last executing test programs:

10.162477267s ago: executing program 3 (id=94):
memfd_create(0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = memfd_create(0x0, 0x2)
write$binfmt_misc(r3, &(0x7f0000000280), 0xff9d)
sendfile(r2, r3, &(0x7f0000000100), 0x2)
fcntl$addseals(r3, 0x409, 0x8)
pwritev(r3, &(0x7f00000005c0)=[{&(0x7f0000000040)='\v', 0x1}], 0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000400000006001800001000000600190000b5"], 0x4c}}, 0x0)

9.968982873s ago: executing program 3 (id=96):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}})
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000240)=0x1)
r7 = dup2(r6, r6)
ioctl$vim2m_VIDIOC_ENUM_FMT(r7, 0xc0405602, &(0x7f0000000280)={0x0, 0x1, 0x0, "adbdee06009e4aeabde9eefaff7a78cda902552f08cef4a662dd836c7451f8e5"})
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x48b, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @empty, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r7)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)={0x24, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x0}]}]}, 0x24}}, 0x0)

8.793271746s ago: executing program 3 (id=101):
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)='%-5lx  \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={r0}, 0x4)
r1 = fsopen(&(0x7f0000000000)='bdev\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x8, 0x0, 0x0, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1eb42d0000000000010902240001000001000904000001030000000921000000012204fe080581030000000000"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f00000003c0)={0x2c, &(0x7f0000000040)={0x0, 0xe, 0x4, {0x4, 0x0, '\x00\x00'}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5.004229046s ago: executing program 4 (id=114):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x42, 0x0)
inotify_init1(0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02"], 0x4, 0x0) (fail_nth: 4)

4.998206876s ago: executing program 3 (id=115):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x0, 0x10, 0xb}, {0x5, 0x2, 0x13, 0xa}, {0xa05, 0x5, 0x5, 0xc}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x16, 0x392}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_clone(0x88207000, &(0x7f0000000480)="3670093ca3eb09c4b95e0feeff2f38520f619927a7e761ee0c38f728639795e8c2956bf9f1e75a24a9a4e02e927c8a8d7bfed2dd58c853b4e2e0b50f9927a48a2b826c58743e8c3ba4de7bbc799cfb1bece1493b6685da966a41462c6d9f46f35ece0b12fcc1839058d35ff2", 0x6c, 0x0, 0x0, 0x0)
kcmp(r0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
memfd_create(&(0x7f0000000680)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xf8\x7fL\f9\xce\xdfP\n\x85\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7j\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3\x00'/551, 0x5)
r3 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f0000000300)={0x1, 0x4, 0x5, &(0x7f0000003040)={0x5, "f4e1a230be7aa95df8c01eaf07677d18dd00"}})

4.755870237s ago: executing program 2 (id=116):
r0 = gettid()
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

4.650251171s ago: executing program 4 (id=117):
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x3, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x7, [@union={0x3, 0x1, 0x0, 0x5, 0x1, 0x98, [{0x5, 0x1}]}]}, {0x0, [0x30, 0x30, 0x61, 0x30, 0x2e]}}, &(0x7f0000000f40)=""/4081, 0x37, 0xff1, 0x8, 0xffffffff, 0x0, @void, @value}, 0x28)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720a23fe000000008500000012000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd42abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f58d305000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc928b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a95524c84df0952d32093082b7aa71304e0d2d9ec310d1b676b378a5879e47941de1a28c3a8f400000000000000000e032b7d2badd0bc6617a859b7ac273b6304555f664469cec152030f06cc0ca1765838eb5590264736fbccfc3a8f4e3b10daf6a275daf5db2dac7096fe8ac8876acaad043663b3b0fedb05e6d31408fa20140c9d2db1c59ac8a3ce28e489d67d87d3a107ccea3007f58f2c5017e8807107f79ac50cc1d4f546b4443d137eb706b71b1767a10cca7a7c82b76c96e874aff249f36329a6526b354b6e674b08f7ef492b804c4b08fb10de807d79fd782027318cd7632e22d2faa16209272b39b5ec8d239832ea02cc88e249a2e77753a58987547571fbc8de747faab724bebb6401412b496e078fcb6c78ab447e871b76a8b0506f49594aa1d610567e14d739a60ff3ce04d0d2e5681e787c7e1ad25467bb81f2f440128207fe07a83759ec30cf9e0a3fd3f2fcee97fe8d273f8e712a8a64eaf2d89a1fa44554357fcd7ab531ff7a41c27164fca430a62d015b477de61853f5ee2e25b00a63642ec32ece2ff3bb5883deb895f52a923b5c744d8dccdd6a09ded8b90f1eeda8e6e884a4f090edb6ab9fc8107846508d51f3735493d5860cf80200ce31b92eb3563d485b5a7d192092d7a9fd2bc67d305d1d4573aad5f6501d1cd27657ce17330402dacb78d72d776330711645eed7d4c292f4448733c0826c4eb950f3d40457f82d7f792d106518f6bde874aff9e2bea7d73f74bebeeacfc700000000000000000000d40d73be47803297db004264c8c70b7761b22a7114a078a87d63d63b0c9dcc263a5b773bfeba212abef4181ad9e4872e328c0f105d51e3d167a2b717051d7681ba04552eeba18a000000b22b50d76d85040c9000ea68a528049a60d5e26b20455194f4be3b8466fd66d0e6cefcff7891c485d61cb66f4076cd60a22733cb00cf7cc12ca7d9bb864c0e650236a79a5c85349a9b1e6bbc3bace197e72490c566431cd3a08e9d1b641c1ba1f661d01573b904c3fa1427370fa15cecd294ac21fefe3d161fdf58e8bc5957ef145839f4370176e1be88d2e3516a1998c1621a00b4438b85a4dfee6f61827a1e50e158038b037dfda3ffb35069e41fc740ae720800de53948f176c3c15f3a529c02434b920d87f12a6e3420a2fdcb3559e7a5b1ddbb06b7a5977f63bfac701e673bf626d126b213c92e7169a930beb8d76f9db34e8098bea301baa96916d6458c923866dc192928b320738d1b298fb55f2a64500000000000000000000000000509885a38d9d995a46817e7ff7acddcc5f9253c63f86baf33f92820c9ff497cf76b6482c3ab53fb6ecea6d220b91b99b2fb4279ab09ae0645ab92df309000000000000a4868411948f8e3e259b717d722a1eebd3f6860a17f1ae9e10a1178f6aef4951b192d13e9600c1f700ca7b1d127e451034469bf2a8f93dbae6ad8e932e431dc18323794156238625bb9c45c5a76a68a8646e701b29a71ffbd854f50f195823106a5625ff94221f1f04c72525b50aae69081de9626de9847bf53475d90642d9730101d80b1b0000000000000000822b0641698d60160d9157548302dd2636d12c431f96728ae4a45361e6d47a1c4a52d67c0f0a62585c09fcfd70d0f249f87c44b47283c1c6f2430d70c751e4ada9b646e6e7c1719faee476d88a2943c71a21db55b7497dd7ed385ac2e8cb916390a3a0ed52e7371e1a141e69afa07b46ac20f3521fb251b72c82ee1c7eb4f67c0deed5618d0db925ce7a7c50a99835544c540f5d528587d1a26e78df1bc9a8e4d90c57d0b8122eae7b23e4456624f5337c16c42648c7a3d0b799ad409befe0cbe2aa781ba826918df7aa80dff4f62258e54419629eb1d37de7f6a3512bd618781d1ad3a4d4b0da44df9f9a93f0487f79a9b16dfa6f68b06ce6a96ca344d194cded05702c2300d1a4f451b33830765f8131f6c28fada65701851bba089b8a8347900e72d68cea965feb6a06225dd3f0e135323a5bde3b43c9d242b73abf9e05336af040a4a6bb5918146393f1d50705c1d1e986bf2f690de51ee8727d37339df5391db535bb1e9bb3e5dadb6e5a2bb4faa2dcbc6ca9b40ac96e448b9dadeb08fc2cf3a960f22bf20b9e967b7a75687372b8e3edc543896c360674d901a7f56b07ba1479b46eea3d94026a9c7e670ab40bb2c1ca1a7c90299361239bef773140af974c7efc285a64633d21513481b3ac62dec9fa3e8ce6156d76b82baa145bc550b0ccbc0934ccfea45292caa2f0654fe18dc0669a4f2af9fa232a293ad94261f55675cc686db72783a6bacc0df6a1ea943ae266af112f35319980cd681811a369e0d03cf7d22bed7cbe1afe498b88942b1bf7edae441a0d0d88fce65cb4e848793a28cbd7373f6acd3b5a48c034e487750388929d37fa3165f205dab3be5f3e5781a84298687cbf02dcaf0e14a2b260293f349d076eb75a2ddc5382d106f0beea02aa45018fe36d1176cf7704383b6922d10dc80bc7feca3982ae232d4bb47c722c83a7cf6ee8832f038b072eb803a47cd7f753e80c9f6eedb8"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000054d564b"])
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x800)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)={{0x1, 0x1, 0x18, r2, {0xee01, <r9=>0xffffffffffffffff}}, './file0\x00'})
write$P9_RSTATu(r7, &(0x7f00000004c0)={0x5a, 0x7d, 0x1, {{0x0, 0x3d, 0xffff, 0x9db5, {0x4, 0x4, 0x3}, 0x80080000, 0x8, 0x1d24, 0x6, 0x1, ']', 0x2, '\\#', 0x6, '\x17#,%,}', 0x1, '\x00'}, 0x8, 'ip6gre0\x00', r8, r9, 0xee00}}, 0x5a)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r2, 0x300f000, 0xf, 0x0, &(0x7f0000000400)="1069c2704a075e307300ac14dd46df", 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
accept(0xffffffffffffffff, &(0x7f0000000000)=@isdn, &(0x7f0000000080)=0x80)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYBLOB="44000000100003052bbd7000249d020000000000", @ANYRES32=0x0, @ANYBLOB="15010000ad190800140012800b0001006d616373656300000400028008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0)

4.307694893s ago: executing program 0 (id=118):
memfd_create(0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = memfd_create(0x0, 0x2)
write$binfmt_misc(r3, &(0x7f0000000280), 0xff9d)
sendfile(r2, r3, &(0x7f0000000100), 0x2)
fcntl$addseals(r3, 0x409, 0x8)
pwritev(r3, &(0x7f00000005c0)=[{&(0x7f0000000040)='\v', 0x1}], 0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000400000006001800001000000600190000b5"], 0x4c}}, 0x0)

3.943749378s ago: executing program 0 (id=120):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
rt_sigqueueinfo(0x0, 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000000)={0xb4c7, 0x695, 0x6, 0x7f})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x30da01, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="01"])
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_CPUID(r4, 0x4008ae8a, &(0x7f0000000040)=ANY=[@ANYBLOB="01"])

