last executing test programs:

5m41.1769359s ago: executing program 4 (id=3278):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r1 = dup(r0)
open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
write$FUSE_BMAP(r1, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r1, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)
writev(r2, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1)

5m40.240612082s ago: executing program 4 (id=3280):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000240)=@known='trusted.overlay.opaque\x00', &(0x7f00000002c0)=""/32, 0x20)
setns(r2, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
syz_fuse_handle_req(r0, &(0x7f0000006140)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2f852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e104461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83e4cb29fb954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000700)={&(0x7f0000000100)={0x50, 0xffffffffffffff8c, 0xffffffffffffffff, {0x7, 0x2b, 0x0, 0x300900, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m53.891532605s ago: executing program 4 (id=3286):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
write$FUSE_BMAP(r2, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000005c0)=ANY=[@ANYBLOB="b900"], 0xb8)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000780)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache'])
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)
writev(r3, &(0x7f0000000000)=[{&(0x7f00000006c0)='\t', 0x2003f}], 0x1)

4m52.774697926s ago: executing program 4 (id=3378):
openat$dsp(0xffffffffffffff9c, 0x0, 0x48982, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
syz_emit_ethernet(0x4a, &(0x7f0000000180)={@local, @random="cce390677742", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd308", 0x14, 0x6, 0x0, @remote, @mcast2, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x804800, 0x0, 0x3, 0x0, &(0x7f0000000080))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0)

4m50.668133855s ago: executing program 4 (id=3382):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYBLOB="000024000000000024001200140001006272696467655f736c6176658000"], 0x3}}, 0x0)
splice(r0, 0x0, r2, 0x0, 0x10d00, 0x0)

4m46.516067107s ago: executing program 4 (id=3394):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000140)={0x0, 0x1, 0x6, @local}, 0x10)

4m43.485797652s ago: executing program 32 (id=3394):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000140)={0x0, 0x1, 0x6, @local}, 0x10)

12.489409063s ago: executing program 5 (id=4455):
socket(0x10, 0x80002, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r1)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000300)={'wpan1\x00'})
socket$inet6(0xa, 0x5, 0x3)
openat$tun(0xffffffffffffff9c, 0x0, 0x90000, 0x0)
syz_emit_ethernet(0x2a, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x1d, 0x0, 0xfffffffffffffffe, {0x0, 0x0, 0x1}, 0x2}, 0x18)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
read(r2, &(0x7f0000000340)=""/49, 0x31)
sendmsg$IPSET_CMD_SAVE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000080601080000000000000004000000040500010006"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(0x0, r1)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, 0x0, 0x0)
setsockopt$sock_linger(r3, 0x1, 0x3c, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{0x0}], 0x1}, 0x0)

10.728603988s ago: executing program 5 (id=4460):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000", @ANYRES16=r1, @ANYBLOB="31032fbd74000000f0ff07000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8814}, 0x0)

10.092035005s ago: executing program 5 (id=4462):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='lp\x00', 0x3)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b", 0x44, 0x11, 0x0, 0x0)

9.237676185s ago: executing program 5 (id=4467):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r0, 0x1000)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
bind$inet(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

7.868622298s ago: executing program 1 (id=4473):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a0104000000000000000001008078da0ce40073797a30000000002c000000030a01010000000000f00400010000000900010073797a30000000000900030073797a32000000008c000000060a010400000000000000000100000008000b400000000064000480340001800b000100657874686472000024000280080001400000000c0800034000000000080004400000002200000000000000002c0001800c00010062697477697365001c0002800800034000000004080001400000001408000240000000"], 0x100}}, 0x0)
socket(0x840000000002, 0x3, 0xff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000001280)=[{&(0x7f0000001180)="830d", 0x2}], 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
write(r2, 0x0, 0x0)

7.752581246s ago: executing program 5 (id=4475):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x1f5, 0x4)
recvmmsg(r0, &(0x7f0000003e00)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x45833af92e4b39ff, 0x0)

6.824066694s ago: executing program 1 (id=4478):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x40002000)

6.482835941s ago: executing program 2 (id=4479):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x100}], 0x1, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r0, 0x0)
shutdown(r0, 0x0)

5.911891276s ago: executing program 1 (id=4482):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x68, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x32}}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x68}}, 0x0)

5.552272674s ago: executing program 2 (id=4483):
socket(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=@newtfilter={0x24, 0x28, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xb}, {0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x0)

5.507118036s ago: executing program 3 (id=4484):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000400)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x4, 0x1, 0x0, 0x0, 0xa, @private0, @loopback={0x0, 0xffff888101827518}, 0x700, 0x0, 0x7}})

5.122748574s ago: executing program 1 (id=4485):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r0, 0x1000)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

4.839962436s ago: executing program 0 (id=4486):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xa0}}, 0x0)

4.520240576s ago: executing program 3 (id=4487):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ac0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000b00)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7002fcdbdf251800000008000300", @ANYRES32=r2], 0x4c}}, 0x20000000)

4.458048675s ago: executing program 1 (id=4488):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a0104000000000000000001008078da0ce40073797a30000000002c000000030a01010000000000f00400010000000900010073797a30000000000900030073797a32000000008c000000060a010400000000000000000100000008000b400000000064000480340001800b000100657874686472000024000280080001400000000c0800034000000000080004400000002200000000000000002c0001800c00010062697477697365001c0002800800034000000004080001400000001408000240000000"], 0x100}}, 0x0)
socket(0x840000000002, 0x3, 0xff)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r3, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000001280)=[{&(0x7f0000001180)="830d", 0x2}], 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
write(r2, 0x0, 0x0)

4.454675625s ago: executing program 2 (id=4489):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='lp\x00', 0x3)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf74", 0x49, 0x11, 0x0, 0x0)

4.070548409s ago: executing program 0 (id=4490):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000000082295"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket(0x18, 0x0, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x4, @random="45e3f364e554", 'sit0\x00'}}, 0x1e)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x1f4, 0xc, 0x0, &(0x7f0000000100)="ff412f66b0833efc88649687", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x4c)

3.792297877s ago: executing program 3 (id=4491):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000180)={&(0x7f0000000000)=""/74, 0x328000, 0x800}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r4=>0x0})
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)

3.457311237s ago: executing program 1 (id=4492):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r2, &(0x7f0000000040), 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$kcm(0x2, 0x200000000000001, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@empty, 0x0, 0x1, 0x1, 0x4, 0x4}, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r4, 0x400452c8, &(0x7f0000000100))
pselect6(0x0, 0x0, &(0x7f0000000200)={0x1, 0x7, 0x6, 0x40000000000081, 0x5, 0x100000003, 0xfffffffffffffffe, 0x4}, 0x0, &(0x7f00000002c0)={0x77359400}, &(0x7f0000000340)={&(0x7f0000000300)={[0x6]}, 0x8})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x300000a, 0x3032, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), 0xffffffffffffffff)
socket$inet6_sctp(0xa, 0x5, 0x84)

3.454169884s ago: executing program 2 (id=4493):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x100}], 0x1, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
listen(r0, 0x0)
shutdown(r0, 0x0)

3.131531645s ago: executing program 0 (id=4494):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)

2.516155698s ago: executing program 2 (id=4495):
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
unshare(0x6060400)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000680)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x6, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100, @void, @value}, 0x94)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYRESOCT=r0], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000014c80020850000000400000018110000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bind$inet(r1, &(0x7f0000000300)={0x2, 0x4e23, @remote}, 0x10)
socket(0x10, 0x80002, 0x0)
unshare(0x6020400)
socket$packet(0x11, 0x3, 0x300)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0xc7}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc86a00", "4617a9f6040839230fb7fead776dd8dc", "c6db0872", "a44a883fca4400"}, 0x28)
shutdown(0xffffffffffffffff, 0x1)
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x4}], 0x1, 0x0, 0x0, 0x0)

2.332697221s ago: executing program 0 (id=4496):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRESHEX=r1, @ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRES64=r1, @ANYRES16=r0, @ANYBLOB="91f842c6f915d06cd4ffb6ccb924e25fd2ca3a4539288f56038cbe4bf2632fd83f08ef4d78a30aaefef21f472f6e89bff50205a96bfe624ffe37b09c0c1bf65d3839419d41b5a2b9c53a08b74e04329f5617ffc8748d6115095ffce003bc6d7b15e10810b0190793fe68fdd10592df44dfdefdb6e4b67a", @ANYRES8=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
close(r5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x20044811}, 0x2000c094)

2.025201672s ago: executing program 3 (id=4497):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0xca0a, 0x4)

1.296580104s ago: executing program 3 (id=4498):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r0, 0x1000)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4)
bind$inet(r1, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10)

1.236913774s ago: executing program 5 (id=4499):
r0 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=@newtfilter={0x24, 0x28, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xb}, {0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x0)

860.545412ms ago: executing program 2 (id=4500):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f0000001e80)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000040}, 0x4000000)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0], 0x14}}, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000800)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb08004500007800000000000190780a010102ac1414aa030490780100000047000000000000000011000000000000e0000002440c0001ac1414bb6e210000443c0001e0000000ac14140000000000ac1414aa000000000000000000000000ac1e000100000000000000000000000031ed07ec745d7e6a736ac20b04e32232bf96584387cad6f69ef21a240007e3d83458f34e01b14ee68edf34e4d753285d2e8aaa519ce72b42d6bf9da2a14fd7a785f5e95baa2373528ee4fd51dd212b1ceb70f7519cf5e8e3186039fc566fd5c4864f"], 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r1)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f80)=ANY=[@ANYBLOB="b70200000b000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f7a80d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001e8c76bbe7ff988a28ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4522bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b9fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabfd50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd1389a0963de85dd2b189774450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f326df86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c39b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa525235da0000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc32a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f8293cf83bceaf6c9eda1f83166aa1e2093d626870510e6cd176d501fe01e4a752fc30134073188e3f826f695e4e14fca6596943467c7df154493023f77c107b3db20ea75b493b4b38dc43986d94748cbfab954edae20982b6d212a44f4b40387876bc9eb73900"/3112], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB], 0x38}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000100)="b9ff0b076859268cb89e14f088a847", 0x0, 0xefd, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
recvmmsg(r3, &(0x7f0000000480)=[{{0x0, 0x30, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000600)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="090000000000fedbdf25070000001c00018008000700", @ANYRES32=0x0, @ANYBLOB="060001"], 0x30}, 0x1, 0x0, 0x0, 0x45040}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
r9 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r9, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r9, &(0x7f0000000140)="24000000010006", 0x7)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x4000)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r6)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=@newtfilter={0x2c, 0x2c, 0xd27, 0x303d29, 0x21dfdbfd, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {0x0, 0x2}, {0xe}}, [@TCA_CHAIN={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000015}, 0x200c4004)

802.035151ms ago: executing program 0 (id=4501):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x58, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x58}}, 0x0)

556.684671ms ago: executing program 3 (id=4502):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffe}}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001300)=@newtfilter={0x4dc, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0x4b0, 0x2, [@TCA_U32_SEL={0x64, 0x5, {0xe, 0x9, 0x5, 0x5, 0x7de, 0x74, 0xe, 0xdc, [{0x80000001, 0x2, 0x9, 0x1ff}, {0x3ee, 0x1, 0x4}, {0x9, 0xf12, 0x7f, 0xa}, {0x7ff, 0x2, 0x1, 0x8000}, {0x3, 0x1, 0x3, 0x3e}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xffe0}}, @TCA_U32_POLICE={0x410, 0x6, [@TCA_POLICE_RESULT={0x8, 0x5, 0x3ac}, @TCA_POLICE_RATE={0x404, 0x2, [0xfffffe78, 0x200, 0x9, 0x2, 0x3, 0x1, 0x4, 0xffffffff, 0x2, 0x6, 0x40, 0x101, 0x7a015ae3, 0x9, 0x6, 0x4, 0x1, 0x10000, 0x2, 0x4f, 0x37, 0x80, 0x400, 0x4, 0x2, 0x8000003b, 0x6, 0x3, 0xa, 0x9, 0x7, 0xf, 0x9bc2, 0xc, 0x16, 0x1, 0x2, 0x7, 0x7ff, 0x8, 0x10, 0x0, 0x6, 0x8d5, 0x3, 0x4, 0xda, 0x0, 0x8, 0x0, 0x8558, 0x6, 0x1, 0x800, 0x40, 0xfffffff8, 0x7, 0x7, 0xfffe, 0x1, 0x401, 0x8, 0x80, 0x9, 0x9, 0x1, 0x0, 0x4, 0xffffffff, 0x1, 0x1, 0x101, 0x2, 0x1000, 0x8, 0x7f, 0xfac7, 0x4, 0x3, 0x7fff, 0x3, 0x7, 0x7, 0x8, 0x26d8, 0x7, 0x7, 0x10001, 0x9, 0x1ff, 0x8, 0xff, 0x7ccb, 0x4, 0x8, 0x3, 0xa3, 0x6, 0x1ff, 0x4, 0x221, 0x4, 0x3, 0xd78, 0x9, 0x5, 0xd, 0x7f, 0x1, 0x7f, 0x1ff, 0x3, 0x60000, 0xfffffffa, 0x2, 0x0, 0x8, 0x1086a314, 0xe7, 0x800, 0x6, 0x9, 0xcf, 0x82, 0x1, 0x1, 0x2, 0x9, 0x4, 0x3f975c00, 0x7, 0x86, 0x2, 0x0, 0x8, 0x6, 0x4, 0xa, 0x7, 0x26, 0x6, 0x6, 0x9, 0xbd, 0x7f, 0xff, 0x7, 0x6, 0x0, 0x43ca, 0x8, 0x7, 0x4, 0x4, 0x3, 0xb5, 0x5, 0x89, 0x1, 0x1, 0x10000, 0xe6, 0x2, 0x1000, 0x3, 0x4, 0xff, 0x8001, 0x6, 0x1, 0xffffffff, 0x7, 0x3, 0x6, 0x7f, 0x123b, 0x1f2, 0x31a8, 0x2, 0x2, 0x1a37, 0xfffffffa, 0xf, 0x7, 0x7ff, 0x2, 0x3, 0xe, 0xf2, 0x3, 0x3f5c3ab0, 0xa46, 0x5, 0x7, 0x80000000, 0x5, 0xc31, 0x1, 0x6, 0x29, 0x1, 0xb4, 0x1, 0x662b, 0x0, 0x8, 0x3, 0x0, 0x3, 0x4, 0x3, 0x1, 0xd, 0x5, 0xf4, 0x6, 0xfffeffff, 0x24, 0x2, 0x400, 0x5, 0x0, 0x7fff, 0x9, 0x2, 0xb120, 0x5, 0x78, 0xffffff01, 0x1, 0x2c2b, 0x8, 0x6, 0x3ff, 0x7, 0x8, 0x8543, 0xa, 0x1, 0x6, 0x6, 0x3, 0xff, 0x80, 0x8, 0x818, 0xaf, 0x4, 0x7, 0x2, 0x2, 0x9, 0xaed6, 0x6, 0xadad, 0x800]}]}, @TCA_U32_INDEV={0x14, 0x8, 'ip6_vti0\x00'}, @TCA_U32_INDEV={0x45, 0x8, 'xfrm0\x00'}, @TCA_U32_HASH={0x8, 0x2, 0xff}]}}]}, 0x4dc}, 0x1, 0x0, 0x0, 0x24000014}, 0x200c4004)

