Warning: Permanently added '10.128.1.50' (ED25519) to the list of known hosts.
2024/04/02 05:55:29 fuzzer started
2024/04/02 05:55:29 dialing manager at 10.128.0.169:30005
[   60.311350][ T5078] cgroup: Unknown subsys name 'net'
[   60.415501][ T5078] cgroup: Unknown subsys name 'rlimit'
2024/04/02 05:55:31 syscalls: 3855
2024/04/02 05:55:31 code coverage: enabled
2024/04/02 05:55:31 comparison tracing: enabled
2024/04/02 05:55:31 extra coverage: enabled
2024/04/02 05:55:31 delay kcov mmap: enabled
2024/04/02 05:55:31 setuid sandbox: enabled
2024/04/02 05:55:31 namespace sandbox: enabled
2024/04/02 05:55:31 Android sandbox: /sys/fs/selinux/policy does not exist
2024/04/02 05:55:31 fault injection: enabled
2024/04/02 05:55:31 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
2024/04/02 05:55:31 net packet injection: enabled
2024/04/02 05:55:31 net device setup: enabled
2024/04/02 05:55:31 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
2024/04/02 05:55:31 devlink PCI setup: PCI device 0000:00:10.0 is not available
2024/04/02 05:55:31 NIC VF setup: PCI device 0000:00:11.0 is not available
2024/04/02 05:55:31 USB emulation: enabled
2024/04/02 05:55:31 hci packet injection: enabled
2024/04/02 05:55:31 wifi device emulation: enabled
2024/04/02 05:55:31 802.15.4 emulation: enabled
2024/04/02 05:55:31 swap file: enabled
[   61.769062][ T5078] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
2024/04/02 05:55:31 starting 5 executor processes
[   62.807959][ T5093] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   62.818121][ T5093] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   62.818502][ T5096] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   62.826747][ T5093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   62.835155][ T5096] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   62.842251][ T5093] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   62.848545][ T5096] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   62.855887][ T5093] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   62.863979][ T5096] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   62.870203][ T5093] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   62.877911][ T5096] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   62.895953][ T4481] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   63.069299][ T5093] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   63.075682][ T5096] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   63.090671][ T5096] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   63.091246][ T5107] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   63.099145][ T5096] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   63.113158][ T5107] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   63.114148][ T5096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   63.121997][ T5107] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   63.136530][ T5107] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   63.138381][ T5096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   63.144118][ T5107] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   63.161804][ T4481] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   63.170857][ T4481] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   63.179716][ T5096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   63.188325][ T4481] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.209207][   T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   63.231912][   T53] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   63.239892][   T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   63.312765][ T5091] chnl_net:caif_netlink_parms(): no params data found
[   63.527744][ T5091] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.537016][ T5091] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.544634][ T5091] bridge_slave_0: entered allmulticast mode
[   63.553284][ T5091] bridge_slave_0: entered promiscuous mode
[   63.566686][ T5091] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.574030][ T5091] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.581856][ T5091] bridge_slave_1: entered allmulticast mode
[   63.588930][ T5091] bridge_slave_1: entered promiscuous mode
[   63.641010][ T5094] chnl_net:caif_netlink_parms(): no params data found
[   63.663083][ T5091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.678753][ T5091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.742253][ T5091] team0: Port device team_slave_0 added
[   63.795867][ T5091] team0: Port device team_slave_1 added
[   63.874055][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.881941][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.889608][ T5094] bridge_slave_0: entered allmulticast mode
[   63.897202][ T5094] bridge_slave_0: entered promiscuous mode
[   63.909776][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.917382][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.924687][ T5094] bridge_slave_1: entered allmulticast mode
[   63.932546][ T5094] bridge_slave_1: entered promiscuous mode
[   64.015511][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.023176][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.054759][ T5091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.071090][ T5091] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.078988][ T5091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.107554][ T5091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.133161][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.146289][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.158882][ T5104] chnl_net:caif_netlink_parms(): no params data found
[   64.183989][ T5101] chnl_net:caif_netlink_parms(): no params data found
[   64.256886][ T5094] team0: Port device team_slave_0 added
[   64.310525][ T5094] team0: Port device team_slave_1 added
[   64.342305][ T5091] hsr_slave_0: entered promiscuous mode
[   64.349986][ T5091] hsr_slave_1: entered promiscuous mode
[   64.409024][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.417195][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.446948][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.464375][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.476898][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.506706][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.560263][ T5099] chnl_net:caif_netlink_parms(): no params data found
