 0x319408a, 0x300, 0x0)

58.987229796s ago: executing program 33 (id=825):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000180000000000000000000000711203000000000095"], &(0x7f0000001200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@fallback=r1, 0x0, 0x0, 0x9, &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r2=>0x0}, 0x40)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000340)={'syztnl2\x00', <r3=>0x0, 0x7, 0x10, 0x4e3, 0x6, {{0x1a, 0x4, 0x0, 0x6, 0x68, 0x68, 0x0, 0x9, 0x29, 0x0, @loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x14, 0xc8, 0x3, 0x6, [{@local}, {@broadcast, 0xffff}]}, @ssrr={0x89, 0x7, 0x3d, [@multicast1]}, @noop, @timestamp_prespec={0x44, 0x24, 0x49, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0x1d}, 0x5}, {@multicast1, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}, {@multicast1, 0x80000000}]}, @lsrr={0x83, 0xf, 0x8, [@empty, @remote, @empty]}, @noop, @ra={0x94, 0x4, 0x1}]}}}}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0], 0x0, 0xaa, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0xbd, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000a80)=ANY=[@ANYRES32=r3, @ANYRES32=r0, @ANYBLOB=')\x00\x00\x00(\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="80263e164a4bbcb64b9672d37b6e10f907af81e73fe12a7e39583bf674a62031ed00fbdf49f50d52749952dd247d13b184cbdb926345c40404bb3bfb70d6cfe14eb8a636bb22439e75df3bb0951682901465b46a32d604a5b705eced77b416b088b091531b93adb3d9edbb46377ed04c701c8b7c2f235e3d32e509186d8d76b7829a14c08e97957d67dc3b9193d3e1ca9c6865f449d86d56278f92d84f1c8f95a0d1b41e93a7ee28b04342e29d727a9258d115471bdcc0de2b1563c44454a5031e0d6766804976d81154f985951e2715f55df3a7349de8071a3b28f4ad407f2adda1c5e1496c1fd4944aab01901e4b8d8a6807d486fbb2449f9715f4de2e7d013d82a85d015e1d6ec21a", @ANYRES32=r4, @ANYRES64=r2], 0x20)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000002740)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000980)=""/223}, {&(0x7f0000000800)=""/89}, {&(0x7f0000000880)=""/154}, {&(0x7f0000000940)=""/14}, {&(0x7f0000000cc0)=""/4096}, {&(0x7f0000001cc0)=""/108}, {&(0x7f0000001d40)=""/101}], 0x0, &(0x7f0000001e40)=""/133}, 0x1000}, {{0x0, 0x0, &(0x7f0000002040)=[{&(0x7f0000001f00)=""/17}, {&(0x7f0000001f40)=""/48}, {&(0x7f0000001f80)=""/133}]}, 0xff}, {{0x0, 0x0, &(0x7f0000002640), 0x0, &(0x7f00000026c0)=""/71}, 0x1}], 0x319408a, 0x300, 0x0)

10.174925142s ago: executing program 4 (id=1124):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000002850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

10.165598483s ago: executing program 0 (id=1125):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x90010022}]}, 0x90)
close(r2)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000100008877fbac141416e000030a89079f03b180ff83080520e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c)

9.982853833s ago: executing program 4 (id=1127):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$BTRFS_IOC_SYNC(r3, 0x9408, 0x0)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000200)={0x4e, 0xfff9, 0x9, 0x8007, 0xa, "7e77672dffffff00"})
ioctl$TIOCSTI(r5, 0x5412, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3f}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x4000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x800000}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff1f}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {0x4, 0x0, 0x6}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

9.868579768s ago: executing program 0 (id=1128):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="050000000500000002"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYRES32, @ANYBLOB="0220", @ANYRES32], 0x50)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40448a0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x0, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0xeeef0000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x1, 0x81, 0x0, 0x6, 0x5}, {0xffffffff, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x7, 0xd, 0x9, 0x0, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0xff, 0xd, 0x6, 0x1, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x7, 0x9d, 0x3, 0x0, 0x0, 0x9, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xd, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0xfe, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x24090, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085", 0xcb}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.836693013s ago: executing program 0 (id=1137):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000002850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

8.690354641s ago: executing program 0 (id=1138):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x90010022}]}, 0x90)
close(r2)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0)=r3, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979e29857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37ceff9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158b94f0800000000000000af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed210d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734f87da3770845cf442d488afdc0e170000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bbf8ab9c691841ab0931d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f080091c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efde0142cf90ff668b9757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c2f56855b18f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b80859bde08b85c8086e4b7f1fd568042ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e0cbed29faef19c0082e26fb867bf0ff0099d71bb0d2f443e77a44e8c4b0455d95b19c73ef4c98f775aad9e1b317b3cc48f7ad1d82ea6ad6c3c7d943fb0157c250e2ba56301e25c19a7e37ce880bed8a8e1538560f2be7d4cca6539277505826bd61bad2bcd4914344d4a27b29d2eb89bdc7a702e485d68c04e8f6b05336bf8d8e116605eaf375a592fe2382763c3cba76a0e4029dad5d37dd77abb1b7d2e2de23a4131e45ed81123ad6fa4f8b92c47e00000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xe80, 0x6000002c, &(0x7f0000000100)="b9ff03316844268cb89e14f008004ce0003000000100008877fbac141416e000030a89079f03b180ff83080520e0845013f2325f004408050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014c0000c0adc043084617d7ecf41effff38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d7da058f6efa6d1f5f7ff400"/254, 0x0, 0xfe, 0x60000000, 0x0, 0xfffffffe}, 0x2c)

8.614077405s ago: executing program 0 (id=1139):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller0\x00', @broadcast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x200504, 0x0)
close(r4)
socket$unix(0x1, 0x5, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x9, 0x4, 0xb47e, 0xb, 0x3, 0xd, 0xf, 0x1ff}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x7, 0x8000, 0x8, 0x5, 0xfffffffd, 0x3, 0xfffffffa, 0xc6e1, 0x101}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

8.244582734s ago: executing program 0 (id=1141):
socket$can_bcm(0x1d, 0x2, 0x2)
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
mkdirat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x11)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
connect$unix(r0, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='pids.current\x00', 0x275a, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@multicast2, 0x4e24, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x87}, {0x0, 0x2}, {0x0, 0x400000000000000, 0xfffffffffffffffa}, 0xffffffff, 0x0, 0x1}, {{@in=@broadcast, 0x40000, 0x3c}, 0xa, @in6=@loopback, 0x800000, 0x4, 0x0, 0x0, 0x0, 0x207}}, 0x12c)
madvise(&(0x7f0000103000/0x4000)=nil, 0x4000, 0x4)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r3, &(0x7f0000001c80), 0x0, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)
setreuid(0x0, 0xee00)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000440)={0x3, 'vlan0\x00', {0x140}, 0x7})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'geneve1\x00', 0x2})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x17)
close(0xffffffffffffffff)
write$tun(0xffffffffffffffff, &(0x7f00000000c0)={@val={0x0, 0x2}, @void, @mpls={[{0xc5, 0x0, 0x1}, {0x1ec0}, {0x7}, {0x5, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0x1}, {0x8}], @llc={@llc={0xff, 0x2, "9e", "a444068614e6f45f4675504300ac61b138957552879090315d0b95bae9a3a3ea1ba5318e5263592f4bcbb561f0e7f2a066a103391561a8a2f37d4bb48bed0f89a700d3d3a5854790"}}}}, 0x6f)

4.062832585s ago: executing program 3 (id=1165):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x4040014}, 0x8000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x40, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x5, 0x7, 0xb3}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xffffbddc, {0x0, 0x0, 0x0, r5, {0x10}, {}, {0xe, 0x1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x200000, 0x0, 0x7, 0x7, 0x9, 0x40, 0xffffffff, 0x2}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4040098}, 0x4084)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r7, &(0x7f0000000140)="bad330fbc9b5544972e7a5", 0xb, 0x40, &(0x7f00000001c0)={0x11, 0x1a, r6, 0x1, 0xd8, 0x6, @random="98c8ca7122df"}, 0x14)
sendto$packet(r7, &(0x7f0000000400)="c1858aec1d0a21756f66b4805f3a", 0xe, 0x40000, &(0x7f0000000240)={0x11, 0xf8, r6, 0x1, 0x5, 0x6, @random="24f51e8e0a5a"}, 0x14)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r9)
sendmsg$TIPC_CMD_ENABLE_BEARER(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)

3.40611587s ago: executing program 2 (id=1168):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))

3.320473044s ago: executing program 3 (id=1169):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0904000000000000000002000000500004804c0001800a00010072616e67650000003c000280080001"], 0xa4}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000080)=@gettaction={0xc0, 0x32, 0x1, 0x0, 0x0, {}, [@action_gd=@TCA_ACT_TAB={0x84}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8}]}, 0xc0}}, 0x0)

2.149763256s ago: executing program 3 (id=1170):
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @hoplimit={{0x14}}, @hopopts={{0x68, 0x29, 0x36, {0x5e, 0x9, '\x00', [@generic={0xff, 0x21, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21"}, @pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @generic={0x1, 0x4, "2bdb86d1"}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}], 0xc8}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0), 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

2.149105306s ago: executing program 2 (id=1171):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000002850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

2.100418459s ago: executing program 6 (id=1172):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000000c0)=@setlink={0x28, 0x13, 0x5, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40312}, [@IFLA_TARGET_NETNSID={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x42)

2.035263823s ago: executing program 2 (id=1173):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x24, 0x2, {{0x10, 0x8, 0x8, 0x8, 0x81}, 0x101, 0x0, 0x7, 0x7, 0x7, 0xa, 0x11, 0x7, 0x7, 0x3, {0x3, 0x2, 0x3, 0x35db, 0x2, 0x6}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000007c0)=@newtfilter={0x144, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {}, {0x8, 0xfff2}}, [@filter_kind_options=@f_u32={{0x8}, {0x118, 0x2, [@TCA_U32_SEL={0x114, 0x5, {0xc, 0x13, 0x10, 0x2, 0x7f, 0x8, 0x5e, 0x9, [{0x0, 0x1000, 0x4, 0x7}, {0x3, 0x5, 0x400, 0x8}, {0x7, 0x7, 0x10000, 0x4}, {0x5, 0xfffffff7, 0x6}, {0x7, 0xb, 0x7, 0x2}, {0xe7e, 0x5, 0x92}, {0x4, 0x4, 0x10, 0x3}, {0xf6b0, 0x7fffffff, 0x9, 0x9}, {0x200, 0x11dc, 0xffffffff, 0x3ff}, {0xec, 0x4d0, 0x401, 0x8}, {0x0, 0x80000000, 0xfffffff4, 0x1000}, {0xa2, 0x3, 0xa, 0x6}, {0x0, 0x0, 0x10, 0x2}, {0x3d, 0x1, 0x0, 0x4}, {0x3, 0xa4f, 0x0, 0x3}, {0x100, 0x3, 0x7, 0x7}]}}]}}]}, 0x144}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
setsockopt$sock_attach_bpf(r2, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x8}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x8}], 0x2}, 0x5)

1.88697855s ago: executing program 6 (id=1174):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r0, &(0x7f0000002780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20008004)
setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000200)="80e421cbd72c", 0x6)
ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000040))

1.746663047s ago: executing program 6 (id=1175):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/16], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
socket$unix(0x1, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0)
r6 = socket$kcm(0x29, 0x0, 0x0)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000), 0x1, 0x0, 0x1a}, 0x804)

1.68801937s ago: executing program 2 (id=1176):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r0, 0x0, 0x24004804)

1.506482361s ago: executing program 6 (id=1177):
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @hoplimit={{0x14}}, @hopopts={{0x80, 0x29, 0x36, {0x5e, 0xc, '\x00', [@generic={0xff, 0x21, "50d650847249ad288702ebd0d654b985e8908defb7ec6c5ff115c58e128b9e3a21"}, @pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x0, 0x2, 0x7, 0x6, [0x7fff]}}, @calipso={0x7, 0x18, {0x3, 0x4, 0x3, 0x7, [0x0, 0x8000]}}, @generic={0x1, 0x3, "2bdb86"}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x2}}], 0xe0}}], 0x1, 0x810)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.505826381s ago: executing program 2 (id=1178):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="050000000500000002"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000780)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000011c0)=ANY=[@ANYRES32, @ANYBLOB="0220", @ANYRES32], 0x50)
sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000001380)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40448a0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0xd4, 0x0, 0x4, 0x7, 0x4f}, {0x0, 0x2, 0xd, 0x9, 0x8, 0x3, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0xeeef0000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x1, 0x81, 0x0, 0x6, 0x5}, {0xffffffff, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x7, 0xd, 0x9, 0x0, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0xff, 0xd, 0x6, 0x1, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x6, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x7, 0x9d, 0x3, 0x0, 0x0, 0x9, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xd, 0x5, 0x28, 0x3, 0xa, 0x9, 0x54, 0xfe, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x24090, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.14080082s ago: executing program 3 (id=1179):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f0000000300)=0x100000001, 0x4)
poll(&(0x7f00000000c0)=[{r2, 0x8100}], 0x1, 0x6)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xf7, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="380000001000370400"/20, @ANYRES32, @ANYBLOB="8304000000000000180012800b00010069703667726500000800028004001200"], 0x38}, 0x1, 0x0, 0x0, 0x20009054}, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

1.094169072s ago: executing program 4 (id=1180):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x9, 0x4, 0xb47e, 0xb, 0x3, 0xd, 0xf, 0x1ff}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x70b928, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0x5, 0x7, 0x5, 0x1, 0x0, 0x6}, [@TCA_NETEM_CORR={0x10, 0x1, {0x68a, 0x101, 0x3}}, @TCA_NETEM_REORDER={0xc, 0x3, {0x6, 0x8}}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x240040e0}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

380.4789ms ago: executing program 6 (id=1181):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840)
read$nci(r0, &(0x7f0000002040)=""/186, 0xba)

374.73132ms ago: executing program 3 (id=1182):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424", 0x73}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d0", 0x95}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9", 0x5d}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede331312f556ecea24236759bf0d51003477ec4898205", 0xa6}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c", 0x89}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, 0x0}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x3, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

282.783925ms ago: executing program 4 (id=1183):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x10000000}, 0x1c)
close(0x3)

236.117848ms ago: executing program 2 (id=1184):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
unshare(0x8040480)
close(0x3)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = epoll_create(0x103)
write(0xffffffffffffffff, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000001280)={0x30000010})
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000100), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
unshare(0x400)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0x1, &(0x7f00000006c0)=0x2, 0x4)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x42, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300, {[@generic={0x88, 0x2}]}}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @empty, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xffffeff7, 0x40, 0x40000006}, 0x3c)

221.854658ms ago: executing program 4 (id=1185):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}]}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x20004000}, 0x8000)