0s ago: executing program 0 (id=4503):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x20, 0x0, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x20}}, 0x0)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="700000001200030200"/56, @ANYRES32=0x0, @ANYBLOB="814b00000000000000000000000000002100010008"], 0x70}}, 0x0)

kernel console output (not intermixed with test programs):

dge0: port 1(bridge_slave_0) entered disabled state
[ 1002.332184][T13594] bridge_slave_0: entered allmulticast mode
[ 1002.342815][T13594] bridge_slave_0: entered promiscuous mode
[ 1002.433607][T13594] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1002.442241][T13594] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1002.450978][T13594] bridge_slave_1: entered allmulticast mode
[ 1002.464578][T13594] bridge_slave_1: entered promiscuous mode
[ 1002.785860][T13594] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1002.865765][T13594] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1003.586012][ T5844] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1003.673787][T13594] team0: Port device team_slave_0 added
[ 1003.692568][ T5844] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1003.703378][ T5844] usb 1-1: can't read configurations, error -71
[ 1003.745233][T13594] team0: Port device team_slave_1 added
[ 1003.784510][T12779] Bluetooth: hci3: command tx timeout
[ 1003.824541][T13635] loop2: detected capacity change from 0 to 512
[ 1003.947908][T13635] ext4: Unknown parameter 'fowner>18446744073709551615'
[ 1004.325826][T13594] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1004.334030][T13594] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.361460][T13594] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1004.612068][T13594] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1004.619648][T13594] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.650231][T13594] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1005.876046][T12779] Bluetooth: hci3: command tx timeout
[ 1007.269507][T13594] hsr_slave_0: entered promiscuous mode
[ 1007.280981][T13594] hsr_slave_1: entered promiscuous mode
[ 1007.296457][T13594] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1007.304315][T13594] Cannot create hsr debugfs directory
[ 1008.680443][T13643] syz.1.3218 (13643): drop_caches: 2
[ 1009.147485][T13655] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.3223'.
[ 1011.224509][T13594] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1011.333731][T13594] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1011.441812][ T5844] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1011.462487][T13594] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1011.822661][T13594] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1013.160113][T13683] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3231'.
[ 1013.466572][ T5844] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1013.504946][ T5844] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1013.513082][ T5844] usb 3-1: can't read configurations, error -71
[ 1013.741602][T13594] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1014.062592][T13594] 8021q: adding VLAN 0 to HW filter on device team0
[ 1014.236122][ T4237] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1014.243978][ T4237] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1014.479007][ T4237] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1014.486852][ T4237] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1014.782854][T13685] loop2: detected capacity change from 0 to 2048
[ 1014.812281][T13690] loop0: detected capacity change from 0 to 256
[ 1015.055754][T13685] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1015.177606][T13685] UDF-fs: error (device loop2): udf_read_inode: (ino 1376) failed !bh
[ 1015.187078][T13685] UDF-fs: error (device loop2): udf_fill_super: Error in udf_iget, block=64, partition=0
[ 1015.651483][T13685] loop2: detected capacity change from 0 to 512
[ 1015.837773][T13685] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[ 1015.985968][T13675] syz.1.3229 (13675): drop_caches: 2
[ 1016.050747][   T30] audit: type=1326 audit(1750618160.258:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13684 comm="syz.2.3232" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x0
[ 1017.540070][T13701] loop2: detected capacity change from 0 to 256
[ 1017.576643][ T5842] usb 2-1: new low-speed USB device number 9 using dummy_hcd
[ 1017.609407][T13701] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1017.621141][T13701] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[ 1017.772119][T13701] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[ 1017.804320][ T5842] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1017.812478][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1017.824488][ T5842] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1017.840098][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1017.853167][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1018.013790][T12946] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1018.154154][ T5842] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1018.163074][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1018.174499][ T5842] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1018.175032][T13594] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1018.186477][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1018.186660][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1018.248195][T12946] usb 1-1: Using ep0 maxpacket: 16
[ 1018.294811][T12946] usb 1-1: config 166 has an invalid interface number: 177 but max is 1
[ 1018.304414][T12946] usb 1-1: config 166 has an invalid interface number: 34 but max is 1
[ 1018.314849][T12946] usb 1-1: config 166 has no interface number 0
[ 1018.322420][T12946] usb 1-1: config 166 has no interface number 1
[ 1018.329260][T12946] usb 1-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[ 1018.341041][T12946] usb 1-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[ 1018.355691][T12946] usb 1-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1018.368363][T12946] usb 1-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1018.381200][T12946] usb 1-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[ 1018.396608][T12946] usb 1-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1018.407764][T12946] usb 1-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1018.419547][T12946] usb 1-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1018.430183][T12946] usb 1-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[ 1018.444301][T12946] usb 1-1: config 166 interface 177 has no altsetting 0
[ 1018.454872][T12946] usb 1-1: config 166 interface 34 has no altsetting 0
[ 1018.482160][ T5842] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1018.490549][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1018.502552][ T5842] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1018.514949][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1018.518132][T12946] usb 1-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12
[ 1018.526911][ T5842] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1018.551306][T12946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.560856][T12946] usb 1-1: Product: syz
[ 1018.565329][T12946] usb 1-1: Manufacturer: syz
[ 1018.570649][T12946] usb 1-1: SerialNumber: syz
[ 1018.908616][ T5842] usb 2-1: string descriptor 0 read error: -22
[ 1018.915762][ T5842] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1018.925496][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1019.084239][T13594] veth0_vlan: entered promiscuous mode
[ 1019.099434][ T5842] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1019.154415][T12946] ums-realtek 1-1:166.177: USB Mass Storage device detected
[ 1019.275337][T13594] veth1_vlan: entered promiscuous mode
[ 1019.358880][ T5842] usb 2-1: USB disconnect, device number 9
[ 1019.632176][T13569] bridge_slave_1: left allmulticast mode
[ 1019.640472][T13569] bridge_slave_1: left promiscuous mode
[ 1019.649718][T13569] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1019.755541][T13569] bridge_slave_0: left allmulticast mode
[ 1019.762174][T13569] bridge_slave_0: left promiscuous mode
[ 1019.769762][T13569] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1019.811104][T12946] ums-realtek 1-1:166.34: USB Mass Storage device detected
[ 1019.874826][T13720] syz.4.3242: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1019.895716][T13720] CPU: 0 UID: 0 PID: 13720 Comm: syz.4.3242 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1019.895906][T13720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1019.896006][T13720] Call Trace:
[ 1019.896068][T13720]  <TASK>
[ 1019.896126][T13720]  __dump_stack+0x26/0x30
[ 1019.896340][T13720]  dump_stack_lvl+0x1df/0x270
[ 1019.896546][T13720]  dump_stack+0x1e/0x25
[ 1019.896725][T13720]  warn_alloc+0x470/0x690
[ 1019.896963][T13720]  ? kmsan_get_metadata+0xfb/0x160
[ 1019.897200][T13720]  __vmalloc_node_range_noprof+0x133/0x2360
[ 1019.897428][T13720]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1019.897667][T13720]  ? should_fail_ex+0x45/0x8a0
[ 1019.897848][T13720]  ? kmsan_get_metadata+0xfb/0x160
[ 1019.898070][T13720]  ? kmsan_get_metadata+0xfb/0x160
[ 1019.898283][T13720]  ? kmsan_get_metadata+0xfb/0x160
[ 1019.898518][T13720]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1019.898765][T13720]  ? kmsan_get_metadata+0xfb/0x160
[ 1019.899001][T13720]  vmalloc_user_noprof+0xce/0x140
[ 1019.899203][T13720]  ? xskq_create+0x11d/0x290
[ 1019.899408][T13720]  xskq_create+0x11d/0x290
[ 1019.899610][T13720]  xsk_init_queue+0xfd/0x1d0
[ 1019.899801][T13720]  xsk_setsockopt+0x873/0xc30
[ 1019.900007][T13720]  do_sock_setsockopt+0x4dc/0x820
[ 1019.900187][T13720]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1019.900386][T13720]  __ia32_sys_setsockopt+0x2ac/0x4a0
[ 1019.900602][T13720]  ia32_sys_call+0x41fa/0x42c0
[ 1019.900758][T13720]  __do_fast_syscall_32+0xb0/0x150
[ 1019.900939][T13720]  do_fast_syscall_32+0x38/0x80
[ 1019.901119][T13720]  do_SYSENTER_32+0x1f/0x30
[ 1019.901290][T13720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1019.901508][T13720] RIP: 0023:0xf711e539
[ 1019.901624][T13720] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1019.901767][T13720] RSP: 002b:00000000f50ed55c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1019.901916][T13720] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[ 1019.902020][T13720] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[ 1019.902122][T13720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1019.902219][T13720] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1019.902329][T13720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1019.902463][T13720]  </TASK>
[ 1020.151094][T13720] Mem-Info:
[ 1020.154505][T13720] active_anon:24152 inactive_anon:0 isolated_anon:0
[ 1020.154505][T13720]  active_file:9677 inactive_file:51472 isolated_file:0
[ 1020.154505][T13720]  unevictable:768 dirty:91 writeback:0
[ 1020.154505][T13720]  slab_reclaimable:3371 slab_unreclaimable:23694
[ 1020.154505][T13720]  mapped:30140 shmem:19684 pagetables:1550
[ 1020.154505][T13720]  sec_pagetables:0 bounce:0
[ 1020.154505][T13720]  kernel_misc_reclaimable:0
[ 1020.154505][T13720]  free:339019 free_pcp:11943 free_cma:0
[ 1020.213242][T13720] Node 0 active_anon:96608kB inactive_anon:0kB active_file:38708kB inactive_file:205684kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120556kB dirty:364kB writeback:0kB shmem:77200kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5232kB pagetables:5836kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1020.251707][T13720] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:364kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1020.287324][T13720] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1020.321884][T13720] lowmem_reserve[]: 0 930 1243 1243 1243
[ 1020.328730][T13720] Node 0 DMA32 free:420808kB boost:0kB min:36868kB low:46084kB high:55300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:73856kB inactive_anon:0kB active_file:38436kB inactive_file:120472kB unevictable:0kB writepending:328kB present:3129332kB managed:953032kB mlocked:0kB bounce:0kB free_pcp:34452kB local_pcp:15016kB free_cma:0kB
[ 1020.363644][T13720] lowmem_reserve[]: 0 0 312 312 312
[ 1020.370822][T13720] Node 0 Normal free:23288kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22740kB inactive_anon:0kB active_file:272kB inactive_file:85212kB unevictable:1536kB writepending:36kB present:1048580kB managed:320456kB mlocked:0kB bounce:0kB free_pcp:13344kB local_pcp:5784kB free_cma:0kB
[ 1020.407475][T13720] lowmem_reserve[]: 0 0 0 0 0
[ 1020.412941][T13720] Node 1 Normal free:907884kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:987204kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1020.445833][T13720] lowmem_reserve[]: 0 0 0 0 0
[ 1020.451802][T13720] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB
[ 1020.465909][T13720] Node 0 DMA32: 3238*4kB (UM) 2450*8kB (UME) 1854*16kB (UME) 1434*32kB (UM) 954*64kB (UM) 426*128kB (UM) 178*256kB (UME) 78*512kB (UM) 31*1024kB (UME) 21*2048kB (UME) 9*4096kB (M) = 420808kB
[ 1020.488424][T13720] Node 0 Normal: 404*4kB (UME) 285*8kB (UME) 134*16kB (UME) 73*32kB (UME) 33*64kB (UME) 26*128kB (UME) 5*256kB (UME) 8*512kB (UE) 0*1024kB 2*2048kB (UM) 0*4096kB = 23288kB
[ 1020.513025][T13720] Node 1 Normal: 5*4kB (UE) 13*8kB (UME) 17*16kB (UME) 19*32kB (UME) 22*64kB (UME) 10*128kB (UME) 10*256kB (UME) 7*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 215*4096kB (M) = 907884kB
[ 1020.535627][T13720] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1020.546550][T13720] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1020.556691][T13720] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1020.567306][T13720] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1020.578261][T13720] 80818 total pagecache pages
[ 1020.583216][T13720] 0 pages in swap cache
[ 1020.588259][T13720] Free swap  = 124996kB
[ 1020.592674][T13720] Total swap = 124996kB
[ 1020.600580][T13720] 2097051 pages RAM
[ 1020.604635][T13720] 0 pages HighMem/MovableOnly
[ 1020.610792][T13720] 1530854 pages reserved
[ 1020.615289][T13720] 0 pages cma reserved
[ 1020.734480][T12946] ums-realtek 1-1:166.34: probe with driver ums-realtek failed with error -5
[ 1020.754810][T12946] usb 1-1: Found UVC 0.00 device syz (0bda:0138)
[ 1020.762606][T12946] usb 1-1: No valid video chain found.
[ 1020.894436][T12946] usb 1-1: USB disconnect, device number 12
[ 1020.938385][T13569] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[ 1020.948555][T13569] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - 02:f6:48:f1:bf:ed - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[ 1021.335276][T13569] bond2 (unregistering): (slave gretap2): Releasing active interface
[ 1021.661647][T13569] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1021.738959][T13569] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1021.772212][T13569] bond0 (unregistering): Released all slaves
[ 1021.922767][T13569] bond1 (unregistering): (slave veth5): Releasing backup interface
[ 1022.005437][T13569] bond1 (unregistering): Released all slaves
[ 1022.160294][T13569] bond2 (unregistering): Released all slaves
[ 1022.298898][T13569] bond3 (unregistering): (slave veth7): Releasing backup interface
[ 1022.345379][T13569] bond3 (unregistering): Released all slaves
[ 1022.814952][T13594] veth0_macvtap: entered promiscuous mode
[ 1022.868203][T13569] : left promiscuous mode
[ 1022.946810][T13594] veth1_macvtap: entered promiscuous mode
[ 1023.310104][T13594] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1023.384646][T13569] hsr_slave_0: left promiscuous mode
[ 1023.447387][T13569] hsr_slave_1: left promiscuous mode
[ 1023.455795][T13569] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1023.562862][T13569] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1023.703123][T13737] syz.1.3247 (13737): drop_caches: 2
[ 1024.246867][T12018] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1024.426634][T12018] usb 3-1: Using ep0 maxpacket: 32
[ 1024.618684][T12018] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1024.630457][T12018] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1024.641102][T12018] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1024.650587][T12018] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.790392][T12018] usb 3-1: config 0 descriptor??
[ 1024.869148][T12018] hub 3-1:0.0: USB hub found