[   64.672581][ T5104] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.680244][ T5104] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.689305][ T5104] bridge_slave_0: entered allmulticast mode
[   64.696889][ T5104] bridge_slave_0: entered promiscuous mode
[   64.722282][ T5101] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.729896][ T5101] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.738318][ T5101] bridge_slave_0: entered allmulticast mode
[   64.746318][ T5101] bridge_slave_0: entered promiscuous mode
[   64.757693][ T5104] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.765055][ T5104] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.773025][ T5104] bridge_slave_1: entered allmulticast mode
[   64.780904][ T5104] bridge_slave_1: entered promiscuous mode
[   64.804734][ T5094] hsr_slave_0: entered promiscuous mode
[   64.811626][ T5094] hsr_slave_1: entered promiscuous mode
[   64.818803][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   64.830032][ T5094] Cannot create hsr debugfs directory
[   64.840244][ T5101] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.849444][ T5101] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.857120][ T5101] bridge_slave_1: entered allmulticast mode
[   64.864172][ T5101] bridge_slave_1: entered promiscuous mode
[   64.901813][ T5104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.924982][ T5104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.946952][   T53] Bluetooth: hci1: command tx timeout
[   64.946966][ T5093] Bluetooth: hci0: command tx timeout
[   65.014637][ T5101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.068877][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.076920][ T5099] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.084532][ T5099] bridge_slave_0: entered allmulticast mode
[   65.092414][ T5099] bridge_slave_0: entered promiscuous mode
[   65.117389][ T5101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.151865][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.159824][ T5099] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.169540][ T5099] bridge_slave_1: entered allmulticast mode
[   65.177457][ T5099] bridge_slave_1: entered promiscuous mode
[   65.185910][   T53] Bluetooth: hci3: command tx timeout
[   65.188328][ T5104] team0: Port device team_slave_0 added
[   65.214750][ T5101] team0: Port device team_slave_0 added
[   65.242875][ T5104] team0: Port device team_slave_1 added
[   65.266161][   T53] Bluetooth: hci4: command tx timeout
[   65.266179][ T5093] Bluetooth: hci2: command tx timeout
[   65.280272][ T5101] team0: Port device team_slave_1 added
[   65.313219][ T5099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.334991][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.342325][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.370533][ T5104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.392895][ T5104] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.400348][ T5104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.428970][ T5104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.449883][ T5101] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.457821][ T5101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.488303][ T5101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.521912][ T5099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.567923][ T5101] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.576273][ T5101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.605451][ T5101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.644409][ T5099] team0: Port device team_slave_0 added
[   65.670823][ T5091] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.694065][ T5099] team0: Port device team_slave_1 added
[   65.732143][ T5091] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.744733][ T5091] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.788807][ T5104] hsr_slave_0: entered promiscuous mode
[   65.795679][ T5104] hsr_slave_1: entered promiscuous mode
[   65.802456][ T5104] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.811312][ T5104] Cannot create hsr debugfs directory
[   65.827190][ T5091] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.842220][ T5099] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.850085][ T5099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.877907][ T5099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.901092][ T5101] hsr_slave_0: entered promiscuous mode
[   65.909015][ T5101] hsr_slave_1: entered promiscuous mode
[   65.918190][ T5101] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   65.926455][ T5101] Cannot create hsr debugfs directory
[   65.946078][ T5099] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.953442][ T5099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.981051][ T5099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.167062][ T5094] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.181606][ T5094] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.219545][ T5099] hsr_slave_0: entered promiscuous mode
[   66.227763][ T5099] hsr_slave_1: entered promiscuous mode
[   66.234441][ T5099] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   66.243724][ T5099] Cannot create hsr debugfs directory
[   66.257521][ T5094] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.292535][ T5094] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.560176][ T5104] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   66.572584][ T5104] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   66.594379][ T5091] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.604360][ T5104] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   66.618793][ T5104] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   66.692209][ T5091] 8021q: adding VLAN 0 to HW filter on device team0
[   66.716361][ T5099] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.726167][ T5099] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.774352][ T5099] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.810924][ T5099] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.822847][ T5141] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.830936][ T5141] bridge0: port 1(bridge_slave_0) entered forwarding state
[   66.857551][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0
[   66.878293][ T5141] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.886587][ T5141] bridge0: port 2(bridge_slave_1) entered forwarding state