146.571402ms ago: executing program 6 (id=1186):
r0 = socket(0x400000000010, 0x3, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000ac0)}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f3", 0x1b}], 0x2, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x48}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x4}}, 0x80, 0x0}}], 0x2, 0x20000044)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f0000000740)='syzkaller\x00', 0x1}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)={@map, r4, 0x7}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={0xffffffffffffffff, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r3}, 0x20)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000780)={0x14, 0x0, 0x800, 0x8, 0x25dfdbfb}, 0xc3f8}, 0x1, 0x0, 0x0, 0x8000}, 0x400c4)
r5 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

91.523965ms ago: executing program 3 (id=1187):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)

0s ago: executing program 4 (id=1188):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000100000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000002850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

kernel console output (not intermixed with test programs):

ngly recommended to keep mac addresses unique to avoid problems!
[   63.424537][ T4185] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.436479][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.447610][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.456353][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.474516][ T4185] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.483528][ T4185] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.492693][ T4185] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.502007][ T4185] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.619312][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.623177][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.627824][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.647023][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.690108][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.700618][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.718215][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.727830][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.757370][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.783770][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.799184][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.816385][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.844441][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.855705][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.864237][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.901093][ T4253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.925157][ T4253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.980173][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.988506][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.996739][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.039813][ T1229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.047886][ T1229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.095950][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   64.141122][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   64.208196][ T1229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.259897][ T1229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.271942][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   64.509149][ T4278] netlink: 'syz.1.2': attribute type 29 has an invalid length.
[   64.568214][ T4278] netlink: 'syz.1.2': attribute type 29 has an invalid length.
[   64.905626][ T4290] netlink: 'syz.4.11': attribute type 2 has an invalid length.
[   64.918979][ T4290] netlink: 36 bytes leftover after parsing attributes in process `syz.4.11'.
[   64.959783][   T23] Bluetooth: hci0: command 0x0419 tx timeout
[   64.975829][   T23] Bluetooth: hci1: command 0x0419 tx timeout
[   64.996750][   T23] Bluetooth: hci3: command 0x0419 tx timeout
[   65.009394][ T4227] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   65.051715][   T23] Bluetooth: hci4: command 0x0419 tx timeout
[   65.076277][   T23] Bluetooth: hci2: command 0x0419 tx timeout
[   65.398403][ T4227] usb 3-1: Using ep0 maxpacket: 8
[   65.484651][ T4323] netlink: 'syz.0.22': attribute type 27 has an invalid length.
[   65.519168][ T4227] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[   65.537852][ T4227] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   65.566556][ T4227] usb 3-1: config 0 has no interface number 0
[   65.578141][ T4227] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[   65.590027][ T4227] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[   65.603010][ T4330] netlink: 'syz.4.24': attribute type 29 has an invalid length.
[   65.611939][ T4227] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[   65.622350][ T4227] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[   65.632949][ T4227] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[   65.798681][ T4227] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[   65.811676][ T4227] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   65.820042][ T4227] usb 3-1: Product: syz
[   65.827483][ T4227] usb 3-1: Manufacturer: syz
[   65.832294][ T4227] usb 3-1: SerialNumber: syz
[   65.852802][ T4227] usb 3-1: config 0 descriptor??
[   65.879468][ T4285] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   66.106586][ T4285] udc-core: couldn't find an available UDC or it's busy
[   66.145534][ T4285] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.172954][ T4285] udc-core: couldn't find an available UDC or it's busy
[   66.182467][ T4285] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.194699][ T4323] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.203443][ T4323] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.224519][ T4285] udc-core: couldn't find an available UDC or it's busy
[   66.234683][ T4285] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.245811][ T4285] udc-core: couldn't find an available UDC or it's busy
[   66.253395][ T4285] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.262608][ T4285] udc-core: couldn't find an available UDC or it's busy
[   66.269983][ T4285] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.510305][ T4227] usb 3-1: NFC: intf ffff888074c67000 id ffffffff8cb52720
[   66.534138][ T4227] nfcmrvl 3-1:0.122: NFC: registered with nci successfully
[   66.554491][ T4227] usb 3-1: USB disconnect, device number 2
[   66.580430][ T4227] usb 3-1: NFC: intf ffff888074c67000
[   66.721452][ T4323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   66.752534][ T4323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   67.047357][ T4323] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.057760][ T4323] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.108254][ T4323] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.118033][ T4323] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   67.262254][ T4320] netlink: 24 bytes leftover after parsing attributes in process `syz.3.21'.
[   67.274097][ T4320] Zero length message leads to an empty skb
[   67.303938][ T4327] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   67.342970][ T4327] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.352610][ T4327] 8021q: adding VLAN 0 to HW filter on device team0
[   67.391797][ T4327] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   67.423714][ T4330] netlink: 'syz.4.24': attribute type 29 has an invalid length.
[   67.787126][ T4383] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   68.093814][ T4397] netlink: 12 bytes leftover after parsing attributes in process `syz.0.39'.
[   68.128493][ T4397] netlink: 58 bytes leftover after parsing attributes in process `syz.0.39'.
[   68.157766][ T4400] netlink: 'syz.2.41': attribute type 29 has an invalid length.
[   68.190014][ T4400] netlink: 'syz.2.41': attribute type 29 has an invalid length.
[   68.281215][ T4397] team0 (unregistering): Port device team_slave_0 removed
[   68.386317][ T4397] team0 (unregistering): Port device team_slave_1 removed
[   68.518142][ T4417] device syzkaller0 entered promiscuous mode
[   69.041975][ T4441] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   69.096054][ T4441] netlink: 'syz.1.57': attribute type 29 has an invalid length.
[   69.273687][ T4454] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   69.738230][ T4474] device syzkaller0 entered promiscuous mode
[   70.071896][ T1110] cfg80211: failed to load regulatory.db
[   70.084575][ T4482] loop3: detected capacity change from 0 to 512
[   70.183007][ T4486] loop0: detected capacity change from 0 to 128
[   71.432015][ T4488] netlink: 'syz.1.71': attribute type 29 has an invalid length.
[   71.478313][    C0] sched: RT throttling activated
[   71.486597][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[   71.492209][ T4486] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   71.498549][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[   71.520792][ T4486] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   71.978709][ T4488] netlink: 'syz.1.71': attribute type 29 has an invalid length.
[   72.350877][ T4500] netlink: 'syz.2.75': attribute type 27 has an invalid length.
[   72.479789][ T4482] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[   72.535868][ T4482] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   72.864129][ T4508] loop4: detected capacity change from 0 to 512
[   72.946823][ T4509] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.178532][ T4508] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.78: inode has both inline data and extents flags
[   73.202907][ T4508] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.78: couldn't read orphan inode 15 (err -117)
[   73.215908][ T4508] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   73.514361][ T4510] device syzkaller0 entered promiscuous mode
[   76.186040][ T4557] loop3: detected capacity change from 0 to 512
[   76.275584][ T4558] loop2: detected capacity change from 0 to 128
[   77.489591][ T4558] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   77.499203][ T4557] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[   77.538649][ T4557] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[   77.729932][ T4558] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   79.657053][  T155] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   80.189689][ T4585] tipc: Started in network mode
[   80.414799][ T4585] tipc: Node identity ac14140f, cluster identity 4711
[   80.903692][ T4590] loop2: detected capacity change from 0 to 512
[   81.491640][ T4585] tipc: Enabled bearer <udp:syz2>, priority 10
[   82.091967][ T4590] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.97: inode has both inline data and extents flags
[   82.107623][ T4590] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.97: couldn't read orphan inode 15 (err -117)
[   82.128463][ T4590] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   82.520077][ T4349] tipc: Node number set to 2886997007
[   82.889241][ T4617] loop0: detected capacity change from 0 to 128
[   85.483868][ T4622] loop1: detected capacity change from 0 to 512
[   86.188736][ T4624] loop3: detected capacity change from 0 to 512
[   87.269736][ T4628] netlink: 8 bytes leftover after parsing attributes in process `syz.0.114'.
[   87.309763][ T4628] netlink: 8 bytes leftover after parsing attributes in process `syz.0.114'.
[   87.345051][ T4631] netlink: 'syz.4.113': attribute type 29 has an invalid length.
[   87.367618][ T4622] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[   87.395267][ T4631] netlink: 'syz.4.113': attribute type 29 has an invalid length.
[   87.439213][ T4622] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[   88.533446][ T4657] syz.4.120 uses obsolete (PF_INET,SOCK_PACKET)
[   88.882104][ T4667] netlink: 52 bytes leftover after parsing attributes in process `syz.1.122'.
[   88.907866][ T4667] netlink: 'syz.1.122': attribute type 1 has an invalid length.
[   89.060264][ T4661] netlink: 8 bytes leftover after parsing attributes in process `syz.1.122'.
[   89.369170][ T4679] loop0: detected capacity change from 0 to 128
[   89.589883][ T4679] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   89.611832][ T4679] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   90.238282][ T4686] device syzkaller1 entered promiscuous mode
[   90.332838][ T4687] netlink: 'syz.3.128': attribute type 29 has an invalid length.
[   90.410152][ T4687] netlink: 'syz.3.128': attribute type 29 has an invalid length.
[   90.479833][ T4691] loop4: detected capacity change from 0 to 512
[   90.536032][ T4691] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[   90.628524][ T4691] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[   92.693835][ T4699] loop1: detected capacity change from 0 to 512
[   92.885456][ T4511] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   93.510546][ T4699] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   93.524044][ T4699] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   93.755432][ T4699] EXT4-fs: failed to create workqueue
[   93.761138][ T4699] EXT4-fs (loop1): mount failed
[   94.331281][ T4719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.137'.
[   95.132406][ T4732] netlink: 'syz.1.141': attribute type 29 has an invalid length.
[   95.161729][ T4732] netlink: 'syz.1.141': attribute type 29 has an invalid length.
[   95.221434][ T4739] netlink: 32 bytes leftover after parsing attributes in process `syz.0.144'.
[   95.242916][ T4739] netlink: 4 bytes leftover after parsing attributes in process `syz.0.144'.
[   96.338486][ T4765] loop0: detected capacity change from 0 to 512
[   96.476168][ T4765] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   96.807059][ T4765] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   96.823903][ T4765] EXT4-fs (loop0): 1 truncate cleaned up
[   96.829767][ T4765] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[   97.348952][ T4772] IPVS: set_ctl: invalid protocol: 136 172.30.0.2:20005
[   97.367992][ T4773] netlink: 'syz.3.156': attribute type 29 has an invalid length.
[   97.405428][ T4773] netlink: 'syz.3.156': attribute type 29 has an invalid length.
[   98.692537][ T4809] loop3: detected capacity change from 0 to 512
[   98.973954][ T4809] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.165: inode has both inline data and extents flags
[   98.998386][ T4809] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.165: couldn't read orphan inode 15 (err -117)
[   99.011538][ T4809] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  100.236301][ T4822] IPVS: length: 162 != 8
[  100.273908][ T4823] netlink: 'syz.0.171': attribute type 29 has an invalid length.
[  100.339266][ T4823] netlink: 'syz.0.171': attribute type 29 has an invalid length.
[  100.451695][ T4826] netlink: 20 bytes leftover after parsing attributes in process `syz.1.172'.
[  100.490935][ T4826] netlink: 20 bytes leftover after parsing attributes in process `syz.1.172'.
[  101.378415][ T4849] loop0: detected capacity change from 0 to 512
[  101.565227][ T4849] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  101.703947][ T4849] EXT4-fs (loop0): 1 truncate cleaned up
[  101.709934][ T4849] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  103.504462][ T4861] netlink: 'syz.2.184': attribute type 29 has an invalid length.
[  103.618517][ T4861] netlink: 'syz.2.184': attribute type 29 has an invalid length.
[  104.126927][ T4879] loop2: detected capacity change from 0 to 512
[  104.383661][ T4879] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.187: inode has both inline data and extents flags
[  104.399723][ T4879] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.187: couldn't read orphan inode 15 (err -117)
[  104.413650][ T4879] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.146205][ T4887] loop3: detected capacity change from 0 to 512
[  105.216274][ T4887] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  105.288524][ T4887] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  107.199904][ T4921] device veth0 entered promiscuous mode
[  107.467312][ T4928] loop2: detected capacity change from 0 to 512
[  107.548529][ T4928] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  107.567673][ T4928] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  108.420502][ T4920] device veth0 left promiscuous mode
[  108.535609][ T4938] device syzkaller0 entered promiscuous mode
[  108.949898][ T4952] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  108.987831][ T4956] netlink: 24 bytes leftover after parsing attributes in process `syz.0.213'.
[  109.031845][ T4956] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  109.065223][ T4956] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  109.579552][ T4979] device veth0 entered promiscuous mode
[  109.713532][ T4973] device veth0 left promiscuous mode
[  110.002447][ T4987] device syzkaller0 entered promiscuous mode
[  110.193693][ T4995] netlink: 20 bytes leftover after parsing attributes in process `syz.2.226'.
[  110.295564][ T4999] netlink: 14 bytes leftover after parsing attributes in process `syz.0.227'.
[  110.346315][ T4999] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  110.369450][ T4999] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  110.390782][ T4999] bond0 (unregistering): Released all slaves