[ 1025.113724][T13749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1025.125355][T13749] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1025.468295][T13594] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1025.554533][T13749] 8021q: VLANs not supported on vcan0
[ 1025.601003][T12018] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1025.619595][T13594] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.629567][T13594] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.638869][T13594] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.648200][T13594] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.903754][T12018] usbhid 3-1:0.0: can't add hid device: -71
[ 1025.912363][T12018] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1025.953186][T12018] usb 3-1: USB disconnect, device number 12
[ 1027.236643][T12946] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1027.419268][T13764] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3256'.
[ 1027.452061][T13764] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1027.466675][T13764] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1027.475810][T13764] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1027.486527][T13764] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1027.496450][T12946] usb 3-1: Using ep0 maxpacket: 32
[ 1027.532220][T13764] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1027.542518][T13764] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1027.552447][T13764] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1027.567183][T13764] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1027.622276][T12946] usb 3-1: config 1 interface 0 altsetting 96 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1027.636447][T12946] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1027.793910][T12946] usb 3-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[ 1027.803700][T12946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1027.812567][T12946] usb 3-1: Product: syz
[ 1027.817268][T12946] usb 3-1: Manufacturer: syz
[ 1027.822200][T12946] usb 3-1: SerialNumber: syz
[ 1028.530280][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1028.987247][T13766] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1029.002324][T13766] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1029.471474][T12946] usbhid 3-1:1.0: can't add hid device: -71
[ 1029.478466][T12946] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[ 1029.586009][T12946] usb 3-1: USB disconnect, device number 13
[ 1031.368556][T13800] vlan0: entered promiscuous mode
[ 1031.665589][T13808] netlink: 'syz.2.3269': attribute type 10 has an invalid length.
[ 1031.688019][T12018] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1031.743035][T13805] netlink: 'syz.1.3268': attribute type 10 has an invalid length.
[ 1031.764681][T13808] team0: Port device dummy0 added
[ 1031.827185][T13805] team0: Port device dummy0 added
[ 1031.847710][T13808] netlink: 'syz.2.3269': attribute type 10 has an invalid length.
[ 1031.898680][T13808] team0: Port device dummy0 removed
[ 1031.929429][T13808] dummy0: entered promiscuous mode
[ 1031.944526][T13808] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1032.961993][T12018] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1032.976966][T12018] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1032.985190][T12018] usb 1-1: can't read configurations, error -71
[ 1033.206053][T13817] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1034.306061][T13832] netlink: 'syz.0.3276': attribute type 10 has an invalid length.
[ 1034.477815][T13833] netlink: 'syz.0.3276': attribute type 10 has an invalid length.
[ 1034.588232][T13832] team0: Port device dummy0 added
[ 1034.632646][T13833] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1034.708013][T13833] team0: Failed to send options change via netlink (err -105)
[ 1034.733015][T13833] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1034.745436][T13833] team0: Port device dummy0 removed
[ 1034.771059][T13833] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1034.859687][ T3776] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1034.868117][ T3776] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1035.165086][T13165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1035.173698][T13165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1035.698669][ T5794] Bluetooth: hci5: command 0x0406 tx timeout
[ 1036.286977][T12946] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1036.872424][T13851] syz.3.3200 (13851) used greatest stack depth: 4488 bytes left
[ 1037.253828][T12946] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1037.330628][T12946] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1037.339441][T12946] usb 2-1: can't read configurations, error -71
[ 1037.679857][T13861] netlink: 'syz.3.3287': attribute type 10 has an invalid length.
[ 1037.855039][T13861] team0: Port device dummy0 added
[ 1037.963072][T13861] netlink: 'syz.3.3287': attribute type 10 has an invalid length.
[ 1037.976734][T13861] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1038.115577][T13861] team0: Failed to send options change via netlink (err -105)
[ 1038.125040][T13861] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1038.136493][T13861] team0: Port device dummy0 removed
[ 1038.161602][T13861] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1038.456088][T13868] loop1: detected capacity change from 0 to 512
[ 1038.650240][T13868] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1038.850264][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1038.872867][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1038.888269][T13868] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.3290: invalid indirect mapped block 4294967295 (level 1)
[ 1038.917771][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1038.957247][T13868] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.3290: invalid indirect mapped block 4294967295 (level 1)
[ 1038.993085][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1039.006878][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1039.127721][T13868] EXT4-fs (loop1): 2 truncates cleaned up
[ 1039.141001][T13868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1039.789170][T13879] warn_alloc: 1 callbacks suppressed
[ 1039.789255][T13879] syz.3.3292: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1039.811507][T13879] CPU: 0 UID: 0 PID: 13879 Comm: syz.3.3292 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1039.811694][T13879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1039.811792][T13879] Call Trace:
[ 1039.811850][T13879]  <TASK>
[ 1039.811908][T13879]  __dump_stack+0x26/0x30
[ 1039.812109][T13879]  dump_stack_lvl+0x1df/0x270
[ 1039.812316][T13879]  dump_stack+0x1e/0x25
[ 1039.812509][T13879]  warn_alloc+0x470/0x690
[ 1039.812745][T13879]  ? kmsan_get_metadata+0xfb/0x160
[ 1039.812982][T13879]  __vmalloc_node_range_noprof+0x133/0x2360
[ 1039.813197][T13879]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1039.813451][T13879]  ? should_fail_ex+0x45/0x8a0
[ 1039.813641][T13879]  ? kmsan_get_metadata+0xfb/0x160
[ 1039.813863][T13879]  ? kmsan_get_metadata+0xfb/0x160
[ 1039.814169][T13879]  ? kmsan_get_metadata+0xfb/0x160
[ 1039.814421][T13879]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1039.814670][T13879]  ? kmsan_get_metadata+0xfb/0x160
[ 1039.814911][T13879]  vmalloc_user_noprof+0xce/0x140
[ 1039.815118][T13879]  ? xskq_create+0x11d/0x290
[ 1039.815326][T13879]  xskq_create+0x11d/0x290
[ 1039.815531][T13879]  xsk_init_queue+0xfd/0x1d0
[ 1039.815713][T13879]  xsk_setsockopt+0x873/0xc30
[ 1039.815918][T13879]  do_sock_setsockopt+0x4dc/0x820
[ 1039.816093][T13879]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1039.816291][T13879]  __ia32_sys_setsockopt+0x2ac/0x4a0
[ 1039.816511][T13879]  ia32_sys_call+0x41fa/0x42c0
[ 1039.816669][T13879]  __do_fast_syscall_32+0xb0/0x150
[ 1039.816867][T13879]  do_fast_syscall_32+0x38/0x80
[ 1039.817045][T13879]  do_SYSENTER_32+0x1f/0x30
[ 1039.817216][T13879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1039.817458][T13879] RIP: 0023:0xf7f51539
[ 1039.817574][T13879] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1039.817719][T13879] RSP: 002b:00000000f505555c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1039.817876][T13879] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[ 1039.817984][T13879] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[ 1039.818087][T13879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1039.818182][T13879] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1039.818278][T13879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1039.818420][T13879]  </TASK>
[ 1040.070670][T13879] Mem-Info:
[ 1040.077840][T13879] active_anon:21495 inactive_anon:0 isolated_anon:0
[ 1040.077840][T13879]  active_file:9677 inactive_file:51493 isolated_file:0
[ 1040.077840][T13879]  unevictable:768 dirty:142 writeback:0
[ 1040.077840][T13879]  slab_reclaimable:2957 slab_unreclaimable:23319
[ 1040.077840][T13879]  mapped:31183 shmem:17089 pagetables:1526
[ 1040.077840][T13879]  sec_pagetables:0 bounce:0
[ 1040.077840][T13879]  kernel_misc_reclaimable:0
[ 1040.077840][T13879]  free:331024 free_pcp:13049 free_cma:0
[ 1040.124090][T13879] Node 0 active_anon:85504kB inactive_anon:0kB active_file:38708kB inactive_file:205768kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124728kB dirty:564kB writeback:0kB shmem:66344kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5216kB pagetables:5740kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1040.158870][T13879] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:364kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1040.195755][T13879] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1040.229402][T13879] lowmem_reserve[]: 0 930 1243 1243 1243
[ 1040.235999][T13879] Node 0 DMA32 free:396768kB boost:0kB min:36868kB low:46084kB high:55300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:61856kB inactive_anon:0kB active_file:38436kB inactive_file:120524kB unevictable:0kB writepending:520kB present:3129332kB managed:953032kB mlocked:0kB bounce:0kB free_pcp:41512kB local_pcp:18668kB free_cma:0kB
[ 1040.274928][T13879] lowmem_reserve[]: 0 0 312 312 312
[ 1040.282483][T13879] Node 0 Normal free:16028kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22492kB inactive_anon:0kB active_file:272kB inactive_file:85244kB unevictable:1536kB writepending:44kB present:1048580kB managed:320456kB mlocked:0kB bounce:0kB free_pcp:11492kB local_pcp:5596kB free_cma:0kB
[ 1040.315268][T13879] lowmem_reserve[]: 0 0 0 0 0
[ 1040.321128][T13879] Node 1 Normal free:907884kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:987204kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1040.352731][T13879] lowmem_reserve[]: 0 0 0 0 0
[ 1040.362960][T13879] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB
[ 1040.373080][T13874] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1040.378668][T13879] Node 0 DMA32: 3087*4kB (M) 2356*8kB (UME) 1811*16kB (ME) 1408*32kB (UM) 947*64kB (M) 421*128kB (M) 166*256kB (ME) 66*512kB (M) 21*1024kB (ME) 21*2048kB (UME) 9*4096kB (M) = 397388kB
[ 1040.409157][T13879] Node 0 Normal: 53*4kB (UME) 249*8kB (UME) 122*16kB (ME) 59*32kB (ME) 14*64kB (ME) 21*128kB (UME) 3*256kB (ME) 1*512kB (E) 1*1024kB (U) 2*2048kB (UM) 0*4096kB = 16028kB
[ 1040.428833][T13879] Node 1 Normal: 5*4kB (UE) 13*8kB (UME) 17*16kB (UME) 19*32kB (UME) 22*64kB (UME) 10*128kB (UME) 10*256kB (UME) 7*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 215*4096kB (M) = 907884kB
[ 1040.449811][T13879] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1040.460190][T13879] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1040.474757][T13879] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1040.487123][T13879] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1040.497014][T13879] 77598 total pagecache pages
[ 1040.502054][T13879] 0 pages in swap cache
[ 1040.506728][T13879] Free swap  = 124996kB
[ 1040.511142][T13879] Total swap = 124996kB
[ 1040.515738][T13879] 2097051 pages RAM
[ 1040.520159][T13879] 0 pages HighMem/MovableOnly
[ 1040.525201][T13879] 1530854 pages reserved
[ 1040.529873][T13879] 0 pages cma reserved
[ 1040.605140][T13884] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3293'.
[ 1040.622309][T13886] loop2: detected capacity change from 0 to 512
[ 1040.636151][T13877] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1040.643056][T13877] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1040.652521][T13877] vhci_hcd vhci_hcd.0: Device attached
[ 1040.744002][T13885] netlink: 96 bytes leftover after parsing attributes in process `syz.1.3290'.
[ 1040.797651][T13886] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1040.878431][T13874] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1040.967445][T12946] usb 38-1: SetAddress Request (2) to port 0
[ 1040.979122][T12946] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1041.038147][T13886] EXT4-fs (loop2): 1 orphan inode deleted
[ 1041.047813][T13886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1041.067044][T13870] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[ 1041.091234][   T60] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1041.102083][   T60] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[ 1041.158505][T13886] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1041.175918][T12779] Bluetooth: hci2: command tx timeout
[ 1041.569761][T13874] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.741432][T13877] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1041.953694][T13887] vhci_hcd: connection reset by peer
[ 1041.962377][T13165] vhci_hcd: stop threads
[ 1041.964602][T13032] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1041.967847][T13165] vhci_hcd: release socket
[ 1041.968003][T13165] vhci_hcd: disconnect device
[ 1042.022316][T13874] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.279326][ T5844] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1042.391583][T13871] chnl_net:caif_netlink_parms(): no params data found
[ 1042.560087][ T5844] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1042.568870][ T5844] usb 4-1: config 0 has no interface number 0
[ 1042.639591][T13874] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1042.676556][T13874] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1042.710882][T13874] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1042.753544][T13874] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1042.836820][ T5844] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1042.846594][ T5844] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1042.855006][ T5844] usb 4-1: Product: syz
[ 1042.859737][ T5844] usb 4-1: Manufacturer: syz
[ 1042.864715][ T5844] usb 4-1: SerialNumber: syz
[ 1043.058262][ T5844] usb 4-1: config 0 descriptor??
[ 1043.233607][T12779] Bluetooth: hci2: command tx timeout
[ 1043.393961][ T5844] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1043.469370][T12778] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1043.470556][ T5844] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1043.492986][ T5844] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 1043.501951][ T5844] usb 4-1: media controller created
[ 1043.695569][ T5844] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1044.164518][ T5844] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[ 1044.707152][   T11] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1044.808059][ T5844] usb 4-1: USB disconnect, device number 4
[ 1045.335507][T12779] Bluetooth: hci2: command tx timeout
[ 1045.661718][T13871] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1045.672049][T13871] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1045.680843][T13871] bridge_slave_0: entered allmulticast mode
[ 1045.700733][T13871] bridge_slave_0: entered promiscuous mode
[ 1045.913292][T13871] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1045.921781][T13871] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1045.930563][T13871] bridge_slave_1: entered allmulticast mode
[ 1045.944336][T13871] bridge_slave_1: entered promiscuous mode
[ 1046.044643][T12946] usb 38-1: device descriptor read/8, error -110
[ 1046.129899][T13922] netlink: 'syz.2.3303': attribute type 10 has an invalid length.
[ 1046.149891][   T11] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1046.178397][   T11] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1046.187441][   T11] usb 1-1: can't read configurations, error -71