[   66.908062][ T5101] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   66.936942][ T5101] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   66.968533][ T5101] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   67.012268][ T5101] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   67.026367][   T53] Bluetooth: hci1: command tx timeout
[   67.027766][ T5094] 8021q: adding VLAN 0 to HW filter on device team0
[   67.032094][   T53] Bluetooth: hci0: command tx timeout
[   67.064452][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.071837][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.146433][ T5104] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.174952][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.182583][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.280012][   T53] Bluetooth: hci3: command tx timeout
[   67.304085][ T5104] 8021q: adding VLAN 0 to HW filter on device team0
[   67.346686][   T53] Bluetooth: hci4: command tx timeout
[   67.348736][ T5093] Bluetooth: hci2: command tx timeout
[   67.383368][ T5099] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.422046][ T5139] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.430844][ T5139] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.501762][ T5099] 8021q: adding VLAN 0 to HW filter on device team0
[   67.543744][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.551681][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.604855][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.612614][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.638203][ T5101] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.674617][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.682347][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.767063][ T5101] 8021q: adding VLAN 0 to HW filter on device team0
[   67.783746][ T5091] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.828941][ T5099] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.845570][ T5099] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.874735][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.882651][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.932231][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.940054][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.002999][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.153248][ T5091] veth0_vlan: entered promiscuous mode
[   68.172653][ T5104] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.270356][ T5094] veth0_vlan: entered promiscuous mode
[   68.282784][ T5091] veth1_vlan: entered promiscuous mode
[   68.323013][ T5094] veth1_vlan: entered promiscuous mode
[   68.347741][ T5099] 8021q: adding VLAN 0 to HW filter on device batadv0
[   68.491182][ T5091] veth0_macvtap: entered promiscuous mode
[   68.526027][ T5094] veth0_macvtap: entered promiscuous mode
[   68.540859][ T5091] veth1_macvtap: entered promiscuous mode
[   68.594793][ T5094] veth1_macvtap: entered promiscuous mode
[   68.651618][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.662605][ T5099] veth0_vlan: entered promiscuous mode
[   68.680032][ T5099] veth1_vlan: entered promiscuous mode
[   68.691881][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.703781][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.720993][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.747373][ T5091] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.767828][ T5091] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.778492][ T5091] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.790551][ T5091] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.802843][ T5091] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.814040][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.826112][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.841196][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.854322][ T5094] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.864162][ T5094] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.873936][ T5094] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.884372][ T5094] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.941758][ T5101] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.034851][ T5099] veth0_macvtap: entered promiscuous mode
[   69.081692][ T5104] veth0_vlan: entered promiscuous mode
[   69.092812][ T5099] veth1_macvtap: entered promiscuous mode
[   69.105748][ T5093] Bluetooth: hci0: command tx timeout
[   69.105770][   T53] Bluetooth: hci1: command tx timeout
[   69.129333][ T5104] veth1_vlan: entered promiscuous mode
[   69.153766][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.168301][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.179382][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.190364][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.202425][ T5099] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.237713][ T5101] veth0_vlan: entered promiscuous mode
[   69.252855][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.252935][ T5138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.267671][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.277225][ T5138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.291147][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.302592][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.314314][ T5099] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.346456][   T53] Bluetooth: hci3: command tx timeout
[   69.354086][ T5101] veth1_vlan: entered promiscuous mode
[   69.379913][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.390513][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.410101][ T5099] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.419634][ T5099] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.429121][   T53] Bluetooth: hci4: command tx timeout
[   69.433088][ T5099] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.444195][   T53] Bluetooth: hci2: command tx timeout
[   69.451384][ T5099] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.478246][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.487579][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.553614][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.574589][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.598346][ T5104] veth0_macvtap: entered promiscuous mode
05:55:39 executing program 0:
r0 = socket$inet6(0x18, 0x3, 0x0)
fchown(r0, 0x0, 0xffffffffffffffff)