3.942780768s ago: executing program 4 (id=121):
io_submit(0x0, 0x2, &(0x7f0000002700)=[&(0x7f00000005c0)={0x0, 0x0, 0x0, 0x3, 0x6, 0xffffffffffffffff, &(0x7f0000000500)="3cf90b130a50b7618865ab0d96e91550ff84895ab903843e5ae37f6501f575a60e4a43e662ef765415b0b593ad68e230e1", 0x31, 0x910, 0x0, 0x5}, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000640)="f20b94e58a66c477e0067e27520e0eea3be4cdc7c675185a22d8d9d235fc73fa704a5673ee6522011e8175f258b271d676f7c4cbc1b970f713732992d647a5879a6abe3f1f6ec44f726ef359a887adff1425b58bdaf99521a4aa1b666a003e0db595764f8c8a9063caf491d4f977816cbd847e371cecea8ac755f7a589de3a866468fb181d7b37f01e4e4961fa9527137cd8a2af2a8ccf187c576102019e4ecd6f940a72d990d6f972ac04224324001a217e739d0273836b8fe64d9f5b901abe3aff74173a92064a5b587f6e37836f3e3514585e399ae907a2bcf8649b469fc5d3629ec8824b60891bb9e9f8a1addfb00afa1884e9d9dc10c454b4a7f52376bf9e3e9f00f17d775f4cc8ffe37dc29b387e4dfca8eab9f385b2e1dccabaf7e67d6ad7881a629dba9fc5f6de123e6023e40dd60ad5931b3702fab3b82dc229c84a7b0e287c50662b187fcc70d5ea7856259dd7754bcd49bd576470db794c24d34f5fddad54152253ab00711e4398313892dedbe767f7e74ce606ee50e9bd8d86ebaaef3cffad4f9d406b51cfd21880fcc8e0cb9780b0398a894aa0d7865b06a93164343a2b14d599650192a761878bf907d1f4d3645659f5d8eee852136d870b620a97d3894db80731d472162efed14a8b1dcf9c0fcf8d23675bfe0cd599e49338d3c114aaed1786e5590dfbc4f6ccaffff638228b60305dc6bc579bec9f936f6d8d08226df285a8cfbc943ae55b09c410ca52cae5738eb52c101d253be832dcd08538feda342e99a31354e9a50b469040b6d5fc2e77252b62092657f57acb47e0cfc1b82cee460cded8161c8622a83442d4a4da09ce914c36acee07f819b8d5493031bdffb191c09e5ee3982e875b0f0f342da574ca2e7d7583d944543f0b2ca9dc344fd5cc1ae86b677ce0a99c2f64fce26ebafeb81e46b0b394e3a61abd0796329f0ab7ef7488fcf83dfa7f0e0806bd5619bf1424aaf73e101cf81161c598ae9d47435feee7bcc0cc80bd4b8beff3c9e788cfef753842ce86cc18a00c3957aef418e7ba8a077d42b5a55f076bc0f8101176703e37bd2f033cba0ffd6345991e9301aafb1b3629cf72c17ade109fae90eb01a524e175f138b50934967676c7fe103f6904777ad81184908c5dbe587111e5dd9738751e363c5f0cb884ebab0c64a3549e7f79d8ae471bf21ef8a3597b51dae745a106ca56d0328cbd11a99868d38074a4cc8646f198ffacd184bab5f053962dd9a7b8a516727f3bae52266dd979e6bd47071285ce426b62eb82b462f0397fe60ae2f1031de31e20aaa2d2657adf0b0beb0b65e436c57d246ace1e70e2a56ea7ead800accced6dd4b747a4e258659b046ed5377755f7b02f6091439a57768a84af3b463bcdc3ae1d6a7ad911da9eb924877d3f1278ad20569e3021080138798c9998f41491c8e38c2cbb0e14f25d444ca18514d1233095e31b96885c4c6b1266650154110f18b8c4d4e7651c02b828bf8af2dce8a7c5aacc383267c001e4cdac4e39919be1340f91652542519044d2fa88854ffc038f4a5ad0af509bab039cc5e0feafd79e6a9fb7debe8c12c70959fd553727af9a13656d72191a6da932254b59185a3c7201b524e7bab69786768c95080ed652482ac768e0ba99b7ae8f4fe3ebbf2c3de7d769c358654efc43bffa3713f829fde2f5fa3aa6cc4b07a74f83e514b99cb11be2b4841c8486f3ba13d62ba69c69c04b2ad005023ea2b3f18c9340783803b4ecd9d0f4839f9c704334abd95a7c552fa7343f8fc606aa3d0ebd0c7422409b85c32c4204fcb8ed289f34d88443880c7d118906dd0c3ac314d249760360c52f0b0f334c8ef57d5c210beab356c654e811d1dc9976105fd659e5e941f7afff2a1fb72e92c26d446bbf6ef6fcb567d8400fdd97d96f99d0e63a62a2ba4339c0427eff404a5a5734f4eaba3e0447c1fc35d9a7112c1996ef5e3aa2b30aff2136ad18e8501d9903e88fe16cb9718e4fd092334df7914282a51227a96b5423cd7e2d0c8ea8367fedcc65a51b51e4ee626597db8503ca88bbfcbfc94d1ea740d91ac380cd1482b74c4f65b3da28c328b19bff8d4a1a8f8508d73977475141b0d35f428033ca667e5829ac7b2cd849db488abdd2f7583cbc7738028da9c31bb6bc4b807213c554e931996c241d19c8f87f8725d14b4050add21b29d0ce0edbc25c4335d86a7f5dbd24b01c1b796d4de5d9983d8503bf62ac1f3818b498956e62910d90b5d480f903f1ea71b1f89e0ec874ee12a3ccd78430f28e4d6df8e882954d5bedd1d8c123062aa7e5d997a6ee5cc84d9165ae942366f1e0904156cda56948150e45f15fd60000fc0c60f3cb7295f1fe1e54de931c55cc6ba891c63a66bfc7e16c74675d89f767c5f7a36c7c66dda81c7a319cd902072f3e6810a8b717c5ec123d364624baa946480e86d3a71bfc7700ca5e933382f4d066bd0fe6ff731c400cd7728f003f7640bf6fc0edd3e64abfa9b18babfa334739f1e05b0a7cbb359a74c8a5aa601b9421c534464da4fb2eafe54862680e00fbb67da01373a1ffdcb11c3941b4ffc46d31580fe3e3a43a825fc60380033b8460fcc6640da70daec61edd4c295ed3b3e64cbca85be8446fc8dee73d37ea140fbf0a9b287f6e041330090f74d6cf0fdb80e8e0b7eda1d06dc51e59d8ff5ade9e3040eebbb7220eaa4f21f759a099fb2218e34d029c2b09236bbe3127e0218bd5e660d756f14a34c221951c1dd68270568a99382a1787c3f0cd9808f14a0b41cc22c74e00594527bf9f9dea9a7a71e6335a3b2329224fadfed8c122ebe447723d5198a482b139dea63d332519b2aeb0cd85dd60482ac9578ec3edd33f24692042c21b52e7182b41f7b3c8edb54033e17a21139e97fcacef6a1e9b324f4da874e9d790e18f8264f5e5d54873661677ebc54c4b1b307b3b37c9b178b1a9835c4385cd446bcf563424550de1a246374a69badd89a84191e6f1e8f651dcaf44819b902a1e4f49521f03fa2b135e5951fd3ffd415876bf459937fd92b82fe1bf1620bcad9c12b085fc7d93c9095331437eb79cc3e05d0935256ff483e75e7c5c5ffca84151fb019a32996cb4794ee7fb601a8ec6d0d1884e9058fc370fa7bfeaae06a14918e7a623000a593d2986d9c90b2f47f7caac2797ff348387ec2e50490e944c243bcc657feff41647eecf67dd431d723e4da405757cac73983b5179f745cb0599f186f10e642f1756a55947a681f218aa8712f55394911f9fd0431e511935e9a95f7caf3fb4c4b45730d8689572621d301f9f67622a80f25cd512d1f94af9e096b3082b167baf5309bd4f2339839bb9c58cb32bbd2a1b6e15b6932df1317eb0f3cf6a044c0da126836b198159a59d2fb1ef529597f71a32aa115cc1c25ffe3ab3bef98933e69814aeaef27095bfdb8ded06abf5942a36fff3900dd3347e0317988a456bb142d33612613488db2f13e2f5fefa57eadfa1624b9bb685d10f6fda9962f851f753a4890647847e8ffa8a878a29cfd547f36dd07797028534a8aa5f88e5856449a6aa83a57f46cfe94431ad30723d6890891260d57915af89681904d316a39650a93fcd08b55928fc689b559fd21b9d78d154fdb05e96a452e84e15dff8876b3b7a5331bc8a6bbd8f384d9025cd889effecb29c76791bbcb007afb4b6d4a251a140d0bd2582efc580aa177fbdf6fb33f46e097241ddfd738d5ac65ed51873cc57ff21ce37026cd360d3ab9fc4926666b13c77c0c1b5ba6729ce8e74c0937ed4fa8cdcef7b1e777338ad244b85cfee74c56ab0498c605876ccd845a8d259d6022ab98043e195d7441e9e38e0a141ccd651a32bca87ee10780a76bf3e0044484d77eddacc76aaf50782110db0330f223eea2e50364236284394afb638239cda54d1c48637d9cac94503ec446d40e5efbb89b99a2d6a03fba22fe6ed72ff2c74d89a2af5c7d923601110a3f6e0d5a59ef227a8a677ddb07544d60309e46e87783e9e832a9227363760af822f45df8c201f6b6ffedb1eebdbb4cb248472cbf132088df303fa8b46e1f800cd7aee015bda17ce4db469f977fce60b4cb0b17043e70a9723855f189b24a3f5807270e6e70ec760e91ec09f7a20beed96bd55ff4041a61a75f0cef09a1e50d98cebbe9360fae1ff7a7f39c58eef71be328ebbfe8efa05f075beba07db8491f968920b358684932c452895fa75c2c8759d4e2baf0b4518e3f3caaf35a16f6a1ea7a6712e52dadf45911f84ded26bb866804cc06f2c9955258342ffe434a6be03703da43ecf926e7f07c479c8e69efec30604dcf78551a1fe5defac8e9f8cd6d242c8e271fa835eb73b8c406290a93221807d9042cef69645cb32adbf612e043e608a930e3d5cc0320c53a22a29bb6c0859e2b82b65f16ac515f2a35a64bac5f9fcd2b5e4095ac391a054d973a1f66a601ad24d04a5f12ac10e1bbc1e529ff84fa6a24f838ce160dcec2135beae3f778c449652696d534942b41ada4b0a37b0f63b26e22288de4192cd1267480b56ce578940a29336b29c22d037a4bcb453701bd5b14bb1fac1ee73f9e7ff97044f12ebbfc66723a952dc924d145f976649239c213c13be1672f6545ab38c65f0089839ac1c6604ad27d46c22819ba25546a4668bcbd2905ea15fc0d5cdce5f3daa739748190ffd14d1bc27ff4aa60f9f2bbd9cfce7a51ec35ca2442a28769b9f18964d9281c827b948fa4c910802ea58972b442e31b09f650ce1c4950274e3e8a5c2b4f498ae30e8922d84b8442c6df36fbf584cc7229d1b207b2360435da75606e9abe76fd2e159e1f4ed86672efcd4b2060e57faa7f3a39719d36885f96c939675fb598b10d7fccb80e3077f486cf60feef9bb8976de898dbeb9408f39c626bf03d57badf2d355906c3596c79dad2904569cd27742fd6d4d80ead639301bb89b5ebdcb87218f99045912f959ff9bbca845925e30ac4e3170b3c5b00eb3dab82436b959763c5300bc8d6c4529a3268340e225256bb0c7ff8e274feb5b472992c604d6f446ca618a6391d47f90d4aae3cea4dc29534e9682a7fd024f94451bd167a15aeb2897b163dc3f950ed95d180a0a363ef303af1b01988d8c6c16e6d55510feac90efa0dd39ba32650794e7a88aa6a933f199d77ec257113549320c130bf132c65c29bfa8eebc1fd8130cd1fd332dd82c73c9e0cc65b8983079c7cabea606d4868be73d75ea39dce50515455b9a98d4d686ec9a", 0xe79, 0x0, 0x0, 0x3}])
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000100)=@req={0x5, 0x8, 0x4, 0x5}, 0x10)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000000))
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c}}, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{0x0, 0xfff8}], 0x1, 0x0)
ioctl$TIOCGSOFTCAR(0xffffffffffffffff, 0x5414, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x0, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f0000000240)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x51}], 0x1, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[0x0], &(0x7f0000003240)=[0x0], 0x0, 0x0, 0x1, 0x1})

3.822327074s ago: executing program 1 (id=122):
r0 = gettid()
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_procfs$pagemap(r2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$IPSET_CMD_SWAP(r6, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a00)={0x38, r7, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x38}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

3.653461309s ago: executing program 2 (id=123):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x5)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x3}}}})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r8, 0x40045612, &(0x7f0000000240)=0x1)
r9 = dup2(r8, r8)
ioctl$vim2m_VIDIOC_ENUM_FMT(r9, 0xc0405602, &(0x7f0000000280)={0x0, 0x1, 0x0, "adbdee06009e4aeabde9eefaff7a78cda902552f08cef4a662dd836c7451f8e5"})
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x48b, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @empty, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)={0x24, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x0}]}]}, 0x24}}, 0x0)

3.583106836s ago: executing program 0 (id=124):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000080), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae0a, &(0x7f0000000200)=ANY=[]) (fail_nth: 5)

2.070530286s ago: executing program 0 (id=125):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) (async)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) (async)
listen(r1, 0x9) (async)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x9, &(0x7f0000000100)=[{0x8000, 0x2, 0xa, 0x40}, {0x0, 0x0, 0x10, 0x5}, {0x4, 0xe1, 0x0, 0x2}, {0x2, 0xfb, 0xa, 0x68}, {0x8, 0xba, 0x6, 0x8}, {0x8000, 0xc, 0x3, 0x3}, {0xe0d1, 0x7, 0xff, 0x8}, {0x9, 0x1, 0x1, 0x9}, {0x8001, 0x8, 0x8, 0x6}]}) (async, rerun: 32)
r2 = socket$inet_dccp(0x2, 0x6, 0x0) (rerun: 32)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

2.002120174s ago: executing program 2 (id=126):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x11)
syz_emit_ethernet(0x52, &(0x7f0000000640)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "7927f3", 0x1c, 0x2c, 0x0, @remote, @local, {[@routing={0x0, 0x0, 0x0, 0x8}], {{0x0, 0x400, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff86dd6060626000102c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa11000001"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r1, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r3 = open_tree(r2, &(0x7f0000000640)='\x00', 0x81000)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r3, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
open(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x145142, 0x0)

1.98598581s ago: executing program 1 (id=127):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x42, 0x0)
inotify_init1(0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="02"], 0x4, 0x0) (fail_nth: 5)

1.63131584s ago: executing program 0 (id=128):
syz_clone(0x28380080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000001000010000000600010011000000"], 0x1c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000001c0)={'gre0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x40, 0x8000, 0x8, 0x7, {{0xe, 0x4, 0x0, 0x9, 0x38, 0x65, 0x0, 0x0, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x24}, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_addr={0x44, 0x24, 0x5, 0x1, 0x8, [{@remote, 0xfffffffd}, {@rand_addr=0x64010101, 0xfffffffd}, {@empty, 0x8}, {@loopback, 0x1}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'syztnl0\x00', &(0x7f0000000240)={'syztnl2\x00', 0x0, 0x2d, 0x8, 0xa, 0xfcad, 0x18, @mcast1, @mcast2, 0x8000, 0x8, 0x9, 0x3aa}})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000300), &(0x7f0000000340)=0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000001000390400"/20, @ANYRES32=r3, @ANYBLOB="0198001d000000000800124a90560719080001000000000000000000", @ANYRES32=r3, @ANYBLOB], 0x38}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000ac0)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @gre={{0x8}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x34}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x11, 0x0, &(0x7f0000000340)="b65bfcd0257864f0e86035e81ff460bc3c"})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000a00)={[], 0x0, 0x78469555c77fef7b})
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1.630137984s ago: executing program 4 (id=129):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}})
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000240)=0x1)
r6 = dup2(r5, r5)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000280)={0x0, 0x1, 0x0, "adbdee06009e4aeabde9eefaff7a78cda902552f08cef4a662dd836c7451f8e5"})
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x48b, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @empty, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r6)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000640)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x8, 0x11d, 0x0, 0x1, [{0x4, 0x0, 0x0, 0x0}]}]}, 0x24}}, 0x0)

1.545951715s ago: executing program 1 (id=130):
memfd_create(0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
r3 = memfd_create(&(0x7f0000000200)='\f\x8b\x8a\xa9\x16\x11O\xdd\xdfk(F\x99\xdf\x9a\xd5>oJ\x02u\x9b\x94a\xac\xfe6A\xc4\a\x9e\xbd\xa2\xfb\rD\xefq\x1f!\x01\xc3\xa5U\x98\xee\xcd;A\xe8\x00~V\xbf\xd4\x00\xd2,7\xa0\xfd7\xe8\xf9M\x02\xec\f3\xd4\xb8\xc3\x85\xda\xeb\xce7y%S\x1e\xa9\xe9\x92!\x95\xf1Ek\x95\x9bQ\x1d\xa4\xc2\xbb\xfa\x96\x14\x7f\xb9\x90\x9cn\xb5\x10\xd2\x84\xe9\x9e1\x9a\x9e\xa7\x9e\xcd\x1a\x86\x14%\xbaS\x90\xb1j\xf9\x00\xd7@D\x04\xaa\xb55\xd8x?z\xff\x85j3\xbe\axo\x05)\xcc\xcd\x9b\xb3\xe7w\x0e\x9f\xd3\aU\xf0M\xc1\xad\x17t\xeb\x1b\x11m\xec\x00\x00\x00\x00R\xb6v\x88\a\x82\x9e\x00\x00\x00\x10\x00\x00\x00\xa6!\xb3\xa8\xe7[&\x165\x84\xce\xa5\xc4wT\xf2E\tj\x92G\x14\x04\x93\xa4\xba\xcb\xce\"Y\xd68\xeb\x01\xc9/\x19\x85\xc6\x8do\xcb\x17\xb5\xffW\xe6\x8a\xfb\a\xf6', 0x2)
write$binfmt_misc(r3, 0x0, 0x0)
sendfile(r2, r3, &(0x7f0000000100), 0x2)
fcntl$addseals(r3, 0x409, 0x8)
pwritev(r3, &(0x7f00000005c0)=[{&(0x7f0000000040)='\v', 0x1}], 0x1, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128009000100626f6e64000000001c000280050001000400000006001800001000000600190000b5"], 0x4c}}, 0x0)