[  110.588576][ T4229] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  110.747707][ T5011] netlink: 'syz.2.231': attribute type 29 has an invalid length.
[  110.756574][ T5011] netlink: 'syz.2.231': attribute type 29 has an invalid length.
[  110.858604][ T4229] usb 2-1: Using ep0 maxpacket: 8
[  110.978570][ T4229] usb 2-1: config 0 has an invalid interface number: 122 but max is 0
[  110.992389][ T4229] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  111.021945][ T4229] usb 2-1: config 0 has no interface number 0
[  111.044637][ T4229] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  111.098421][ T4229] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  111.118885][ T4229] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  111.138460][ T4229] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  111.158386][ T4229] usb 2-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  111.348660][ T4229] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  111.357768][ T4229] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  111.386500][ T4229] usb 2-1: Product: syz
[  111.389495][ T5029] device syzkaller0 entered promiscuous mode
[  111.391345][ T4229] usb 2-1: Manufacturer: syz
[  111.411718][ T4229] usb 2-1: SerialNumber: syz
[  111.431272][ T4229] usb 2-1: config 0 descriptor??
[  111.459839][ T5001] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  111.700199][ T5001] udc-core: couldn't find an available UDC or it's busy
[  111.717065][ T5001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  111.720182][ T5034] IPVS: rr: FWM 3 0x00000003 - no destination available
[  111.744669][ T5001] udc-core: couldn't find an available UDC or it's busy
[  111.770117][ T5001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  111.809793][ T5001] udc-core: couldn't find an available UDC or it's busy
[  111.816788][ T5001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  111.869723][ T5001] udc-core: couldn't find an available UDC or it's busy
[  111.876914][ T5001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  111.979426][ T5001] udc-core: couldn't find an available UDC or it's busy
[  112.012853][ T5045] netlink: 'syz.2.244': attribute type 29 has an invalid length.
[  112.028458][ T5001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  112.046590][ T5045] netlink: 'syz.2.244': attribute type 29 has an invalid length.
[  112.099338][ T4229] usb 2-1: NFC: intf ffff88801e3ae000 id ffffffff8cb52720
[  112.225590][ T5053] loop3: detected capacity change from 0 to 512
[  112.397511][ T4229] nfcmrvl 2-1:0.122: NFC: registered with nci successfully
[  112.607442][ T4229] usb 2-1: USB disconnect, device number 2
[  112.782198][ T4229] usb 2-1: NFC: intf ffff88801e3ae000
[  114.065439][ T5053] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.242: inode has both inline data and extents flags
[  114.082652][ T5053] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.242: couldn't read orphan inode 15 (err -117)
[  114.099802][ T5053] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  115.550300][ T5079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.251'.
[  115.757174][ T5080] device syzkaller0 entered promiscuous mode
[  116.848695][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  116.856571][ T5088] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  116.868069][ T5088] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  117.388442][ T4229] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  117.447131][ T5096] device syzkaller1 entered promiscuous mode
[  117.628444][ T4229] usb 3-1: Using ep0 maxpacket: 8
[  117.749612][ T4229] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  117.774755][ T4229] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  117.828472][ T4229] usb 3-1: config 0 has no interface number 0
[  117.871095][ T4229] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  118.124261][ T4229] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  118.254378][ T5113] loop3: detected capacity change from 0 to 512
[  118.478962][ T5113] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.262: inode has both inline data and extents flags
[  118.495082][ T5113] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.262: couldn't read orphan inode 15 (err -117)
[  118.509396][ T5113] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  118.537126][ T4229] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  118.848723][ T4229] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  118.865962][ T4229] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  119.198759][ T4229] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  120.478748][ T5123] loop0: detected capacity change from 0 to 512
[  120.790139][ T5123] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  120.821224][ T4229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.378115][ T4229] usb 3-1: Product: syz
[  123.384960][ T5123] EXT4-fs: error -4 creating inode table initialization thread
[  123.393351][ T5123] EXT4-fs (loop0): mount failed
[  123.421529][ T4229] usb 3-1: Manufacturer: syz
[  123.445571][ T4229] usb 3-1: SerialNumber: syz
[  123.473863][ T4229] usb 3-1: config 0 descriptor??
[  123.549642][ T4229] usb 3-1: can't set config #0, error -71
[  123.572767][ T5136] loop1: detected capacity change from 0 to 512
[  123.611483][ T4229] usb 3-1: USB disconnect, device number 3
[  123.615706][ T5135] bridge0: port 3(vlan2) entered blocking state
[  123.624007][ T5135] bridge0: port 3(vlan2) entered disabled state
[  123.642013][ T5135] device vlan2 entered promiscuous mode
[  123.647832][ T5135] device geneve0 entered promiscuous mode
[  123.727208][ T5136] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  123.763836][ T5136] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  123.899305][ T5143] netlink: 68 bytes leftover after parsing attributes in process `syz.3.267'.
[  126.870639][ T5180] netlink: 12 bytes leftover after parsing attributes in process `syz.0.280'.
[  127.594621][ T5208] netlink: 'syz.2.289': attribute type 29 has an invalid length.
[  127.617617][ T5208] netlink: 'syz.2.289': attribute type 29 has an invalid length.
[  127.682656][ T5205] netlink: 'syz.2.289': attribute type 29 has an invalid length.
[  127.879866][ T5218] netlink: 4 bytes leftover after parsing attributes in process `syz.2.293'.
[  130.472480][ T5251] netlink: 'syz.3.303': attribute type 29 has an invalid length.
[  130.528807][ T5251] netlink: 'syz.3.303': attribute type 29 has an invalid length.
[  130.537507][ T5250] netlink: 'syz.3.303': attribute type 29 has an invalid length.
[  130.589600][ T5255] netlink: 'syz.2.305': attribute type 6 has an invalid length.
[  130.775320][ T5262] netlink: 224 bytes leftover after parsing attributes in process `syz.2.305'.
[  131.499947][ T5274] device syzkaller0 entered promiscuous mode
[  131.906891][ T5288] netlink: 'syz.4.311': attribute type 39 has an invalid length.
[  132.564485][ T5301] loop3: detected capacity change from 0 to 512
[  132.633097][ T5301] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  132.680660][ T5301] EXT4-fs (loop3): 1 truncate cleaned up
[  132.686404][ T5301] EXT4-fs (loop3): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  132.798714][ T5308] bridge: RTM_NEWNEIGH with invalid state 0x8
[  132.891650][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.898109][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  133.535466][ T5329] loop4: detected capacity change from 0 to 128
[  136.498509][ T5335] loop1: detected capacity change from 0 to 512
[  137.353668][ T5335] EXT4-fs error (device loop1): ext4_orphan_get:1406: inode #15: comm syz.1.324: inode has both inline data and extents flags
[  137.369769][ T5335] EXT4-fs error (device loop1): ext4_orphan_get:1411: comm syz.1.324: couldn't read orphan inode 15 (err -117)
[  137.383122][ T5335] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  137.844307][ T5342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.325'.
[  137.888946][ T5342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.325'.
[  137.933896][ T5342] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  137.942769][ T5342] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  137.951104][ T5342] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  137.959617][ T5342] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  138.204463][ T5344] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.402134][ T5344] device bridge_slave_0 left promiscuous mode
[  138.437925][ T5344] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.527284][ T5342] netlink: 8 bytes leftover after parsing attributes in process `syz.0.325'.
[  138.548889][ T5342] netlink: 4 bytes leftover after parsing attributes in process `syz.0.325'.
[  139.419434][ T5382] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  139.671116][ T5387] loop2: detected capacity change from 0 to 128
[  139.709550][ T5387] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  139.737587][ T5387] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  140.171101][ T5369] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.178609][ T5369] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.465282][ T4700] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  141.208782][    T7] Bluetooth: hci4: command 0x0411 tx timeout
[  142.644981][ T5369] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.719700][ T5369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.485138][ T5369] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.494322][ T5369] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.514610][ T5369] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.524325][ T5369] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.739901][ T5440] netlink: 'syz.0.347': attribute type 12 has an invalid length.
[  143.800349][ T5431] crypto_alloc_aead failed rc=-4
[  144.255717][ T5466] loop4: detected capacity change from 0 to 128
[  144.326745][ T5471] netlink: 24 bytes leftover after parsing attributes in process `syz.0.354'.
[  144.399294][ T5466] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  144.524638][ T5466] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  144.934819][ T4509] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  145.539921][ T5479] device syzkaller0 entered promiscuous mode
[  146.909308][ T4200] Bluetooth: hci4: link tx timeout
[  146.914696][ T4200] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  146.925039][ T4200] Bluetooth: hci4: link tx timeout
[  146.930267][ T4200] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  146.944863][ T5510] netlink: 28 bytes leftover after parsing attributes in process `syz.2.366'.
[  147.284079][ T5532] netlink: 16 bytes leftover after parsing attributes in process `syz.3.372'.
[  149.850270][ T4349] Bluetooth: hci4: command 0x0406 tx timeout
[  150.172494][ T5580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.388'.
[  150.192485][ T5582] netlink: 'syz.1.387': attribute type 29 has an invalid length.
[  150.357448][ T5580] 8021q: adding VLAN 0 to HW filter on device bond1
[  150.564970][ T5582] netlink: 'syz.1.387': attribute type 29 has an invalid length.
[  150.585098][ T5579] netlink: 'syz.1.387': attribute type 29 has an invalid length.
[  150.596738][ T5588] loop3: detected capacity change from 0 to 128
[  150.617555][ T5584] device veth1_vlan left promiscuous mode
[  150.629939][ T5588] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  150.661842][ T5588] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  150.804143][ T5584] device veth1_vlan entered promiscuous mode
[  150.877034][ T5584] bond1: (slave macvlan1): Enslaving as an active interface with an up link
[  150.977265][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  151.134899][ T5590] team0 (unregistering): Port device team_slave_0 removed
[  151.225340][ T5590] team0 (unregistering): Port device team_slave_1 removed
[  151.276872][  T155] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  151.294637][ T5596] netlink: 'syz.2.394': attribute type 2 has an invalid length.
[  151.304060][ T5596] netlink: 'syz.2.394': attribute type 4 has an invalid length.
[  151.314973][ T5599] netlink: 'syz.0.393': attribute type 2 has an invalid length.
[  151.385640][ T5599] netlink: 36 bytes leftover after parsing attributes in process `syz.0.393'.
[  151.741225][ T5615] loop2: detected capacity change from 0 to 512
[  152.052731][ T5615] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.397: inode has both inline data and extents flags
[  152.067354][ T5615] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.397: couldn't read orphan inode 15 (err -117)
[  152.082361][ T5615] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  152.640981][ T5620] device syzkaller0 entered promiscuous mode
[  152.771444][ T5620] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  152.830028][ T5619] tipc: Resetting bearer <eth:syzkaller0>
[  152.839998][ T4263] Bluetooth: hci4: command 0x0406 tx timeout
[  152.980267][ T5619] tipc: Disabling bearer <eth:syzkaller0>
[  155.969894][ T5648] netlink: 'syz.4.406': attribute type 29 has an invalid length.
[  156.001419][ T5648] netlink: 'syz.4.406': attribute type 29 has an invalid length.
[  156.082246][ T5644] netlink: 'syz.4.406': attribute type 29 has an invalid length.
[  156.371023][ T5667] netlink: 76 bytes leftover after parsing attributes in process `syz.3.414'.
[  156.402694][ T5667] device syzkaller0 entered promiscuous mode
[  156.434586][ T5667] tc action pedit offset 48 out of bounds
[  156.440842][ T5667] tc action pedit offset 48 out of bounds
[  156.446743][ T5667] tc action pedit offset 48 out of bounds
[  156.452651][ T5667] tc action pedit offset 48 out of bounds
[  156.458533][ T5667] tc action pedit offset 48 out of bounds
[  156.464371][ T5667] tc action pedit offset 48 out of bounds
[  156.470190][ T5667] tc action pedit offset 48 out of bounds
[  156.475935][ T5667] tc action pedit offset 48 out of bounds
[  156.481708][ T5667] tc action pedit offset 48 out of bounds
[  156.487487][ T5667] tc action pedit offset 48 out of bounds
[  156.493542][ T5667] tc action pedit offset 48 out of bounds
[  156.499326][ T5667] tc action pedit offset 48 out of bounds
[  156.505078][ T5667] tc action pedit offset 48 out of bounds
[  156.510859][ T5667] tc action pedit offset 48 out of bounds
[  156.516611][ T5667] tc action pedit offset 48 out of bounds
[  156.522388][ T5667] tc action pedit offset 48 out of bounds
[  156.528149][ T5667] tc action pedit offset 48 out of bounds
[  156.534348][ T5667] 0: reclassify loop, rule prio 0, protocol 800
[  156.859408][ T5679] loop4: detected capacity change from 0 to 512
[  159.879345][ T5679] EXT4-fs: error -4 creating inode table initialization thread
[  159.887331][ T5679] EXT4-fs (loop4): mount failed
[  160.672665][ T5688] loop2: detected capacity change from 0 to 512
[  161.218870][ T5688] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.419: inode has both inline data and extents flags
[  161.234545][ T5688] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.419: couldn't read orphan inode 15 (err -117)
[  161.249229][ T5688] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  161.960802][ T4232] Bluetooth: hci0: command 0x0c1a tx timeout
[  163.901963][ T5707] netlink: 'syz.0.424': attribute type 29 has an invalid length.
[  163.952233][ T5707] netlink: 'syz.0.424': attribute type 29 has an invalid length.
[  164.048874][ T5706] netlink: 'syz.0.424': attribute type 29 has an invalid length.
[  164.410050][ T5711] device syzkaller0 entered promiscuous mode
[  164.567798][ T5723] gre0 speed is unknown, defaulting to 1000
[  164.792897][ T5723] gre0 speed is unknown, defaulting to 1000
[  165.360351][ T5723] gre0 speed is unknown, defaulting to 1000
[  166.065268][ T4263] gre0 speed is unknown, defaulting to 1000
[  166.091248][ T5723] infiniband syz1: set active
[  166.126116][ T5723] infiniband syz1: added gre0
[  166.190953][ T5723] infiniband syz1: Couldn't open port 1
[  166.293111][ T5762] device syzkaller0 entered promiscuous mode
[  166.403285][ T5723] RDS/IB: syz1: added
[  166.433799][ T5723] smc: adding ib device syz1 with port count 1
[  166.468617][ T5723] smc:    ib device syz1 port 1 has pnetid 
[  166.636685][ T1110] gre0 speed is unknown, defaulting to 1000
[  166.645446][ T5723] gre0 speed is unknown, defaulting to 1000
[  166.750951][ T5739] loop0: detected capacity change from 0 to 512
[  166.798426][ T4229] Bluetooth: hci0: command 0x0c1a tx timeout
[  166.876781][ T5739] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  166.938587][ T5723] gre0 speed is unknown, defaulting to 1000
[  166.940880][ T5739] EXT4-fs (loop0): 1 truncate cleaned up
[  166.950268][ T5739] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  167.034775][ T5771] loop3: detected capacity change from 0 to 128
[  167.115467][ T5723] gre0 speed is unknown, defaulting to 1000
[  167.125221][ T5771] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  167.141273][ T5771] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  167.516535][ T4700] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  167.524675][ T5723] gre0 speed is unknown, defaulting to 1000
[  167.951954][ T5786] netlink: 60 bytes leftover after parsing attributes in process `syz.2.449'.
[  167.992745][ T5786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.028580][ T5786] device batadv_slave_0 entered promiscuous mode
[  168.225364][ T5723] gre0 speed is unknown, defaulting to 1000
[  168.840707][ T5810] IPVS: rr: FWM 3 0x00000003 - no destination available
[  168.841790][ T5805] loop4: detected capacity change from 0 to 128