[ 1046.241533][T13924] netlink: 'syz.2.3303': attribute type 10 has an invalid length.
[ 1046.457368][T13920] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 1046.464361][T13920] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1046.473159][T13920] vhci_hcd vhci_hcd.0: Device attached
[ 1046.484778][T12946] usb usb38-port1: attempt power cycle
[ 1046.633065][T13923] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1046.658773][T13927] loop1: detected capacity change from 0 to 512
[ 1046.856954][T13922] bond0: (slave dummy0): Releasing backup interface
[ 1046.887271][ T5844] usb 36-1: SetAddress Request (2) to port 0
[ 1046.893867][ T5844] usb 36-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1046.920602][T13922] dummy0: left promiscuous mode
[ 1046.945299][T13922] team0: Port device dummy0 added
[ 1047.025215][T13923] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1047.150737][T12946] usb usb38-port1: unable to enumerate USB device
[ 1047.181054][T13929] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1047.187948][T13929] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1047.196837][T13929] vhci_hcd vhci_hcd.0: Device attached
[ 1047.263742][T13924] team0: Port device dummy0 removed
[ 1047.284424][T13924] dummy0: entered promiscuous mode
[ 1047.294706][T13924] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1047.340438][T13871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1047.386888][T12779] Bluetooth: hci2: command tx timeout
[ 1047.405814][T13930] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1047.439669][T13927] EXT4-fs (loop1): 1 orphan inode deleted
[ 1047.448974][T13927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1047.478185][ T1805] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1047.489000][ T1805] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[ 1047.557373][T13933] loop0: detected capacity change from 0 to 512
[ 1047.575323][T13927] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1047.585024][T13923] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1047.593465][T13936] loop3: detected capacity change from 0 to 512
[ 1047.605746][T13900] usb 40-1: SetAddress Request (2) to port 0
[ 1047.612849][T13900] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1047.688594][T13871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1047.889124][T13933] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1047.902830][T13933] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1047.954113][T13930] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1047.977480][T13920] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1048.058956][T13936] EXT4-fs (loop3): 1 orphan inode deleted
[ 1048.060463][T13923] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.068918][T13936] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1048.093357][T13933] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3305: corrupted inode contents
[ 1048.113528][ T3705] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1048.124293][ T3705] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:12: Failed to release dquot type 1
[ 1048.133950][T13925] vhci_hcd: connection reset by peer
[ 1048.168526][ T3776] vhci_hcd: stop threads
[ 1048.173080][ T3776] vhci_hcd: release socket
[ 1048.178205][ T3776] vhci_hcd: disconnect device
[ 1048.224536][T13933] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3305: mark_inode_dirty error
[ 1048.242267][T13936] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1048.315796][T13933] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3305: corrupted inode contents
[ 1048.438545][T13943] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3305: corrupted inode contents
[ 1048.467909][T13930] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.494716][T13929] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1048.507839][T13943] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3305: mark_inode_dirty error
[ 1048.561506][T13943] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3305: corrupted inode contents
[ 1048.604073][T13871] team0: Port device team_slave_0 added
[ 1048.625655][T13935] vhci_hcd: connection reset by peer
[ 1048.669787][T13943] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.3305: mark_inode_dirty error
[ 1048.711617][T13943] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.3305: corrupted inode contents
[ 1048.754228][T13943] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.3305: mark_inode_dirty error
[ 1048.791192][ T3705] vhci_hcd: stop threads
[ 1048.796034][ T3705] vhci_hcd: release socket
[ 1048.801141][ T3705] vhci_hcd: disconnect device
[ 1048.835274][T13930] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1048.895065][T13871] team0: Port device team_slave_1 added
[ 1049.272329][T13923] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.310431][T13923] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.345574][T13923] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.393693][T13923] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.415235][T13334] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1049.422022][T13871] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1049.431987][T13871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.459597][T13871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1049.632798][T13871] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1049.641920][T13871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.670126][T13871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1049.750106][T13930] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.792094][T13930] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.827631][T13930] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.864840][T13930] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1050.338291][T13032] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1050.453615][T13871] hsr_slave_0: entered promiscuous mode
[ 1050.465366][T13871] hsr_slave_1: entered promiscuous mode
[ 1050.475466][T13871] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1050.484028][T13871] Cannot create hsr debugfs directory
[ 1050.569845][T13594] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.023573][ T5844] usb 36-1: device descriptor read/8, error -110
[ 1052.219540][T13958] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3312'.
[ 1052.482036][ T5844] usb usb36-port1: attempt power cycle
[ 1052.737406][T13900] usb 40-1: device descriptor read/8, error -110
[ 1053.196625][ T5844] usb usb36-port1: unable to enumerate USB device
[ 1053.205045][T13900] usb usb40-port1: attempt power cycle
[ 1054.157967][T13900] usb usb40-port1: unable to enumerate USB device
[ 1054.206119][T13871] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1054.237242][T13871] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1054.498340][T13871] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1054.618394][T13871] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1054.685008][T13964] syz.2.3313: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1054.705728][T13964] CPU: 1 UID: 0 PID: 13964 Comm: syz.2.3313 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1054.705918][T13964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.706016][T13964] Call Trace:
[ 1054.706077][T13964]  <TASK>
[ 1054.706135][T13964]  __dump_stack+0x26/0x30
[ 1054.706345][T13964]  dump_stack_lvl+0x1df/0x270
[ 1054.706546][T13964]  dump_stack+0x1e/0x25
[ 1054.706732][T13964]  warn_alloc+0x470/0x690
[ 1054.706969][T13964]  ? kmsan_get_metadata+0xfb/0x160
[ 1054.707208][T13964]  __vmalloc_node_range_noprof+0x133/0x2360
[ 1054.707432][T13964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1054.707682][T13964]  ? should_fail_ex+0x45/0x8a0
[ 1054.707877][T13964]  ? kmsan_get_metadata+0xfb/0x160
[ 1054.708100][T13964]  ? kmsan_get_metadata+0xfb/0x160
[ 1054.708329][T13964]  ? kmsan_get_metadata+0xfb/0x160
[ 1054.708536][T13964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1054.708777][T13964]  ? kmsan_get_metadata+0xfb/0x160
[ 1054.709012][T13964]  vmalloc_user_noprof+0xce/0x140
[ 1054.709211][T13964]  ? xskq_create+0x11d/0x290
[ 1054.709415][T13964]  xskq_create+0x11d/0x290
[ 1054.709616][T13964]  xsk_init_queue+0xfd/0x1d0
[ 1054.709803][T13964]  xsk_setsockopt+0x873/0xc30
[ 1054.710009][T13964]  do_sock_setsockopt+0x4dc/0x820
[ 1054.710191][T13964]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1054.710390][T13964]  __ia32_sys_setsockopt+0x2ac/0x4a0
[ 1054.710601][T13964]  ia32_sys_call+0x41fa/0x42c0
[ 1054.710755][T13964]  __do_fast_syscall_32+0xb0/0x150
[ 1054.710949][T13964]  do_fast_syscall_32+0x38/0x80
[ 1054.711125][T13964]  do_SYSENTER_32+0x1f/0x30
[ 1054.711301][T13964]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1054.711509][T13964] RIP: 0023:0xf7f13539
[ 1054.711624][T13964] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1054.711769][T13964] RSP: 002b:00000000f501555c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1054.711926][T13964] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[ 1054.712033][T13964] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[ 1054.712134][T13964] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1054.712230][T13964] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1054.712335][T13964] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1054.712472][T13964]  </TASK>
[ 1054.958758][T13964] Mem-Info:
[ 1054.962163][T13964] active_anon:7270 inactive_anon:0 isolated_anon:0
[ 1054.962163][T13964]  active_file:9677 inactive_file:51489 isolated_file:0
[ 1054.962163][T13964]  unevictable:768 dirty:174 writeback:0
[ 1054.962163][T13964]  slab_reclaimable:2923 slab_unreclaimable:23520
[ 1054.962163][T13964]  mapped:30159 shmem:2886 pagetables:1498
[ 1054.962163][T13964]  sec_pagetables:0 bounce:0
[ 1054.962163][T13964]  kernel_misc_reclaimable:0
[ 1054.962163][T13964]  free:349560 free_pcp:14715 free_cma:0
[ 1055.013835][T13964] Node 0 active_anon:29080kB inactive_anon:0kB active_file:38708kB inactive_file:205752kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:120636kB dirty:692kB writeback:0kB shmem:10008kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5168kB pagetables:5628kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1055.049476][T13964] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:364kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1055.082012][T13964] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1055.116049][T13964] lowmem_reserve[]: 0 930 1243 1243 1243
[ 1055.124101][T13964] Node 0 DMA32 free:472408kB boost:0kB min:36868kB low:46084kB high:55300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8396kB inactive_anon:0kB active_file:38436kB inactive_file:120508kB unevictable:0kB writepending:620kB present:3129332kB managed:953032kB mlocked:0kB bounce:0kB free_pcp:44920kB local_pcp:22388kB free_cma:0kB
[ 1055.157474][T13964] lowmem_reserve[]: 0 0 312 312 312
[ 1055.163480][T13964] Node 0 Normal free:16028kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20684kB inactive_anon:0kB active_file:272kB inactive_file:85244kB unevictable:1536kB writepending:72kB present:1048580kB managed:320456kB mlocked:0kB bounce:0kB free_pcp:13564kB local_pcp:6292kB free_cma:0kB
[ 1055.198601][T13964] lowmem_reserve[]: 0 0 0 0 0
[ 1055.204081][T13964] Node 1 Normal free:907884kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:987204kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1055.236129][T13964] lowmem_reserve[]: 0 0 0 0 0
[ 1055.247903][T13964] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB
[ 1055.261724][T13964] Node 0 DMA32: 2489*4kB (UM) 1872*8kB (UME) 1440*16kB (UME) 1164*32kB (UM) 870*64kB (UM) 537*128kB (UM) 310*256kB (UME) 121*512kB (UM) 41*1024kB (UME) 19*2048kB (UME) 10*4096kB (M) = 472804kB
[ 1055.283947][T13964] Node 0 Normal: 53*4kB (UME) 249*8kB (UME) 122*16kB (ME) 59*32kB (ME) 14*64kB (ME) 21*128kB (UME) 3*256kB (ME) 1*512kB (E) 1*1024kB (U) 2*2048kB (UM) 0*4096kB = 16028kB
[ 1055.297553][T12946] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1055.304013][T13964] Node 1 Normal: 5*4kB (UE) 13*8kB (UME) 17*16kB (UME) 19*32kB (UME) 22*64kB (UME) 10*128kB (UME) 10*256kB (UME) 7*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 215*4096kB (M) = 907884kB
[ 1055.339229][T13964] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1055.349399][T13964] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1055.359915][T13964] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1055.370228][T13964] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1055.382365][T13964] 64037 total pagecache pages
[ 1055.388098][T13964] 0 pages in swap cache
[ 1055.392583][T13964] Free swap  = 124996kB
[ 1055.397219][T13964] Total swap = 124996kB
[ 1055.401722][T13964] 2097051 pages RAM
[ 1055.405790][T13964] 0 pages HighMem/MovableOnly
[ 1055.411150][T13964] 1530854 pages reserved
[ 1055.415690][T13964] 0 pages cma reserved
[ 1056.269495][ T5794] Bluetooth: hci4: command 0x0406 tx timeout
[ 1056.719646][ T3705] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[ 1056.732642][ T3705] bond1 (unregistering): (slave ip6gretap1): the permanent HWaddr of slave - 1a:40:65:fa:e3:8b - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[ 1056.799979][T12946] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1056.849156][T12946] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1056.858762][T12946] usb 4-1: can't read configurations, error -71
[ 1057.145939][ T3705] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1057.278308][ T3705] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1057.327095][ T3705] bond0 (unregistering): Released all slaves
[ 1057.442878][ T3705] bond1 (unregistering): (slave veth3): Releasing backup interface
[ 1057.480299][T13900] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1057.505280][ T3705] bond1 (unregistering): Released all slaves
[ 1057.614654][ T3705] bond2 (unregistering): (slave veth5): Releasing backup interface
[ 1057.661399][ T3705] bond2 (unregistering): Released all slaves
[ 1057.703685][T13900] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1057.714814][T13900] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1057.726718][T13900] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1057.740212][T13900] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1057.749874][T13900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.833987][ T3705] bond3 (unregistering): Released all slaves
[ 1057.836603][T13900] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1057.849136][T13900] usb 1-1: invalid MIDI out EP 0
[ 1057.931112][T13983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3322'.
[ 1057.964028][ T3705] bond4 (unregistering): (slave veth7): Releasing backup interface
[ 1058.118754][ T3705] bond4 (unregistering): Released all slaves
[ 1058.360145][T13408] udevd[13408]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1058.471633][T13900] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1058.608854][T13900] usb 1-1: USB disconnect, device number 17
[ 1059.127029][ T3705] hsr_slave_0: left promiscuous mode
[ 1059.177247][ T3705] hsr_slave_1: left promiscuous mode
[ 1059.794713][ T3705] team0 (unregistering): Port device team_slave_1 removed
[ 1059.875244][T13989] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[ 1059.882164][T13989] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1059.890974][T13989] vhci_hcd vhci_hcd.0: Device attached
[ 1059.908403][ T3705] team0 (unregistering): Port device team_slave_0 removed
[ 1060.111810][T13997] loop3: detected capacity change from 0 to 512
[ 1060.345420][T13992] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1060.528313][T13871] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1060.578048][T11235] usb 40-1: SetAddress Request (6) to port 0
[ 1060.584593][T11235] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[ 1060.605888][T13992] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1060.928459][T13871] 8021q: adding VLAN 0 to HW filter on device team0
[ 1061.158473][T13900] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1061.187233][T13992] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.204214][T13997] EXT4-fs (loop3): 1 orphan inode deleted
[ 1061.213531][T13997] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1061.239841][T13997] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1061.275698][ T3776] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1061.286939][ T3776] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:15: Failed to release dquot type 1