1.544382519s ago: executing program 2 (id=131):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_DEL(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x0, 0x300, 0x70bd25, 0x25dfdbfd, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5, 0x4, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x240400c0}, 0x20000000)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0xf503, 0x0)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000140)=0x1c)
sendto$inet6(r1, &(0x7f0000000180)="a3c60f7032a0aa16e2dc5d02ef1aed2c11a110b0d0de92d662c7385e09c631163e2102697155e9c063a2420ff45c469f7000efd1ef4f9dfe69bf49ddb4f514525fdaa1ee9019b44126dc97efd9541017cd8858409e8d51222b34ac75d3a0cfc59e827c72de7ab375d65d07ce3d44b43f6d74fcb3473b62cf21f318acf766268252c3b1e4a4c0f4701c625a3d43b75a3f85063da958648feb8a1bda97dd2f9872b63e59a662076c0ddc17e9a9aba584", 0xaf, 0x20000080, &(0x7f0000000240)={0xa, 0x4e23, 0x9, @local, 0x8}, 0x1c)
clock_gettime(0x0, &(0x7f0000006f00)={<r2=>0x0, <r3=>0x0})
recvmmsg(r0, &(0x7f0000006cc0)=[{{0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000280)=""/156, 0x9c}, {&(0x7f0000000340)=""/77, 0x4d}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/204, 0xcc}], 0x4}, 0x5}, {{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001500)=""/9, 0x9}, {&(0x7f0000001540)=""/214, 0xd6}], 0x2, &(0x7f0000001680)=""/121, 0x79}, 0x7}, {{&(0x7f0000001700)=@ll, 0x80, &(0x7f00000029c0)=[{&(0x7f0000001780)=""/12, 0xc}, {&(0x7f00000017c0)=""/185, 0xb9}, {&(0x7f0000001880)=""/50, 0x32}, {&(0x7f00000018c0)=""/245, 0xf5}, {&(0x7f00000019c0)=""/4096, 0x1000}], 0x5, &(0x7f0000002a40)=""/221, 0xdd}, 0x8a9e}, {{&(0x7f0000002b40)=@in6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000002e40)=[{&(0x7f0000002bc0)=""/244, 0xf4}, {&(0x7f0000002cc0)=""/170, 0xaa}, {&(0x7f0000002d80)=""/151, 0x97}], 0x3, &(0x7f0000002e80)=""/251, 0xfb}, 0x2c2d}, {{&(0x7f0000002f80)=@l2tp={0x2, 0x0, @loopback}, 0x80, &(0x7f0000003300)=[{&(0x7f0000003000)=""/70, 0x46}, {&(0x7f0000003080)}, {&(0x7f00000030c0)=""/69, 0x45}, {&(0x7f0000003140)=""/146, 0x92}, {&(0x7f0000003200)=""/79, 0x4f}, {&(0x7f0000003280)=""/119, 0x77}], 0x6, &(0x7f0000003380)=""/47, 0x2f}, 0xdad9}, {{0x0, 0x0, &(0x7f0000003580)=[{&(0x7f00000033c0)=""/248, 0xf8}, {&(0x7f00000034c0)=""/174, 0xae}], 0x2, &(0x7f00000035c0)=""/215, 0xd7}, 0x80}, {{0x0, 0x0, &(0x7f00000046c0)=[{&(0x7f00000036c0)=""/4096, 0x1000}], 0x1, &(0x7f0000004700)=""/201, 0xc9}, 0x7fffffff}, {{&(0x7f0000004800)=@nfc_llcp, 0x80, &(0x7f0000005b40)=[{&(0x7f0000004880)=""/4096, 0x1000}, {&(0x7f0000005880)=""/233, 0xe9}, {&(0x7f0000005980)=""/21, 0x15}, {&(0x7f00000059c0)=""/241, 0xf1}, {&(0x7f0000005ac0)=""/126, 0x7e}], 0x5, &(0x7f0000005bc0)=""/34, 0x22}, 0x7}, {{&(0x7f0000005c00)=@l2={0x1f, 0x0, @none}, 0x80, &(0x7f0000005c80), 0x0, &(0x7f0000005cc0)=""/4096, 0x1000}, 0x1}], 0x9, 0x2, &(0x7f0000006f40)={r2, r3+10000000})
r4 = syz_open_dev$vim2m(&(0x7f0000006f80), 0x6, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f0000006fc0)={0x4, 0x7f, 0x3, {0x0, @raw_data="c425105bf9f401161e6533fe84bf1de2af3a42df209232d3acbaabf3874d9645c1590bc08013306da0e27209477f47242fa850c0008e1f42db19d457b6f9816179689fdf951f27bd5f256383ff4f4305209c8daaa55fc4ea2daa73c24d9d10f6f23664148b89f74a63018ae2f6b406169d3aa86c1fd3270bc6b4ceed3dd26c3dcfbfc45641ab50fd00e310ffecb6a94a65400405c7109debd6563223d7f10c15c2a4a3fc680c61bd348237d5ca8549c68f715eff694c2eef3afe263cef9360826ebebf7cfac8120e"}, 0x4})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000070c0)={<r5=>0x0}, &(0x7f0000007100)=0xc)
r6 = openat$mice(0xffffffffffffff9c, &(0x7f0000007140), 0x460001)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000007180)={0x4, @sliced={0x3, [0x0, 0x0, 0x4, 0xc5, 0x0, 0x1000, 0x2, 0x7, 0xfff9, 0xff, 0x800, 0xffff, 0x415, 0x200, 0x5eaa, 0x6, 0xc3f, 0xffff, 0x8, 0xade2, 0x8, 0x81, 0xffff, 0x1, 0x80, 0x6509, 0xfff4, 0xffff, 0x6, 0x6, 0x8, 0x3, 0x0, 0xfff3, 0x1, 0xfff7, 0x401, 0x79a5, 0x2778, 0x5, 0x0, 0xffff, 0x800, 0x8001, 0xfff, 0x9, 0xb, 0x3], 0x4}})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r6, 0x84, 0x7b, &(0x7f0000007280)={<r7=>0x0, 0x1}, &(0x7f00000072c0)=0x8)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r6, 0x84, 0x19, &(0x7f0000007300)={r7, 0x1}, 0x8)
ioctl$UI_ABS_SETUP(r6, 0x401c5504, &(0x7f0000007340)={0x6, {0x4, 0x0, 0x3, 0x401, 0x7, 0x3}})
r8 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r9 = fcntl$dupfd(r4, 0x0, r8)
setsockopt$inet6_IPV6_DSTOPTS(r8, 0x29, 0x3b, &(0x7f0000007380)={0x32, 0x14, '\x00', [@calipso={0x7, 0x40, {0x3, 0xe, 0x9, 0x7, [0x87, 0x8a, 0xfffffffffffffffe, 0x8, 0x2, 0x2, 0xff]}}, @jumbo={0xc2, 0x4, 0x7}, @generic={0x7, 0x46, "a23e8ad8271bef7bb3cb4102283de38f093c4f151cb445804c9e20b6cbdccc878cf002ff73da650e7c1487029902399260df32956be56296ea0ed66edf7fd2735a005eb113b6"}, @hao={0xc9, 0x10, @local}]}, 0xb0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000007440)={@in={{0x2, 0x4e23, @remote}}, 0x0, 0x0, 0x2f, 0x0, "707dd1670940d7c044c3085448ae269b5a6b76bb846a9bb4d8f517c68a8dfc74976adf87321f5210b70d2f78c43c18a67432c6f1a087dbac5cf95a558f44d6327bd9ca5c2d3b1f1c20c2a8829d48a708"}, 0xd8)
syz_genetlink_get_family_id$ethtool(&(0x7f0000007540), 0xffffffffffffffff)
setsockopt$MRT_INIT(r6, 0x0, 0xc8, &(0x7f0000007580), 0x4)
sched_setscheduler(r5, 0x5, &(0x7f00000075c0)=0x6)
futex(&(0x7f0000007600)=0x2, 0x2, 0x0, &(0x7f0000007640), &(0x7f0000007680)=0x1, 0x1)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f0000007700), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r6, &(0x7f0000007a00)={&(0x7f00000076c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000079c0)={&(0x7f0000007740)={0x248, r10, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x84, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ID={0x65, 0x3, "d88d082ff8734e4fbba82c4e85def7618979da37e2791707e585ebdbd1b47a48b6e361fbcb82ba0f626a22663a9995aca9d4c5a5ef3300bf870de122dddd342ea85fe4eb71cca9df19dd305702c47c1695a5470f8a6c8cf0841c74385f3f35ccab"}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xa}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}]}, @TIPC_NLA_MEDIA={0xb8, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}]}, @TIPC_NLA_MEDIA_PROP={0x4c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffff9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_BEARER={0xc4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6d4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x3, @mcast1, 0x2}}, {0x14, 0x2, @in={0x2, 0x4e24, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0x11, 0x1, @l2={'eth', 0x3a, 'pim6reg1\x00'}}]}]}, 0x248}, 0x1, 0x0, 0x0, 0x20000000}, 0x840)
ioctl$VT_RESIZEX(r9, 0x560a, &(0x7f0000007a40)={0x1, 0xb00, 0x200, 0x9, 0x3, 0x4766})
clock_gettime(0x5, &(0x7f0000007a80))
socket(0xf, 0x3, 0xfc)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000007ac0), 0x0, 0x0)
write$UHID_INPUT(r11, &(0x7f0000007b00)={0x8, {"1279ee4c54e5db9fbcf71b462b1d196546fc48c8d1644dd766e9e37b231b54ac062138f7463ad33d43370442a61cb5942829bef357ad1ae5c7c515fe1e487c7d64b6b22f63f6f95bdeaeca63540fd349f5608daed18e6ba143ab4d3a95faa6b79baa786d2125e222aac5d9f4e5bff85e1b04dbcd145e234050ffcb9b85b3e6eb86bbb2c4c30edb76feff7aef919b20eea3ca0ee676e7bc83f2b910452abfd4484d09b03eedf18aff76c170cc85244dc1e4668a12033ea5b6de362cbdfe429f11072d858b83cabcd1a31064025662b60dc164543fbfc2463f0ade5ea46b5f3c6370e6c8754e97d9ae995f68fa6f79992c6f85e1023da927fb4c751754e8bbad7845bf6739a5fb54ff04b8817cb596167ba7c506ccd43fd8bf488e799f6cb7733da9606a27aa4af24813520b3f9c703db38a051298bc25ac12ab45f170f56cdffd2b95f2fae39195aff26fc5b81c3ece06e794965fabc37d24cbf46557e20239d54a4597eb338d5b44dfaab2bff3a01b7e0300d732a277420d18310088f228518b5bf6edfc81289e05d2f4a5102ce18fc5abf30deee6ba6062ab472eefd6aa91f237c6d502c996075932af47de90266fd5d96765eacb253c88d2c237099a12c9f0adba249ac2452fb11851337ade51daeb35eb44f6d3acd213ad0b551fa4fe160152dff4bf51b052f17c0845362f57a62eadbca9e396a5fbe2ef1df0cbd14146323b2a3fe1a4f71762b7b5d1c9c1684c521bb4bad41185dc0a6c9386338d015e9156a7fe7e862ede46eca8435c1e5ec5847150e4fb6dc75c16eff913f241adef60d2ef11e41b5de25280c1a68ec71afe4b25dbdfeb8ed790fa5995bb0c6bc5cbe080d5e0eb4486633a1ce73a9175fc6780d1920d68508065c12ec226d5db474c22a03bf81e6c75b585451d73a7a4a7bc79b519e944aa9c0e66cae7f2c358a95ef47c5d2371e4df153f1075ab83ffa9f48752c575a79134374a0580eaddd836de0a7f52d5860fae47e64dacb61cc99270e4f5888739f9e6867fb1e4ecb92ec43d61a6e8b00704ae23d01327fbe7bac4ecbacc60c66ba60e3345aa8c4e70f604a0f3385dfa97d521a571a35fe975f01e032b99c53d431f4aadf698e372d00c617a537fa0403e9ecd57801bd196dc96440e20f5aae7bd40cc6de9244b4dafbc5bc1366a39c532924775f67558f3836bdbd95fe5b4f24e8d43592fc797168f4a7493430b8d1484e7e2d795b3db1271a2814172a686a2b52b1d46abc89587a748e93911e03cb9b7b243c879143a02c24519fad627b2d4b444188860cb368e691384a5e80ea814cdd63f4b01d58f9f0f0226af458913bdce356204e13376cd8e85397f3fcdeab0a835ec7916f5b73fdd7df3b5e20a578477fe52bb5f174e34a8441a1ecbdbe285096297eb587357f5199abe8ae854b3d796c16511ce184117d1924cb62480a2638f01ae6766f4f16ade9765d9795b9d47c6bc11a97834db698487b90fb0e5bd5fff894efbc647cb5e5022e74cb03fc49713eb70e1048b70f03adbac4560ffea6a386e93bee9f26a827d07628a6ef2141d5cd78d2965136524c4c4b20d148925959645a5a511e49961d8f796c7aff8c661260ac3ed4428390f9f7201139719a50428e30a6332540cf1a6050e6dab62c437267f0f59b872282c436f3579cdc63896f012266a082271c5558411d0cbc3ee93a2a5663aa597919b0bd5ce072f1b69fe0154989c20c86e07428aedb951d1da5200299aaea7d91b8c1b24c915551e0375f0edb3d8017d8bf5d9500194d4e5c4272fa671feb540661a4dc2f8b206467824bb76d7a42243c4c5167b86d309e9f649f4c438f96ce6decf4215756f59cb3024577403f7f624ebf73217f79d05396df658e510ceadab34848d156048f398efcb9bc20e41f52c8758abffc76612c0c6551147a2d8687640da7881a756c2ccecabf27d7dffcdc4fdda14e3c8dea6d9c668b5e0f39b3ef5576a6d3972e94750380500f461430915be16a5e380210842006344f551f3887ea1bbad01c745d7e528f7c96df505ce1166ab981e49955f82b88624346c5631a038010fc91855db58d8727b857cfbed81a9033e8d1740aeb6bd1f2a1e9a4364b55015502bc4ff9a8d8b920543f214c3e1dbded2341fa03d07f2b7b9087514a3370bf5095df6e9a37cf992fd6ff272d444df761d74723e3b1903465a1e7ab9d89810524b4ffac6a0f39a9f7ee13d4fef2326bc4c36cb587ab14fa823a930630f4559933c4d36c378e7be7759f0d0684204a04d1f4b9f499da76f858d01d3dc5a374358eaf7b5ece7b4245556bfae09cc5ae11f72dd5a20b16013b3680326f533a82e8262cdf379c36439c6f204dcbae30953a88c548622290be74bf071d666cf7a06f9f15229e121f3ac39d1d8b33be5f3001ec2108c3537eb0385cf57975a1934362b704b2c5d1e84174eccc9d97d3bcb0210f9a591c74ea1baff7d3e73c024279049753fa0ae5a53bae6023482cd9870a7f61b5f986f625fc4b212149dab86eb0e1f4e08aeec66759ee3c9e0737e3615fc60791b2dc2ad91109c3764a9970a65e0eb4beb7ca259a518059bf2ba9a8247a053dc38094b977b469bc81990e5280ab042e0164b20767d264095d78231e19b3a33e43de10aa93d0eed1ecaee86a8a81fee1017fda59015cc2bfb65a6f6201efc5ad371cbbfd6ddfd181a8fb91befab292434e74db4ece2856b276bfa1d191e9f61995a6bf8b2315b91ab02d38965178ee0bded9c7abb18d6830efeb3cb9256d2b2f8b9b93ba2e748be8073b01cb125cd789f69664e022496f5024c56641f170f4a0e3929d337e5edcd2fbf65177292356f4a6b8fd81887a6baf3df827cd6e33e362df660a9f15bb7ffdc54270b4b392c55f7e2a46f558b568e20071a6bbced97a63e979d0d6e1efcc2173537a51f6e160c2a9271091a86048b22b4609719b4681e78632c2a5817c4422436361f50d25cf17ea038a4d9220e4bdeba2d53c604e98377ffb689286934e0490beb2569ec904490db278486a3d00c5c103dc2ca881e3d62825539bf945c2649761e7e8f317047aace376cb3707c7cfa57dea83e1667765aff3fc7653c8ba81458cf0a6273b2dcaecf1de4e070a8b4827c6b158e0565ad2b5c363a212a9e6484e1db0d02d6afbca9aea5a0f0c63d9f7e2f7c7d7792443f56fa8a18af15d8fef929418a0c4d99711802b2ec3770abdfd20b794921c53ac2c4d18db8e400d2972bc94552f6dddc2f8856d8829c9e9588d7908f0cfe4c58ef658418dc5b581026e5b76234a0f21807f16bf5bc92866dc88cf1b37270217f10b1bb5abfabd58581ca957584bfa9fdde5d1811877e13fdc776a703ce8ff8c8775117109a049dd520607b65b43fd423378c25ec1dfec64cfec1bc8a213b664d0a5fbe9dd515973f087006a84728ab736a28de24afdfd899f7180410a0c52f844d80b31acfe8f90b45958a3c07b2ef59488ca620b6458b7c20809689b0a59da6971a8fdac721ee5ec67f710214bdadf475c52902c64fed569ac92ad8fc2bfe30832d756d7c7eeddf572e374a6c29a1b67927a3ae77fa3480ff6af4465ba9acaf32cb83fa641d930257e1a595df61b0a6f8af614b48d0bb83e196de95d8a8c88fd5e841927b69e55c16fc88ac4132ccc4f759cbd21a01f24e12723c1b814baf3d27411b3e2ca17f549c88f2082505a691ca7b40947246528f78604d114c68fddf2ad5bec103e23513da1c9eb24f08bc4dc059f58766255b2cf5287be722a1d67b62cf2a335b3cfb896334f861aa905272779cd0c7b85b192362bcd09ec1fb91c9ebcd55097cc6a41bbe2d4f236172222103edb858f3f1f645eaffc2de030b9c73d047432f481f7a6cc62c6bbcf39d35e137734213616af2fabbd6bc34cd9ddcea57f71b63c15aab13a010e7a9672d9c45da5164e220edfb69daae0cdf898390171179676a13b385dd95573afea9ce5b885d02e967dbd5c64784d34dba24e5c65dd254e69b6d736f1f08c271ec97ae578439838ee28241a684da45780524d4770c1af1e3e3822fd9f0473bb4c728cfe420552af308769d4c5e26a7023b2aeb4068559b09f9787219e9bb42a69f0829442d6881ad405ea178beeb6aabaab19b60abb24472d2e2be368112ac8aaf8715bade6dcdc4e6c5e1a9c41554e76ad2cb0f622332f68f728de09bedf732555d6bf9702704dfdc8790c36b9265311db2593b9a721bfe535c91c717a66665761dd82fd3fff633612e0f6b782d82b78df759ea4041f5111729f8a9fa6ac27f045d78114713361bca429af4a32ca421886f96b1e9c58e6c34ca1af940ff64eb139279dcd9a4b79a1db09f30a65d2ce1eba34675f3a2ecdcb089c9348cc7f6d66177d1d93b23fc56adea5aca09e9339b6d1895dfdab2aef00b617021fdb21290e52ec58bf033bea05bdeb6b0d95b3b821070d47e17ecd8255826099fa340cb3de19cda923817b6e752c933f6fa7f9ad77e47d0b81916aa1328aa43fe8eba7316ecdc7d6058047e178cd4d40c48f44ec80cfb3652e21f880bf1884435454c075d0d6f785cd9de64c769d6c41d59fb3a097ebd5b4b2345e6c5e3bebda39e88301881256fa7fbf468a26479b7bdbc3f214d8818f45491a329298f9d2998cfad25e4611d49cb61dc11bdc973431b0bb73b604000ee42fc15683f9890e6b6b2d17bc782fb92b8b5d77ee75f26c15fe340c142ef1f2eecac20e7e7e23c2a0bf6d3c9e8d488d928ac66e4003e1a7bc4f063832aa3fe54bc30333e5f1807966e6b19d1dc029bb5dbba2c179111f85cdafcacbff11a68bfdd9c6a9b29b30e6494463196392bdfcc5ddb1ad540002eec5124778d8561c66338648cfe5154c63852febdf1876e2d9f55f19ca48d966a51c7d8d432783bc0548a7b4ae86299bcadc55484a816f0dbe057a80c1390828ed4a35ced4f4287f8afe0b275e85d3fdbefaed99ca2da12a70288b3a4f3272484377b8e0833dbca1c861a5a40663a8523af39d068cad1d59dd3d2c15f6810ef7046eeae249490b62d2dacef94d3a1305753df0903e990beacf95f6a01f544c7285452481702987adc372c2ad0d6d243f1edd9054aa53860c84f02eba2544816f2a8a339798b57e02e731969a177fc2a36c4752fb2e288871c0f9bd0664f08a1b3fc399a0f3b594c994d9ea149984b5c2bf19dd96198d384934598815404b8d9523f0bf2721381dd7254bf00c8f785c9c96279181a4deffd33a09e5b60e3ab3cae91423b31585f9f040c7a08a08db0ee068c4f7aeb6518a7004b45be39ea4340506c87218f06b986c55af84381316bb68b2e78e4272a31df628ae8f8685c3a2772d2e92e73732022e2601b9e5db81bd16782c535011f20b8477dde1fd857f20e5a30f82d1f30d6cd0cf0b5f24a6b5a9834a68b3bb682a1002f8a078a535b3c77f575addb440d684e19f71da450c7d80385cbf2da793084bee984322192733a4bfbaea91826982d51541ce1a615cce3e6408b78505e5eed752af9d5f67b5e416f6d52d02d6a132388765f0cb038a6e8998769ae0a15d7be55de5102761f30f8711d8ad5dd9aa388f2b37ff1b9693ce7f5035e36debc5be80ab79a0026e5c8359f448e53dc9c44f1ee51f0d0d29ac0fcb3d21dfc5c0c0e5afa54dfc7a71f329fa84be188fb39dd7f8066dee8af59629d52a5e4b2b9b7c932985323361218c13199a3dd52f072ad8cf8429aef74f6bab10160c5d0a61ffae24dc13852b843eb4f86222f5b9a687a5ae10cd2f828083bf1aebc1f847cd63521b1ad6399c205dbede86dd7", 0x1000}}, 0x1006)