[  168.890764][ T5805] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  168.907577][ T5805] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  169.153632][ T4509] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  169.758421][ T4229] Bluetooth: hci0: command 0x0c1a tx timeout
[  170.419884][ T5857] loop3: detected capacity change from 0 to 512
[  170.720384][ T5857] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.471: inode has both inline data and extents flags
[  170.735826][ T5857] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.471: couldn't read orphan inode 15 (err -117)
[  170.753065][ T5857] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  171.845843][ T4229] Bluetooth: hci0: command 0x0c1a tx timeout
[  172.933375][ T5881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.481'.
[  173.129958][ T5888] device syzkaller0 entered promiscuous mode
[  173.178872][ T5888] tipc: Started in network mode
[  173.184642][ T5888] tipc: Node identity 3e5264aac1f9, cluster identity 4711
[  173.218693][ T5888] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.252527][ T5887] tipc: Resetting bearer <eth:syzkaller0>
[  173.306927][ T5887] tipc: Disabling bearer <eth:syzkaller0>
[  173.440230][ T5903] device syzkaller0 entered promiscuous mode
[  174.558525][ T4232] Bluetooth: hci0: command 0x0c1a tx timeout
[  174.663427][ T5942] netlink: 224 bytes leftover after parsing attributes in process `syz.3.502'.
[  174.969336][ T5948] device syzkaller0 entered promiscuous mode
[  175.444280][ T5975] device syzkaller0 entered promiscuous mode
[  175.930324][ T5994] device syzkaller0 entered promiscuous mode
[  176.405512][ T6021] loop4: detected capacity change from 0 to 128
[  176.565045][ T6021] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  176.584450][ T6021] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  177.536527][ T6014] syz.3.527 (6014) used greatest stack depth: 18512 bytes left
[  178.459486][ T6047] netlink: 'syz.0.537': attribute type 29 has an invalid length.
[  178.524295][ T6047] netlink: 'syz.0.537': attribute type 29 has an invalid length.
[  178.554634][ T6045] netlink: 'syz.0.537': attribute type 29 has an invalid length.
[  178.688467][ T4700] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  178.883667][ T4349] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  179.106322][ T6075] lo speed is unknown, defaulting to 1000
[  179.114502][ T6075] lo speed is unknown, defaulting to 1000
[  179.122274][ T6075] lo speed is unknown, defaulting to 1000
[  179.168338][ T4349] usb 3-1: Using ep0 maxpacket: 8
[  179.201667][ T1110] lo speed is unknown, defaulting to 1000
[  179.201638][ T6075] infiniband sqz0: set active
[  179.212607][ T6075] infiniband sqz0: added lo
[  179.237338][ T6075] RDS/IB: sqz0: added
[  179.245830][ T6075] smc: adding ib device sqz0 with port count 1
[  179.252930][ T6075] smc:    ib device sqz0 port 1 has pnetid 
[  179.259399][ T1110] lo speed is unknown, defaulting to 1000
[  179.265534][ T6075] lo speed is unknown, defaulting to 1000
[  179.288549][ T4349] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  179.296947][ T4349] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  179.307154][ T4349] usb 3-1: config 0 has no interface number 0
[  179.313311][ T4349] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  179.324694][ T4349] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  179.334580][ T4349] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  179.346178][ T4349] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  179.369555][ T4349] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  179.425483][ T6075] lo speed is unknown, defaulting to 1000
[  179.558748][ T4349] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  179.567935][ T4349] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.596271][ T4349] usb 3-1: Product: syz
[  179.601397][ T4349] usb 3-1: Manufacturer: syz
[  179.610576][ T4349] usb 3-1: SerialNumber: syz
[  179.629167][ T4349] usb 3-1: config 0 descriptor??
[  179.668786][ T6051] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  179.830140][ T6089] loop0: detected capacity change from 0 to 128
[  179.956701][ T6051] udc-core: couldn't find an available UDC or it's busy
[  179.970752][ T6089] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  179.988123][ T6089] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  180.602538][ T6051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  180.647948][ T6051] udc-core: couldn't find an available UDC or it's busy
[  180.697819][ T6051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  180.725781][ T6051] udc-core: couldn't find an available UDC or it's busy
[  180.752694][ T6051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  180.765842][ T6092] device syzkaller0 entered promiscuous mode
[  180.776849][ T6051] udc-core: couldn't find an available UDC or it's busy
[  180.794096][ T6075] lo speed is unknown, defaulting to 1000
[  180.820907][ T6051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  181.038400][ T4226] Bluetooth: hci3: command 0x0406 tx timeout
[  181.131783][ T6051] udc-core: couldn't find an available UDC or it's busy
[  181.143158][ T6051] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  181.784430][ T4349] usb 3-1: NFC: intf ffff888078c2e000 id ffffffff8cb52720
[  181.793913][ T1110] Bluetooth: hci2: command 0x0406 tx timeout
[  181.797144][ T4700] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  181.801236][ T1110] Bluetooth: hci1: command 0x0406 tx timeout
[  181.817925][ T1110] Bluetooth: hci0: command 0x0406 tx timeout
[  181.838564][ T6075] lo speed is unknown, defaulting to 1000
[  181.915552][ T4349] nfcmrvl 3-1:0.122: NFC: registered with nci successfully
[  181.945651][ T4349] usb 3-1: USB disconnect, device number 4
[  182.011126][ T6106] device syzkaller0 entered promiscuous mode
[  182.015716][ T4349] usb 3-1: NFC: intf ffff888078c2e000
[  182.461888][ T6075] lo speed is unknown, defaulting to 1000
[  184.849041][ T6135] loop0: detected capacity change from 0 to 128
[  184.856877][ T6135] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  184.878758][ T6135] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  188.571086][ T4227] Bluetooth: hci0: command 0x0c1a tx timeout
[  188.940172][ T6139] loop2: detected capacity change from 0 to 512
[  189.091684][ T6140] device syzkaller0 entered promiscuous mode
[  189.442453][ T6139] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  189.546373][ T6139] EXT4-fs (loop2): 1 truncate cleaned up
[  189.552224][ T6139] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  189.888701][ T6155] device syzkaller0 entered promiscuous mode
[  190.008980][ T6158] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  190.084903][ T6156] tipc: Disabling bearer <eth:syzkaller0>
[  190.929765][ T6177] netlink: 'syz.0.582': attribute type 29 has an invalid length.
[  190.972363][ T6177] netlink: 'syz.0.582': attribute type 29 has an invalid length.
[  190.997269][ T6176] netlink: 'syz.0.582': attribute type 29 has an invalid length.
[  192.157526][ T6198] device syzkaller0 entered promiscuous mode
[  192.296929][ T6202] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  192.331478][ T6201] tipc: Disabling bearer <eth:syzkaller0>
[  193.837909][ T6213] netlink: 'syz.0.596': attribute type 29 has an invalid length.
[  193.876348][ T6213] netlink: 'syz.0.596': attribute type 29 has an invalid length.
[  194.502304][ T1110] Bluetooth: hci0: command 0x0c1a tx timeout
[  194.509322][ T6210] netlink: 'syz.0.596': attribute type 29 has an invalid length.
[  194.549204][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  194.557887][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  195.769932][ T6242] team0 (unregistering): Port device team_slave_0 removed
[  195.817266][ T6242] team0 (unregistering): Port device team_slave_1 removed
[  196.229590][ T6254] netlink: 'syz.3.609': attribute type 29 has an invalid length.
[  196.257965][ T6254] netlink: 'syz.3.609': attribute type 29 has an invalid length.
[  196.303483][ T6252] netlink: 'syz.3.609': attribute type 29 has an invalid length.
[  196.560090][ T1110] Bluetooth: hci0: command 0x0c1a tx timeout
[  196.590438][ T6262] loop1: detected capacity change from 0 to 512
[  196.661906][ T6262] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  196.727805][ T6262] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  196.888454][ T4261] Bluetooth: hci4: command 0x0405 tx timeout
[  197.790377][ T6247] loop2: detected capacity change from 0 to 512
[  197.840394][ T6247] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  197.880735][ T6247] EXT4-fs (loop2): 1 truncate cleaned up
[  197.886442][ T6247] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  198.970041][ T6295] loop3: detected capacity change from 0 to 512
[  199.250281][ T6295] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.622: inode has both inline data and extents flags
[  199.266194][ T6295] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.622: couldn't read orphan inode 15 (err -117)
[  199.281440][ T6295] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  199.884626][ T6302] netlink: 'syz.2.624': attribute type 29 has an invalid length.
[  199.896424][ T6302] netlink: 'syz.2.624': attribute type 29 has an invalid length.
[  199.907786][ T6299] netlink: 'syz.2.624': attribute type 29 has an invalid length.
[  200.783002][ T6314] netlink: 12 bytes leftover after parsing attributes in process `syz.2.629'.
[  200.836708][ T6314] netlink: 16 bytes leftover after parsing attributes in process `syz.2.629'.
[  201.176129][ T6318] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  201.235303][ T6317] tipc: Disabling bearer <eth:syzkaller0>
[  201.273875][ T6322] tipc: Started in network mode
[  201.333050][ T6322] tipc: Node identity da67e7751c6f, cluster identity 4711
[  201.354014][ T6322] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  201.445258][ T6322] tipc: Resetting bearer <eth:syzkaller0>
[  201.504967][ T6326] device syzkaller0 entered promiscuous mode
[  201.517923][ T6326] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  201.547089][ T6321] tipc: Resetting bearer <eth:syzkaller0>
[  201.561977][ T6321] tipc: Disabling bearer <eth:syzkaller0>
[  201.908817][ T4226] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  201.941677][ T6347] loop2: detected capacity change from 0 to 512
[  202.069346][ T6348] loop4: detected capacity change from 0 to 512
[  202.619244][ T4226] usb 4-1: Using ep0 maxpacket: 8
[  202.686864][ T6347] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  202.817466][ T6348] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.640: inode has both inline data and extents flags
[  202.835339][ T6348] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.640: couldn't read orphan inode 15 (err -117)
[  202.853085][ T6348] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  202.902286][ T4226] usb 4-1: config 0 has an invalid interface number: 122 but max is 0
[  203.091305][ T4226] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  203.122331][ T6347] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  203.182130][ T4226] usb 4-1: config 0 has no interface number 0
[  203.210522][ T4226] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  203.288403][ T4226] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  203.315658][ T4226] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  203.337999][ T4226] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  203.355419][ T4226] usb 4-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  203.384989][ T6352] gre0 speed is unknown, defaulting to 1000
[  203.528758][ T4226] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  203.557816][ T4226] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.588569][ T4226] usb 4-1: Product: syz
[  203.656531][ T6352] lo speed is unknown, defaulting to 1000
[  203.821057][ T4226] usb 4-1: Manufacturer: syz
[  203.841328][ T4226] usb 4-1: SerialNumber: syz
[  203.848233][ T4226] usb 4-1: config 0 descriptor??
[  203.870200][ T6333] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  204.273245][ T6333] udc-core: couldn't find an available UDC or it's busy
[  204.298624][ T6333] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.339467][ T6333] udc-core: couldn't find an available UDC or it's busy
[  204.346639][ T6333] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.371270][ T6333] udc-core: couldn't find an available UDC or it's busy
[  204.401075][ T6333] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.449257][ T6333] udc-core: couldn't find an available UDC or it's busy
[  204.476843][ T6333] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.675391][ T6366] device syzkaller0 entered promiscuous mode
[  204.687265][ T6367] loop4: detected capacity change from 0 to 128
[  204.702153][ T6333] udc-core: couldn't find an available UDC or it's busy
[  204.730376][ T6333] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.791230][ T6367] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  204.874214][ T6367] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  204.885529][ T4226] usb 4-1: NFC: intf ffff88801f163000 id ffffffff8cb52720
[  205.028791][ T4226] nfcmrvl 4-1:0.122: NFC: registered with nci successfully
[  205.053042][ T6372] loop1: detected capacity change from 0 to 512
[  205.105648][ T4226] usb 4-1: USB disconnect, device number 2
[  205.173996][ T4226] usb 4-1: NFC: intf ffff88801f163000
[  205.247871][ T6372] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  205.397234][ T6372] EXT4-fs (loop1): 1 truncate cleaned up
[  205.546642][ T6372] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,auto_da_alloc=0x0000000000000eb0,debug_want_extra_isize=0x0000000000000068,lazytime,nombcache,noload,noquota,,errors=continue. Quota mode: none.
[  205.574340][    T9] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  207.198144][ T6404] loop4: detected capacity change from 0 to 512
[  207.658794][ T6404] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.654: inode has both inline data and extents flags
[  207.674845][ T6404] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.654: couldn't read orphan inode 15 (err -117)
[  207.690063][ T6404] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  209.293196][ T1107] Bluetooth: hci0: command 0x0c1a tx timeout
[  209.808482][ T4227] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  210.073165][ T4227] usb 1-1: Using ep0 maxpacket: 8
[  210.248626][ T4227] usb 1-1: config 0 has an invalid interface number: 122 but max is 0
[  210.278460][ T4227] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.326443][ T4227] usb 1-1: config 0 has no interface number 0
[  210.348335][ T4227] usb 1-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  210.388340][ T4227] usb 1-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  210.430228][ T4227] usb 1-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  210.455963][ T4227] usb 1-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  210.490969][ T4227] usb 1-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  210.616243][ T6426] loop3: detected capacity change from 0 to 512
[  210.692080][ T4227] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  210.701695][ T6426] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  210.722207][ T6426] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  210.732605][ T4227] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.760833][ T4227] usb 1-1: Product: syz
[  210.766306][ T4227] usb 1-1: Manufacturer: syz
[  210.783026][ T4227] usb 1-1: SerialNumber: syz
[  210.813662][ T4227] usb 1-1: config 0 descriptor??
[  210.868813][ T6414] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  211.110813][ T6414] udc-core: couldn't find an available UDC or it's busy
[  211.117831][ T6414] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  211.158817][ T6414] udc-core: couldn't find an available UDC or it's busy
[  211.165825][ T6414] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  211.229852][ T6414] udc-core: couldn't find an available UDC or it's busy
[  211.291395][ T6414] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  211.317267][ T6414] udc-core: couldn't find an available UDC or it's busy
[  211.340915][ T6414] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  211.719719][ T6414] udc-core: couldn't find an available UDC or it's busy
[  211.747570][ T6414] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  212.005118][ T4227] usb 1-1: NFC: intf ffff88805c1b4000 id ffffffff8cb52720
[  212.069625][ T6447] loop4: detected capacity change from 0 to 512
[  212.330832][ T6447] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.667: inode has both inline data and extents flags
[  212.346873][ T6447] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.667: couldn't read orphan inode 15 (err -117)
[  212.362348][ T6447] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  212.701768][ T4227] nfcmrvl 1-1:0.122: NFC: registered with nci successfully
[  212.760472][ T4227] usb 1-1: USB disconnect, device number 2
[  212.768122][ T4227] usb 1-1: NFC: intf ffff88805c1b4000
[  214.139835][ T6446] netlink: 'syz.2.668': attribute type 1 has an invalid length.
[  214.236279][   T23] Bluetooth: hci0: command 0x0c1a tx timeout
[  215.186703][ T6469] device syzkaller1 entered promiscuous mode
[  215.514029][ T6471] netlink: 32 bytes leftover after parsing attributes in process `syz.2.675'.
[  215.540702][ T6471] device syzkaller0 entered promiscuous mode