[   69.653352][ T5104] veth1_macvtap: entered promiscuous mode
05:55:39 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$sock_int(r0, 0xffff, 0x800, &(0x7f0000000140), 0x4)

[   69.768582][ T5101] veth0_macvtap: entered promiscuous mode
[   69.800704][ T5101] veth1_macvtap: entered promiscuous mode
05:55:39 executing program 0:
r0 = socket$unix(0x1, 0x1, 0x0)
close(r0)
fsync(r0)

[   69.823001][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
05:55:39 executing program 1:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_timeval(r0, 0xffff, 0x1005, &(0x7f0000000000), 0x10)

[   69.876075][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.928303][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.968304][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
05:55:39 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0xffff, 0x1022, &(0x7f0000000040)={0x0, 0x0, <r1=>0x0}, &(0x7f00000000c0)=0xc)
setregid(0x0, r1)
setgid(r1)

[   69.992373][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.012154][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.022563][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
05:55:39 executing program 1:
openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x200, 0x0)

[   70.040014][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
05:55:39 executing program 0:
syz_emit_ethernet(0x12, &(0x7f0000000080)={@local, @local}, 0x0)

[   70.090585][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_0
05:55:39 executing program 1:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = epoll_create1(0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f00000007c0))

[   70.149202][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.185465][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
05:55:39 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @beacon={{{}, {}, @broadcast, @device_a, @from_mac=@device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}]}, 0x54}}, 0x0)

05:55:39 executing program 1:
syz_emit_ethernet(0x7e, &(0x7f00000003c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @rand_addr, @loopback, {[@timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast2}, {@broadcast}, {@multicast1}, {@broadcast}, {@multicast1}, {@remote}, {@loopback}]}, @rr={0x7, 0x3}]}}}}}}}, 0x0)

[   70.218619][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.230667][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.244236][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.291461][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.305193][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   70.323743][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
05:55:39 executing program 1:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockname(r0, &(0x7f00000002c0)=@pppol2tpv3={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @private}}}, &(0x7f00000001c0)=0x80)
ioctl$F2FS_IOC_RESIZE_FS(r1, 0x5451, 0x0)

[   70.337072][ T5101] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.354478][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.377982][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.398862][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.428977][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
05:55:40 executing program 1:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
close(r0)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockname(r0, 0x0, &(0x7f0000005c40))

[   70.439734][ T5104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.451699][ T5104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.466731][ T5104] batman_adv: batadv0: Interface activated: batadv_slave_1
05:55:40 executing program 1:
syz_mount_image$ext4(0x0, &(0x7f00000002c0)='mnt\x00', 0x1084080, 0x0, 0x0, 0x0, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000540)=@v2={0x2, @aes256, 0x0, '\x00', @a})

[   70.510736][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.521853][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.534897][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
05:55:40 executing program 1:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x80}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x5c}}, 0x0)

[   70.580264][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.590931][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.602157][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.612206][ T5101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   70.634897][ T5101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   70.654418][ T5101] batman_adv: batadv0: Interface activated: batadv_slave_1
05:55:40 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

05:55:40 executing program 1:
r0 = syz_io_uring_setup(0x70ee, &(0x7f00000020c0), &(0x7f0000000080), &(0x7f0000002180))
io_uring_register$IORING_REGISTER_PROBE(r0, 0x16, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000080000000001"], 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r0, 0x1a, &(0x7f00000002c0)={0x0}, 0x1)

[   70.693794][ T5104] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.715093][ T5104] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.730354][ T5104] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.739988][ T5104] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.753452][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.779513][ T5101] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
05:55:40 executing program 0:
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@local, @private0, @ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x5, 0x0, 0x0, 0x2})

[   70.794476][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.802197][ T5101] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.812738][ T5101] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.828653][ T5101] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
05:55:40 executing program 0:
r0 = open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffff, 0xffffffffffffffff})
fallocate(r0, 0x0, 0x0, 0x0)
utime(&(0x7f00000003c0)='./bus\x00', 0x0)
clock_gettime(0x0, &(0x7f0000000000))
setxattr$trusted_overlay_redirect(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x8, 0x2)

05:55:40 executing program 1:
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000140))

[   70.997602][   T29] audit: type=1800 audit(1712037340.576:2): pid=5208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1945 res=0 errno=0
05:55:40 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000f40)={&(0x7f0000000a80)=@in={0x10, 0x2}, 0x10, 0x0, 0x0, &(0x7f0000000e80)=[@init={0x14}], 0x14}, 0x0)

05:55:40 executing program 2:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r0, r1)