1.310631634s ago: executing program 3 (id=132):
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r1 = syz_open_dev$dri(0x0, 0x3ffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0)
r2 = syz_open_dev$dri(0x0, 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r2, 0xc01064c2, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
unshare(0x2c060000)
unshare(0x24020400)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x9200000000000000)
close_range(r0, 0xffffffffffffffff, 0x0)

1.287232724s ago: executing program 1 (id=133):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x3, 0x4}]})
write$ppp(0xffffffffffffffff, &(0x7f0000019640)='x&', 0x2)

1.17817161s ago: executing program 1 (id=134):
r0 = socket$xdp(0x2c, 0x3, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000800)=@raw={'raw\x00', 0x8, 0x3, 0x3b0, 0x1d0, 0x43, 0xa0, 0x1d0, 0x98, 0x318, 0x178, 0x178, 0x318, 0x178, 0x49, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1b0, 0x1d0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@set={{0x40}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x410)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r6, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f0000000340), 0x0, 0x1})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="600000000206010300000000000000000000000014000780080011400000000005001500120000000500010006000000050005000a00000005000400000000000900020073797a300000000011000300686173683a6e65742c6e6574000000002db7bdf588020e9ddf969a94c6e41061b42a05ee4e4cb94e45e92b122eaef2d42a6d92a6f338a6db"], 0x60}}, 0x0)
dup(r0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x2, &(0x7f00000000c0), 0x20)

403.075515ms ago: executing program 2 (id=135):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="700000001e0099030000000000000000ff0100000000000000000000000000010000000000000000fe8000000000000000000000000000aa00000000000000002400090000000000000000000000000000000000000000000000000000a61e89eef57a4f320015000000000000000000"], 0x70}}, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r2, &(0x7f0000000140)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @loopback}}}}, 0xfdef)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000040), &(0x7f00000001c0)}, 0x20)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r4}, 0x10)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
close(r6)
ioctl$SNDCTL_TMR_CONTINUE(r6, 0x5404)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r7}, 0x10)
statfs(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340)=""/58)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)

374.564619ms ago: executing program 4 (id=136):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x0, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002a000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000080)={0xffffffff, 0x1, 0x6})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'ip6_vti0\x00', <r1=>0x0, 0x2f, 0x4, 0x6, 0x3ff, 0x10, @dev={0xfe, 0x80, '\x00', 0xa}, @mcast1, 0x20, 0x10, 0xb7fd, 0x9}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000500)=ANY=[], &(0x7f0000000240)='GPL\x00', 0xfffffff7, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

254.698361ms ago: executing program 0 (id=137):
r0 = gettid()
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r1, &(0x7f0000000040)={0x24, @long}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_procfs$pagemap(r2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000003140)={0x50, 0x0, 0x1, 0x0, 0x0, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private0}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$IPSET_CMD_SWAP(r6, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001a00)={0x38, r7, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x38}}, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

20.508731ms ago: executing program 2 (id=138):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = io_uring_setup(0x4823, &(0x7f00000004c0)={0x0, 0x1, 0x80, 0x3, 0x2b})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="b40000000000000061104c000000000005000000000000009500000c000000000dee713cd741895b4bb692f513752929682b65e75ba606fcecd0271d43976533b5fdeb5e011be2a770c5a962299e5ccf3449fb8e7a78939da566711e2b6da94c9737ada2278e4dc4770c3ccbce42e84cd547800a789f2d06801cf5c4f8d662226e5e82a50f674bbe89c7ab427dd7247170f03c036d8f4dd7a925f2344ab285a8ec6917d2cce23929e98221872b4b1e8b0d5ef27b061f"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f0000000080)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="1400000010000100000000be03bfae000000000a3c000000120a010200000000000000000200000009000200737901000000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
r2 = syz_io_uring_setup(0x7934, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000380), &(0x7f0000000000)=<r3=>0x0)
syz_io_uring_setup(0xa91, &(0x7f00000002c0), &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0xec4, 0x0, 0x0, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

17.007995ms ago: executing program 3 (id=139):
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) (async)
sendmmsg$inet(r3, &(0x7f0000005240), 0x264e33, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r5 = syz_io_uring_setup(0x2cdb, &(0x7f0000000300)={0x0, 0xfffffffc, 0x80, 0x200003}, &(0x7f0000000100)=<r6=>0x0, &(0x7f0000000400)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x34, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xff44}}) (async)
io_uring_enter(r5, 0x5b43, 0x0, 0x0, 0x0, 0x0) (async)
truncate(0x0, 0x0) (async)
r8 = socket$pppl2tp(0x18, 0x1, 0x1) (async)
r9 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r8, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r9, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e) (async)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$inet6_dccp_int(r4, 0x21, 0x6, &(0x7f0000000180)=0x7, 0x4)
connect$pppl2tp(r10, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
setsockopt$pppl2tp_PPPOL2TP_SO_DEBUG(r10, 0x111, 0x4, 0x20000000, 0x4)
r11 = socket$inet(0x2, 0x801, 0x0)
listen(r11, 0x0) (async)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r12=>0xffffffffffffffff}, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x880, 0x0) (async)
splice(r11, 0x0, r12, 0x0, 0x7ffff000, 0x0)

718.194µs ago: executing program 4 (id=140):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/anycast6\x00')
lseek(r0, 0x80, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$rfkill(r2, &(0x7f0000000240)={0x40, 0x9}, 0x8)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000100)={0x400, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
ioctl$FBIOPUT_CON2FBMAP(r3, 0x4610, &(0x7f0000000000)={0x1c})
ioctl$AUTOFS_IOC_FAIL(r2, 0x9361, 0xfffffffffffffff8)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000240))
pwritev(0xffffffffffffffff, &(0x7f0000000340)=[{&(0x7f0000000140)="826475e8ee0db48b97292183f01e88f00b25ac4f2fb6840a7939e83cda4a92adb5cb8c58a52e90b78a", 0x29}, {&(0x7f0000000280)="eddf74855c1c5aaa18fbf4f24a1143da5d14081bf0edb4222c6ca3371624432a95c87099f692fdaaad81972fc3319130196a6659fe86ae0aee34a4e6e477179ad93811ff9ae3ee8954a6b82d44aa09a013770e3822d7ee7bd51d464b095ba69a7f68b802c3664b5b1601ee9a442a77e97a1508a7cf65bfe433e77e30c7aef7a65a7def2f3bbf8ddd5e704919c5f0fa726c056711cf182f6168", 0x99}, {&(0x7f00000001c0)="76a7add5703943c912ea2a19f4c6305d3118a72cae676e5ee9d614242b7b7624dbf39a7d2591e873224a9e3a2644fc7dbf048fde705d7f0b5300cc04b55331eb369e2e9a1226f7a11acb79d93fd603adf4f5d049f878b91f29cb1acf513f330de928f1911a1e6373b6d1bb093ce3423588ec8bc5c98a818ce8", 0x79}, {&(0x7f0000000440)="fffc35f6a4a036e47a445368576c67eccbf1164b3580d3cbdb6d16dbbbdb54d7aa126d8f0ec3baabf691da8952110b1c066eed28c98a9338fd73ae19574148ba1fd2d9bf04ce2146de90496397c5d0f6393e6c74e4d2ee2ab6084b805df18f173618de5ff27541e260ed521f2ccee23ffab56747325957e4b677a7b35f45661d6c5312b76a3fd013eb2074", 0x8b}, {&(0x7f0000000500)="b3c34f4f95e7275d5bc16b2a9f0e6135072b820b31daf51af9038b6cf9331a7861975d30d4e960f5ac4f4ba0751fbcb91955698ac7778cbe20c07d41a5b65e521df6cf4298fae1bf4114e2046af2b5ae5ba1f4f8d02f6574e814f20f5561e579c586fc4ceaaa8d7ce8de7f758cf8d9758524d1daaebe8c50198180a56c73f349d376dc6efa84816ed8167dab6dd5cdcc5556fa807dad745703c3e9635d2200672a838d2e1ce6c9f6ff95f5883e8f55de69b14a962677137624801772f80a36b1eb61b513c423d047a87f5ae7ac3a514ce8fd62dd76829828fc83f227a141135a9c3c99cd48a19083a65a4dc74751a5dbd8", 0xf1}], 0x5, 0x5, 0x2)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x5, 0x0, 0xa, 0xa}, {0x85, 0x0, 0x0, 0x25}}}, &(0x7f0000000200)='syzkaller\x00', 0x8, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r4, r1, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0xa)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)