[  215.813882][ T6476] device syzkaller0 entered promiscuous mode
[  216.450106][ T6487] device syzkaller0 entered promiscuous mode
[  216.559232][ T6495] loop4: detected capacity change from 0 to 512
[  216.888751][ T6495] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.680: inode has both inline data and extents flags
[  216.904700][ T6495] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.680: couldn't read orphan inode 15 (err -117)
[  216.920480][ T6495] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  217.166255][ T6494] team0 (unregistering): Port device team_slave_0 removed
[  217.245790][ T6494] team0 (unregistering): Port device team_slave_1 removed
[  217.918641][ T4232] Bluetooth: hci0: command 0x0c1a tx timeout
[  218.596807][ T6511] loop3: detected capacity change from 0 to 512
[  219.071387][ T6511] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.685: inode has both inline data and extents flags
[  219.086068][ T6511] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.685: couldn't read orphan inode 15 (err -117)
[  219.103035][ T6511] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  219.471531][ T6515] loop0: detected capacity change from 0 to 512
[  219.568557][ T6515] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  219.578162][ T6515] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  219.830702][ T6520] block nbd4: not configured, cannot reconfigure
[  221.516108][ T6535] device syzkaller0 entered promiscuous mode
[  221.877697][ T6536] gre0 speed is unknown, defaulting to 1000
[  222.065211][ T6552] netlink: 108 bytes leftover after parsing attributes in process `syz.0.696'.
[  222.446244][ T6536] lo speed is unknown, defaulting to 1000
[  222.467948][ T6559] netlink: 'syz.3.699': attribute type 1 has an invalid length.
[  222.745944][ T6568] device syzkaller0 entered promiscuous mode
[  222.796680][    T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.847373][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.702'.
[  222.887420][ T6573] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  222.922648][ T6567] tipc: Resetting bearer <eth:syzkaller0>
[  223.064993][ T6567] tipc: Disabling bearer <eth:syzkaller0>
[  223.088852][    T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.208473][ T6577] loop4: detected capacity change from 0 to 512
[  223.540371][ T1107] Bluetooth: hci5: command 0x0409 tx timeout
[  223.933793][ T6582] loop2: detected capacity change from 0 to 128
[  224.903383][ T6582] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  225.859619][ T1107] Bluetooth: hci5: command 0x041b tx timeout
[  225.948366][ T6577] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.703: inode has both inline data and extents flags
[  225.961732][ T6582] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  226.898689][ T6577] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.703: couldn't read orphan inode 15 (err -117)
[  227.906414][ T6577] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  228.049898][    T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.235901][    T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.835103][ T6536] chnl_net:caif_netlink_parms(): no params data found
[  228.878915][ T4229] Bluetooth: hci5: command 0x040f tx timeout
[  228.982328][ T6620] device syzkaller0 entered promiscuous mode
[  229.045096][ T6626] tipc: Started in network mode
[  229.057970][ T6626] tipc: Node identity 9ebca120d13d, cluster identity 4711
[  229.080059][ T6626] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  229.149327][ T6635] loop3: detected capacity change from 0 to 128
[  229.234393][ T6635] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  229.254355][ T6635] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  230.063886][    T9] tipc: Disabling bearer <udp:syz2>
[  230.091179][ T6619] tipc: Resetting bearer <eth:syzkaller0>
[  230.106562][    T9] tipc: Left network mode
[  230.143775][ T6619] tipc: Disabling bearer <eth:syzkaller0>
[  230.244567][ T4263] tipc: Node number set to 1333895456
[  230.333590][ T6536] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.340902][ T6536] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.349161][ T6536] device bridge_slave_0 entered promiscuous mode
[  230.358437][ T6536] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.365579][ T6536] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.373847][ T6536] device bridge_slave_1 entered promiscuous mode
[  230.609008][ T6536] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  231.204397][ T6652] loop2: detected capacity change from 0 to 512
[  231.212737][ T4229] Bluetooth: hci5: command 0x0419 tx timeout
[  231.308976][ T4515] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  231.625802][ T6652] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.719: inode has both inline data and extents flags
[  231.641224][ T6652] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.719: couldn't read orphan inode 15 (err -117)
[  231.657237][ T6652] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  231.881589][ T6536] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.068834][ T6536] team0: Port device team_slave_0 added
[  232.233917][ T6536] team0: Port device team_slave_1 added
[  232.467947][ T6536] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.535889][ T6536] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.840922][ T6536] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.859273][ T6536] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.874371][ T6536] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.105373][ T6536] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.376070][ T6536] device hsr_slave_0 entered promiscuous mode
[  233.386981][ T6536] device hsr_slave_1 entered promiscuous mode
[  233.567266][ T6536] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  233.576266][ T6536] Cannot create hsr debugfs directory
[  233.692082][ T6693] device syzkaller0 entered promiscuous mode
[  233.803667][ T6693] tipc: Started in network mode
[  233.812695][ T6693] tipc: Node identity 1649c0137332, cluster identity 4711
[  233.843215][ T6693] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  233.930735][ T6692] tipc: Resetting bearer <eth:syzkaller0>
[  233.997392][ T6692] tipc: Disabling bearer <eth:syzkaller0>
[  234.054326][ T6707] loop2: detected capacity change from 0 to 128
[  234.210756][ T6707] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  234.328728][ T6707] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  234.505946][ T6536] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  234.528619][ T4263] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  234.561037][ T6536] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  234.618916][ T6536] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  234.679442][ T6536] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  234.798510][ T4263] usb 4-1: Using ep0 maxpacket: 8
[  234.918800][ T4263] usb 4-1: config 0 has an invalid interface number: 122 but max is 0
[  234.958642][ T4263] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  234.993750][ T6536] 8021q: adding VLAN 0 to HW filter on device bond0
[  235.000741][ T4263] usb 4-1: config 0 has no interface number 0
[  235.006884][ T4263] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  235.053340][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  235.061565][ T4263] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  235.073837][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  235.103325][ T6536] 8021q: adding VLAN 0 to HW filter on device team0
[  235.118400][ T4263] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  235.134379][ T4263] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  235.156834][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  235.176481][ T4263] usb 4-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  235.183325][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  235.235405][ T4509] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.242696][ T4509] bridge0: port 1(bridge_slave_0) entered forwarding state
[  235.276682][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  235.319678][    T9] device hsr_slave_0 left promiscuous mode
[  235.344011][    T9] device hsr_slave_1 left promiscuous mode
[  235.383839][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.402009][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.409877][ T4263] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  235.428419][ T4263] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.446995][ T4263] usb 4-1: Product: syz
[  235.451617][ T4263] usb 4-1: Manufacturer: syz
[  235.456247][ T4263] usb 4-1: SerialNumber: syz
[  235.474377][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.483512][ T4263] usb 4-1: config 0 descriptor??
[  235.492647][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.512136][    T9] device bridge_slave_1 left promiscuous mode
[  235.519692][ T6710] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  235.537697][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.566094][    T9] device bridge_slave_0 left promiscuous mode
[  235.582910][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.636917][    T9] device veth1_macvtap left promiscuous mode
[  235.646042][    T9] device veth0_macvtap left promiscuous mode
[  235.666222][    T9] device veth1_vlan left promiscuous mode
[  235.673882][    T9] device veth0_vlan left promiscuous mode
[  235.752570][ T6710] udc-core: couldn't find an available UDC or it's busy
[  235.770003][ T6710] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  235.804244][ T6710] udc-core: couldn't find an available UDC or it's busy
[  235.827741][ T6710] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  235.871285][ T6710] udc-core: couldn't find an available UDC or it's busy
[  235.894093][ T6710] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  235.909509][ T6710] udc-core: couldn't find an available UDC or it's busy
[  235.931140][ T6710] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  236.168115][ T6710] udc-core: couldn't find an available UDC or it's busy
[  236.185579][ T6710] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  236.197658][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  236.222514][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  236.251759][ T4263] usb 4-1: NFC: intf ffff88807c6b8000 id ffffffff8cb52720
[  236.341567][ T4263] nfcmrvl 4-1:0.122: NFC: registered with nci successfully
[  236.353767][    T9] bond0 (unregistering): Released all slaves
[  236.364444][ T4263] usb 4-1: USB disconnect, device number 3
[  236.399963][ T4263] usb 4-1: NFC: intf ffff88807c6b8000
[  236.559812][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  236.579102][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  236.608499][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.615673][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  236.710558][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  236.731562][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  236.750482][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  236.771015][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  236.809462][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  236.843865][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  236.866555][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  236.923934][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  236.936644][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  236.956322][ T6536] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  236.973108][ T6536] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  237.005284][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  237.035575][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  237.266073][ T6764] device syzkaller0 entered promiscuous mode
[  237.300910][ T6764] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  237.345996][ T6763] tipc: Resetting bearer <eth:syzkaller0>
[  237.417836][ T6763] tipc: Disabling bearer <eth:syzkaller0>
[  237.547787][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  237.585030][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  237.618214][ T6536] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.439755][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  238.465016][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  238.526263][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  238.557981][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  238.574925][ T4344] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  238.589410][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  238.630245][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  238.682069][ T6536] device veth0_vlan entered promiscuous mode
[  238.712945][ T6536] device veth1_vlan entered promiscuous mode
[  238.802501][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  238.838341][ T4344] usb 1-1: Using ep0 maxpacket: 8
[  238.844310][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  238.901650][ T6536] device veth0_macvtap entered promiscuous mode
[  239.024988][ T6536] device veth1_macvtap entered promiscuous mode
[  239.158752][ T6536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  239.238672][ T6536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.286626][ T6536] batman_adv: batadv0: Interface activated: batadv_slave_0
[  239.345970][ T6536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.414566][ T6536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.475917][ T6536] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  239.544222][ T6536] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  239.595680][ T6536] batman_adv: batadv0: Interface activated: batadv_slave_1
[  239.648130][ T6536] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  239.708694][ T6536] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  239.717552][ T6536] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  239.769880][ T4344] usb 1-1: config 0 has an invalid interface number: 122 but max is 0
[  239.778115][ T4344] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  239.808695][ T4344] usb 1-1: config 0 has no interface number 0
[  239.815004][ T4344] usb 1-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  239.823760][ T6536] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  239.848398][ T4344] usb 1-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  239.869997][ T6812] netlink: 32 bytes leftover after parsing attributes in process `syz.4.751'.
[  239.878599][ T4344] usb 1-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  239.896719][ T6813] device syzkaller0 entered promiscuous mode
[  239.911702][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  239.918580][ T4344] usb 1-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  239.926630][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  239.953501][ T4344] usb 1-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  239.964146][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  240.001398][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  240.031930][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  240.059143][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  240.169344][ T4344] usb 1-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  240.188301][ T4344] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.206560][ T4344] usb 1-1: Product: syz
[  240.211348][ T4344] usb 1-1: Manufacturer: syz
[  240.215973][ T4344] usb 1-1: SerialNumber: syz
[  240.259373][ T4344] usb 1-1: config 0 descriptor??
[  240.278876][ T6800] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  240.448790][ T4515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.472233][ T4515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.524048][ T6800] udc-core: couldn't find an available UDC or it's busy
[  240.541317][ T6800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  240.558903][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  240.600681][ T6800] udc-core: couldn't find an available UDC or it's busy
[  240.627094][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  240.635496][ T6800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  240.669558][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  240.702692][ T6800] udc-core: couldn't find an available UDC or it's busy
[  240.721000][ T4509] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  240.748806][ T6800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  240.778442][ T6840] ieee802154 phy0 wpan0: encryption failed: -22
[  240.779570][ T6800] udc-core: couldn't find an available UDC or it's busy
[  240.848803][ T6800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  241.037272][ T6857] xt_hashlimit: size too large, truncated to 1048576
[  241.098883][ T6800] udc-core: couldn't find an available UDC or it's busy
[  241.112829][ T6800] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  241.212055][ T4344] usb 1-1: NFC: intf ffff88807b2b7000 id ffffffff8cb52720
[  241.309122][ T4344] nfcmrvl 1-1:0.122: NFC: registered with nci successfully
[  241.322213][ T4344] usb 1-1: USB disconnect, device number 3
[  241.339000][ T4344] usb 1-1: NFC: intf ffff88807b2b7000
[  241.594943][ T4513] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  243.906693][ T6897] netlink: 12 bytes leftover after parsing attributes in process `syz.0.768'.
[  244.496782][ T6930] loop0: detected capacity change from 0 to 128