[ 1061.320194][T13161] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1061.328099][T13161] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1061.390537][T13992] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1061.420664][T13900] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1061.432465][T13900] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1061.444832][T13900] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1061.463002][T13900] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1061.474854][T13900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.540829][T13161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1061.549494][T13161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1061.678288][T13900] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1061.687578][T13900] usb 1-1: invalid MIDI out EP 0
[ 1061.716877][T13989] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1061.995353][T13994] vhci_hcd: connection reset by peer
[ 1062.002978][ T4197] vhci_hcd: stop threads
[ 1062.008532][ T4197] vhci_hcd: release socket
[ 1062.013289][ T4197] vhci_hcd: disconnect device
[ 1062.175517][T13992] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.212248][T13992] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.247978][T13992] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.291425][T13992] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.415165][T14008] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3329'.
[ 1062.502196][T13900] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1062.598553][T13900] usb 1-1: USB disconnect, device number 18
[ 1062.737199][T14011] udevd[14011]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1062.776656][ T5842] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1063.029137][ T5842] usb 3-1: Using ep0 maxpacket: 32
[ 1063.078972][ T5842] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1063.087843][ T5842] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1063.100722][ T5842] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1063.111620][ T5842] usb 3-1: config 1 has no interface number 0
[ 1063.118433][ T5842] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1063.129864][ T5842] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1063.143576][ T5842] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1063.154139][ T5842] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1063.362476][T13594] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1063.459283][ T5842] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[ 1063.823904][ T5842] snd_usb_pod 3-1:1.1: set_interface failed
[ 1063.831524][ T5842] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[ 1063.840385][ T5842] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -71
[ 1063.989334][ T5842] usb 3-1: USB disconnect, device number 14
[ 1064.101662][T11295] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1064.327612][T11295] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1064.346689][T11295] usb 1-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1064.360714][T11295] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1064.371052][T11295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.532099][T11295] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1064.542950][T11295] usb 1-1: invalid MIDI out EP 0
[ 1064.558179][ T5842] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1064.844405][T13871] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1065.367647][T14027] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[ 1065.372494][T11295] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1065.374426][T14027] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1065.393372][T14027] vhci_hcd vhci_hcd.0: Device attached
[ 1065.470825][T13413] udevd[13413]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1065.557274][T11295] usb 1-1: USB disconnect, device number 19
[ 1065.705093][T14033] loop1: detected capacity change from 0 to 512
[ 1065.728784][T12018] usb 36-1: SetAddress Request (6) to port 0
[ 1065.735418][T12018] usb 36-1: new SuperSpeed USB device number 6 using vhci_hcd
[ 1065.778852][T11235] usb 40-1: device descriptor read/8, error -110
[ 1066.040637][T14033] EXT4-fs (loop1): 1 orphan inode deleted
[ 1066.050998][T14033] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1066.073480][T13161] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1066.085261][T13161] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[ 1066.150942][T14033] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1066.277293][T11235] usb usb40-port1: attempt power cycle
[ 1066.336600][ T5842] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1066.377246][ T5842] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1066.385443][ T5842] usb 4-1: can't read configurations, error -71
[ 1066.426030][T14027] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1066.439542][T14031] vhci_hcd: connection reset by peer
[ 1066.455107][ T3705] vhci_hcd: stop threads
[ 1066.460252][ T3705] vhci_hcd: release socket
[ 1066.465015][ T3705] vhci_hcd: disconnect device
[ 1066.957965][T11235] usb usb40-port1: unable to enumerate USB device
[ 1066.959464][T14044] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3336'.
[ 1067.218478][T14048] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3338'.
[ 1067.314996][T13032] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1068.167047][T14056] loop1: detected capacity change from 0 to 512
[ 1068.493393][T14056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1068.507584][T14056] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1068.870106][T13871] veth0_vlan: entered promiscuous mode
[ 1068.949227][T14056] EXT4-fs: Ignoring removed orlov option
[ 1068.955904][T14056] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1069.017904][T13871] veth1_vlan: entered promiscuous mode
[ 1069.056997][T14056] EXT4-fs (loop1): can't enable nombcache during remount
[ 1069.286793][T14066] loop3: detected capacity change from 0 to 2048
[ 1069.371909][T14066] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362
[ 1069.465653][T13871] veth0_macvtap: entered promiscuous mode
[ 1069.522450][T14066] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1069.580451][T13871] veth1_macvtap: entered promiscuous mode
[ 1069.639580][T14066] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1069.672631][T13032] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1069.693024][T14066] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1069.811663][T14071] loop2: detected capacity change from 0 to 128
[ 1069.875916][T13871] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1069.946984][   T30] audit: type=1800 audit(1750618214.158:417): pid=14066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3343" name="file1" dev="loop3" ino=1346 res=0 errno=0
[ 1070.039994][T13871] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1070.119154][   T30] audit: type=1800 audit(1750618214.218:418): pid=14070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3345" name="file2" dev="loop2" ino=1048635 res=0 errno=0
[ 1070.176589][T13871] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.187145][T13871] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.196626][T13871] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.206523][T13871] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1070.599487][T12946] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1070.868665][T12946] usb 3-1: config 160 has an invalid interface number: 200 but max is 0
[ 1070.881772][T12946] usb 3-1: config 160 has an invalid descriptor of length 8, skipping remainder of the config
[ 1070.894039][T12946] usb 3-1: config 160 has no interface number 0
[ 1070.900975][T12946] usb 3-1: config 160 interface 200 has no altsetting 0
[ 1070.947223][T12018] usb 36-1: device descriptor read/8, error -110
[ 1071.068792][T12946] usb 3-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[ 1071.083499][T12946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.093453][T12946] usb 3-1: Product: syz
[ 1071.098189][T12946] usb 3-1: Manufacturer: syz
[ 1071.103156][T12946] usb 3-1: SerialNumber: syz
[ 1071.410177][T12018] usb usb36-port1: attempt power cycle
[ 1071.426724][ T5842] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1071.523746][T14069] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[ 1071.532313][T14069] FAT-fs (loop2): Filesystem has been set read-only
[ 1071.539869][T14069] syz.2.3345: attempt to access beyond end of device
[ 1071.539869][T14069] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128
[ 1071.554218][T14069] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[ 1071.562634][T14069] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[ 1071.710876][ T5842] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1071.719721][ T5842] usb 1-1: config 0 has no interface number 0
[ 1071.779013][ T5842] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1071.788797][ T5842] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.801256][ T5842] usb 1-1: Product: syz
[ 1071.805734][ T5842] usb 1-1: Manufacturer: syz
[ 1071.812222][ T5842] usb 1-1: SerialNumber: syz
[ 1071.852816][ T5842] usb 1-1: config 0 descriptor??
[ 1071.994031][T14070] syz.2.3345: attempt to access beyond end of device
[ 1071.994031][T14070] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1072.013343][T14070] syz.2.3345: attempt to access beyond end of device
[ 1072.013343][T14070] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1072.030639][T14070] syz.2.3345: attempt to access beyond end of device
[ 1072.030639][T14070] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1072.044948][T14070] syz.2.3345: attempt to access beyond end of device
[ 1072.044948][T14070] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1072.123159][ T5842] dvb_usb_ec168 1-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[ 1072.144611][T12018] usb usb36-port1: unable to enumerate USB device
[ 1072.198454][ T5842] usb 1-1: USB disconnect, device number 20
[ 1072.358657][T12946] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1072.365986][T12946] usb 3-1: MIDIStreaming interface descriptor not found
[ 1072.571647][T12946] usb 3-1: USB disconnect, device number 15
[ 1073.050141][T13413] udevd[13413]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1073.481927][T14091] syz.1.3351: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1073.498310][T14091] CPU: 0 UID: 0 PID: 14091 Comm: syz.1.3351 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1073.498486][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1073.498582][T14091] Call Trace:
[ 1073.498637][T14091]  <TASK>
[ 1073.498696][T14091]  __dump_stack+0x26/0x30
[ 1073.498890][T14091]  dump_stack_lvl+0x1df/0x270
[ 1073.499104][T14091]  dump_stack+0x1e/0x25
[ 1073.499279][T14091]  warn_alloc+0x470/0x690
[ 1073.499510][T14091]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.499749][T14091]  __vmalloc_node_range_noprof+0x133/0x2360
[ 1073.499967][T14091]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1073.500210][T14091]  ? should_fail_ex+0x45/0x8a0
[ 1073.500399][T14091]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.500616][T14091]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.500825][T14091]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.501044][T14091]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1073.501293][T14091]  ? kmsan_get_metadata+0xfb/0x160
[ 1073.501523][T14091]  vmalloc_user_noprof+0xce/0x140
[ 1073.501717][T14091]  ? xskq_create+0x11d/0x290
[ 1073.501897][T14091]  xskq_create+0x11d/0x290
[ 1073.502101][T14091]  xsk_init_queue+0xfd/0x1d0
[ 1073.502289][T14091]  xsk_setsockopt+0x873/0xc30
[ 1073.502492][T14091]  do_sock_setsockopt+0x4dc/0x820
[ 1073.502667][T14091]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1073.502854][T14091]  __ia32_sys_setsockopt+0x2ac/0x4a0
[ 1073.503060][T14091]  ia32_sys_call+0x41fa/0x42c0
[ 1073.503225][T14091]  __do_fast_syscall_32+0xb0/0x150
[ 1073.503424][T14091]  do_fast_syscall_32+0x38/0x80
[ 1073.503598][T14091]  do_SYSENTER_32+0x1f/0x30
[ 1073.503765][T14091]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1073.503968][T14091] RIP: 0023:0xf7fa8539
[ 1073.504089][T14091] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1073.504232][T14091] RSP: 002b:00000000f50c655c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[ 1073.504386][T14091] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000000011b
[ 1073.504496][T14091] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004
[ 1073.504598][T14091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1073.504695][T14091] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1073.504793][T14091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1073.504927][T14091]  </TASK>
[ 1073.504987][T14091] Mem-Info:
[ 1073.777124][T14091] active_anon:7468 inactive_anon:0 isolated_anon:0
[ 1073.777124][T14091]  active_file:9677 inactive_file:51501 isolated_file:0
[ 1073.777124][T14091]  unevictable:768 dirty:79 writeback:0
[ 1073.777124][T14091]  slab_reclaimable:2884 slab_unreclaimable:22853
[ 1073.777124][T14091]  mapped:30265 shmem:2889 pagetables:1559
[ 1073.777124][T14091]  sec_pagetables:0 bounce:0
[ 1073.777124][T14091]  kernel_misc_reclaimable:0
[ 1073.777124][T14091]  free:352415 free_pcp:14341 free_cma:0
[ 1073.823975][T14091] Node 0 active_anon:29872kB inactive_anon:0kB active_file:38708kB inactive_file:205800kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121056kB dirty:316kB writeback:0kB shmem:10020kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:5104kB pagetables:5872kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1073.864818][T14091] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:32kB pagetables:364kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1073.899094][T14091] Node 0 DMA free:4096kB boost:0kB min:164kB low:204kB high:244kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:4096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1073.928796][T14091] lowmem_reserve[]: 0 930 1243 1243 1243
[ 1073.935240][T14091] Node 0 DMA32 free:481652kB boost:0kB min:36868kB low:46084kB high:55300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:9188kB inactive_anon:0kB active_file:38436kB inactive_file:120556kB unevictable:0kB writepending:300kB present:3129332kB managed:953032kB mlocked:0kB bounce:0kB free_pcp:43736kB local_pcp:22412kB free_cma:0kB
[ 1073.972360][T14091] lowmem_reserve[]: 0 0 312 312 312
[ 1073.980001][T14091] Node 0 Normal free:16028kB boost:0kB min:13004kB low:16252kB high:19500kB reserved_highatomic:0KB free_highatomic:0KB active_anon:20684kB inactive_anon:0kB active_file:272kB inactive_file:85244kB unevictable:1536kB writepending:16kB present:1048580kB managed:320456kB mlocked:0kB bounce:0kB free_pcp:13640kB local_pcp:7284kB free_cma:0kB
[ 1074.015163][T14091] lowmem_reserve[]: 0 0 0 0 0
[ 1074.020943][T14091] Node 1 Normal free:907884kB boost:0kB min:40064kB low:50080kB high:60096kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:987204kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1074.057004][T14091] lowmem_reserve[]: 0 0 0 0 0
[ 1074.062590][T14091] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 1*4096kB (M) = 4096kB
[ 1074.077890][T14091] Node 0 DMA32: 2342*4kB (UM) 1860*8kB (UME) 1436*16kB (UME) 1183*32kB (UM) 871*64kB (UM) 545*128kB (UM) 321*256kB (UME) 127*512kB (UM) 43*1024kB (UME) 19*2048kB (UME) 10*4096kB (M) = 481688kB
[ 1074.101019][T14091] Node 0 Normal: 53*4kB (UME) 249*8kB (UME) 122*16kB (ME) 59*32kB (ME) 14*64kB (ME) 21*128kB (UME) 3*256kB (ME) 1*512kB (E) 1*1024kB (U) 2*2048kB (UM) 0*4096kB = 16028kB
[ 1074.121776][T14091] Node 1 Normal: 5*4kB (UE) 13*8kB (UME) 17*16kB (UME) 19*32kB (UME) 22*64kB (UME) 10*128kB (UME) 10*256kB (UME) 7*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 215*4096kB (M) = 907884kB
[ 1074.143161][T14091] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1074.158064][T14091] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1074.169458][T14091] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1074.180440][T14091] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1074.190376][T14091] 64052 total pagecache pages
[ 1074.195321][T14091] 0 pages in swap cache
[ 1074.200101][T14091] Free swap  = 124996kB
[ 1074.204620][T14091] Total swap = 124996kB
[ 1074.209488][T14091] 2097051 pages RAM
[ 1074.213702][T14091] 0 pages HighMem/MovableOnly
[ 1074.219026][T14091] 1530854 pages reserved
[ 1074.223575][T14091] 0 pages cma reserved
[ 1075.296082][T14110] loop3: detected capacity change from 0 to 64