0s ago: executing program 1 (id=141):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xd82, 0x870, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x3, 0x2800, 0x4, 0x2800, 0x2800, 0x440, 0xd1, 0xc, 0x30, {0x12000000, 0xffffffff}, 0xd0, 0x9}})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.9' (ED25519) to the list of known hosts.
[   52.759897][ T5817] cgroup: Unknown subsys name 'net'
[   52.847930][ T5817] cgroup: Unknown subsys name 'cpuset'
[   52.855881][ T5817] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   54.072033][ T5817] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   57.880850][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   57.889372][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   57.897755][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   57.906772][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   57.915164][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   57.923452][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   57.923936][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   57.936178][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   57.938944][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   57.946748][ T5847] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   57.952652][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   57.959632][ T5845] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   57.974683][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   57.975259][ T5847] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   57.982324][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   57.991002][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   57.997718][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   58.003333][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   58.011716][ T5849] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   58.018522][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   58.024325][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   58.031588][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   58.048831][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   58.052904][ T5847] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   58.056112][ T5849] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   58.064381][ T5847] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   58.077487][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   58.084942][ T5849] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   58.092261][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   58.107541][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   58.527033][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   58.537014][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   58.554520][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   58.666934][ T5830] chnl_net:caif_netlink_parms(): no params data found
[   58.697906][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   58.712052][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.720478][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.727925][ T5831] bridge_slave_0: entered allmulticast mode
[   58.734555][ T5831] bridge_slave_0: entered promiscuous mode
[   58.768510][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.775972][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.783218][ T5831] bridge_slave_1: entered allmulticast mode
[   58.790409][ T5831] bridge_slave_1: entered promiscuous mode
[   58.804040][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.811403][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.818978][ T5829] bridge_slave_0: entered allmulticast mode
[   58.826113][ T5829] bridge_slave_0: entered promiscuous mode
[   58.854459][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   58.861623][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.869138][ T5828] bridge_slave_0: entered allmulticast mode
[   58.876134][ T5828] bridge_slave_0: entered promiscuous mode
[   58.891331][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.898718][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.905986][ T5829] bridge_slave_1: entered allmulticast mode
[   58.912471][ T5829] bridge_slave_1: entered promiscuous mode
[   58.949045][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   58.956350][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.963478][ T5828] bridge_slave_1: entered allmulticast mode
[   58.970506][ T5828] bridge_slave_1: entered promiscuous mode
[   59.004255][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.017126][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.028344][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.074085][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.090913][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.098196][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.105795][ T5830] bridge_slave_0: entered allmulticast mode
[   59.112411][ T5830] bridge_slave_0: entered promiscuous mode
[   59.120129][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.127451][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.134658][ T5830] bridge_slave_1: entered allmulticast mode
[   59.141163][ T5830] bridge_slave_1: entered promiscuous mode
[   59.155728][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.167175][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.215636][ T5831] team0: Port device team_slave_0 added
[   59.223894][ T5829] team0: Port device team_slave_0 added
[   59.232328][ T5829] team0: Port device team_slave_1 added
[   59.244142][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.251805][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.259325][ T5827] bridge_slave_0: entered allmulticast mode
[   59.265970][ T5827] bridge_slave_0: entered promiscuous mode
[   59.283020][ T5831] team0: Port device team_slave_1 added
[   59.305997][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.317690][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.326972][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   59.334110][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.341439][ T5827] bridge_slave_1: entered allmulticast mode
[   59.349565][ T5827] bridge_slave_1: entered promiscuous mode
[   59.358569][ T5828] team0: Port device team_slave_0 added
[   59.379089][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.386319][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.412397][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.433189][ T5828] team0: Port device team_slave_1 added
[   59.449542][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   59.469551][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.476545][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.502791][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.531081][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   59.552396][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.559535][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.586016][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.598692][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.605826][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.632486][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.652968][ T5830] team0: Port device team_slave_0 added
[   59.661810][ T5830] team0: Port device team_slave_1 added
[   59.692688][ T5827] team0: Port device team_slave_0 added
[   59.717857][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.725503][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.751901][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.765656][ T5827] team0: Port device team_slave_1 added
[   59.784389][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.791452][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.817608][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   59.852952][ T5829] hsr_slave_0: entered promiscuous mode
[   59.860428][ T5829] hsr_slave_1: entered promiscuous mode
[   59.869373][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.876983][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.903016][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.925104][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   59.932047][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   59.958454][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   59.970583][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1
[   59.977813][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.003810][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.026982][ T5831] hsr_slave_0: entered promiscuous mode
[   60.033134][ T5831] hsr_slave_1: entered promiscuous mode
[   60.039713][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.047678][ T5831] Cannot create hsr debugfs directory
[   60.053695][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.060693][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.086801][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.098439][ T5840] Bluetooth: hci2: command tx timeout
[   60.098445][ T5834] Bluetooth: hci1: command tx timeout
[   60.147495][ T5828] hsr_slave_0: entered promiscuous mode
[   60.153688][ T5828] hsr_slave_1: entered promiscuous mode
[   60.160613][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.168764][ T5828] Cannot create hsr debugfs directory
[   60.174955][ T5834] Bluetooth: hci3: command tx timeout
[   60.175006][ T5841] Bluetooth: hci4: command tx timeout
[   60.186180][ T5840] Bluetooth: hci0: command tx timeout
[   60.197244][ T5827] hsr_slave_0: entered promiscuous mode
[   60.203361][ T5827] hsr_slave_1: entered promiscuous mode
[   60.210342][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.218047][ T5827] Cannot create hsr debugfs directory
[   60.255745][ T5830] hsr_slave_0: entered promiscuous mode
[   60.261951][ T5830] hsr_slave_1: entered promiscuous mode
[   60.268579][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.277124][ T5830] Cannot create hsr debugfs directory
[   60.575564][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   60.605421][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   60.622393][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   60.639300][ T5831] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   60.649393][ T5831] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   60.662022][ T5831] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   60.671366][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   60.689341][ T5831] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   60.751670][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   60.774200][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   60.799982][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   60.809486][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   60.846409][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   60.863154][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   60.872513][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   60.883260][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   60.970534][ T5827] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   60.984307][ T5827] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.007811][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.017058][ T5827] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.027552][ T5827] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.087031][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   61.109165][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.116520][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.136771][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.159540][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.166649][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.207411][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   61.240488][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.247665][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.272837][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.279939][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.296152][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.352510][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   61.371322][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.406238][ T3470] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.413333][ T3470] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.436103][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   61.460070][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.489819][ T2198] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.497283][ T2198] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.513247][ T2198] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.520409][ T2198] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.531472][ T2198] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.538577][ T2198] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.575136][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.629287][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   61.688331][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   61.753040][ T2198] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.760263][ T2198] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.776847][ T2198] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.783949][ T2198] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.844246][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.883348][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.937700][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.068439][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.092046][ T5828] veth0_vlan: entered promiscuous mode
[   62.134083][ T5828] veth1_vlan: entered promiscuous mode
[   62.181768][ T5840] Bluetooth: hci1: command tx timeout
[   62.187712][ T5841] Bluetooth: hci2: command tx timeout
[   62.216319][ T5830] veth0_vlan: entered promiscuous mode
[   62.254808][ T5840] Bluetooth: hci3: command tx timeout
[   62.266807][ T5828] veth0_macvtap: entered promiscuous mode
[   62.268739][ T5840] Bluetooth: hci0: command tx timeout
[   62.278054][ T5841] Bluetooth: hci4: command tx timeout
[   62.293469][ T5828] veth1_macvtap: entered promiscuous mode
[   62.313294][ T5830] veth1_vlan: entered promiscuous mode
[   62.369918][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.390972][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.401860][ T5830] veth0_macvtap: entered promiscuous mode
[   62.411128][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.421743][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.431530][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.440957][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.451596][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.478819][ T5830] veth1_macvtap: entered promiscuous mode
[   62.488905][ T5831] veth0_vlan: entered promiscuous mode
[   62.507695][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.532964][ T5831] veth1_vlan: entered promiscuous mode
[   62.560280][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.578102][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.590867][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.618978][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.630339][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.642812][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.679389][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.688817][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.698186][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.707250][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.726096][ T5831] veth0_macvtap: entered promiscuous mode
[   62.753123][ T5831] veth1_macvtap: entered promiscuous mode
[   62.764517][ T3470] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.778276][ T3470] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.843922][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.855423][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.865601][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.876600][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.889144][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.901957][ T5827] veth0_vlan: entered promiscuous mode
[   62.913574][ T3470] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.924322][ T3470] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.929819][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.942774][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.961344][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.972182][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.983722][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.005712][ T5831] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.014443][ T5831] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.027579][ T5831] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.036516][ T5831] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.060764][ T5829] veth0_vlan: entered promiscuous mode
[   63.095412][ T5827] veth1_vlan: entered promiscuous mode
[   63.111727][ T5829] veth1_vlan: entered promiscuous mode
[   63.115496][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   63.160653][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.169985][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.236474][ T5827] veth0_macvtap: entered promiscuous mode
[   63.263973][ T5829] veth0_macvtap: entered promiscuous mode
[   63.291628][ T5827] veth1_macvtap: entered promiscuous mode
[   63.354813][ T3525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.362907][ T3525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.364017][ T5829] veth1_macvtap: entered promiscuous mode
[   63.378395][ T5914] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   63.433529][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.475146][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.495925][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   63.537960][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.557273][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.574821][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.591862][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.601890][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.612419][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.625013][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.632614][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.670032][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.682102][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.693623][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.708103][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.898154][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.915453][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.502663][ T5840] Bluetooth: hci1: command tx timeout
[   64.540206][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.560253][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.640796][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.651646][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.809351][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.820715][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.830891][ T5827] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.841662][ T5827] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.860152][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.891759][ T5827] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.901277][ T5827] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.995048][ T5827] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.005963][ T5840] Bluetooth: hci2: command tx timeout
[   65.011435][ T5840] Bluetooth: hci0: command tx timeout
[   65.015978][ T5827] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.016918][ T5840] Bluetooth: hci4: command tx timeout
[   65.031202][ T5840] Bluetooth: hci3: command tx timeout
[   65.098196][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.164463][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.203118][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.256362][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.266308][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.276993][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.293235][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.304096][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.315217][ T5930] netlink: 68 bytes leftover after parsing attributes in process `syz.1.7'.