[  244.604406][ T6930] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  244.700355][ T6930] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  244.831520][ T1107] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  244.984542][ T6937] loop3: detected capacity change from 0 to 512
[  245.108410][ T1107] usb 5-1: Using ep0 maxpacket: 8
[  245.240923][ T1107] usb 5-1: config 0 has an invalid interface number: 122 but max is 0
[  245.385138][ T6937] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.777: inode has both inline data and extents flags
[  245.401469][ T6937] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.777: couldn't read orphan inode 15 (err -117)
[  245.419371][ T6937] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  245.538156][ T1107] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  245.802108][ T1107] usb 5-1: config 0 has no interface number 0
[  245.854376][ T1107] usb 5-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  245.934427][ T1107] usb 5-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  246.008345][ T1107] usb 5-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  246.082651][ T1107] usb 5-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  246.121956][ T1107] usb 5-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  246.308590][ T1107] usb 5-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  246.347365][ T1107] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.409267][ T1107] usb 5-1: Product: syz
[  246.413514][ T1107] usb 5-1: Manufacturer: syz
[  246.468374][ T1107] usb 5-1: SerialNumber: syz
[  246.520350][ T1107] usb 5-1: config 0 descriptor??
[  246.538829][ T6929] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  246.762464][ T6929] udc-core: couldn't find an available UDC or it's busy
[  246.798437][ T6929] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  246.858322][ T6929] udc-core: couldn't find an available UDC or it's busy
[  246.865615][ T6929] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  247.008651][ T6929] udc-core: couldn't find an available UDC or it's busy
[  247.015839][ T6929] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  247.099204][ T6929] udc-core: couldn't find an available UDC or it's busy
[  247.106571][ T6929] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  247.344157][ T6929] udc-core: couldn't find an available UDC or it's busy
[  247.355401][ T6962] netlink: 72 bytes leftover after parsing attributes in process `syz.3.781'.
[  247.358326][ T6929] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  247.490016][ T1107] usb 5-1: NFC: intf ffff88802c8c5000 id ffffffff8cb52720
[  247.550808][ T1107] nfcmrvl 5-1:0.122: NFC: registered with nci successfully
[  247.608533][ T1107] usb 5-1: USB disconnect, device number 2
[  247.644283][ T1107] usb 5-1: NFC: intf ffff88802c8c5000
[  248.667566][ T6992] netlink: 32 bytes leftover after parsing attributes in process `syz.2.786'.
[  248.729728][ T6992] device syzkaller0 entered promiscuous mode
[  248.890245][ T7000] device syzkaller0 entered promiscuous mode
[  249.236602][ T7014] rdma_rxe: ignoring netdev event = 10 for lo
[  249.329247][ T7014] infiniband sqz0: set down
[  249.334229][ T7014] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  249.409996][ T7014] rdma_rxe: ignoring netdev event = 20 for lo
[  249.428532][ T7014] rdma_rxe: ignoring netdev event = 23 for lo
[  249.447310][ T7014] rdma_rxe: lo changed mtu to 1500
[  249.461987][ T7014] rdma_rxe: ignoring netdev event = 9 for lo
[  249.483594][ T7014] rdma_rxe: ignoring netdev event = 8 for lo
[  249.505641][ T7014] rdma_rxe: ignoring netdev event = 14 for lo
[  249.535352][ T7014] infiniband sqz0: set active
[  249.557306][ T7014] rdma_rxe: ignoring netdev event = 27 for lo
[  249.579741][ T7014] rdma_rxe: ignoring netdev event = 26 for lo
[  249.600623][ T7014] rdma_rxe: ignoring netdev event = 21 for lo
[  249.621444][ T7014] rdma_rxe: ignoring netdev event = 27 for lo
[  249.642482][ T7014] bond1: (slave lo): Enslaving as an active interface with an up link
[  249.667925][ T7014] infiniband sqz0: set active
[  249.703234][ T7014] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  249.731464][ T4263] lo speed is unknown, defaulting to 1000
[  249.738556][ T4227] lo speed is unknown, defaulting to 1000
[  249.746050][  T155] rdma_rxe: ignoring netdev event = 25 for lo
[  249.766440][ T4232] lo speed is unknown, defaulting to 1000
[  249.778331][ T4263] lo speed is unknown, defaulting to 1000
[  251.362982][ T7035] netlink: 'syz.3.797': attribute type 8 has an invalid length.
[  251.474772][ T7037] netlink: 32 bytes leftover after parsing attributes in process `syz.5.800'.
[  251.520012][ T7037] device syzkaller0 entered promiscuous mode
[  251.639430][ T7047] device syzkaller0 entered promiscuous mode
[  251.895081][ T7060] SET target dimension over the limit!
[  253.264812][ T7080] sctp: failed to load transform for md5: -2
[  253.417417][ T7096] netlink: 32 bytes leftover after parsing attributes in process `syz.3.816'.
[  253.521339][ T7098] device syzkaller0 entered promiscuous mode
[  253.846564][ T7114] device syzkaller0 entered promiscuous mode
[  254.468345][ T4344] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  254.738404][ T4344] usb 4-1: Using ep0 maxpacket: 8
[  254.888541][ T4344] usb 4-1: config 0 has an invalid interface number: 122 but max is 0
[  254.902756][ T4344] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  254.924399][ T4344] usb 4-1: config 0 has no interface number 0
[  254.947859][ T4344] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  255.012744][ T4344] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  255.046784][ T4344] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  255.063998][ T7150] device syzkaller0 entered promiscuous mode
[  255.071743][ T4344] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  255.092885][ T7150] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.095465][ T4344] usb 4-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  255.126870][ T7149] tipc: Resetting bearer <eth:syzkaller0>
[  255.157466][ T7149] tipc: Disabling bearer <eth:syzkaller0>
[  255.328572][ T4344] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  255.361051][ T4344] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.388775][ T4344] usb 4-1: Product: syz
[  255.398121][ T4344] usb 4-1: Manufacturer: syz
[  255.403656][ T4344] usb 4-1: SerialNumber: syz
[  255.430668][ T4344] usb 4-1: config 0 descriptor??
[  255.478799][ T7135] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  255.612491][ T7169] af_packet: tpacket_rcv: packet too big, clamped from 1 to 4294967272. macoff=96
[  255.633914][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.0.838'.
[  255.698408][ T7135] udc-core: couldn't find an available UDC or it's busy
[  255.738014][ T7135] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  255.764332][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  255.770853][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  255.820239][ T7135] udc-core: couldn't find an available UDC or it's busy
[  255.868023][ T7135] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  255.899905][ T7135] udc-core: couldn't find an available UDC or it's busy
[  255.958444][ T7135] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  256.032715][ T7135] udc-core: couldn't find an available UDC or it's busy
[  256.065566][ T7135] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  256.229012][ T7184] loop2: detected capacity change from 0 to 512
[  256.381754][ T7135] udc-core: couldn't find an available UDC or it's busy
[  256.468891][ T7185] loop0: detected capacity change from 0 to 128
[  256.502565][ T7135] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  256.576955][ T7184] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.841: inode has both inline data and extents flags
[  256.593356][ T7184] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.841: couldn't read orphan inode 15 (err -117)
[  256.607894][ T7184] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.960044][ T7185] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  257.106514][ T7185] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  257.747508][ T4344] usb 4-1: NFC: intf ffff88807c73a000 id ffffffff8cb52720
[  257.922392][  T155] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  258.148053][ T7213] netlink: 76 bytes leftover after parsing attributes in process `syz.0.844'.
[  258.209582][ T7213] device syzkaller0 entered promiscuous mode
[  258.352528][ T4344] nfcmrvl 4-1:0.122: NFC: registered with nci successfully
[  258.463193][ T4344] usb 4-1: USB disconnect, device number 4
[  258.551862][ T4344] usb 4-1: NFC: intf ffff88807c73a000
[  258.630723][ T7230] tipc: Failed to remove unknown binding: 66,0,0/0:554850697/554850699
[  258.690488][ T7230] tipc: Failed to remove unknown binding: 66,0,0/0:554850697/554850698
[  258.720280][ T7230] tipc: Failed to remove unknown binding: 66,0,0/0:554850697/554850699
[  258.777775][ T7230] tipc: Failed to remove unknown binding: 66,0,0/0:554850697/554850698
[  258.937576][ T7246] device syzkaller0 entered promiscuous mode
[  259.018566][ T4232] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  259.063314][ T7249] device syzkaller0 entered promiscuous mode
[  259.268377][ T4232] usb 3-1: Using ep0 maxpacket: 8
[  259.388563][ T4232] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  259.413290][ T4232] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.444017][ T4232] usb 3-1: config 0 has no interface number 0
[  259.467629][ T4232] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  259.513496][ T4232] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  259.554581][ T4232] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  259.582005][ T4232] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  259.622887][ T4232] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  259.801640][ T7279] netlink: 'syz.4.870': attribute type 14 has an invalid length.
[  259.816820][ T7279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.870'.
[  259.826409][ T7279] bond0: option xmit_hash_policy: invalid value (191)
[  259.828631][ T4232] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  259.852845][ T4232] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.873149][ T4232] usb 3-1: Product: syz
[  259.877507][ T4232] usb 3-1: Manufacturer: syz
[  259.898319][ T4232] usb 3-1: SerialNumber: syz
[  259.919938][ T4232] usb 3-1: config 0 descriptor??
[  259.968826][ T7242] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  260.193310][ T7242] udc-core: couldn't find an available UDC or it's busy
[  260.209060][ T7242] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.222222][ T7287] device syzkaller0 entered promiscuous mode
[  260.229456][ T7242] udc-core: couldn't find an available UDC or it's busy
[  260.236564][ T7242] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.262452][ T7242] udc-core: couldn't find an available UDC or it's busy
[  260.294029][ T7242] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.315106][ T7242] udc-core: couldn't find an available UDC or it's busy
[  260.334403][ T7242] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.575442][ T7242] udc-core: couldn't find an available UDC or it's busy
[  260.588438][ T7242] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  260.608027][ T7297] loop4: detected capacity change from 0 to 512
[  260.649453][ T4232] usb 3-1: NFC: intf ffff88807b7fd000 id ffffffff8cb52720
[  260.728209][ T7297] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  260.780726][ T4232] nfcmrvl 3-1:0.122: NFC: registered with nci successfully
[  260.826759][ T7297] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  260.849485][ T4232] usb 3-1: USB disconnect, device number 5
[  260.934116][ T4232] usb 3-1: NFC: intf ffff88807b7fd000
[  261.868881][    T7] Bluetooth: hci5: command 0x0411 tx timeout
[  262.159248][ T7333] netlink: 76 bytes leftover after parsing attributes in process `syz.2.885'.
[  262.205884][ T7333] device syzkaller0 entered promiscuous mode
[  262.365841][ T7342] device macvtap0 entered promiscuous mode
[  262.992402][ T7359] device syzkaller0 entered promiscuous mode
[  263.558333][ T7373] loop3: detected capacity change from 0 to 512
[  263.814512][ T7373] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.893: inode has both inline data and extents flags
[  263.830642][ T7373] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.893: couldn't read orphan inode 15 (err -117)
[  263.845446][ T7373] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  263.918456][ T4232] Bluetooth: hci5: command 0x0405 tx timeout
[  265.155167][ T7394] netlink: 32 bytes leftover after parsing attributes in process `syz.4.900'.
[  265.232714][ T7396] device syzkaller0 entered promiscuous mode
[  265.983950][ T7406] loop3: detected capacity change from 0 to 512
[  266.088702][ T7406] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.901: inode has both inline data and extents flags
[  266.102352][ T7406] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.901: couldn't read orphan inode 15 (err -117)
[  266.128444][ T7406] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  266.825010][ T7431] netlink: 76 bytes leftover after parsing attributes in process `syz.3.909'.
[  267.032308][ T7437] device syzkaller0 entered promiscuous mode
[  267.435094][ T7452] loop0: detected capacity change from 0 to 512
[  267.730584][ T7452] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.911: inode has both inline data and extents flags
[  267.746413][ T7452] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.911: couldn't read orphan inode 15 (err -117)
[  267.762513][ T7452] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  269.612296][ T7476] netlink: 12 bytes leftover after parsing attributes in process `syz.3.918'.
[  269.682796][ T7476] netlink: 4 bytes leftover after parsing attributes in process `syz.3.918'.
[  269.709984][ T7482] device syzkaller0 entered promiscuous mode
[  269.743074][ T7482] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  269.794803][ T7481] tipc: Resetting bearer <eth:syzkaller0>
[  269.924053][ T7481] tipc: Disabling bearer <eth:syzkaller0>
[  270.099690][ T7483] gre0 speed is unknown, defaulting to 1000
[  270.386282][ T7483] lo speed is unknown, defaulting to 1000
[  271.470883][ T7483] chnl_net:caif_netlink_parms(): no params data found
[  271.619342][ T7533] device syzkaller0 entered promiscuous mode
[  271.727993][ T5116] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.860051][   T21] Bluetooth: hci0: command 0x0409 tx timeout
[  271.981453][ T5116] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.137778][ T7483] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.159734][ T7483] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.230515][ T7483] device bridge_slave_0 entered promiscuous mode
[  272.280222][ T5116] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.332637][ T7483] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.340051][ T7483] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.369542][ T7483] device bridge_slave_1 entered promiscuous mode
[  272.401048][ T7561] netlink: 76 bytes leftover after parsing attributes in process `syz.0.936'.
[  272.538977][ T5116] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.629656][ T7581] netlink: 24 bytes leftover after parsing attributes in process `syz.3.939'.
[  272.679877][ T7483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.761687][ T7483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.902237][ T7483] team0: Port device team_slave_0 added
[  272.953592][ T7483] team0: Port device team_slave_1 added
[  273.112333][ T7483] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.133963][ T7483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.273413][ T7483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.347125][ T7483] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.378886][ T7483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  273.448130][ T7483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.546698][ T7609] device syzkaller0 entered promiscuous mode
[  273.639618][ T7483] device hsr_slave_0 entered promiscuous mode
[  273.658275][ T7483] device hsr_slave_1 entered promiscuous mode
[  273.683341][ T7483] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  273.712106][ T7483] Cannot create hsr debugfs directory
[  273.918556][   T21] Bluetooth: hci0: command 0x041b tx timeout
[  274.931338][ T7629] netlink: 24 bytes leftover after parsing attributes in process `syz.3.950'.
[  275.529224][ T7636] device syzkaller0 entered promiscuous mode
[  275.604269][ T7483] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  275.644294][ T7636] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  275.712070][ T7483] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  275.793535][ T7634] tipc: Resetting bearer <eth:syzkaller0>
[  275.860285][ T7634] tipc: Disabling bearer <eth:syzkaller0>
[  275.888939][ T7483] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  275.976846][ T7483] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  276.009121][   T21] Bluetooth: hci0: command 0x040f tx timeout
[  276.759795][ T7659] loop0: detected capacity change from 0 to 512
[  277.058200][ T7483] 8021q: adding VLAN 0 to HW filter on device bond0
[  277.618684][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  277.685428][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  277.919811][ T7483] 8021q: adding VLAN 0 to HW filter on device team0