[ 1075.556765][T14114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3357'.
[ 1075.599794][   T30] audit: type=1800 audit(1750618219.828:419): pid=14110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3356" name="file1" dev="loop3" ino=18 res=0 errno=0
[ 1075.620343][T14110] hfs: request for non-existent node 16777216 in B*Tree
[ 1075.628291][T14110] hfs: request for non-existent node 16777216 in B*Tree
[ 1077.517760][T14135] loop0: detected capacity change from 0 to 128
[ 1077.723649][   T30] audit: type=1800 audit(1750618221.948:420): pid=14135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3362" name="file2" dev="loop0" ino=1048636 res=0 errno=0
[ 1078.437913][T12946] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1078.666049][T12946] usb 1-1: config 160 has an invalid interface number: 200 but max is 0
[ 1078.675158][T12946] usb 1-1: config 160 has an invalid descriptor of length 10, skipping remainder of the config
[ 1078.686314][T12946] usb 1-1: config 160 has no interface number 0
[ 1078.692924][T12946] usb 1-1: config 160 interface 200 has no altsetting 0
[ 1078.825025][T12946] usb 1-1: New USB device found, idVendor=21bb, idProduct=2070, bcdDevice=87.0b
[ 1078.836409][T12946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.845022][T12946] usb 1-1: Product: syz
[ 1078.849761][T12946] usb 1-1: Manufacturer: syz
[ 1078.854760][T12946] usb 1-1: SerialNumber: syz
[ 1079.138940][T14151] loop1: detected capacity change from 0 to 2048
[ 1079.198530][T14154] loop3: detected capacity change from 0 to 64
[ 1079.250088][T14151] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=2362, location=2362
[ 1079.251291][T14134] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[ 1079.269474][T14134] FAT-fs (loop0): Filesystem has been set read-only
[ 1079.281550][T14134] syz.0.3362: attempt to access beyond end of device
[ 1079.281550][T14134] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[ 1079.297814][T14134] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[ 1079.306743][T14134] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[ 1079.324859][T14151] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1079.419937][T14151] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1079.522806][T14151] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1079.767331][T14135] syz.0.3362: attempt to access beyond end of device
[ 1079.767331][T14135] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1079.781714][T14135] syz.0.3362: attempt to access beyond end of device
[ 1079.781714][T14135] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1079.798885][T14135] syz.0.3362: attempt to access beyond end of device
[ 1079.798885][T14135] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1079.813815][T14135] syz.0.3362: attempt to access beyond end of device
[ 1079.813815][T14135] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[ 1080.078170][T12946] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1080.087863][T12946] usb 1-1: MIDIStreaming interface descriptor not found
[ 1080.293953][T12946] usb 1-1: USB disconnect, device number 21
[ 1080.463388][T13165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.471843][T13165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1080.675621][T13408] udevd[13408]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:160.200/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1081.074407][ T3776] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.083101][ T3776] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.856712][T12946] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1082.056634][T12946] usb 3-1: Using ep0 maxpacket: 16
[ 1082.120335][T12946] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[ 1082.130251][T12946] usb 3-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[ 1082.144913][T12946] usb 3-1: Product: syz
[ 1082.151413][T12946] usb 3-1: Manufacturer: syz
[ 1082.156804][T12946] usb 3-1: SerialNumber: syz
[ 1082.230211][T12946] usb 3-1: config 0 descriptor??
[ 1082.330085][T12946] usb 3-1: selecting invalid altsetting 1
[ 1082.487514][T14165] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3372'.
[ 1082.499117][T14165] bridge_slave_1: left allmulticast mode
[ 1082.505059][T14165] bridge_slave_1: left promiscuous mode
[ 1082.512398][T14165] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1082.577291][T12946] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1082.613386][T14165] bridge_slave_0: left allmulticast mode
[ 1082.622766][T14165] bridge_slave_0: left promiscuous mode
[ 1082.631661][T14165] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1083.113189][T11295] usb 3-1: USB disconnect, device number 16
[ 1083.258305][T13391] udevd[13391]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1083.415631][T14178] loop3: detected capacity change from 0 to 2048
[ 1083.432214][T14177] loop4: detected capacity change from 0 to 1024
[ 1083.491332][T14178] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362
[ 1083.615038][T14177] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1083.647880][T14178] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1083.706613][T14178] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[ 1083.737209][T14178] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1083.937434][   T30] audit: type=1800 audit(1750618228.148:421): pid=14178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3377" name="file1" dev="loop3" ino=1346 res=0 errno=0
[ 1084.947623][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.010665][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.059004][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.148910][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.223885][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.268697][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.359432][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.433164][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.581637][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1085.647763][T13871] EXT4-fs error (device loop4): ext4_empty_dir:3075: inode #11: comm syz-executor: invalid size
[ 1086.897846][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[ 1087.929588][T14200] binder: BINDER_SET_CONTEXT_MGR already set
[ 1087.936065][T14200] binder: 14199:14200 ioctl 4018620d 80000040 returned -16
[ 1088.203699][T14200] syz.0.3385 (14200): drop_caches: 2
[ 1088.811583][T13871] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1088.846752][ T4197] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.064989][ T4197] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.319702][ T4197] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.345280][T14220] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3393'.
[ 1089.526079][ T4197] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1089.958939][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1090.217446][ T4197] bridge_slave_1: left allmulticast mode
[ 1090.223424][ T4197] bridge_slave_1: left promiscuous mode
[ 1090.238356][ T4197] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1090.297869][ T4197] bridge_slave_0: left allmulticast mode
[ 1090.303960][ T4197] bridge_slave_0: left promiscuous mode
[ 1090.311296][ T4197] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1091.020225][ T4197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1091.077209][ T4197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1091.102420][ T4197] bond0 (unregistering): Released all slaves
[ 1091.705194][ T4197] hsr_slave_0: left promiscuous mode
[ 1091.728265][ T4197] hsr_slave_1: left promiscuous mode
[ 1091.737482][ T4197] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1091.745292][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1091.768586][ T4197] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1091.776579][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1091.808981][ T4197] veth1_macvtap: left promiscuous mode
[ 1091.814843][ T4197] veth0_macvtap: left promiscuous mode
[ 1091.821613][ T4197] veth1_vlan: left promiscuous mode
[ 1091.827506][ T4197] veth0_vlan: left promiscuous mode
[ 1092.782461][T14237] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3401'.
[ 1093.442466][ T4197] team0 (unregistering): Port device team_slave_1 removed
[ 1093.580727][ T4197] team0 (unregistering): Port device team_slave_0 removed
[ 1093.987615][T14237] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3401'.
[ 1094.107765][ T5794] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1094.155156][ T5794] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1094.207095][ T5794] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1094.248063][ T5794] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1094.300162][ T5794] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1096.416716][T12779] Bluetooth: hci0: command tx timeout
[ 1096.480733][T14249] chnl_net:caif_netlink_parms(): no params data found
[ 1097.051052][T14270] sctp: failed to load transform for md5: -2
[ 1098.509942][T12779] Bluetooth: hci0: command tx timeout
[ 1098.683319][T14249] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1098.692515][T14249] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1098.700805][T14249] bridge_slave_0: entered allmulticast mode
[ 1098.711226][T14249] bridge_slave_0: entered promiscuous mode
[ 1098.870399][T14249] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1098.878597][T14249] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1098.886988][T14249] bridge_slave_1: entered allmulticast mode
[ 1098.897501][T14249] bridge_slave_1: entered promiscuous mode
[ 1099.495238][T14249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1099.593785][T14249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1099.949766][T14249] team0: Port device team_slave_0 added
[ 1100.129066][T14249] team0: Port device team_slave_1 added
[ 1100.577726][T12779] Bluetooth: hci0: command tx timeout
[ 1100.685236][T14249] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1100.693396][T14249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1100.720532][T14249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1100.899028][T14249] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1100.906991][T14249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1100.933761][T14249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1101.010513][T14330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3425'.
[ 1101.380048][T14249] hsr_slave_0: entered promiscuous mode
[ 1101.396930][T14249] hsr_slave_1: entered promiscuous mode
[ 1101.407086][T14249] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1101.415004][T14249] Cannot create hsr debugfs directory
[ 1102.126774][T14330] syz.2.3425 (14330) used greatest stack depth: 2376 bytes left
[ 1102.380057][T14351] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3429'.
[ 1102.666688][T12779] Bluetooth: hci0: command tx timeout
[ 1103.918910][T14366] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3433'.
[ 1104.389430][T14371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3433'.
[ 1104.458041][T14249] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1104.635978][T14249] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1104.751968][T14249] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1104.892016][T14249] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1105.232564][T14381] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3437'.
[ 1105.242464][T14381] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3437'.
[ 1105.257403][T14381] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1107.017062][T14249] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1107.288843][T14249] 8021q: adding VLAN 0 to HW filter on device team0
[ 1107.372352][ T4197] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1107.380194][ T4197] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1107.586997][ T4197] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1107.594771][ T4197] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1109.486445][T14420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3447'.
[ 1110.462399][T14249] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1110.531173][T14433] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3451'.
[ 1110.645707][T13165] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1110.654543][T13165] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1110.717104][T12946] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1110.867581][T12946] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1111.167250][T12946] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1112.155835][T14446] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3454'.
[ 1113.375352][T14456] smc: net device bond0 applied user defined pnetid SYZ2
[ 1114.549957][T14249] veth0_vlan: entered promiscuous mode
[ 1114.654672][T14249] veth1_vlan: entered promiscuous mode
[ 1114.817055][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1115.167117][T14249] veth0_macvtap: entered promiscuous mode
[ 1115.302269][T14249] veth1_macvtap: entered promiscuous mode
[ 1115.638244][T14249] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1115.800187][T14249] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1115.941363][T14249] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.951174][T14249] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.960693][T14249] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.969957][T14249] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1118.590658][T14491] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3468'.
[ 1118.724668][T14504] netlink: 392 bytes leftover after parsing attributes in process `syz.3.3472'.
[ 1118.770064][T14491] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3468'.
[ 1119.184710][T14509] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3473'.
[ 1121.881664][T14528] sctp: failed to load transform for md5: -2
[ 1122.740096][ T5794] Bluetooth: hci3: command 0x0406 tx timeout
[ 1123.857021][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1125.738919][T14581] tipc: Started in network mode
[ 1125.744107][T14581] tipc: Node identity 4, cluster identity 4711
[ 1125.751174][T14581] tipc: Node number set to 4
[ 1126.917303][T14600] netlink: 'syz.1.3497': attribute type 1 has an invalid length.
[ 1127.219688][ T4237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1127.228137][ T4237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1127.656047][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1127.664397][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1130.822411][T14634] Driver unsupported XDP return value 0 on prog  (id 183) dev N/A, expect packet loss!
[ 1132.149627][T14651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3517'.
[ 1132.159701][T14651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3517'.
[ 1132.643234][T14659] netlink: 'syz.3.3520': attribute type 2 has an invalid length.
[ 1132.888622][T14661] bond0: (slave dummy0): Releasing backup interface
[ 1133.007265][T14661] bridge_slave_0: left allmulticast mode
[ 1133.013308][T14661] bridge_slave_0: left promiscuous mode
[ 1133.020702][T14661] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.158169][T14661] bridge_slave_1: left allmulticast mode
[ 1133.164315][T14661] bridge_slave_1: left promiscuous mode
[ 1133.171739][T14661] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1133.309491][T14661] bond0: (slave bond_slave_0): Releasing backup interface
[ 1133.479090][T14661] bond0: (slave bond_slave_1): Releasing backup interface
[ 1133.631626][T14661] team0: Port device team_slave_0 removed
[ 1133.763053][T14661] team0: Port device team_slave_1 removed
[ 1133.775381][T14661] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1133.784551][T14661] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1133.836927][T14661] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1133.844760][T14661] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1134.324954][T14662] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1141.140044][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1142.899517][ T5842] IPVS: starting estimator thread 0...
[ 1142.992158][T14743] IPVS: using max 192 ests per chain, 9600 per kthread
[ 1147.892277][T14787] bond_slave_0: entered promiscuous mode
[ 1147.898657][T14787] bond_slave_1: entered promiscuous mode
[ 1147.905068][T14787] vlan2: entered promiscuous mode
[ 1147.910727][T14787] bond0: entered promiscuous mode