[   65.333443][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.370659][ T3525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.389532][ T3525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.422878][ T5829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.432390][ T5829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.444062][ T5829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.454384][ T5829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.607508][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.625292][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.648389][ T5883] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   65.704007][ T3504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.734724][ T3504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.832171][ T2198] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.861625][ T5883] usb 2-1: Using ep0 maxpacket: 16
[   65.867385][ T2198] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.879044][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   65.890473][ T5883] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   65.903679][ T5883] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   65.912954][ T5883] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.926155][ T5883] usb 2-1: config 0 descriptor??
[   66.004320][ T2198] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.033646][ T2198] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.363261][ T5883] HID 045e:07da: Invalid code 65791 type 1
[   66.464272][ T5883] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0001/input/input5
[   66.587917][ T5883] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[   66.707196][ T5949] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'.
[   66.784073][ T5953] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'.
[   66.935611][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   67.055290][ T5841] Bluetooth: hci3: command tx timeout
[   67.061322][ T5840] Bluetooth: hci4: command tx timeout
[   67.067843][ T5840] Bluetooth: hci0: command tx timeout
[   67.073337][ T5840] Bluetooth: hci2: command tx timeout
[   67.079434][ T5841] Bluetooth: hci1: command tx timeout
[   67.124851][   T25] usb 5-1: Using ep0 maxpacket: 8
[   67.177513][ T5911] usb 2-1: USB disconnect, device number 2
[   67.203681][   T25] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   67.216827][   T25] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF6, changing to 0x86
[   67.228855][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[   67.238993][   T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   67.285059][   T25] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=9b.1d
[   67.294155][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.335301][   T25] usb 5-1: Product: syz
[   67.339523][   T25] usb 5-1: Manufacturer: syz
[   67.344143][   T25] usb 5-1: SerialNumber: syz
[   67.386484][ T5960] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   67.395607][   T25] usb 5-1: config 0 descriptor??
[   67.425525][   T25] port100 5-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[   68.405508][ T5944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.464011][ T5944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.570584][ T5884] usb 5-1: USB disconnect, device number 2
[   69.043526][ T5976] xt_connbytes: Forcing CT accounting to be enabled
[   69.050622][ T5976] Cannot find set identified by id 0 to match
[   69.076818][ T5976] syz.1.17: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[   69.092040][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.1.17 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   69.102585][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   69.113124][ T5976] Call Trace:
[   69.116425][ T5976]  <TASK>
[   69.119370][ T5976]  dump_stack_lvl+0x241/0x360
[   69.124097][ T5976]  ? __pfx_dump_stack_lvl+0x10/0x10
[   69.129579][ T5976]  ? __pfx__printk+0x10/0x10
[   69.134192][ T5976]  ? __rcu_read_unlock+0xa1/0x110
[   69.139244][ T5976]  warn_alloc+0x278/0x410
[   69.143593][ T5976]  ? stack_depot_save_flags+0x6e4/0x830
[   69.149175][ T5976]  ? __vmalloc_node_range_noprof+0x106/0x13f0
[   69.155272][ T5976]  ? __pfx_warn_alloc+0x10/0x10
[   69.160152][ T5976]  ? kasan_save_track+0x3f/0x80
[   69.165043][ T5976]  ? __kasan_kmalloc+0x98/0xb0
[   69.169860][ T5976]  ? xsk_setsockopt+0x598/0x950
[   69.174848][ T5976]  ? do_sock_setsockopt+0x3af/0x720
[   69.180092][ T5976]  ? __sys_setsockopt+0x1a2/0x250
[   69.185142][ T5976]  ? __x64_sys_setsockopt+0xb5/0xd0
[   69.190356][ T5976]  ? do_syscall_64+0xf3/0x230
[   69.195060][ T5976]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.201170][ T5976]  __vmalloc_node_range_noprof+0x126/0x13f0
[   69.207134][ T5976]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   69.213486][ T5976]  ? __kasan_kmalloc+0x98/0xb0
[   69.218279][ T5976]  ? xskq_create+0x54/0x170
[   69.222856][ T5976]  vmalloc_user_noprof+0x74/0x80
[   69.227813][ T5976]  ? xskq_create+0xb6/0x170
[   69.232331][ T5976]  xskq_create+0xb6/0x170
[   69.236820][ T5976]  xsk_init_queue+0xa1/0x100
[   69.241437][ T5976]  xsk_setsockopt+0x598/0x950
[   69.246133][ T5976]  ? __pfx_xsk_setsockopt+0x10/0x10
[   69.251355][ T5976]  ? security_socket_setsockopt+0xa5/0x2a0
[   69.257276][ T5976]  ? security_socket_setsockopt+0x242/0x2a0
[   69.263188][ T5976]  ? __pfx_xsk_setsockopt+0x10/0x10
[   69.268400][ T5976]  do_sock_setsockopt+0x3af/0x720
[   69.273470][ T5976]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   69.279137][ T5976]  __sys_setsockopt+0x1a2/0x250
[   69.284162][ T5976]  __x64_sys_setsockopt+0xb5/0xd0
[   69.289218][ T5976]  do_syscall_64+0xf3/0x230
[   69.293752][ T5976]  ? clear_bhb_loop+0x35/0x90
[   69.298463][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.304402][ T5976] RIP: 0033:0x7fa4c6d7e719
[   69.308871][ T5976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.328526][ T5976] RSP: 002b:00007fa4c7b14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   69.336970][ T5976] RAX: ffffffffffffffda RBX: 00007fa4c6f36130 RCX: 00007fa4c6d7e719
[   69.344967][ T5976] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[   69.352969][ T5976] RBP: 00007fa4c6df132e R08: 0000000000000020 R09: 0000000000000000
[   69.360980][ T5976] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[   69.368993][ T5976] R13: 0000000000000000 R14: 00007fa4c6f36130 R15: 00007ffddd13f028
[   69.377030][ T5976]  </TASK>
[   69.383434][ T5976] Mem-Info:
[   69.388139][ T5976] active_anon:1519 inactive_anon:11792 isolated_anon:0
[   69.388139][ T5976]  active_file:4090 inactive_file:35376 isolated_file:0
[   69.388139][ T5976]  unevictable:768 dirty:623 writeback:0
[   69.388139][ T5976]  slab_reclaimable:9856 slab_unreclaimable:96829
[   69.388139][ T5976]  mapped:28647 shmem:10052 pagetables:795
[   69.388139][ T5976]  sec_pagetables:0 bounce:0
[   69.388139][ T5976]  kernel_misc_reclaimable:0
[   69.388139][ T5976]  free:1350157 free_pcp:2141 free_cma:0
[   69.435394][ T5976] Node 0 active_anon:11976kB inactive_anon:41268kB active_file:16288kB inactive_file:141504kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108688kB dirty:2484kB writeback:0kB shmem:38672kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10960kB pagetables:3180kB sec_pagetables:0kB all_unreclaimable? no
[   69.468565][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.476551][ T5976] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   69.506634][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.513839][ T5976] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   69.542407][ T5976] lowmem_reserve[]: 0 2465 2466 0 0
[   69.547779][ T5976] Node 0 DMA32 free:1482248kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:11956kB inactive_anon:29632kB active_file:15568kB inactive_file:141488kB unevictable:1536kB writepending:2488kB present:3129332kB managed:2552508kB mlocked:0kB bounce:0kB free_pcp:12332kB local_pcp:5412kB free_cma:0kB
[   69.578666][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.584809][ T5976] lowmem_reserve[]: 0 0 0 0 0
[   69.589570][ T5976] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:780kB inactive_file:52kB unevictable:0kB writepending:8kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[   69.616362][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.623330][ T5976] lowmem_reserve[]: 0 0 0 0 0
[   69.628801][ T5976] Node 1 Normal free:3911008kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:232kB local_pcp:72kB free_cma:0kB
[   69.657976][ T5976] lowmem_reserve[]: 0 0 0 0 0
[   69.662867][ T5976] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   69.675750][ T5976] Node 0 DMA32: 183*4kB (UME) 456*8kB (UME) 108*16kB (UME) 51*32kB (UME) 27*64kB (UME) 33*128kB (UME) 17*256kB (UME) 7*512kB (UME) 3*1024kB (UM) 1*2048kB (U) 357*4096kB (UM) = 1489020kB
[   69.694376][    C1] vkms_vblank_simulate: vblank timer overrun
[   69.700778][ T5976] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[   69.715107][ T5976] Node 1 Normal: 177*4kB (UME) 34*8kB (UME) 26*16kB (UME) 185*32kB (UME) 77*64kB (UME) 30*128kB (UE) 13*256kB (UME) 9*512kB (UM) 6*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3911124kB
[   69.734142][ T5976] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   69.743811][ T5976] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   69.753178][ T5976] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   69.762821][ T5976] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   69.772181][ T5976] 46575 total pagecache pages
[   69.776961][ T5976] 0 pages in swap cache
[   69.781153][ T5976] Free swap  = 121388kB
[   69.785351][ T5976] Total swap = 124996kB
[   69.789582][ T5976] 2097051 pages RAM
[   69.793412][ T5976] 0 pages HighMem/MovableOnly
[   69.798210][ T5976] 427072 pages reserved
[   69.802383][ T5976] 0 pages cma reserved
[   69.984891][ T5987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.985504][ T5982] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[   70.039685][ T5987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   70.061055][ T5989] netlink: 20 bytes leftover after parsing attributes in process `syz.4.22'.
[   70.182197][   T29] audit: type=1326 audit(1730025561.034:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5988 comm="syz.4.22" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc0c7b7e719 code=0x0
[   70.205043][ T5912] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   70.343163][ T5999] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[   70.353162][ T5999] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[   70.524810][ T5938] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   70.779014][ T5983] syz.0.21 (5983) used greatest stack depth: 18608 bytes left
[   70.859111][ T5938] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[   70.896606][ T5938] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.923674][ T5938] usb 3-1: Product: syz
[   70.941552][ T5938] usb 3-1: Manufacturer: syz
[   70.960527][ T5938] usb 3-1: SerialNumber: syz
[   71.003417][ T5938] usb 3-1: config 0 descriptor??
[   71.036771][ T5938] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 002
[   71.264936][ T5912] usb 1-1: device descriptor read/64, error -71
[   71.371675][ T6021] xt_connbytes: Forcing CT accounting to be enabled
[   71.378804][ T6021] Cannot find set identified by id 0 to match
[   71.586234][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[   71.593196][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[   71.842782][ T6022] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.957389][ T5938]  (null): failure reading functionality
[   72.009164][ T5938] i2c i2c-1: connected i2c-tiny-usb device
[   72.024683][ T5912] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   72.033032][ T6022] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.187796][ T5912] usb 1-1: Using ep0 maxpacket: 8
[   72.210237][ T5912] usb 1-1: config 0 has an invalid interface number: 211 but max is 0
[   72.220901][ T5881] usb 3-1: USB disconnect, device number 2
[   72.229017][ T5912] usb 1-1: config 0 has no interface number 0
[   72.249296][ T5912] usb 1-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=76.ff
[   72.277193][ T5912] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.305526][ T5912] usb 1-1: config 0 descriptor??
[   72.341770][ T6027] Bluetooth: MGMT ver 1.23
[   72.731852][ T6014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.761266][ T6014] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.936369][ T6037] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[   72.952070][ T6037] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[   72.964972][ T5912] usb 1-1: f81604_read: reg: 105 failed: -EPROTO
[   72.971352][ T5912] f81604 1-1:0.211: Setting termination of CH#1 failed: -EPROTO
[   72.982484][ T5912] f81604 1-1:0.211: probe with driver f81604 failed with error -71
[   73.012038][ T5912] usb 1-1: USB disconnect, device number 3
[   73.080392][ T5884] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   73.173332][ T6046] FAULT_INJECTION: forcing a failure.
[   73.173332][ T6046] name failslab, interval 1, probability 0, space 0, times 1
[   73.186344][ T6046] CPU: 1 UID: 0 PID: 6046 Comm: syz.4.38 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   73.196873][ T6046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   73.206941][ T6046] Call Trace:
[   73.210223][ T6046]  <TASK>
[   73.213150][ T6046]  dump_stack_lvl+0x241/0x360
[   73.217837][ T6046]  ? __pfx_dump_stack_lvl+0x10/0x10
[   73.223034][ T6046]  ? __pfx__printk+0x10/0x10
[   73.227628][ T6046]  ? __kmalloc_noprof+0xb0/0x400
[   73.232567][ T6046]  ? __pfx___might_resched+0x10/0x10
[   73.237867][ T6046]  should_fail_ex+0x3b0/0x4e0
[   73.242554][ T6046]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   73.248800][ T6046]  should_failslab+0xac/0x100
[   73.253475][ T6046]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   73.259713][ T6046]  __kmalloc_noprof+0xd8/0x400
[   73.264480][ T6046]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[   73.270674][ T6046]  genl_rcv_msg+0x802/0xec0
[   73.275190][ T6046]  ? mark_lock+0x9a/0x360
[   73.279545][ T6046]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.284601][ T6046]  ? __pfx_lock_acquire+0x10/0x10
[   73.289639][ T6046]  ? __pfx_nl80211_pre_doit+0x10/0x10
[   73.295023][ T6046]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[   73.300495][ T6046]  ? __pfx_nl80211_post_doit+0x10/0x10
[   73.305961][ T6046]  ? __pfx___might_resched+0x10/0x10
[   73.311259][ T6046]  netlink_rcv_skb+0x1e3/0x430
[   73.316026][ T6046]  ? __pfx_genl_rcv_msg+0x10/0x10
[   73.321075][ T6046]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   73.326366][ T6046]  ? __netlink_deliver_tap+0x77e/0x7c0
[   73.331832][ T6046]  genl_rcv+0x28/0x40
[   73.335899][ T6046]  netlink_unicast+0x7f6/0x990
[   73.340670][ T6046]  ? __pfx_netlink_unicast+0x10/0x10
[   73.345952][ T6046]  ? __virt_addr_valid+0x183/0x530
[   73.351062][ T6046]  ? __check_object_size+0x48e/0x900
[   73.356341][ T6046]  netlink_sendmsg+0x8e4/0xcb0
[   73.361110][ T6046]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.366398][ T6046]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.371675][ T6046]  __sock_sendmsg+0x221/0x270
[   73.376356][ T6046]  ____sys_sendmsg+0x52a/0x7e0
[   73.381120][ T6046]  ? __pfx_____sys_sendmsg+0x10/0x10
[   73.386416][ T6046]  __sys_sendmsg+0x292/0x380
[   73.391007][ T6046]  ? __pfx___sys_sendmsg+0x10/0x10
[   73.396123][ T6046]  ? __pfx_vfs_write+0x10/0x10
[   73.400906][ T6046]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   73.407244][ T6046]  ? do_syscall_64+0x100/0x230
[   73.412010][ T6046]  ? do_syscall_64+0xb6/0x230
[   73.416687][ T6046]  do_syscall_64+0xf3/0x230
[   73.421189][ T6046]  ? clear_bhb_loop+0x35/0x90
[   73.425863][ T6046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.431839][ T6046] RIP: 0033:0x7fc0c7b7e719
[   73.436262][ T6046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.455872][ T6046] RSP: 002b:00007fc0c89a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.464318][ T6046] RAX: ffffffffffffffda RBX: 00007fc0c7d35f80 RCX: 00007fc0c7b7e719
[   73.472300][ T6046] RDX: 0000000040000800 RSI: 0000000020000200 RDI: 0000000000000004
[   73.480271][ T6046] RBP: 00007fc0c89a5090 R08: 0000000000000000 R09: 0000000000000000
[   73.488239][ T6046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.496201][ T6046] R13: 0000000000000000 R14: 00007fc0c7d35f80 R15: 00007ffd71082c58
[   73.504182][ T6046]  </TASK>
[   73.507216][    C1] vkms_vblank_simulate: vblank timer overrun
[   73.537813][ T5884] usb 2-1: Using ep0 maxpacket: 32
[   73.558171][ T5884] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[   73.567944][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.589680][ T5884] usb 2-1: config 0 descriptor??
[   73.620354][ T5884] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[   74.145474][ T6056] xt_connbytes: Forcing CT accounting to be enabled
[   74.152186][ T6056] Cannot find set identified by id 0 to match
[   74.613102][ T5884] gspca_vc032x: reg_w err -110
[   74.625980][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.631465][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.637025][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.643536][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.649090][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.655647][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.661101][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.666587][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.672017][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.677748][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.683479][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.689172][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.694898][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.700696][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.817690][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.823034][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.828399][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.835681][ T5884] gspca_vc032x: I2c Bus Busy Wait 00
[   74.840986][ T5884] gspca_vc032x: Unknown sensor...
[   74.846135][ T5884] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[   76.478997][ T5912] usb 2-1: USB disconnect, device number 4
[   76.776715][   T57] cfg80211: failed to load regulatory.db
[   78.004762][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   78.013877][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   78.973745][ T6101] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.919407][ T6109] FAULT_INJECTION: forcing a failure.
[   79.919407][ T6109] name failslab, interval 1, probability 0, space 0, times 0
[   79.932780][ T6109] CPU: 0 UID: 0 PID: 6109 Comm: syz.0.52 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   79.943318][ T6109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   79.953401][ T6109] Call Trace:
[   79.956704][ T6109]  <TASK>
[   79.959660][ T6109]  dump_stack_lvl+0x241/0x360
[   79.964381][ T6109]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.969625][ T6109]  ? __pfx__printk+0x10/0x10
[   79.974244][ T6109]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[   79.980287][ T6109]  ? __pfx___might_resched+0x10/0x10
[   79.985626][ T6109]  should_fail_ex+0x3b0/0x4e0
[   79.990333][ T6109]  should_failslab+0xac/0x100
[   79.995020][ T6109]  ? __alloc_skb+0x1c3/0x440
[   79.999630][ T6109]  kmem_cache_alloc_node_noprof+0x71/0x320
[   80.005456][ T6109]  __alloc_skb+0x1c3/0x440
[   80.009888][ T6109]  ? __pfx___alloc_skb+0x10/0x10
[   80.014829][ T6109]  ? netlink_ack_tlv_len+0x6e/0x200
[   80.020034][ T6109]  netlink_ack+0x13f/0xa30
[   80.024444][ T6109]  ? __pfx_lock_acquire+0x10/0x10
[   80.029479][ T6109]  ? __pfx_nl80211_set_wiphy+0x10/0x10
[   80.034946][ T6109]  ? __pfx_nl80211_post_doit+0x10/0x10
[   80.040433][ T6109]  netlink_rcv_skb+0x262/0x430
[   80.045197][ T6109]  ? __pfx_genl_rcv_msg+0x10/0x10
[   80.050316][ T6109]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   80.055611][ T6109]  ? __netlink_deliver_tap+0x77e/0x7c0
[   80.061081][ T6109]  genl_rcv+0x28/0x40
[   80.065062][ T6109]  netlink_unicast+0x7f6/0x990