[  278.078409][   T21] Bluetooth: hci0: command 0x0419 tx timeout
[  278.203411][ T7659] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.957: inode has both inline data and extents flags
[  278.220903][ T7659] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.957: couldn't read orphan inode 15 (err -117)
[  278.233765][ T7659] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  278.284057][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  278.519208][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  278.599648][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.606771][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  278.917002][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  278.951880][ T7671] device geneve2 entered promiscuous mode
[  279.808603][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  279.818198][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  279.898646][  T155] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.906101][  T155] bridge0: port 2(bridge_slave_1) entered forwarding state
[  279.944905][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  279.975861][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  280.109615][ T5116] device hsr_slave_0 left promiscuous mode
[  280.158695][ T4232] Bluetooth: hci0: command 0x0c1a tx timeout
[  280.191714][ T5116] device hsr_slave_1 left promiscuous mode
[  280.205291][ T5116] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.214118][ T5116] batman_adv: batadv0: Removing interface: batadv_slave_0
[  280.233554][ T5116] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  280.244839][ T5116] batman_adv: batadv0: Removing interface: batadv_slave_1
[  280.265122][ T5116] device bridge_slave_1 left promiscuous mode
[  280.284375][ T5116] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.302679][ T5116] device bridge_slave_0 left promiscuous mode
[  280.315931][ T5116] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.375717][ T5116] device veth1_macvtap left promiscuous mode
[  280.385214][ T5116] device veth0_macvtap left promiscuous mode
[  280.393386][ T5116] device veth1_vlan left promiscuous mode
[  280.399746][ T5116] device veth0_vlan left promiscuous mode
[  281.525825][ T5116] team0 (unregistering): Port device team_slave_1 removed
[  281.557010][ T5116] team0 (unregistering): Port device team_slave_0 removed
[  281.583695][ T5116] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  281.607751][ T5116] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  281.757233][ T5116] bond0 (unregistering): Released all slaves
[  281.850105][ T7681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.962'.
[  281.942255][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  281.955850][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  281.974660][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  281.988090][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  282.008189][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  282.029492][ T7689] netlink: 'syz.4.965': attribute type 1 has an invalid length.
[  282.075848][ T7483] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  282.170484][ T7483] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  282.236198][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  282.302365][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  282.344708][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  282.455620][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  282.533920][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  284.572184][ T7724] device macvtap0 entered promiscuous mode
[  284.676628][ T7732] loop3: detected capacity change from 0 to 512
[  285.872651][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  285.912033][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  286.324945][ T7732] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.973: inode has both inline data and extents flags
[  286.341191][ T7732] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.973: couldn't read orphan inode 15 (err -117)
[  286.359027][ T7732] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  286.635380][ T7483] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.323238][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  291.358037][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  292.409114][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  292.447694][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  292.498499][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  292.549564][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  292.622254][ T7483] device veth0_vlan entered promiscuous mode
[  292.783830][ T7483] device veth1_vlan entered promiscuous mode
[  292.992496][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  293.012827][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  293.067991][ T7483] device veth0_macvtap entered promiscuous mode
[  293.247790][ T7483] device veth1_macvtap entered promiscuous mode
[  293.325670][ T7483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.372756][ T7483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.405307][ T7483] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.440603][ T7483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.537250][ T7483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.587253][ T7483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.598063][ T7483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.609567][ T7483] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.617077][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  293.629377][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  293.673551][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  293.847051][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  293.871213][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  293.881149][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  293.900866][ T7483] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.927142][ T7483] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.941884][ T7873] loop4: detected capacity change from 0 to 512
[  293.992855][ T7483] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.015534][ T7483] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  294.109148][ T7873] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.1009: inode has both inline data and extents flags
[  294.123000][ T7873] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.1009: couldn't read orphan inode 15 (err -117)
[  294.135547][ T7873] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  294.743104][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.785280][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.898527][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.915003][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.007242][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  295.021648][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  295.387957][ T7890] tipc: Started in network mode
[  295.418378][ T7890] tipc: Node identity 460db77ccae, cluster identity 4711
[  295.425573][ T7890] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  295.479151][ T7890] device syzkaller0 entered promiscuous mode
[  295.577283][ T7890] tipc: Resetting bearer <eth:syzkaller0>
[  295.635497][ T7889] tipc: Resetting bearer <eth:syzkaller0>
[  295.655689][ T7889] tipc: Disabling bearer <eth:syzkaller0>
[  295.879580][ T7913] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1019'.
[  296.674802][ T4515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.719389][ T4515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.776054][ T5116] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  297.286809][ T7962] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1032'.
[  297.355772][ T7962] device bridge0 entered promiscuous mode
[  297.394760][ T7962] device macvtap1 entered promiscuous mode
[  297.413415][ T7962] bridge0: port 3(macvtap1) entered blocking state
[  297.437215][ T7962] bridge0: port 3(macvtap1) entered disabled state
[  297.468014][ T7962] device bridge0 left promiscuous mode
[  297.678426][    T7] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  297.810815][ T7982] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1038'.
[  297.848639][ T4232] Bluetooth: hci0: command 0x0c1a tx timeout
[  297.948331][    T7] usb 3-1: Using ep0 maxpacket: 8
[  297.977047][ T7987] device syzkaller0 entered promiscuous mode
[  298.089623][    T7] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  298.112412][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  298.178579][    T7] usb 3-1: config 0 has no interface number 0
[  298.194641][    T7] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  298.228860][    T7] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  298.264983][    T7] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  298.301044][    T7] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  298.477273][    T7] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  299.024874][ T8010] loop0: detected capacity change from 0 to 512
[  299.280305][ T8010] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.1044: inode has both inline data and extents flags
[  299.298032][ T8010] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1044: couldn't read orphan inode 15 (err -117)
[  299.315024][ T8010] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  299.929007][    T7] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  299.938110][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.946431][    T7] usb 3-1: Product: syz
[  299.950676][    T7] usb 3-1: Manufacturer: syz
[  300.908292][    T7] usb 3-1: SerialNumber: syz
[  300.916342][    T7] usb 3-1: config 0 descriptor??
[  300.938452][    T7] usb 3-1: can't set config #0, error -71
[  300.945868][    T7] usb 3-1: USB disconnect, device number 6
[  301.273114][ T8036] device syzkaller0 entered promiscuous mode
[  301.350878][ T8036] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  301.485708][ T8034] tipc: Resetting bearer <eth:syzkaller0>
[  301.543923][ T8034] tipc: Disabling bearer <eth:syzkaller0>
[  301.755720][ T8043] device syzkaller0 entered promiscuous mode
[  302.296442][ T8086] netlink: 'syz.6.1058': attribute type 1 has an invalid length.
[  302.673696][ T8099] loop2: detected capacity change from 0 to 512
[  302.772100][ T8086] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1058'.
[  302.987931][ T8099] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1059: inode has both inline data and extents flags
[  303.004691][ T8099] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1059: couldn't read orphan inode 15 (err -117)
[  303.021062][ T8099] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  304.105528][ T8107] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  304.244514][ T8107] tipc: Disabling bearer <eth:syzkaller0>
[  305.551048][ T8161] loop3: detected capacity change from 0 to 512
[  305.739124][ T8161] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.1072: inode has both inline data and extents flags
[  305.753804][ T8161] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1072: couldn't read orphan inode 15 (err -117)
[  305.766647][ T8161] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  306.478404][ T4226] Bluetooth: hci0: command 0x0c1a tx timeout
[  307.414299][ T8189] loop0: detected capacity change from 0 to 512
[  307.610216][ T8189] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.1077: inode has both inline data and extents flags
[  307.628302][ T8189] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.1077: couldn't read orphan inode 15 (err -117)
[  307.647267][ T8189] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  308.948455][ T4227] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  309.188423][ T4227] usb 7-1: Using ep0 maxpacket: 8
[  309.318821][ T4227] usb 7-1: config 0 has an invalid interface number: 122 but max is 0
[  309.337492][ T4227] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.375158][ T8212] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1086'.
[  309.392414][ T4227] usb 7-1: config 0 has no interface number 0
[  309.419154][ T4227] usb 7-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  309.467609][ T4227] usb 7-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  309.526220][ T4227] usb 7-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  309.577430][ T4227] usb 7-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  309.618382][ T4227] usb 7-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  309.808428][ T4227] usb 7-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  309.823794][ T4227] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.881179][ T4227] usb 7-1: Product: syz
[  309.894382][ T4227] usb 7-1: Manufacturer: syz
[  309.904315][ T4227] usb 7-1: SerialNumber: syz
[  309.967983][ T4227] usb 7-1: config 0 descriptor??
[  310.019174][ T8201] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  310.197344][ T8232] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1090'.
[  310.245877][ T8201] udc-core: couldn't find an available UDC or it's busy
[  310.268435][ T8201] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  310.286635][ T8201] udc-core: couldn't find an available UDC or it's busy
[  310.306216][ T8201] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  310.330739][ T8201] udc-core: couldn't find an available UDC or it's busy
[  310.342366][ T8201] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  310.372135][ T8201] udc-core: couldn't find an available UDC or it's busy
[  310.398394][ T8201] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  310.625090][ T8201] udc-core: couldn't find an available UDC or it's busy
[  310.638342][ T8201] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  310.699322][ T4227] usb 7-1: NFC: intf ffff888076d2a000 id ffffffff8cb52720
[  310.751646][ T4227] nfcmrvl 7-1:0.122: NFC: registered with nci successfully
[  310.769783][ T8249] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  310.779054][ T8249] device syzkaller0 entered promiscuous mode
[  310.809041][ T8249] tipc: Resetting bearer <eth:syzkaller0>
[  310.819324][ T4227] usb 7-1: USB disconnect, device number 2
[  310.840034][ T8246] tipc: Resetting bearer <eth:syzkaller0>
[  310.850707][ T8254] ieee802154 phy0 wpan0: encryption failed: -22
[  310.865720][ T8246] tipc: Disabling bearer <eth:syzkaller0>
[  310.866233][ T4227] usb 7-1: NFC: intf ffff888076d2a000
[  312.085032][ T8268] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1102'.
[  313.253312][ T8282] loop4: detected capacity change from 0 to 512
[  313.686016][ T8282] EXT4-fs error (device loop4): ext4_orphan_get:1406: inode #15: comm syz.4.1105: inode has both inline data and extents flags
[  313.702370][ T8282] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.1105: couldn't read orphan inode 15 (err -117)
[  313.716243][ T8282] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  314.310210][ T8308] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1112'.
[  314.498390][    T7] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  314.558777][ T8308] 8021q: adding VLAN 0 to HW filter on device bond0
[  314.696480][ T8313] bond0: (slave veth3): Enslaving as an active interface with an up link
[  314.748486][    T7] usb 4-1: Using ep0 maxpacket: 8
[  314.776878][ T8316] 8021q: adding VLAN 0 to HW filter on device batadv1
[  314.879345][ T8316] bond0: (slave batadv1): Enslaving as an active interface with an up link
[  314.893225][    T7] usb 4-1: config 0 has an invalid interface number: 122 but max is 0
[  314.905258][    T7] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  314.926004][ T4515] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  314.939458][    T7] usb 4-1: config 0 has no interface number 0
[  314.959811][    T7] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  314.994835][    T7] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  315.022426][    T7] usb 4-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  315.075518][    T7] usb 4-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  315.092506][    T7] usb 4-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  315.314887][    T7] usb 4-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  315.319431][ T8342] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1116'.
[  315.326992][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.351434][    T7] usb 4-1: Product: syz
[  315.355869][    T7] usb 4-1: Manufacturer: syz
[  315.366182][    T7] usb 4-1: SerialNumber: syz
[  315.384929][    T7] usb 4-1: config 0 descriptor??
[  315.408733][ T8303] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  315.661462][ T8303] udc-core: couldn't find an available UDC or it's busy
[  315.679163][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1117'.
[  315.698318][ T8303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  315.739949][ T8303] udc-core: couldn't find an available UDC or it's busy
[  315.919391][ T8303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  316.081539][ T8303] udc-core: couldn't find an available UDC or it's busy
[  316.229302][ T8303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  316.490475][ T8303] udc-core: couldn't find an available UDC or it's busy
[  316.529399][ T8303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  316.687895][ T8345] team0: Port device team_slave_0 removed
[  316.807224][ T8303] udc-core: couldn't find an available UDC or it's busy