[   71.046197][   T51] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x800000000 pfn:0x5c921
[   71.063826][   T51] flags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)
[   71.104861][   T51] raw: 00fff80000000000 0000000000000000 dead000000000122 0000000000000000
05:55:40 executing program 1:
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="0000000000706323a00000000000f32f303a30304131302e30000000000700feb4eec5ffc38908000000080003007063690011000200303030657d3030"], 0x5c}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000380)=0x1, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

[   71.163671][   T51] raw: 0000000800000000 0000000000000000 00000000ffffffff 0000000000000000
[   71.187749][   T53] Bluetooth: hci1: command tx timeout
[   71.195932][   T53] Bluetooth: hci0: command tx timeout
05:55:40 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000400)={0xa, 0x2, 0x0, @empty}, 0x69)
listen(r0, 0x0)
r1 = accept$inet6(r0, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r2, &(0x7f00000001c0)={0x2, 0x2, @local}, 0x10)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, 0x0, 0x0)

[   71.207727][   T51] page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
05:55:40 executing program 2:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x50, 0x0, 0x0, 0xffffffff}, {0x6}]}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'xfrm0\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f00000002c0)="05040800d3fc100000004788031c09102128", 0x101c, 0x4, &(0x7f0000000140)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)

[   71.236980][   T51] page_owner tracks the page as allocated
[   71.266049][ T5138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.274864][ T5138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.298224][   T51] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5094, tgid -1942085296 (syz-executor.0), ts 5094, free_ts 71046142070
05:55:40 executing program 1:
openat$rfkill(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
epoll_create(0x0)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b2a, &(0x7f0000000040))

[   71.389746][   T51]  post_alloc_hook+0x1f3/0x230
[   71.395192][   T51]  get_page_from_freelist+0x2e7e/0x2f40
[   71.405301][   T51]  __alloc_pages_noprof+0x256/0x6c0
[   71.422961][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.425902][   T53] Bluetooth: hci3: command tx timeout
[   71.443355][   T51]  alloc_slab_page+0x5f/0x120
[   71.455235][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.475052][   T51]  allocate_slab+0x5a/0x2e0
[   71.490545][   T51]  ___slab_alloc+0xea8/0x1430
[   71.499152][   T51]  __slab_alloc+0x58/0xa0
[   71.507769][   T53] Bluetooth: hci2: command tx timeout
[   71.508747][ T5093] Bluetooth: hci4: command tx timeout
[   71.532128][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
05:55:41 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
bind$inet(r0, &(0x7f0000001740)={0x10, 0x2}, 0x10)

[   71.534639][ T5223] warning: `syz-executor.1' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   71.565787][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.581157][   T51]  __kmalloc_noprof+0x25e/0x410
05:55:41 executing program 0:
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000), 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000840)={{r2}, &(0x7f0000000680), &(0x7f0000000800)}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r2}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000300)={r2, &(0x7f0000000140), 0x0}, 0x20)

05:55:41 executing program 1:
timer_create(0x0, &(0x7f0000000180)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "7f31ddc1517600"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup(r1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000200)=0x2)
read(r1, 0x0, 0x2006)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000))
ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x5411, 0x0)

[   71.598994][   T51]  tomoyo_realpath_from_path+0xcf/0x5e0
[   71.614813][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.635480][   T51]  tomoyo_check_open_permission+0x255/0x500
[   71.670020][   T51]  security_file_open+0x69/0x570
[   71.697267][   T51]  do_dentry_open+0x327/0x15a0
[   71.715589][ T5140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.723487][ T5140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.728322][   T51]  path_openat+0x2860/0x3240
05:55:41 executing program 0:
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$inet(r0, &(0x7f0000000180)={0x10, 0x2}, 0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x105, &(0x7f0000000140)=ANY=[], &(0x7f0000000080)=0x8)

[   71.765104][   T51]  do_filp_open+0x235/0x490
[   71.776314][   T51]  do_sys_openat2+0x13e/0x1d0
[   71.788115][   T51]  __x64_sys_openat+0x247/0x2a0
[   71.816674][ T5230] serio: Serial port pts0
[   71.821455][   T51] page last free pid 51 tgid 51 stack trace:
[   71.839004][   T51]  free_unref_page+0xd3c/0xec0
[   71.847021][   T51]  __folio_put_large+0x168/0x1d0
[   71.853453][   T51]  __folio_put+0x299/0x390
[   71.860014][   T51]  __io_remove_buffers+0x298/0x8f0
05:55:41 executing program 0:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000001040)=0x19)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x13, r3, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000000)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3c096eff7fc6e5539b9b3b098b9b721b5d840908080d07428f091ac6e7049b3441959b189a242a9b60f3988f7ef319520100ffe8d178708c523c921b1b5d520a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