[   80.069827][ T6109]  ? __pfx_netlink_unicast+0x10/0x10
[   80.075102][ T6109]  ? __virt_addr_valid+0x183/0x530
[   80.080305][ T6109]  ? __check_object_size+0x48e/0x900
[   80.085593][ T6109]  netlink_sendmsg+0x8e4/0xcb0
[   80.090366][ T6109]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.095656][ T6109]  ? __pfx_netlink_sendmsg+0x10/0x10
[   80.100951][ T6109]  __sock_sendmsg+0x221/0x270
[   80.106065][ T6109]  ____sys_sendmsg+0x52a/0x7e0
[   80.110833][ T6109]  ? __pfx_____sys_sendmsg+0x10/0x10
[   80.116126][ T6109]  __sys_sendmsg+0x292/0x380
[   80.120719][ T6109]  ? __pfx___sys_sendmsg+0x10/0x10
[   80.125842][ T6109]  ? __pfx_vfs_write+0x10/0x10
[   80.130620][ T6109]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   80.136955][ T6109]  ? do_syscall_64+0x100/0x230
[   80.141728][ T6109]  ? do_syscall_64+0xb6/0x230
[   80.146404][ T6109]  do_syscall_64+0xf3/0x230
[   80.150905][ T6109]  ? clear_bhb_loop+0x35/0x90
[   80.155581][ T6109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.161470][ T6109] RIP: 0033:0x7fd54cb7e719
[   80.165886][ T6109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.185507][ T6109] RSP: 002b:00007fd54d9d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   80.194020][ T6109] RAX: ffffffffffffffda RBX: 00007fd54cd35f80 RCX: 00007fd54cb7e719
[   80.202001][ T6109] RDX: 0000000040000800 RSI: 0000000020000200 RDI: 0000000000000004
[   80.209988][ T6109] RBP: 00007fd54d9d6090 R08: 0000000000000000 R09: 0000000000000000
[   80.217981][ T6109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.225947][ T6109] R13: 0000000000000000 R14: 00007fd54cd35f80 R15: 00007fff9ec2f738
[   80.233933][ T6109]  </TASK>
[   80.236981][    C0] vkms_vblank_simulate: vblank timer overrun
[   80.442269][ T6115] netlink: 'syz.0.56': attribute type 3 has an invalid length.
[   80.479006][ T6115] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.56'.
[   80.525833][ T6118] netlink: 28 bytes leftover after parsing attributes in process `syz.2.57'.
[   80.565622][ T6118] netlink: 28 bytes leftover after parsing attributes in process `syz.2.57'.
[   80.734001][ T6118] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   80.763230][ T6118] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[   82.109921][ T6128] 8021q: adding VLAN 0 to HW filter on device bond1
[   82.364881][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   83.355971][ T6158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.65'.
[   83.556605][ T6164] FAULT_INJECTION: forcing a failure.
[   83.556605][ T6164] name failslab, interval 1, probability 0, space 0, times 0
[   83.559456][ T6152] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   83.603653][ T6164] CPU: 0 UID: 0 PID: 6164 Comm: syz.2.67 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   83.614217][ T6164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   83.624290][ T6164] Call Trace:
[   83.627570][ T6164]  <TASK>
[   83.630517][ T6164]  dump_stack_lvl+0x241/0x360
[   83.635207][ T6164]  ? __pfx_dump_stack_lvl+0x10/0x10
[   83.640412][ T6164]  ? __pfx__printk+0x10/0x10
[   83.645024][ T6164]  ? ref_tracker_alloc+0x332/0x490
[   83.650135][ T6164]  should_fail_ex+0x3b0/0x4e0
[   83.654895][ T6164]  ? skb_clone+0x20c/0x390
[   83.659326][ T6164]  should_failslab+0xac/0x100
[   83.664107][ T6164]  ? skb_clone+0x20c/0x390
[   83.668533][ T6164]  kmem_cache_alloc_noprof+0x6c/0x2a0
[   83.673928][ T6164]  skb_clone+0x20c/0x390
[   83.678210][ T6164]  __netlink_deliver_tap+0x3cc/0x7c0
[   83.683585][ T6164]  ? netlink_deliver_tap+0x2e/0x1b0
[   83.688786][ T6164]  netlink_deliver_tap+0x19d/0x1b0
[   83.693887][ T6164]  netlink_sendskb+0x68/0x140
[   83.698570][ T6164]  netlink_unicast+0x39d/0x990
[   83.703349][ T6164]  ? __asan_memcpy+0x40/0x70
[   83.707934][ T6164]  ? __pfx_netlink_unicast+0x10/0x10
[   83.713229][ T6164]  netlink_rcv_skb+0x262/0x430
[   83.717983][ T6164]  ? __pfx_genl_rcv_msg+0x10/0x10
[   83.723037][ T6164]  ? __pfx_netlink_rcv_skb+0x10/0x10
[   83.728419][ T6164]  ? __netlink_deliver_tap+0x77e/0x7c0
[   83.733876][ T6164]  genl_rcv+0x28/0x40
[   83.737850][ T6164]  netlink_unicast+0x7f6/0x990
[   83.742701][ T6164]  ? __pfx_netlink_unicast+0x10/0x10
[   83.748093][ T6164]  ? __virt_addr_valid+0x183/0x530
[   83.753386][ T6164]  ? __check_object_size+0x48e/0x900
[   83.758666][ T6164]  netlink_sendmsg+0x8e4/0xcb0
[   83.763459][ T6164]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.768762][ T6164]  ? __pfx_netlink_sendmsg+0x10/0x10
[   83.774045][ T6164]  __sock_sendmsg+0x221/0x270
[   83.778761][ T6164]  ____sys_sendmsg+0x52a/0x7e0
[   83.783523][ T6164]  ? __pfx_____sys_sendmsg+0x10/0x10
[   83.788814][ T6164]  __sys_sendmsg+0x292/0x380
[   83.793426][ T6164]  ? __pfx___sys_sendmsg+0x10/0x10
[   83.798557][ T6164]  ? __pfx_vfs_write+0x10/0x10
[   83.803352][ T6164]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   83.809704][ T6164]  ? do_syscall_64+0x100/0x230
[   83.814487][ T6164]  ? do_syscall_64+0xb6/0x230
[   83.819181][ T6164]  do_syscall_64+0xf3/0x230
[   83.823686][ T6164]  ? clear_bhb_loop+0x35/0x90
[   83.828375][ T6164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.834264][ T6164] RIP: 0033:0x7f7f1357e719
[   83.838670][ T6164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.858452][ T6164] RSP: 002b:00007f7f14461038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   83.866873][ T6164] RAX: ffffffffffffffda RBX: 00007f7f13735f80 RCX: 00007f7f1357e719
[   83.874863][ T6164] RDX: 0000000040000800 RSI: 0000000020000200 RDI: 0000000000000004
[   83.882836][ T6164] RBP: 00007f7f14461090 R08: 0000000000000000 R09: 0000000000000000
[   83.891426][ T6164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.899929][ T6164] R13: 0000000000000000 R14: 00007f7f13735f80 R15: 00007ffe5cb752e8
[   83.908005][ T6164]  </TASK>
[   83.911120][    C0] vkms_vblank_simulate: vblank timer overrun
[   86.204758][ T5881] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   86.443930][ T6185] atomic_op ffff88802823f998 conn xmit_atomic 0000000000000000
[   86.837167][ T5881] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[   86.846818][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.923269][ T5881] usb 2-1: config 0 descriptor??
[   86.936708][ T5881] gspca_main: STV06xx-2.14.0 probing 046d:0870
[   86.964905][ T6186] mmap: syz.0.73 (6186): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[   87.843940][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   87.876709][ T5881] usb 2-1: USB disconnect, device number 5
[   87.907607][ T6195] capability: warning: `syz.2.76' uses deprecated v2 capabilities in a way that may be insecure
[   87.991412][    T9] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[   88.243654][    T9] usb 5-1: device descriptor read/64, error -71
[   88.302144][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.2.76'.
[   88.373795][ T6208] FAULT_INJECTION: forcing a failure.
[   88.373795][ T6208] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   88.410098][ T6208] CPU: 0 UID: 0 PID: 6208 Comm: syz.0.79 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   88.420665][ T6208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   88.430748][ T6208] Call Trace:
[   88.434045][ T6208]  <TASK>
[   88.436992][ T6208]  dump_stack_lvl+0x241/0x360
[   88.441702][ T6208]  ? __pfx_dump_stack_lvl+0x10/0x10
[   88.446929][ T6208]  ? __pfx__printk+0x10/0x10
[   88.451551][ T6208]  ? __pfx_lock_release+0x10/0x10
[   88.456807][ T6208]  should_fail_ex+0x3b0/0x4e0
[   88.461523][ T6208]  strncpy_from_user+0x36/0x260
[   88.466451][ T6208]  path_setxattr+0xf0/0x4d0
[   88.471172][ T6208]  ? __pfx_path_setxattr+0x10/0x10
[   88.476317][ T6208]  ? __mutex_unlock_slowpath+0x21d/0x750
[   88.482086][ T6208]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   88.488107][ T6208]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   88.494656][ T6208]  ? do_syscall_64+0x100/0x230
[   88.499450][ T6208]  __x64_sys_lsetxattr+0xb8/0xd0
[   88.504420][ T6208]  do_syscall_64+0xf3/0x230
[   88.509123][ T6208]  ? clear_bhb_loop+0x35/0x90
[   88.513865][ T6208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.519879][ T6208] RIP: 0033:0x7fd54cb7e719
[   88.524333][ T6208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.543971][ T6208] RSP: 002b:00007fd54d9d6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   88.552437][ T6208] RAX: ffffffffffffffda RBX: 00007fd54cd35f80 RCX: 00007fd54cb7e719
[   88.560650][ T6208] RDX: 0000000020000280 RSI: 0000000020000140 RDI: 0000000020000000
[   88.568652][ T6208] RBP: 00007fd54d9d6090 R08: 0000000000000000 R09: 0000000000000000
[   88.576734][ T6208] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   88.584735][ T6208] R13: 0000000000000000 R14: 00007fd54cd35f80 R15: 00007fff9ec2f738
[   88.592746][ T6208]  </TASK>
[   88.674976][    T9] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   88.744762][ T5832] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   88.870337][ T5881] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   88.899257][ T5832] usb 3-1: Using ep0 maxpacket: 32
[   89.443001][ T6215] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[   89.452878][ T6215] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[   89.476664][    T9] usb 5-1: device descriptor read/64, error -71
[   89.486173][ T5832] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[   89.495852][ T5832] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[   89.504489][ T5832] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[   89.523832][ T5832] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   89.539514][ T5832] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   89.556295][ T5881] usb 2-1: config 201 has an invalid interface number: 249 but max is 0
[   89.564994][ T5881] usb 2-1: config 201 has no interface number 0
[   89.571400][ T5881] usb 2-1: config 201 interface 249 altsetting 4 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[   89.585083][    T9] usb usb5-port1: attempt power cycle
[   89.855064][ T5832] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[   89.868375][ T5881] usb 2-1: config 201 interface 249 has no altsetting 0
[   89.875660][ T5832] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[   89.886521][ T5832] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.575678][ T5832] usb 3-1: config 0 descriptor??
[   90.613528][ T5881] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[   90.622807][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.631011][ T5881] usb 2-1: Product: syz
[   90.644850][ T5881] usb 2-1: Manufacturer: syz
[   90.649571][ T5881] usb 2-1: SerialNumber: syz
[   90.792630][ T5832] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[   90.832440][ T6235] FAULT_INJECTION: forcing a failure.
[   90.832440][ T6235] name failslab, interval 1, probability 0, space 0, times 0
[   90.847455][ T6235] CPU: 1 UID: 0 PID: 6235 Comm: syz.4.91 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   90.858016][ T6235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   90.868101][ T6235] Call Trace:
[   90.871409][ T6235]  <TASK>
[   90.874361][ T6235]  dump_stack_lvl+0x241/0x360
[   90.879117][ T6235]  ? __pfx_dump_stack_lvl+0x10/0x10
[   90.884378][ T6235]  ? __pfx__printk+0x10/0x10
[   90.889009][ T6235]  ? __kmalloc_node_noprof+0xb7/0x440
[   90.894421][ T6235]  ? __pfx___might_resched+0x10/0x10
[   90.899751][ T6235]  should_fail_ex+0x3b0/0x4e0
[   90.904471][ T6235]  should_failslab+0xac/0x100
[   90.909192][ T6235]  __kmalloc_node_noprof+0xdf/0x440
[   90.914424][ T6235]  ? vmemdup_user+0x42/0x1c0
[   90.919062][ T6235]  vmemdup_user+0x42/0x1c0
[   90.923514][ T6235]  path_setxattr+0x1cb/0x4d0
[   90.928138][ T6235]  ? __pfx_path_setxattr+0x10/0x10
[   90.933279][ T6235]  ? __mutex_unlock_slowpath+0x21d/0x750
[   90.938978][ T6235]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   90.945003][ T6235]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   90.951372][ T6235]  ? do_syscall_64+0x100/0x230
[   90.956182][ T6235]  __x64_sys_lsetxattr+0xb8/0xd0
[   90.961179][ T6235]  do_syscall_64+0xf3/0x230
[   90.965806][ T6235]  ? clear_bhb_loop+0x35/0x90
[   90.970525][ T6235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.976455][ T6235] RIP: 0033:0x7fc0c7b7e719
[   90.980905][ T6235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.000548][ T6235] RSP: 002b:00007fc0c89a5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   91.009011][ T6235] RAX: ffffffffffffffda RBX: 00007fc0c7d35f80 RCX: 00007fc0c7b7e719
[   91.017023][ T6235] RDX: 0000000020000280 RSI: 0000000020000140 RDI: 0000000020000000
[   91.025031][ T6235] RBP: 00007fc0c89a5090 R08: 0000000000000000 R09: 0000000000000000
[   91.033037][ T6235] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   91.041048][ T6235] R13: 0000000000000000 R14: 00007fc0c7d35f80 R15: 00007ffd71082c58
[   91.049070][ T6235]  </TASK>
[   91.124696][ T5883] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   91.131651][ T5881] ath6kl: Failed to submit usb control message: -71
[   91.158737][ T5881] ath6kl: unable to send the bmi data to the device: -71
[   91.219496][ T5881] ath6kl: Unable to send get target info: -71
[   91.259995][ T5881] ath6kl: Failed to init ath6kl core: -71
[   91.268903][ T5881] ath6kl_usb 2-1:201.249: probe with driver ath6kl_usb failed with error -71
[   91.290433][ T5883] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.313524][ T5883] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.362163][ T5883] usb 1-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[   91.401597][ T5883] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.475914][ T5883] usb 1-1: config 0 descriptor??
[   91.483284][ T5832] usb 3-1: USB disconnect, device number 3
[   91.493579][ T5832] usblp0: removed
[   91.502220][ T5881] usb 2-1: USB disconnect, device number 6
[   91.842013][ T6251] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[   91.864746][ T6251] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[   91.922827][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.89'.
[   91.970707][ T5883] usbhid 1-1:0.0: can't add hid device: -71
[   91.980668][ T5883] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[   92.009445][ T5883] usb 1-1: USB disconnect, device number 4
[   93.188851][ T6271] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[   93.354710][ T5883] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   93.411599][ T6278] FAULT_INJECTION: forcing a failure.
[   93.411599][ T6278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.425009][   T57] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   93.435360][ T6275] netlink: 105108 bytes leftover after parsing attributes in process `syz.0.102'.
[   93.446460][ T6278] CPU: 1 UID: 0 PID: 6278 Comm: syz.1.103 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   93.457180][ T6278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   93.467269][ T6278] Call Trace:
[   93.470582][ T6278]  <TASK>
[   93.473539][ T6278]  dump_stack_lvl+0x241/0x360
[   93.478338][ T6278]  ? __pfx_dump_stack_lvl+0x10/0x10
[   93.483564][ T6278]  ? __pfx__printk+0x10/0x10
[   93.488195][ T6278]  should_fail_ex+0x3b0/0x4e0
[   93.492912][ T6278]  _copy_from_user+0x31/0xe0
[   93.497540][ T6278]  vmemdup_user+0x149/0x1c0
[   93.502082][ T6278]  path_setxattr+0x1cb/0x4d0
[   93.506807][ T6278]  ? __pfx_path_setxattr+0x10/0x10
[   93.511940][ T6278]  ? __mutex_unlock_slowpath+0x21d/0x750
[   93.517614][ T6278]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   93.523612][ T6278]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   93.530389][ T6278]  ? do_syscall_64+0x100/0x230
[   93.535197][ T6278]  __x64_sys_lsetxattr+0xb8/0xd0
[   93.540173][ T6278]  do_syscall_64+0xf3/0x230
[   93.544682][ T6278]  ? clear_bhb_loop+0x35/0x90
[   93.549793][ T6278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.556205][ T6278] RIP: 0033:0x7fa4c6d7e719
[   93.560702][ T6278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.580324][ T6278] RSP: 002b:00007fa4c7b56038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   93.588746][ T6278] RAX: ffffffffffffffda RBX: 00007fa4c6f35f80 RCX: 00007fa4c6d7e719
[   93.596722][ T6278] RDX: 0000000020000280 RSI: 0000000020000140 RDI: 0000000020000000
[   93.604781][ T6278] RBP: 00007fa4c7b56090 R08: 0000000000000000 R09: 0000000000000000
[   93.612755][ T6278] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   93.620734][ T6278] R13: 0000000000000000 R14: 00007fa4c6f35f80 R15: 00007ffddd13f028
[   93.628721][ T6278]  </TASK>
[   93.638489][ T6275] netlink: 'syz.0.102': attribute type 1 has an invalid length.
[   93.665887][ T6275] netlink: 12 bytes leftover after parsing attributes in process `syz.0.102'.
[   93.676782][ T5883] usb 3-1: Using ep0 maxpacket: 32
[   93.695030][ T5883] usb 3-1: config 0 has an invalid interface number: 88 but max is 0
[   93.703861][ T5883] usb 3-1: config 0 has no interface number 0
[   93.761654][   T57] usb 4-1: Using ep0 maxpacket: 16
[   93.768912][   T57] usb 4-1: config 0 descriptor has 1 excess byte, ignoring
[   93.777306][ T5883] usb 3-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=7d.12
[   93.786882][   T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.798033][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.821485][   T57] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.831388][ T5883] usb 3-1: Product: syz
[   93.840397][ T5883] usb 3-1: Manufacturer: syz
[   93.845786][   T57] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[   93.861881][ T5883] usb 3-1: SerialNumber: syz
[   93.867514][   T57] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.895481][ T5883] usb 3-1: config 0 descriptor??
[   93.903165][   T57] usb 4-1: config 0 descriptor??
[   93.925839][   T57] usbhid 4-1:0.0: can't add hid device: -22
[   93.932055][   T57] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[   93.963179][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.105'.
[   93.994861][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[   94.103342][ T6283] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   94.361031][ T6292] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[   94.383090][ T5883] f81534a_ctrl 3-1:0.88: failed to set register 0x116: -5
[   94.383560][ T6292] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[   94.392004][ T5883] f81534a_ctrl 3-1:0.88: failed to enable ports: -5
[   94.416173][ T5883] f81534a_ctrl 3-1:0.88: probe with driver f81534a_ctrl failed with error -5
[   94.439125][ T5883] usb 3-1: USB disconnect, device number 4
[   94.498703][ T6298] netlink: 'syz.4.107': attribute type 9 has an invalid length.
[   94.521606][ T6298] netlink: 'syz.4.107': attribute type 7 has an invalid length.
[   94.544645][ T6298] netlink: 'syz.4.107': attribute type 8 has an invalid length.
[   94.610511][ T6300] sp0: Synchronizing with TNC
[   94.792442][ T6302] 9pnet_fd: Insufficient options for proto=fd
[   95.584760][ T6298] Falling back ldisc for ttyS3.
[   96.778959][ T5883] usb 4-1: USB disconnect, device number 2
[   96.873253][ T6324] FAULT_INJECTION: forcing a failure.
[   96.873253][ T6324] name failslab, interval 1, probability 0, space 0, times 0
[   96.903462][ T6324] CPU: 0 UID: 0 PID: 6324 Comm: syz.4.114 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   96.914124][ T6324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   96.922192][ T6328] Zero length message leads to an empty skb
[   96.924198][ T6324] Call Trace:
[   96.924211][ T6324]  <TASK>
[   96.924220][ T6324]  dump_stack_lvl+0x241/0x360
[   96.924251][ T6324]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.946251][ T6324]  ? __pfx__printk+0x10/0x10
[   96.950883][ T6324]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[   96.956903][ T6324]  ? __pfx___might_resched+0x10/0x10
[   96.962225][ T6324]  should_fail_ex+0x3b0/0x4e0
[   96.967437][ T6324]  ? getname_flags+0xb7/0x540
[   96.972112][ T6324]  should_failslab+0xac/0x100
[   96.976825][ T6324]  ? getname_flags+0xb7/0x540
[   96.981614][ T6324]  kmem_cache_alloc_noprof+0x6c/0x2a0
[   96.987001][ T6324]  getname_flags+0xb7/0x540
[   96.991529][ T6324]  user_path_at+0x24/0x60
[   96.995888][ T6324]  path_setxattr+0x224/0x4d0
[   97.000481][ T6324]  ? __pfx_path_setxattr+0x10/0x10
[   97.005705][ T6324]  ? __mutex_unlock_slowpath+0x21d/0x750
[   97.011515][ T6324]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[   97.017696][ T6324]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[   97.024031][ T6324]  ? do_syscall_64+0x100/0x230