[  316.824792][ T8303] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  316.955247][ T8355] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1120'.
[  317.019228][    T7] usb 4-1: NFC: intf ffff88802b2f7000 id ffffffff8cb52720
[  317.214466][ T8357] device syzkaller0 entered promiscuous mode
[  317.257310][ T8357] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  317.279165][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  317.285575][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  317.307620][ T8356] tipc: Resetting bearer <eth:syzkaller0>
[  317.363497][ T8356] tipc: Disabling bearer <eth:syzkaller0>
[  317.781060][ T8362] loop3: detected capacity change from 0 to 512
[  317.929768][ T8362] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.1122: inode has both inline data and extents flags
[  317.956548][ T8362] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1122: couldn't read orphan inode 15 (err -117)
[  317.970277][ T8362] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  318.062697][    T7] nfcmrvl 4-1:0.122: NFC: registered with nci successfully
[  318.117220][    T7] usb 4-1: USB disconnect, device number 5
[  318.166347][    T7] usb 4-1: NFC: intf ffff88802b2f7000
[  318.361993][ T8383] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input5
[  318.834492][ T8397] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1133'.
[  318.876214][ T8397] device syzkaller0 entered promiscuous mode
[  319.018497][    T7] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  319.318333][    T7] usb 3-1: Using ep0 maxpacket: 8
[  319.448503][    T7] usb 3-1: config 0 has an invalid interface number: 122 but max is 0
[  319.462549][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  319.517421][    T7] usb 3-1: config 0 has no interface number 0
[  319.538980][    T7] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  319.569735][ T8416] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  319.578827][    T7] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  319.596337][ T8416] device syzkaller0 entered promiscuous mode
[  319.608244][    T7] usb 3-1: config 0 interface 122 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  319.630119][ T8416] tipc: Resetting bearer <eth:syzkaller0>
[  319.640530][    T7] usb 3-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  319.664100][    T7] usb 3-1: config 0 interface 122 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 8
[  319.715998][ T8415] tipc: Resetting bearer <eth:syzkaller0>
[  319.744646][ T8415] tipc: Disabling bearer <eth:syzkaller0>
[  319.868821][    T7] usb 3-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  319.899100][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.917479][    T7] usb 3-1: Product: syz
[  319.942809][    T7] usb 3-1: Manufacturer: syz
[  319.947577][    T7] usb 3-1: SerialNumber: syz
[  319.973789][    T7] usb 3-1: config 0 descriptor??
[  320.008823][ T8393] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  320.134852][ T8431] device syzkaller0 entered promiscuous mode
[  320.261384][ T8393] udc-core: couldn't find an available UDC or it's busy
[  320.281361][ T8393] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  320.330754][ T8393] udc-core: couldn't find an available UDC or it's busy
[  320.379895][ T8393] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  320.389752][ T8393] udc-core: couldn't find an available UDC or it's busy
[  320.396840][ T8393] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  320.481871][ T8393] udc-core: couldn't find an available UDC or it's busy
[  320.510519][ T8393] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  320.583690][ T8444] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1145'.
[  320.585819][ T8446] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1146'.
[  320.663018][ T8450] device syzkaller0 entered promiscuous mode
[  320.748976][ T8393] udc-core: couldn't find an available UDC or it's busy
[  320.786138][ T8393] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  320.840653][    T7] usb 3-1: NFC: intf ffff88807a0b2000 id ffffffff8cb52720
[  320.922636][    T7] nfcmrvl 3-1:0.122: NFC: registered with nci successfully
[  320.956227][    T7] usb 3-1: USB disconnect, device number 7
[  320.982514][    T7] usb 3-1: NFC: intf ffff88807a0b2000
[  321.951277][ T8487] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.980287][ T8487] device syzkaller0 entered promiscuous mode
[  322.063470][ T8487] tipc: Resetting bearer <eth:syzkaller0>
[  322.109273][ T8484] tipc: Resetting bearer <eth:syzkaller0>
[  322.183123][ T8484] tipc: Disabling bearer <eth:syzkaller0>
[  322.512046][ T8501] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1156'.
[  323.551328][ T8510] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1158'.
[  323.630751][ T8515] device syzkaller0 entered promiscuous mode
[  323.732906][ T8516] device bridge1 entered promiscuous mode
[  324.154627][ T8535] device syzkaller0 entered promiscuous mode
[  324.195050][ T8536] loop2: detected capacity change from 0 to 512
[  324.200811][ T8535] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  324.280023][ T8534] tipc: Resetting bearer <eth:syzkaller0>
[  324.347376][ T8536] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1164: inode has both inline data and extents flags
[  324.361345][ T8536] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1164: couldn't read orphan inode 15 (err -117)
[  324.395290][ T8536] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  324.502456][ T8534] tipc: Disabling bearer <eth:syzkaller0>
[  324.777831][ T8547] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1167'.
[  325.008611][ T8553] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1169'.
[  325.017717][ T8553] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1169'.
[  325.056339][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1169'.
[  326.173668][ T8568] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1173'.
[  326.239177][ T8574] device syzkaller0 entered promiscuous mode
[  327.293144][ T8603] loop3: detected capacity change from 0 to 512
[  327.379930][ T8603] EXT4-fs error (device loop3): ext4_orphan_get:1406: inode #15: comm syz.3.1179: inode has both inline data and extents flags
[  327.393809][ T8603] EXT4-fs error (device loop3): ext4_orphan_get:1411: comm syz.3.1179: couldn't read orphan inode 15 (err -117)
[  327.406284][ T8603] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  328.017640][ T8625] 
[  328.039241][ T8625] =============================
[  328.078568][ T8625] WARNING: suspicious RCU usage
[  328.157858][ T8625] syzkaller #0 Not tainted
[  328.172322][ T8625] -----------------------------
[  328.226343][ T8625] include/linux/rhashtable.h:594 suspicious rcu_dereference_check() usage!
[  328.259136][ T8625] 
[  328.259136][ T8625] other info that might help us debug this:
[  328.259136][ T8625] 
[  328.270805][ T8625] 
[  328.270805][ T8625] rcu_scheduler_active = 2, debug_locks = 1
[  328.279107][ T8625] 1 lock held by syz.2.1184/8625:
[  328.284554][ T8625]  #0: ffffffff8d43d408 (rtnl_mutex){+.+.}-{3:3}, at: ip_mroute_setsockopt+0x136/0x1250
[  328.294762][ T8625] 
[  328.294762][ T8625] stack backtrace:
[  328.303537][ T8625] CPU: 0 PID: 8625 Comm: syz.2.1184 Not tainted syzkaller #0
[  328.311059][ T8625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  328.321497][ T8625] Call Trace:
[  328.324890][ T8625]  <TASK>
[  328.327861][ T8625]  dump_stack_lvl+0x188/0x250
[  328.332571][ T8625]  ? load_image+0x400/0x400
[  328.337106][ T8625]  ? show_regs_print_info+0x20/0x20
[  328.342437][ T8625]  ? lockdep_rcu_suspicious+0x110/0x180
[  328.348018][ T8625]  ? local_bh_enable+0x20/0x20
[  328.352825][ T8625]  rhltable_lookup+0x7a9/0x7c0
[  328.357713][ T8625]  ? local_bh_enable+0x20/0x20
[  328.362626][ T8625]  ? mr_mfc_find_parent+0x190/0x190
[  328.367858][ T8625]  ? mark_lock+0x94/0x320
[  328.372223][ T8625]  ? local_bh_enable+0x20/0x20
[  328.374235][ T8642] binder: 8633:8642 ioctl 4018620d 0 returned -22
[  328.377309][ T8625]  ? mark_lock+0x94/0x320
[  328.388552][ T8625]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  328.394582][ T8625]  ? lock_chain_count+0x20/0x20
[  328.399483][ T8625]  mr_mfc_find_any_parent+0xb6/0x1e0
[  328.404816][ T8625]  ? local_bh_enable+0x20/0x20
[  328.409626][ T8625]  ip_mr_forward+0x24c/0xf90
[  328.414478][ T8625]  ipmr_mfc_add+0x23cc/0x2d40
[  328.419320][ T8625]  ? ipmr_mfc_delete+0x5f0/0x5f0
[  328.424292][ T8625]  ? __lock_acquire+0x7d10/0x7d10
[  328.429354][ T8625]  ? mark_lock+0x94/0x320
[  328.433732][ T8625]  ip_mroute_setsockopt+0xeaf/0x1250
[  328.439072][ T8625]  ? ipmr_rule_default+0x70/0x70
[  328.444060][ T8625]  ? do_futex+0xd73/0x12b0
[  328.448687][ T8625]  ? __might_sleep+0xf0/0xf0
[  328.453316][ T8625]  ip_setsockopt+0x568/0x3130
[  328.458123][ T8625]  ? ipv4_pktinfo_prepare+0x6f0/0x6f0
[  328.463536][ T8625]  ? aa_sk_perm+0x7dc/0x910
[  328.468174][ T8625]  ? aa_af_perm+0x340/0x340
[  328.472711][ T8625]  ? aa_sock_opt_perm+0x74/0x100
[  328.477775][ T8625]  ? sock_common_setsockopt+0x32/0xb0
[  328.483179][ T8625]  ? raw_setsockopt+0xc5/0x180
[  328.487976][ T8625]  ? sock_common_recvmsg+0x1c0/0x1c0
[  328.493314][ T8625]  __sys_setsockopt+0x2bf/0x3d0
[  328.498295][ T8625]  __x64_sys_setsockopt+0xb1/0xc0
[  328.503376][ T8625]  do_syscall_64+0x4c/0xa0
[  328.507820][ T8625]  ? clear_bhb_loop+0x30/0x80
[  328.512530][ T8625]  ? clear_bhb_loop+0x30/0x80
[  328.517367][ T8625]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  328.523558][ T8625] RIP: 0033:0x7f4cacd82dd9
[  328.528092][ T8625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.547738][ T8625] RSP: 002b:00007f4caafdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  328.556284][ T8625] RAX: ffffffffffffffda RBX: 00007f4cacffbfa0 RCX: 00007f4cacd82dd9
[  328.564295][ T8625] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000009
[  328.572296][ T8625] RBP: 00007f4cace18d69 R08: 000000000000003c R09: 0000000000000000
[  328.580733][ T8625] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000
[  328.588805][ T8625] R13: 00007f4cacffc038 R14: 00007f4cacffbfa0 R15: 00007ffe19fd1a38
[  328.596941][ T8625]  </TASK>
[  329.558945][ T8625] 
[  329.568690][ T8625] =============================
[  329.583990][ T8625] WARNING: suspicious RCU usage
[  329.612059][ T8625] syzkaller #0 Not tainted
[  329.635559][ T8625] -----------------------------
[  329.644434][ T8625] include/linux/rhashtable.h:369 suspicious rcu_dereference_check() usage!
[  329.691336][ T8625] 
[  329.691336][ T8625] other info that might help us debug this:
[  329.691336][ T8625] 
[  329.738429][ T8625] 
[  329.738429][ T8625] rcu_scheduler_active = 2, debug_locks = 1
[  329.759160][ T8625] 1 lock held by syz.2.1184/8625:
[  329.771029][ T8625]  #0: ffffffff8d43d408 (rtnl_mutex){+.+.}-{3:3}, at: ip_mroute_setsockopt+0x136/0x1250
[  329.781581][ T8625] 
[  329.781581][ T8625] stack backtrace:
[  329.787499][ T8625] CPU: 0 PID: 8625 Comm: syz.2.1184 Not tainted syzkaller #0
[  329.794908][ T8625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  329.804996][ T8625] Call Trace:
[  329.808300][ T8625]  <TASK>
[  329.811254][ T8625]  dump_stack_lvl+0x188/0x250
[  329.815958][ T8625]  ? load_image+0x400/0x400
[  329.820490][ T8625]  ? show_regs_print_info+0x20/0x20
[  329.825730][ T8625]  ? lockdep_rcu_suspicious+0x110/0x180
[  329.831417][ T8625]  ? local_bh_enable+0x20/0x20
[  329.836223][ T8625]  rhltable_lookup+0x52a/0x7c0
[  329.841037][ T8625]  ? local_bh_enable+0x20/0x20
[  329.846186][ T8625]  ? mr_mfc_find_parent+0x190/0x190
[  329.851429][ T8625]  ? mark_lock+0x94/0x320
[  329.855889][ T8625]  ? local_bh_enable+0x20/0x20
[  329.860808][ T8625]  ? mark_lock+0x94/0x320
[  329.865176][ T8625]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  329.871282][ T8625]  ? lock_chain_count+0x20/0x20
[  329.876278][ T8625]  mr_mfc_find_any_parent+0xb6/0x1e0
[  329.881604][ T8625]  ? local_bh_enable+0x20/0x20
[  329.886420][ T8625]  ip_mr_forward+0x24c/0xf90
[  329.891066][ T8625]  ipmr_mfc_add+0x23cc/0x2d40
[  329.895808][ T8625]  ? ipmr_mfc_delete+0x5f0/0x5f0
[  329.900878][ T8625]  ? __lock_acquire+0x7d10/0x7d10
[  329.906029][ T8625]  ? mark_lock+0x94/0x320
[  329.910500][ T8625]  ip_mroute_setsockopt+0xeaf/0x1250
[  329.915832][ T8625]  ? ipmr_rule_default+0x70/0x70
[  329.921094][ T8625]  ? do_futex+0xd73/0x12b0
[  329.925550][ T8625]  ? __might_sleep+0xf0/0xf0
[  329.930258][ T8625]  ip_setsockopt+0x568/0x3130
[  329.935063][ T8625]  ? ipv4_pktinfo_prepare+0x6f0/0x6f0
[  329.940550][ T8625]  ? aa_sk_perm+0x7dc/0x910
[  329.945093][ T8625]  ? aa_af_perm+0x340/0x340
[  329.949831][ T8625]  ? aa_sock_opt_perm+0x74/0x100
[  329.954867][ T8625]  ? sock_common_setsockopt+0x32/0xb0
[  329.960363][ T8625]  ? raw_setsockopt+0xc5/0x180
[  329.965198][ T8625]  ? sock_common_recvmsg+0x1c0/0x1c0
[  329.970756][ T8625]  __sys_setsockopt+0x2bf/0x3d0
[  329.975681][ T8625]  __x64_sys_setsockopt+0xb1/0xc0
[  329.980850][ T8625]  do_syscall_64+0x4c/0xa0
[  329.985393][ T8625]  ? clear_bhb_loop+0x30/0x80
[  329.990200][ T8625]  ? clear_bhb_loop+0x30/0x80
[  329.994996][ T8625]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  330.001091][ T8625] RIP: 0033:0x7f4cacd82dd9
[  330.005537][ T8625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.025652][ T8625] RSP: 002b:00007f4caafdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  330.034243][ T8625] RAX: ffffffffffffffda RBX: 00007f4cacffbfa0 RCX: 00007f4cacd82dd9
[  330.042261][ T8625] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000009
[  330.050255][ T8625] RBP: 00007f4cace18d69 R08: 000000000000003c R09: 0000000000000000
[  330.058337][ T8625] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000
[  330.066460][ T8625] R13: 00007f4cacffc038 R14: 00007f4cacffbfa0 R15: 00007ffe19fd1a38
[  330.074479][ T8625]  </TASK>
[  330.111345][ T8625] 
[  330.113735][ T8625] =============================
[  330.119323][ T8625] WARNING: suspicious RCU usage
[  330.124366][ T8625] syzkaller #0 Not tainted
[  330.129028][ T8625] -----------------------------
[  330.133986][ T8625] include/linux/rhashtable.h:614 suspicious rcu_dereference_check() usage!
[  330.143534][ T8625] 
[  330.143534][ T8625] other info that might help us debug this:
[  330.143534][ T8625] 
[  330.154358][ T8625] 
[  330.154358][ T8625] rcu_scheduler_active = 2, debug_locks = 1
[  330.163733][ T8625] 1 lock held by syz.2.1184/8625:
[  330.169904][ T8625]  #0: ffffffff8d43d408 (rtnl_mutex){+.+.}-{3:3}, at: ip_mroute_setsockopt+0x136/0x1250
[  330.179809][ T8625] 
[  330.179809][ T8625] stack backtrace:
[  330.185756][ T8625] CPU: 0 PID: 8625 Comm: syz.2.1184 Not tainted syzkaller #0
[  330.193603][ T8625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  330.203756][ T8625] Call Trace:
[  330.207049][ T8625]  <TASK>
[  330.209991][ T8625]  dump_stack_lvl+0x188/0x250
[  330.214946][ T8625]  ? load_image+0x400/0x400
[  330.219464][ T8625]  ? show_regs_print_info+0x20/0x20
[  330.224694][ T8625]  ? lockdep_rcu_suspicious+0x110/0x180
[  330.230260][ T8625]  ? local_bh_enable+0x20/0x20
[  330.235242][ T8625]  rhltable_lookup+0x61e/0x7c0
[  330.240178][ T8625]  ? local_bh_enable+0x20/0x20
[  330.245097][ T8625]  ? mr_mfc_find_parent+0x190/0x190
[  330.250392][ T8625]  ? mark_lock+0x94/0x320
[  330.254781][ T8625]  ? local_bh_enable+0x20/0x20
[  330.259857][ T8625]  ? mark_lock+0x94/0x320
[  330.264309][ T8625]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  330.270313][ T8625]  ? lock_chain_count+0x20/0x20
[  330.275278][ T8625]  mr_mfc_find_any_parent+0xb6/0x1e0
[  330.280666][ T8625]  ? local_bh_enable+0x20/0x20
[  330.285452][ T8625]  ip_mr_forward+0x24c/0xf90
[  330.290089][ T8625]  ipmr_mfc_add+0x23cc/0x2d40
[  330.294807][ T8625]  ? ipmr_mfc_delete+0x5f0/0x5f0
[  330.299794][ T8625]  ? __lock_acquire+0x7d10/0x7d10
[  330.304922][ T8625]  ? mark_lock+0x94/0x320
[  330.309362][ T8625]  ip_mroute_setsockopt+0xeaf/0x1250
[  330.314710][ T8625]  ? ipmr_rule_default+0x70/0x70
[  330.319694][ T8625]  ? do_futex+0xd73/0x12b0
[  330.324194][ T8625]  ? __might_sleep+0xf0/0xf0
[  330.328937][ T8625]  ip_setsockopt+0x568/0x3130
[  330.333754][ T8625]  ? ipv4_pktinfo_prepare+0x6f0/0x6f0
[  330.339162][ T8625]  ? aa_sk_perm+0x7dc/0x910
[  330.343716][ T8625]  ? aa_af_perm+0x340/0x340
[  330.348679][ T8625]  ? aa_sock_opt_perm+0x74/0x100
[  330.353738][ T8625]  ? sock_common_setsockopt+0x32/0xb0
[  330.359215][ T8625]  ? raw_setsockopt+0xc5/0x180
[  330.364026][ T8625]  ? sock_common_recvmsg+0x1c0/0x1c0
[  330.369350][ T8625]  __sys_setsockopt+0x2bf/0x3d0
[  330.374414][ T8625]  __x64_sys_setsockopt+0xb1/0xc0
[  330.379477][ T8625]  do_syscall_64+0x4c/0xa0
[  330.383957][ T8625]  ? clear_bhb_loop+0x30/0x80
[  330.388643][ T8625]  ? clear_bhb_loop+0x30/0x80
[  330.393528][ T8625]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  330.399527][ T8625] RIP: 0033:0x7f4cacd82dd9
[  330.403967][ T8625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.423900][ T8625] RSP: 002b:00007f4caafdc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  330.432411][ T8625] RAX: ffffffffffffffda RBX: 00007f4cacffbfa0 RCX: 00007f4cacd82dd9
[  330.440568][ T8625] RDX: 00000000000000d2 RSI: 0000000000000000 RDI: 0000000000000009
[  330.448576][ T8625] RBP: 00007f4cace18d69 R08: 000000000000003c R09: 0000000000000000
[  330.457002][ T8625] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000
[  330.465091][ T8625] R13: 00007f4cacffc038 R14: 00007f4cacffbfa0 R15: 00007ffe19fd1a38
[  330.473218][ T8625]  </TASK>