[   71.866229][   T51]  io_destroy_buffers+0x14e/0x490
[   71.874387][   T51]  io_ring_ctx_free+0x818/0xe70
[   71.880183][   T51]  io_ring_exit_work+0x7c7/0x850
[   71.886114][   T51]  process_scheduled_works+0xa2c/0x1830
[   71.903911][   T51]  worker_thread+0x86d/0xd70
[   71.917321][   T51]  kthread+0x2f0/0x390
[   71.932689][   T51]  ret_from_fork+0x4b/0x80
[   71.938907][   T51]  ret_from_fork_asm+0x1a/0x30
[   71.948335][   T51] ------------[ cut here ]------------
[   71.953982][   T51] kernel BUG at include/linux/mm.h:1135!
[   71.989678][   T51] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[   71.997211][   T51] CPU: 1 PID: 51 Comm: kworker/u8:3 Not tainted 6.9.0-rc2-next-20240402-syzkaller #0
[   72.007201][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   72.017577][   T51] Workqueue: events_unbound io_ring_exit_work
[   72.023854][   T51] RIP: 0010:__io_remove_buffers+0x8ee/0x8f0
[   72.030092][   T51] Code: ff fb ff ff 48 c7 c7 3c 68 a9 8f e8 fc b6 56 fd e9 ee fb ff ff e8 12 dc f1 fc 48 89 ef 48 c7 c6 60 ff 1e 8c e8 13 20 3b fd 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa
[   72.050853][   T51] RSP: 0018:ffffc90000bb7830 EFLAGS: 00010246
[   72.057014][   T51] RAX: 04f5f5ba7f382200 RBX: 0000000000000000 RCX: 0000000000000001
[   72.064976][   T51] RDX: dffffc0000000000 RSI: ffffffff8bcad5c0 RDI: 0000000000000001
[   72.072943][   T51] RBP: ffffea0001724840 R08: ffffffff92f3a617 R09: 1ffffffff25e74c2
[   72.081083][   T51] R10: dffffc0000000000 R11: fffffbfff25e74c3 R12: 0000000000000008
[   72.089546][   T51] R13: 0000000000000002 R14: ffff8880791fc880 R15: ffffea0001724874
[   72.098141][   T51] FS:  0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
[   72.107731][   T51] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.114329][   T51] CR2: 00007f7956046d58 CR3: 000000007ea60000 CR4: 00000000003506f0
[   72.122844][   T51] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.131080][   T51] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.139155][   T51] Call Trace:
[   72.142438][   T51]  <TASK>
[   72.145376][   T51]  ? __die_body+0x88/0xe0
[   72.149888][   T51]  ? die+0xcf/0x110
[   72.153728][   T51]  ? do_trap+0x15a/0x3a0
[   72.158066][   T51]  ? __io_remove_buffers+0x8ee/0x8f0
[   72.163347][   T51]  ? do_error_trap+0x1dc/0x2c0
[   72.168418][   T51]  ? __io_remove_buffers+0x8ee/0x8f0
[   72.174118][   T51]  ? __pfx_do_error_trap+0x10/0x10
[   72.179424][   T51]  ? handle_invalid_op+0x34/0x40
[   72.184466][   T51]  ? __io_remove_buffers+0x8ee/0x8f0
[   72.189971][   T51]  ? exc_invalid_op+0x38/0x50
[   72.194845][   T51]  ? asm_exc_invalid_op+0x1a/0x20
[   72.200005][   T51]  ? __io_remove_buffers+0x8ee/0x8f0
[   72.205741][   T51]  io_destroy_buffers+0x14e/0x490
[   72.210853][   T51]  ? lockdep_hardirqs_on+0x99/0x150
[   72.216243][   T51]  ? __pfx_io_destroy_buffers+0x10/0x10
[   72.221807][   T51]  ? io_futex_cache_free+0x1e3/0x240
[   72.228243][   T51]  io_ring_ctx_free+0x818/0xe70
[   72.233317][   T51]  io_ring_exit_work+0x7c7/0x850
[   72.238285][   T51]  ? __pfx_io_ring_exit_work+0x10/0x10
[   72.244028][   T51]  ? __pfx_io_tctx_exit_cb+0x10/0x10
[   72.249695][   T51]  ? process_scheduled_works+0x945/0x1830
[   72.255461][   T51]  process_scheduled_works+0xa2c/0x1830
[   72.261488][   T51]  ? __pfx_process_scheduled_works+0x10/0x10
[   72.267566][   T51]  ? assign_work+0x364/0x3d0
[   72.272348][   T51]  worker_thread+0x86d/0xd70
[   72.277338][   T51]  ? __kthread_parkme+0x169/0x1d0
[   72.283008][   T51]  ? __pfx_worker_thread+0x10/0x10
[   72.288544][   T51]  kthread+0x2f0/0x390
[   72.292717][   T51]  ? __pfx_worker_thread+0x10/0x10
[   72.299072][   T51]  ? __pfx_kthread+0x10/0x10
[   72.303854][   T51]  ret_from_fork+0x4b/0x80
[   72.308731][   T51]  ? __pfx_kthread+0x10/0x10
[   72.313367][   T51]  ret_from_fork_asm+0x1a/0x30
[   72.318136][   T51]  </TASK>
[   72.321149][   T51] Modules linked in:
05:55:41 executing program 2:
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000240)=@v2={0x2, @aes256, 0x0, '\x00', @d})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = dup2(r1, r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x0)