[ 1148.144619][T14791] netlink: 2 bytes leftover after parsing attributes in process `syz.5.3575'.
[ 1150.247725][T14816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3583'.
[ 1151.402036][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1160.740646][T14893] raw_sendmsg: syz.3.3615 forgot to set AF_INET. Fix it!
[ 1161.056770][T12946] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1161.262021][T12946] usb 1-1: Using ep0 maxpacket: 8
[ 1161.330868][T12946] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[ 1161.340291][T12946] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1161.353133][T12946] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1161.363682][T12946] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[ 1161.375644][T12946] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1161.390714][T12946] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1161.410692][T12946] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1161.422271][T12946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.813121][T12946] usb 1-1: GET_CAPABILITIES returned 2f
[ 1161.819774][T12946] usbtmc 1-1:16.0: can't read capabilities
[ 1162.096696][ T5842] usb 1-1: USB disconnect, device number 22
[ 1162.667144][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3618'.
[ 1162.676841][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3618'.
[ 1162.686437][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3618'.
[ 1162.731897][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3618'.
[ 1162.742348][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3618'.
[ 1163.989729][T14913] tipc: Started in network mode
[ 1163.995803][T14913] tipc: Node identity 6a75103932d6, cluster identity 4711
[ 1164.004673][T14913] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1164.222258][T14913] syzkaller0: entered promiscuous mode
[ 1164.228413][T14913] syzkaller0: entered allmulticast mode
[ 1164.238167][T14913] tipc: Resetting bearer <eth:syzkaller0>
[ 1164.398381][T14912] tipc: Resetting bearer <eth:syzkaller0>
[ 1164.635587][T14912] tipc: Disabling bearer <eth:syzkaller0>
[ 1166.756460][   T30] audit: type=1800 audit(1750618310.968:422): pid=14927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3628" name="cgroup.controllers" dev="tmpfs" ino=575 res=0 errno=0
[ 1168.599226][T14952] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1168.786832][T14954] syzkaller0: entered promiscuous mode
[ 1168.793194][T14954] syzkaller0: entered allmulticast mode
[ 1168.803758][T14954] tipc: Resetting bearer <eth:syzkaller0>
[ 1168.961332][T14951] tipc: Resetting bearer <eth:syzkaller0>
[ 1169.151070][T14951] tipc: Disabling bearer <eth:syzkaller0>
[ 1175.567736][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[ 1175.578428][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[ 1175.588102][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[ 1175.697283][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1175.699792][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[ 1175.714767][T15008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3660'.
[ 1177.892552][T15021] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3666'.
[ 1177.902582][T15021] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1178.152380][T15021] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1179.347995][T15037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3674'.
[ 1179.357525][T15037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3674'.
[ 1179.367243][T15037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3674'.
[ 1179.507594][T15039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3674'.
[ 1183.547720][T15086] syzkaller0: entered promiscuous mode
[ 1183.553536][T15086] syzkaller0: entered allmulticast mode
[ 1185.763812][T15115] __nla_validate_parse: 1 callbacks suppressed
[ 1185.763906][T15115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3708'.
[ 1185.785938][T15115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3708'.
[ 1187.230114][T15129] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.658424][T15129] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.914189][T15129] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.161172][T15129] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.702793][T15129] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.743172][T15129] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.782811][T15129] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1188.825620][T15129] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1191.837511][T15183] netlink: 'syz.5.3734': attribute type 9 has an invalid length.
[ 1194.464378][T15205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3744'.
[ 1194.478259][T15205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3744'.
[ 1201.942419][T15293] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3781'.
[ 1202.448862][T15300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1202.464627][T15300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1202.477280][T15300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1202.599203][T15302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1202.608781][T15302] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'.
[ 1204.850535][T15329] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3796'.
[ 1205.805184][T15341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3800'.
[ 1205.815141][T15341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3800'.
[ 1205.824863][T15341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3800'.
[ 1207.762315][T15368] __nla_validate_parse: 2 callbacks suppressed
[ 1207.762410][T15368] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3812'.
[ 1209.358359][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3818'.
[ 1209.368255][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3818'.
[ 1209.378136][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3818'.
[ 1209.471932][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3818'.
[ 1209.481737][T15383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3818'.
[ 1211.499343][T15403] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3828'.
[ 1211.538753][T15401] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3827'.
[ 1212.117467][T15405] netlink: 'syz.5.3829': attribute type 4 has an invalid length.
[ 1212.125723][T15405] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3829'.
[ 1212.848840][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1212.918675][T15415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3833'.
[ 1212.929264][T15415] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3833'.
[ 1214.910722][T15437] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3842'.
[ 1216.322808][T15450] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3848'.
[ 1216.333523][T15450] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3848'.
[ 1218.087322][T15468] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3856'.
[ 1219.126772][T15482] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[ 1219.390366][T15483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3862'.
[ 1219.400058][T15483] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3862'.
[ 1222.377406][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3877'.
[ 1222.387115][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3877'.
[ 1222.397265][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3877'.
[ 1222.461105][T15511] sctp: failed to load transform for md5: -2
[ 1222.539699][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3877'.
[ 1222.549382][T15521] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3877'.
[ 1225.669873][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1225.679326][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1225.688871][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1225.734500][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1225.744277][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1225.754028][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1225.848057][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1225.857550][T15559] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3893'.
[ 1225.871475][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1225.881231][T15558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1226.227925][T15563] netlink: 'syz.5.3894': attribute type 1 has an invalid length.
[ 1226.981749][T15575] netlink: 'syz.3.3900': attribute type 9 has an invalid length.
[ 1228.792251][T15592] Bluetooth: MGMT ver 1.23
[ 1229.811200][T15603] netlink: 'syz.3.3912': attribute type 1 has an invalid length.
[ 1231.801456][T15630] __nla_validate_parse: 7 callbacks suppressed
[ 1231.801549][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3924'.
[ 1231.818319][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3924'.
[ 1231.827864][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3924'.
[ 1231.907471][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3924'.
[ 1231.918082][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3924'.
[ 1234.876694][T15659] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3934'.
[ 1234.997954][T15659] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3934'.
[ 1236.157679][T15670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3939'.
[ 1236.168017][T15670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3939'.
[ 1236.178226][T15670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3939'.
[ 1242.861799][T15742] __nla_validate_parse: 2 callbacks suppressed
[ 1242.861893][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3967'.
[ 1242.878108][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3967'.
[ 1242.887965][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3967'.
[ 1242.969749][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3967'.
[ 1242.979440][T15742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3967'.
[ 1248.660950][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1250.006926][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[ 1250.017690][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[ 1250.027630][T15813] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[ 1250.114933][T15817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[ 1250.125249][T15817] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3998'.
[ 1253.933540][T15857] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1253.943183][T15857] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1253.952976][T15857] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1254.050669][T15861] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1254.060368][T15861] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4017'.
[ 1257.226653][T15894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4034'.
[ 1257.237277][T15894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4034'.
[ 1257.252223][T15894] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4034'.
[ 1257.324869][T15895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4034'.
[ 1257.335388][T15895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4034'.
[ 1259.760764][T15927] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4048'.
[ 1260.897148][T15935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4052'.
[ 1260.906995][T15935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4052'.
[ 1260.916706][T15935] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4052'.
[ 1261.059195][T15936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4052'.
[ 1264.144413][T15970] __nla_validate_parse: 2 callbacks suppressed
[ 1264.144516][T15970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4069'.
[ 1264.160892][T15970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4069'.
[ 1264.171028][T15970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4069'.
[ 1264.252162][T15973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4069'.
[ 1264.263736][T15973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4069'.
[ 1265.528908][T15988] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4076'.
[ 1265.543890][T15988] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4076'.
[ 1265.688265][T15989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4075'.
[ 1265.698018][T15989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4075'.
[ 1265.707706][T15989] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4075'.
[ 1268.105504][T16016] af_packet: tpacket_rcv: packet too big, clamped from 32 to 4294967272. macoff=96
[ 1271.339758][T16055] __nla_validate_parse: 8 callbacks suppressed
[ 1271.339855][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1271.355913][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1271.365361][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1271.523042][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1271.533060][T16055] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4099'.
[ 1274.287575][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1274.537393][T16083] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4108'.
[ 1275.324163][T16093] netlink: 'syz.0.4112': attribute type 58 has an invalid length.
[ 1275.332620][T16093] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4112'.
[ 1278.756953][T16132] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4124'.
[ 1279.656743][T16140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4128'.
[ 1280.625331][T16146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4132'.
[ 1280.637150][T16146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4132'.
[ 1280.646912][T16146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4132'.
[ 1280.754966][T16153] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4132'.
[ 1280.765331][T16153] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4132'.
[ 1282.502500][T16165] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4139'.
[ 1283.035638][T16169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1283.045049][T16169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4141'.
[ 1286.170462][T16206] __nla_validate_parse: 1 callbacks suppressed
[ 1286.170556][T16206] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4155'.
[ 1289.599364][T16238] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4169'.
[ 1293.312783][T16279] netlink: 52 bytes leftover after parsing attributes in process `syz.2.4186'.
[ 1296.369063][T16307] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4198'.
[ 1296.618113][T16309] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4199'.
[ 1296.628128][T16309] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4199'.
[ 1300.188873][T16348] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4214'.
[ 1300.198497][T16348] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4214'.
[ 1300.243197][T16349] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.399648][T16349] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.637858][T16349] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1300.875646][T16349] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1301.488283][T16349] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1301.524035][T16349] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1301.563730][T16349] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1301.609439][T16349] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1303.827687][T16387] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4228'.
[ 1303.842960][T16387] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4228'.
[ 1307.789683][T16424] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4244'.
[ 1307.800116][T16424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4244'.
[ 1311.543359][T16457] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4257'.
[ 1311.554657][T16457] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4257'.
[ 1315.176723][T16489] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4270'.
[ 1315.186861][T16489] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4270'.
[ 1319.618367][T16524] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4283'.
[ 1319.628232][T16524] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4283'.
[ 1323.050328][T16554] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4296'.
[ 1323.060548][T16554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4296'.
[ 1325.927688][T16586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4309'.
[ 1325.938897][T16586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4309'.
[ 1325.949857][T16586] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4309'.