[   97.028806][ T6324]  __x64_sys_lsetxattr+0xb8/0xd0
[   97.034097][ T6324]  do_syscall_64+0xf3/0x230
[   97.038602][ T6324]  ? clear_bhb_loop+0x35/0x90
[   97.043278][ T6324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.049181][ T6324] RIP: 0033:0x7fc0c7b7e719
[   97.053595][ T6324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.073218][ T6324] RSP: 002b:00007fc0c89a5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   97.081641][ T6324] RAX: ffffffffffffffda RBX: 00007fc0c7d35f80 RCX: 00007fc0c7b7e719
[   97.089641][ T6324] RDX: 0000000020000280 RSI: 0000000020000140 RDI: 0000000020000000
[   97.097610][ T6324] RBP: 00007fc0c89a5090 R08: 0000000000000000 R09: 0000000000000000
[   97.105606][ T6324] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[   97.113585][ T6324] R13: 0000000000000000 R14: 00007fc0c7d35f80 R15: 00007ffd71082c58
[   97.121589][ T6324]  </TASK>
[   97.124716][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.768194][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.778266][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   99.495672][ T6364] FAULT_INJECTION: forcing a failure.
[   99.495672][ T6364] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   99.525521][ T6364] CPU: 0 UID: 0 PID: 6364 Comm: syz.0.124 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[   99.536262][ T6364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[   99.546354][ T6364] Call Trace:
[   99.549661][ T6364]  <TASK>
[   99.552605][ T6364]  dump_stack_lvl+0x241/0x360
[   99.557306][ T6364]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.562528][ T6364]  ? __pfx__printk+0x10/0x10
[   99.567153][ T6364]  ? snprintf+0xda/0x120
[   99.571509][ T6364]  should_fail_ex+0x3b0/0x4e0
[   99.576210][ T6364]  _copy_to_user+0x31/0xb0
[   99.580653][ T6364]  simple_read_from_buffer+0xca/0x150
[   99.586037][ T6364]  proc_fail_nth_read+0x1e9/0x250
[   99.591069][ T6364]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.596617][ T6364]  ? rw_verify_area+0x55e/0x6f0
[   99.601469][ T6364]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   99.607018][ T6364]  vfs_read+0x1fc/0xb70
[   99.611187][ T6364]  ? fdget_pos+0x24e/0x320
[   99.615611][ T6364]  ? __pfx_vfs_read+0x10/0x10
[   99.620396][ T6364]  ? __fget_files+0x3f3/0x470
[   99.625107][ T6364]  ? fdget_pos+0x24e/0x320
[   99.629531][ T6364]  ksys_read+0x183/0x2b0
[   99.633796][ T6364]  ? __pfx_ksys_read+0x10/0x10
[   99.638562][ T6364]  ? do_syscall_64+0x100/0x230
[   99.643328][ T6364]  ? do_syscall_64+0xb6/0x230
[   99.648007][ T6364]  do_syscall_64+0xf3/0x230
[   99.652506][ T6364]  ? clear_bhb_loop+0x35/0x90
[   99.657191][ T6364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.663081][ T6364] RIP: 0033:0x7fd54cb7d15c
[   99.667497][ T6364] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[   99.687109][ T6364] RSP: 002b:00007fd54d9d6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   99.695526][ T6364] RAX: ffffffffffffffda RBX: 00007fd54cd35f80 RCX: 00007fd54cb7d15c
[   99.703496][ T6364] RDX: 000000000000000f RSI: 00007fd54d9d60a0 RDI: 0000000000000005
[   99.711497][ T6364] RBP: 00007fd54d9d6090 R08: 0000000000000000 R09: 0000000000000000
[   99.719476][ T6364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.727454][ T6364] R13: 0000000000000000 R14: 00007fd54cd35f80 R15: 00007fff9ec2f738
[   99.735440][ T6364]  </TASK>
[   99.985515][ T6377] FAULT_INJECTION: forcing a failure.
[   99.985515][ T6377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.009416][ T6377] CPU: 0 UID: 0 PID: 6377 Comm: syz.1.127 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  100.020153][ T6377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  100.030247][ T6377] Call Trace:
[  100.033811][ T6377]  <TASK>
[  100.036764][ T6377]  dump_stack_lvl+0x241/0x360
[  100.041485][ T6377]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.046710][ T6377]  ? __pfx__printk+0x10/0x10
[  100.051337][ T6377]  should_fail_ex+0x3b0/0x4e0
[  100.056042][ T6377]  strncpy_from_user+0x36/0x260
[  100.060934][ T6377]  getname_flags+0xf1/0x540
[  100.065500][ T6377]  user_path_at+0x24/0x60
[  100.069862][ T6377]  path_setxattr+0x224/0x4d0
[  100.074495][ T6377]  ? __pfx_path_setxattr+0x10/0x10
[  100.079646][ T6377]  ? __mutex_unlock_slowpath+0x21d/0x750
[  100.084148][   T29] audit: type=1800 audit(1730025590.924:3): pid=6378 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.126" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="overlay" ino=155 res=0 errno=0
[  100.085314][ T6377]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  100.085348][ T6377]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  100.126313][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.132234][ T6377]  ? do_syscall_64+0x100/0x230
[  100.149376][ T6377]  __x64_sys_lsetxattr+0xb8/0xd0
[  100.154356][ T6377]  do_syscall_64+0xf3/0x230
[  100.158891][ T6377]  ? clear_bhb_loop+0x35/0x90
[  100.163588][ T6377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.169509][ T6377] RIP: 0033:0x7fa4c6d7e719
[  100.173951][ T6377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.193558][ T6377] RSP: 002b:00007fa4c7b56038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  100.201979][ T6377] RAX: ffffffffffffffda RBX: 00007fa4c6f35f80 RCX: 00007fa4c6d7e719
[  100.209953][ T6377] RDX: 0000000020000280 RSI: 0000000020000140 RDI: 0000000020000000
[  100.217924][ T6377] RBP: 00007fa4c7b56090 R08: 0000000000000000 R09: 0000000000000000
[  100.225892][ T6377] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  100.233862][ T6377] R13: 0000000000000000 R14: 00007fa4c6f35f80 R15: 00007ffddd13f028
[  100.241848][ T6377]  </TASK>
[  100.509931][ T6384] (unnamed net_device) (uninitialized): option ad_user_port_key: invalid value (46336)
[  100.553843][ T6384] (unnamed net_device) (uninitialized): option ad_user_port_key: allowed values 0 - 1023
[  100.569873][ T6381] netlink: 8 bytes leftover after parsing attributes in process `syz.0.128'.
[  100.704714][ T6381] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  101.019321][ T6399] Cannot find set identified by id 0 to match
[  101.038509][ T6399] warn_alloc: 2 callbacks suppressed
[  101.038529][ T6399] syz.1.134: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  101.059383][ T6399] CPU: 0 UID: 0 PID: 6399 Comm: syz.1.134 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  101.070186][ T6399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.080278][ T6399] Call Trace:
[  101.083682][ T6399]  <TASK>
[  101.086649][ T6399]  dump_stack_lvl+0x241/0x360
[  101.091372][ T6399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.096638][ T6399]  ? __pfx__printk+0x10/0x10
[  101.101288][ T6399]  ? __rcu_read_unlock+0xa1/0x110
[  101.106349][ T6399]  warn_alloc+0x278/0x410
[  101.110715][ T6399]  ? stack_depot_save_flags+0x29/0x830
[  101.116202][ T6399]  ? __vmalloc_node_range_noprof+0x106/0x13f0
[  101.122478][ T6399]  ? __pfx_warn_alloc+0x10/0x10
[  101.127370][ T6399]  ? kasan_save_track+0x3f/0x80
[  101.132245][ T6399]  ? __kasan_kmalloc+0x98/0xb0
[  101.137036][ T6399]  ? xsk_setsockopt+0x598/0x950
[  101.141904][ T6399]  ? do_sock_setsockopt+0x3af/0x720
[  101.147169][ T6399]  ? __sys_setsockopt+0x1a2/0x250
[  101.152218][ T6399]  ? __x64_sys_setsockopt+0xb5/0xd0
[  101.157490][ T6399]  ? do_syscall_64+0xf3/0x230
[  101.162296][ T6399]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.168505][ T6399]  __vmalloc_node_range_noprof+0x126/0x13f0
[  101.174556][ T6399]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  101.180912][ T6399]  ? __kasan_kmalloc+0x98/0xb0
[  101.185719][ T6399]  ? xskq_create+0x54/0x170
[  101.190261][ T6399]  vmalloc_user_noprof+0x74/0x80
[  101.195242][ T6399]  ? xskq_create+0xb6/0x170
[  101.199793][ T6399]  xskq_create+0xb6/0x170
[  101.204240][ T6399]  xsk_init_queue+0xa1/0x100
[  101.208953][ T6399]  xsk_setsockopt+0x598/0x950
[  101.213686][ T6399]  ? __pfx_xsk_setsockopt+0x10/0x10
[  101.218924][ T6399]  ? security_socket_setsockopt+0xa5/0x2a0
[  101.224941][ T6399]  ? security_socket_setsockopt+0x3d/0x2a0
[  101.230982][ T6399]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  101.236493][ T6399]  ? __pfx_xsk_setsockopt+0x10/0x10
[  101.241720][ T6399]  do_sock_setsockopt+0x3af/0x720
[  101.246789][ T6399]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  101.252364][ T6399]  ? __fget_files+0x29/0x470
[  101.256985][ T6399]  ? __fget_files+0x3f3/0x470
[  101.261732][ T6399]  ? __fget_files+0x29/0x470
[  101.266389][ T6399]  __sys_setsockopt+0x1a2/0x250
[  101.271280][ T6399]  __x64_sys_setsockopt+0xb5/0xd0
[  101.276423][ T6399]  do_syscall_64+0xf3/0x230
[  101.280951][ T6399]  ? clear_bhb_loop+0x35/0x90
[  101.285644][ T6399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.291558][ T6399] RIP: 0033:0x7fa4c6d7e719
[  101.296007][ T6399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.315741][ T6399] RSP: 002b:00007fa4c7b14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  101.324184][ T6399] RAX: ffffffffffffffda RBX: 00007fa4c6f36130 RCX: 00007fa4c6d7e719
[  101.332172][ T6399] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000003
[  101.340244][ T6399] RBP: 00007fa4c6df132e R08: 0000000000000020 R09: 0000000000000000
[  101.348237][ T6399] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000
[  101.356233][ T6399] R13: 0000000000000000 R14: 00007fa4c6f36130 R15: 00007ffddd13f028
[  101.364244][ T6399]  </TASK>
[  101.368449][ T6399] Mem-Info:
[  101.371617][ T6399] active_anon:351 inactive_anon:8936 isolated_anon:0
[  101.371617][ T6399]  active_file:4763 inactive_file:37717 isolated_file:0
[  101.371617][ T6399]  unevictable:768 dirty:130 writeback:0
[  101.371617][ T6399]  slab_reclaimable:10398 slab_unreclaimable:97288
[  101.371617][ T6399]  mapped:26734 shmem:7186 pagetables:718
[  101.371617][ T6399]  sec_pagetables:0 bounce:0
[  101.371617][ T6399]  kernel_misc_reclaimable:0
[  101.371617][ T6399]  free:1341103 free_pcp:8359 free_cma:0
[  101.418517][ T6399] Node 0 active_anon:1404kB inactive_anon:35744kB active_file:18980kB inactive_file:150868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:106936kB dirty:516kB writeback:0kB shmem:27208kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10824kB pagetables:2872kB sec_pagetables:0kB all_unreclaimable? no
[  101.451506][ T6399] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  101.482653][ T6399] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  101.509868][ T6399] lowmem_reserve[]: 0 2465 2466 0 0
[  101.515950][ T6399] Node 0 DMA32 free:1467980kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:1400kB inactive_anon:35508kB active_file:18200kB inactive_file:150816kB unevictable:1536kB writepending:516kB present:3129332kB managed:2552508kB mlocked:0kB bounce:0kB free_pcp:3752kB local_pcp:2796kB free_cma:0kB
[  101.547140][ T6399] lowmem_reserve[]: 0 0 0 0 0
[  101.552108][ T6399] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:780kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  101.580278][ T6399] lowmem_reserve[]: 0 0 0 0 0
[  101.585138][ T6399] Node 1 Normal free:3895344kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:15852kB local_pcp:11536kB free_cma:0kB
[  101.614918][ T6399] lowmem_reserve[]: 0 0 0 0 0
[  101.619689][ T6399] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  101.634477][ T6399] Node 0 DMA32: 285*4kB (UME) 318*8kB (UME) 291*16kB (UME) 202*32kB (UME) 64*64kB (UME) 20*128kB (UE) 18*256kB (UME) 16*512kB (UME) 7*1024kB (UM) 7*2048kB (UME) 345*4096kB (M) = 1468884kB
[  101.653819][ T6399] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  101.666080][ T6399] Node 1 Normal: 60*4kB (UME) 6*8kB (UM) 5*16kB (ME) 110*32kB (UME) 76*64kB (UME) 30*128kB (UM) 13*256kB (UME) 7*512kB (U) 5*1024kB (UE) 4*2048kB (UME) 943*4096kB (M) = 3895344kB
[  101.684380][ T6399] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  101.694062][ T6399] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  101.703440][ T6399] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  101.713077][ T6399] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  101.722474][ T6399] 48291 total pagecache pages
[  101.727199][ T6399] 0 pages in swap cache
[  101.731369][ T6399] Free swap  = 124400kB
[  101.735588][ T6399] Total swap = 124996kB
[  101.739760][ T6399] 2097051 pages RAM
[  101.743573][ T6399] 0 pages HighMem/MovableOnly
[  101.748348][ T6399] 427072 pages reserved
[  101.752548][ T6399] 0 pages cma reserved
[  101.772392][ T6403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.135'.
[  101.783735][ T6403] syz.2.135 uses obsolete (PF_INET,SOCK_PACKET)
[  101.862588][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.138'.
[  101.928352][ T6414] ------------[ cut here ]------------
[  101.928546][ T6414] WARNING: CPU: 0 PID: 6414 at mm/util.c:670 __kvmalloc_node_noprof+0x17a/0x190
[  101.928587][ T6414] Modules linked in:
[  101.928605][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: syz.1.141 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  101.928631][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.928644][ T6414] RIP: 0010:__kvmalloc_node_noprof+0x17a/0x190
[  101.928670][ T6414] Code: cc 44 89 fe 81 e6 00 20 00 00 31 ff e8 1f 6d bc ff 41 81 e7 00 20 00 00 74 0a e8 d1 68 bc ff e9 3b ff ff ff e8 c7 68 bc ff 90 <0f> 0b 90 e9 2d ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00
[  101.928688][ T6414] RSP: 0018:ffffc9000c377930 EFLAGS: 00010283
[  101.928708][ T6414] RAX: ffffffff81d88159 RBX: 00000000b96e6400 RCX: 0000000000040000
[  101.928723][ T6414] RDX: ffffc90004832000 RSI: 0000000000000848 RDI: 0000000000000849
[  101.928739][ T6414] RBP: 0000000000000000 R08: ffffffff81d88141 R09: 00000000ffffffff
[  101.928752][ T6414] R10: ffffc9000c3777a0 R11: fffff5200186eef9 R12: 00000000b96e6400
[  101.928767][ T6414] R13: ffffc9000c377a60 R14: 00000000ffffffff R15: 0000000000000000
[  101.928781][ T6414] FS:  00007fa4c7b566c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  101.928799][ T6414] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  101.928814][ T6414] CR2: 000000110c29ad90 CR3: 000000004b436000 CR4: 00000000003526f0
[  101.928834][ T6414] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  101.928848][ T6414] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  101.928862][ T6414] Call Trace:
[  101.928871][ T6414]  <TASK>
[  101.928882][ T6414]  ? __warn+0x168/0x4e0
[  101.928904][ T6414]  ? __kvmalloc_node_noprof+0x17a/0x190
[  101.928933][ T6414]  ? report_bug+0x2b3/0x500
[  101.928953][ T6414]  ? __kvmalloc_node_noprof+0x17a/0x190
[  101.928982][ T6414]  ? handle_bug+0x60/0x90
[  101.929006][ T6414]  ? exc_invalid_op+0x1a/0x50
[  101.929030][ T6414]  ? asm_exc_invalid_op+0x1a/0x20
[  101.929056][ T6414]  ? __kvmalloc_node_noprof+0x161/0x190
[  101.929079][ T6414]  ? __kvmalloc_node_noprof+0x179/0x190
[  101.929103][ T6414]  ? __kvmalloc_node_noprof+0x17a/0x190
[  101.929131][ T6414]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  101.929159][ T6414]  ? tpg_update_mv_step+0x361/0x4f0
[  101.929182][ T6414]  vivid_update_format_cap+0x133c/0x2090
[  101.929219][ T6414]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  101.929251][ T6414]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  101.929294][ T6414]  __video_do_ioctl+0xc23/0xdd0
[  101.929326][ T6414]  ? __pfx___video_do_ioctl+0x10/0x10
[  101.929350][ T6414]  ? __might_fault+0xc6/0x120
[  101.929387][ T6414]  video_usercopy+0x89b/0x1180
[  101.929411][ T6414]  ? __pfx___video_do_ioctl+0x10/0x10
[  101.929430][ T6414]  ? __pfx_video_usercopy+0x10/0x10
[  101.929449][ T6414]  ? smack_file_ioctl+0x2f7/0x3a0
[  101.929483][ T6414]  ? __fget_files+0x3f3/0x470
[  101.929516][ T6414]  v4l2_ioctl+0x189/0x1e0
[  101.929538][ T6414]  ? __pfx_v4l2_ioctl+0x10/0x10
[  101.929559][ T6414]  __se_sys_ioctl+0xf9/0x170
[  101.929585][ T6414]  do_syscall_64+0xf3/0x230
[  101.929608][ T6414]  ? clear_bhb_loop+0x35/0x90
[  101.929632][ T6414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.929653][ T6414] RIP: 0033:0x7fa4c6d7e719
[  101.929672][ T6414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.929690][ T6414] RSP: 002b:00007fa4c7b56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.929712][ T6414] RAX: ffffffffffffffda RBX: 00007fa4c6f35f80 RCX: 00007fa4c6d7e719
[  101.929729][ T6414] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[  101.929745][ T6414] RBP: 00007fa4c6df132e R08: 0000000000000000 R09: 0000000000000000
[  101.929761][ T6414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.929776][ T6414] R13: 0000000000000000 R14: 00007fa4c6f35f80 R15: 00007ffddd13f028
[  101.929809][ T6414]  </TASK>
[  101.929822][ T6414] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  101.929834][ T6414] CPU: 0 UID: 0 PID: 6414 Comm: syz.1.141 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  101.929857][ T6414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  101.929868][ T6414] Call Trace:
[  101.929875][ T6414]  <TASK>
[  101.929884][ T6414]  dump_stack_lvl+0x241/0x360
[  101.929909][ T6414]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.929932][ T6414]  ? __pfx__printk+0x10/0x10
[  101.929952][ T6414]  ? _printk+0xd5/0x120
[  101.929976][ T6414]  ? __init_begin+0x41000/0x41000
[  101.930003][ T6414]  ? vscnprintf+0x5d/0x90
[  101.930032][ T6414]  panic+0x349/0x880
[  101.930057][ T6414]  ? __warn+0x177/0x4e0
[  101.930079][ T6414]  ? __pfx_panic+0x10/0x10
[  101.930099][ T6414]  ? show_trace_log_lvl+0x3b2/0x410
[  101.930140][ T6414]  __warn+0x34b/0x4e0
[  101.930159][ T6414]  ? __kvmalloc_node_noprof+0x17a/0x190
[  101.930186][ T6414]  report_bug+0x2b3/0x500
[  101.930204][ T6414]  ? __kvmalloc_node_noprof+0x17a/0x190
[  101.930230][ T6414]  handle_bug+0x60/0x90
[  101.930251][ T6414]  exc_invalid_op+0x1a/0x50
[  101.930271][ T6414]  asm_exc_invalid_op+0x1a/0x20
[  101.930287][ T6414] RIP: 0010:__kvmalloc_node_noprof+0x17a/0x190
[  101.930311][ T6414] Code: cc 44 89 fe 81 e6 00 20 00 00 31 ff e8 1f 6d bc ff 41 81 e7 00 20 00 00 74 0a e8 d1 68 bc ff e9 3b ff ff ff e8 c7 68 bc ff 90 <0f> 0b 90 e9 2d ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00
[  101.930327][ T6414] RSP: 0018:ffffc9000c377930 EFLAGS: 00010283
[  101.930344][ T6414] RAX: ffffffff81d88159 RBX: 00000000b96e6400 RCX: 0000000000040000
[  101.930369][ T6414] RDX: ffffc90004832000 RSI: 0000000000000848 RDI: 0000000000000849
[  101.930383][ T6414] RBP: 0000000000000000 R08: ffffffff81d88141 R09: 00000000ffffffff
[  101.930398][ T6414] R10: ffffc9000c3777a0 R11: fffff5200186eef9 R12: 00000000b96e6400
[  101.930413][ T6414] R13: ffffc9000c377a60 R14: 00000000ffffffff R15: 0000000000000000
[  101.930434][ T6414]  ? __kvmalloc_node_noprof+0x161/0x190
[  101.930458][ T6414]  ? __kvmalloc_node_noprof+0x179/0x190
[  101.930491][ T6414]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  101.930518][ T6414]  ? tpg_update_mv_step+0x361/0x4f0
[  101.930540][ T6414]  vivid_update_format_cap+0x133c/0x2090
[  101.930577][ T6414]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  101.930609][ T6414]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  101.930652][ T6414]  __video_do_ioctl+0xc23/0xdd0
[  101.930684][ T6414]  ? __pfx___video_do_ioctl+0x10/0x10
[  101.930708][ T6414]  ? __might_fault+0xc6/0x120
[  101.930738][ T6414]  video_usercopy+0x89b/0x1180
[  101.930767][ T6414]  ? __pfx___video_do_ioctl+0x10/0x10
[  101.930788][ T6414]  ? __pfx_video_usercopy+0x10/0x10
[  101.930806][ T6414]  ? smack_file_ioctl+0x2f7/0x3a0
[  101.930843][ T6414]  ? __fget_files+0x3f3/0x470
[  101.930875][ T6414]  v4l2_ioctl+0x189/0x1e0
[  101.930893][ T6414]  ? __pfx_v4l2_ioctl+0x10/0x10
[  101.930914][ T6414]  __se_sys_ioctl+0xf9/0x170
[  101.930940][ T6414]  do_syscall_64+0xf3/0x230
[  101.930962][ T6414]  ? clear_bhb_loop+0x35/0x90
[  101.930985][ T6414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.931003][ T6414] RIP: 0033:0x7fa4c6d7e719
[  101.931020][ T6414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.931036][ T6414] RSP: 002b:00007fa4c7b56038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.931055][ T6414] RAX: ffffffffffffffda RBX: 00007fa4c6f35f80 RCX: 00007fa4c6d7e719
[  101.931070][ T6414] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[  101.931083][ T6414] RBP: 00007fa4c6df132e R08: 0000000000000000 R09: 0000000000000000
[  101.931097][ T6414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  101.931109][ T6414] R13: 0000000000000000 R14: 00007fa4c6f35f80 R15: 00007ffddd13f028
[  101.931137][ T6414]  </TASK>
[  101.931281][ T6414] Kernel Offset: disabled