05:55:41 executing program 0:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000005c0)=[{{0x0, 0xfffffffffffffea3, 0x0}}], 0x3ffffffffffff62, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000400), r1)

05:55:41 executing program 4:
r0 = socket(0x2, 0x3, 0x0)
bind$inet(r0, &(0x7f0000000080), 0xc)

[   72.338084][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[   72.344946][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
05:55:42 executing program 3:
sendmsg(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x500}, 0x0)

[   72.413041][   T51] ---[ end trace 0000000000000000 ]---
05:55:42 executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x7c}}, 0x0)

[   72.473878][   T51] RIP: 0010:__io_remove_buffers+0x8ee/0x8f0
[   72.532615][   T51] Code: ff fb ff ff 48 c7 c7 3c 68 a9 8f e8 fc b6 56 fd e9 ee fb ff ff e8 12 dc f1 fc 48 89 ef 48 c7 c6 60 ff 1e 8c e8 13 20 3b fd 90 <0f> 0b 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa
[   72.556877][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
05:55:42 executing program 2:
syz_emit_ethernet(0x0, 0x0, 0x0)

05:55:42 executing program 3:
r0 = syz_io_uring_setup(0x9a7, &(0x7f0000007640), &(0x7f00000076c0), &(0x7f0000007700))
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x12, 0x0, r1)

[   72.669483][   T51] RSP: 0018:ffffc90000bb7830 EFLAGS: 00010246
[   72.720740][   T51] RAX: 04f5f5ba7f382200 RBX: 0000000000000000 RCX: 0000000000000001
[   72.732420][   T51] RDX: dffffc0000000000 RSI: ffffffff8bcad5c0 RDI: 0000000000000001
[   72.741328][   T51] RBP: ffffea0001724840 R08: ffffffff92f3a617 R09: 1ffffffff25e74c2
[   72.751950][   T51] R10: dffffc0000000000 R11: fffffbfff25e74c3 R12: 0000000000000008
[   72.761511][   T51] R13: 0000000000000002 R14: ffff8880791fc880 R15: ffffea0001724874
05:55:42 executing program 2:
r0 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={r0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)

[   72.771565][   T51] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[   72.782124][   T51] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   72.808493][   T51] CR2: 00007f8d76e3a440 CR3: 0000000017fcc000 CR4: 00000000003506f0
05:55:42 executing program 4:
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYRES32, @ANYRES16, @ANYBLOB="0000000000706323a00000000000f32f303a30304131302e30000000000700feb4eec5ffc38908000000080003007063690011000200303030657d3030"], 0x5c}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000380)=0x1, 0x4)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)

05:55:42 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x54, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x38, 0x33, @beacon={{{}, {}, @broadcast, @device_a, @from_mac=@device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}]}, 0x54}}, 0x0)

[   72.845404][   T51] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   72.872727][   T51] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   72.906973][   T51] Kernel panic - not syncing: Fatal exception
[   72.913180][   T51] Kernel Offset: disabled
[   72.917610][   T51] Rebooting in 86400 seconds..