[ 1326.049982][T16588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4309'.
[ 1326.065506][T16588] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4309'.
[ 1326.164227][T16589] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4310'.
[ 1326.176620][T16589] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4310'.
[ 1328.241365][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'.
[ 1328.250817][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'.
[ 1328.260575][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'.
[ 1328.379107][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'.
[ 1328.389040][T16607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4317'.
[ 1329.677819][T16622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4323'.
[ 1329.688471][T16622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4323'.
[ 1329.698645][T16622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4323'.
[ 1329.788529][T16625] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4323'.
[ 1329.799766][T16625] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4323'.
[ 1331.087028][T16639] lo: entered promiscuous mode
[ 1331.092495][T16639] lo: entered allmulticast mode
[ 1331.163189][T16639] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1333.377888][T16667] __nla_validate_parse: 7 callbacks suppressed
[ 1333.377985][T16667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4339'.
[ 1333.393844][T16667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4339'.
[ 1333.403654][T16667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4339'.
[ 1333.462468][T16667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4339'.
[ 1333.472422][T16667] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4339'.
[ 1334.679602][T16678] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4345'.
[ 1334.691610][T16678] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4345'.
[ 1335.167363][T16676] sctp: failed to load transform for md5: -2
[ 1335.724595][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1336.323939][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4350'.
[ 1336.334469][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4350'.
[ 1336.345785][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4350'.
[ 1338.947837][T16721] __nla_validate_parse: 8 callbacks suppressed
[ 1338.947936][T16721] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4361'.
[ 1338.967950][T16721] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4361'.
[ 1339.800185][T16731] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4364'.
[ 1340.819755][T16743] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4368'.
[ 1340.829755][T16743] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4368'.
[ 1340.840156][T16743] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4368'.
[ 1340.974141][T16744] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4368'.
[ 1340.983912][T16744] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4368'.
[ 1342.117567][T16753] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1342.267863][T16759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4375'.
[ 1342.277952][T16759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4375'.
[ 1344.674184][T16776] __nla_validate_parse: 5 callbacks suppressed
[ 1344.674275][T16776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4383'.
[ 1344.690661][T16776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4383'.
[ 1344.703987][T16776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4383'.
[ 1344.778562][T16776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4383'.
[ 1344.789086][T16776] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4383'.
[ 1345.671117][T16787] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4387'.
[ 1346.268407][T16791] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4390'.
[ 1346.280323][T16791] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4390'.
[ 1346.660377][T16796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4391'.
[ 1346.671771][T16796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4391'.
[ 1350.227081][T16829] __nla_validate_parse: 8 callbacks suppressed
[ 1350.227178][T16829] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4405'.
[ 1350.243452][T16829] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4405'.
[ 1350.569534][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1350.580551][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1350.590354][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1350.689374][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1350.703598][T16835] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4406'.
[ 1352.088274][T16855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4413'.
[ 1352.098572][T16855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4413'.
[ 1352.108137][T16855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4413'.
[ 1355.890739][T16893] __nla_validate_parse: 7 callbacks suppressed
[ 1355.890835][T16893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4426'.
[ 1355.907136][T16893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4426'.
[ 1355.916595][T16893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4426'.
[ 1356.039918][T16894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4426'.
[ 1356.049940][T16894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4426'.
[ 1359.042540][T16912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1359.052167][T16912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1359.064463][T16912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1359.109102][T16912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1359.118711][T16912] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4435'.
[ 1362.282271][T16950] __nla_validate_parse: 5 callbacks suppressed
[ 1362.282367][T16950] netlink: 136 bytes leftover after parsing attributes in process `syz.1.4448'.
[ 1362.467309][T16952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4451'.
[ 1362.477449][T16952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4451'.
[ 1362.486932][T16952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4451'.
[ 1362.560958][T16952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4451'.
[ 1362.570838][T16952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4451'.
[ 1363.606655][T16963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4454'.
[ 1363.615994][T16963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4454'.
[ 1363.627675][T16963] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4454'.
[ 1363.736623][T16966] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4454'.
[ 1367.940550][T17010] __nla_validate_parse: 9 callbacks suppressed
[ 1367.940641][T17010] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4471'.
[ 1368.249190][T17016] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4473'.
[ 1368.259224][T17016] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4473'.
[ 1369.775597][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4481'.
[ 1369.787820][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4481'.
[ 1369.797994][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4481'.
[ 1369.868743][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4481'.
[ 1369.878422][T17034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4481'.
[ 1370.256799][T12018] page_pool_release_retry() stalled pool shutdown: id 58, 1 inflight 60 sec
[ 1370.418459][T17039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4483'.
[ 1370.544238][T17039] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4483'.
[ 1373.800123][T17069] __nla_validate_parse: 3 callbacks suppressed
[ 1373.800221][T17069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4496'.
[ 1373.819203][T17069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4496'.
[ 1373.829303][T17069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4496'.
[ 1373.914750][T17069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4496'.
[ 1373.924534][T17069] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4496'.
[ 1373.925645][T17071] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1375.590145][T17084] =====================================================
[ 1375.598002][T17084] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120
[ 1375.605491][T17084]  _copy_to_user+0xcc/0x120
[ 1375.610701][T17084]  move_addr_to_user+0x29c/0x410
[ 1375.619744][T17084]  ____sys_recvmsg+0x232/0x610
[ 1375.624810][T17084]  ___sys_recvmsg+0x20b/0x850
[ 1375.630848][T17084]  do_recvmmsg+0x50b/0xdf0
[ 1375.635638][T17084]  __sys_recvmmsg+0xf3/0x460
[ 1375.640656][T17084]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1375.647550][T17084]  ia32_sys_call+0x40ce/0x42c0
[ 1375.652550][T17084]  __do_fast_syscall_32+0xb0/0x150
[ 1375.658710][T17084]  do_fast_syscall_32+0x38/0x80
[ 1375.663905][T17084]  do_SYSENTER_32+0x1f/0x30
[ 1375.670453][T17084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1375.677794][T17084] 
[ 1375.680269][T17084] Uninit was stored to memory at:
[ 1375.685682][T17084]  packet_recvmsg+0x1595/0x24e0
[ 1375.691209][T17084]  sock_recvmsg_nosec+0x240/0x2f0
[ 1375.696786][T17084]  ____sys_recvmsg+0x4e5/0x610
[ 1375.701849][T17084]  ___sys_recvmsg+0x20b/0x850
[ 1375.707661][T17084]  do_recvmmsg+0x50b/0xdf0
[ 1375.712507][T17084]  __sys_recvmmsg+0xf3/0x460
[ 1375.722417][T17084]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1375.729940][T17084]  ia32_sys_call+0x40ce/0x42c0
[ 1375.734951][T17084]  __do_fast_syscall_32+0xb0/0x150
[ 1375.740526][T17084]  do_fast_syscall_32+0x38/0x80
[ 1375.745641][T17084]  do_SYSENTER_32+0x1f/0x30
[ 1375.750631][T17084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1375.757607][T17084] 
[ 1375.760086][T17084] Uninit was stored to memory at:
[ 1375.765514][T17084]  eth_header_parse+0xdb/0x160
[ 1375.770829][T17084]  packet_rcv+0xeea/0x20b0
[ 1375.775574][T17084]  dev_queue_xmit_nit+0x13f2/0x15a0
[ 1375.783251][T17084]  dev_hard_start_xmit+0x16b/0xa30
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1375.788915][T17084]  sch_direct_xmit+0x3b2/0xcf0
[ 1375.793997][T17084]  __dev_queue_xmit+0x35e6/0x5e20
[ 1375.799558][T17084]  __bpf_redirect+0x162d/0x1760
[ 1375.804670][T17084]  bpf_clone_redirect+0x366/0x530
[ 1375.810815][T17084]  ___bpf_prog_run+0x1294/0xeba0
[ 1375.818421][T17084]  __bpf_prog_run512+0xc5/0x100
[ 1375.827337][T17084]  bpf_test_run+0x54a/0xd20
[ 1375.832093][T17084]  bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1375.838733][T17084]  bpf_prog_test_run+0x5c2/0xa40
[ 1375.843945][T17084]  __sys_bpf+0x6ca/0xe60
[ 1375.848806][T17084]  __ia32_sys_bpf+0xa4/0xf0
[ 1375.853547][T17084]  ia32_sys_call+0x2544/0x42c0
[ 1375.860210][T17084]  __do_fast_syscall_32+0xb0/0x150
[ 1375.865589][T17084]  do_fast_syscall_32+0x38/0x80
[ 1375.870881][T17084]  do_SYSENTER_32+0x1f/0x30
[ 1375.875650][T17084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1375.882469][T17084] 
[ 1375.884937][T17084] Uninit was created at:
[ 1375.889686][T17084]  kmem_cache_alloc_node_noprof+0x818/0xf00
[ 1375.895837][T17084]  kmalloc_reserve+0x13c/0x4b0
[ 1375.901109][T17084]  pskb_expand_head+0x1fc/0x1610
[ 1375.906600][T17084]  skb_ensure_writable+0x44e/0x510
[ 1375.912021][T17084]  bpf_clone_redirect+0x1c1/0x530
[ 1375.917530][T17084]  ___bpf_prog_run+0x1294/0xeba0
[ 1375.922755][T17084]  __bpf_prog_run512+0xc5/0x100
[ 1375.931856][T17084]  bpf_test_run+0x54a/0xd20
[ 1375.937678][T17084]  bpf_prog_test_run_skb+0x19f8/0x26c0
[ 1375.943413][T17084]  bpf_prog_test_run+0x5c2/0xa40
[ 1375.948781][T17084]  __sys_bpf+0x6ca/0xe60
[ 1375.953280][T17084]  __ia32_sys_bpf+0xa4/0xf0
[ 1375.958237][T17084]  ia32_sys_call+0x2544/0x42c0
[ 1375.963497][T17084]  __do_fast_syscall_32+0xb0/0x150
[ 1375.969781][T17084]  do_fast_syscall_32+0x38/0x80
[ 1375.974972][T17084]  do_SYSENTER_32+0x1f/0x30
[ 1375.980139][T17084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1375.986926][T17084] 
[ 1375.989400][T17084] Bytes 12-17 of 20 are uninitialized
[ 1375.994948][T17084] Memory access of size 20 starts at ffff88813138f9b8
[ 1376.002609][T17084] Data copied to user address 0000000080000740
[ 1376.009450][T17084] 
[ 1376.011950][T17084] CPU: 0 UID: 0 PID: 17084 Comm: syz.2.4500 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1376.025036][T17084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1376.039204][T17084] =====================================================
[ 1376.047363][T17084] Disabling lock debugging due to kernel taint
[ 1376.053712][T17084] Kernel panic - not syncing: kmsan.panic set ...
[ 1376.060354][T17084] CPU: 0 UID: 0 PID: 17084 Comm: syz.2.4500 Tainted: G    B               6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1376.074938][T17084] Tainted: [B]=BAD_PAGE
[ 1376.079492][T17084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1376.089777][T17084] Call Trace:
[ 1376.093279][T17084]  <TASK>
[ 1376.096387][T17084]  __dump_stack+0x26/0x30
[ 1376.101026][T17084]  dump_stack_lvl+0x53/0x270
[ 1376.105898][T17084]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1376.112047][T17084]  dump_stack+0x1e/0x25
[ 1376.116502][T17084]  panic+0x4bd/0xd50
[ 1376.120756][T17084]  kmsan_report+0x31c/0x320
[ 1376.125654][T17084]  ? kmsan_internal_check_memory+0x16c/0x230
[ 1376.131954][T17084]  ? kmsan_copy_to_user+0xf1/0x190
[ 1376.137408][T17084]  ? _copy_to_user+0xcc/0x120
[ 1376.142377][T17084]  ? move_addr_to_user+0x29c/0x410
[ 1376.148088][T17084]  ? ____sys_recvmsg+0x232/0x610
[ 1376.153284][T17084]  ? ___sys_recvmsg+0x20b/0x850
[ 1376.158411][T17084]  ? do_recvmmsg+0x50b/0xdf0
[ 1376.163261][T17084]  ? __sys_recvmmsg+0xf3/0x460
[ 1376.168295][T17084]  ? __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1376.175111][T17084]  ? ia32_sys_call+0x40ce/0x42c0
[ 1376.180287][T17084]  ? __do_fast_syscall_32+0xb0/0x150
[ 1376.186201][T17084]  ? do_fast_syscall_32+0x38/0x80
[ 1376.191491][T17084]  ? do_SYSENTER_32+0x1f/0x30
[ 1376.196435][T17084]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1376.203254][T17084]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1376.209704][T17084]  ? kmem_cache_free+0x3ef/0xec0
[ 1376.214979][T17084]  ? __kfree_skb+0x20b/0x260
[ 1376.219821][T17084]  ? kmsan_get_metadata+0xfb/0x160
[ 1376.225233][T17084]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1376.231362][T17084]  ? kmsan_get_metadata+0xfb/0x160
[ 1376.236787][T17084]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1376.242910][T17084]  kmsan_internal_check_memory+0x16c/0x230
[ 1376.249023][T17084]  kmsan_copy_to_user+0xf1/0x190
[ 1376.254251][T17084]  _copy_to_user+0xcc/0x120
[ 1376.259040][T17084]  move_addr_to_user+0x29c/0x410
[ 1376.264293][T17084]  ____sys_recvmsg+0x232/0x610
[ 1376.269311][T17084]  ? import_iovec+0xb0/0xe0
[ 1376.274124][T17084]  ? get_compat_msghdr+0x670/0x740
[ 1376.279529][T17084]  ___sys_recvmsg+0x20b/0x850
[ 1376.284535][T17084]  ? do_recvmmsg+0x4f1/0xdf0
[ 1376.289360][T17084]  ? filter_irq_stacks+0x49/0x190
[ 1376.294650][T17084]  ? kmsan_get_metadata+0xfb/0x160
[ 1376.300154][T17084]  ? kmsan_internal_check_memory+0x9c/0x230
[ 1376.306360][T17084]  ? kmsan_get_metadata+0xfb/0x160
[ 1376.311775][T17084]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1376.317934][T17084]  ? __cond_resched+0x15/0x130
[ 1376.323093][T17084]  do_recvmmsg+0x50b/0xdf0
[ 1376.327789][T17084]  ? kmsan_get_metadata+0xfb/0x160
[ 1376.333351][T17084]  __sys_recvmmsg+0xf3/0x460
[ 1376.338249][T17084]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1376.344413][T17084]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1376.351065][T17084]  ia32_sys_call+0x40ce/0x42c0
[ 1376.356252][T17084]  __do_fast_syscall_32+0xb0/0x150
[ 1376.361638][T17084]  do_fast_syscall_32+0x38/0x80
[ 1376.366733][T17084]  do_SYSENTER_32+0x1f/0x30
[ 1376.371474][T17084]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1376.378081][T17084] RIP: 0023:0xf7f13539
[ 1376.382422][T17084] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1376.402300][T17084] RSP: 002b:00000000f501555c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 1376.411362][T17084] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000080000480
[ 1376.419658][T17084] RDX: 0000000000000179 RSI: 0000000000000000 RDI: 0000000000000000
[ 1376.427818][T17084] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1376.435995][T17084] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1376.444162][T17084] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1376.452375][T17084]  </TASK>
[ 1376.455912][T17084] Kernel Offset: disabled
[ 1376.460381][T17084] Rebooting in 86400 seconds..