last executing test programs:

4m38.654155471s ago: executing program 5 (id=6):
r0 = io_uring_setup(0x3c8e, &(0x7f0000000500))
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sendto$unix(r1, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x18)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r6, 0x28543634fae43ad, 0x0, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x9)
sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)={0x2c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0xb, 0x9}}]}, 0x24}, 0x1, 0x0, 0x0, 0x8400}, 0x20000000)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)

4m37.566024127s ago: executing program 5 (id=19):
gettid()
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x8)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

4m36.893786709s ago: executing program 5 (id=25):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xfff, @empty}, 0x1c)
shutdown(r0, 0x1)

4m33.466817517s ago: executing program 5 (id=28):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

4m18.274846001s ago: executing program 32 (id=28):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

2m7.255990178s ago: executing program 6 (id=435):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r2=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000140)=@framed, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2649baca85309be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98db7efbb059842badcfc81364470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c11071adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee988ea2dbee528678eb47efb7b3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r4, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r3}]}, @IFLA_GROUP={0x8}]}, 0x34}}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2, 0x25, 0x0, @val=@iter={0x0}}, 0x40)

2m6.171549511s ago: executing program 6 (id=439):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

2m4.273129876s ago: executing program 6 (id=442):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xce0a, 0x10100, 0x3, 0x370, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_GET_DUMPABLE(0x3)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)

2m0.282895341s ago: executing program 6 (id=449):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x1, 0x5001)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setregid(0xffffffffffffffff, 0x0)
setuid(0xee01)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="d5858783", 0x4}], 0x1)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})

1m58.847693041s ago: executing program 6 (id=453):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r4 = openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
bind$inet6(0xffffffffffffffff, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
shutdown(0xffffffffffffffff, 0x1)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x4b4a, 0xffffffffffffff15)
close(r4)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x1c1140, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r5, 0xc0040d07, &(0x7f0000000040)=0x121)

1m57.554783427s ago: executing program 6 (id=455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x2)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = open(0x0, 0x64842, 0x0)
pwritev2(r2, 0x0, 0x0, 0x1200, 0x30, 0x3)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56561, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x8, 0x8}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x1, 0x4, 0xfff, 0x1, 0x8, 0x8}}, {0x4}}]}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4040002)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x40d00, 0x20)
sendfile(0xffffffffffffffff, r6, 0x0, 0x8000fffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close_range(r7, 0xffffffffffffffff, 0x200000000000000)

1m48.128838253s ago: executing program 1 (id=492):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)

1m47.819312348s ago: executing program 1 (id=494):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="000000faff00000008000c"], 0x34}}, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
creat(&(0x7f0000000300)='./file0\x00', 0x0)
mount$nfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{'acl'}]})
r8 = fcntl$dupfd(r6, 0x0, r6)
pwritev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)='X', 0x1}], 0x1, 0x800000, 0x70)
ioctl$SG_IO(r8, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @empty}, {0x20000010304, @local}, 0x4, {0x2, 0x4e20, @rand_addr=0x64010101}})

1m46.903473038s ago: executing program 1 (id=498):
r0 = syz_open_dev$ndb(0x0, 0x0, 0x14d002)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)

1m46.699819448s ago: executing program 1 (id=500):
r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x14d002)
ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)

1m46.374206221s ago: executing program 1 (id=501):
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

1m43.842581024s ago: executing program 1 (id=508):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r0, 0x5, 0x81, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x109000, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x53, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x0, 0xfffffffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f0000000200)={0x7, 0x2, 0x1, 'queue0\x00', 0x996a})
tkill(r2, 0x7)
r4 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x3f)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)

1m41.880332909s ago: executing program 33 (id=455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_test', 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x2)
syz_clone3(&(0x7f0000000300)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
r2 = open(0x0, 0x64842, 0x0)
pwritev2(r2, 0x0, 0x0, 0x1200, 0x30, 0x3)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000540)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56561, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x8, 0x8}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x1, 0x4, 0xfff, 0x1, 0x8, 0x8}}, {0x4}}]}, @qdisc_kind_options=@q_qfg={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4040002)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x40d00, 0x20)
sendfile(0xffffffffffffffff, r6, 0x0, 0x8000fffffffe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close_range(r7, 0xffffffffffffffff, 0x200000000000000)

1m28.432868306s ago: executing program 34 (id=508):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, r0, 0x5, 0x81, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x109000, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000007c0)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000180)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x5, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7, &(0x7f0000000580)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0x50, 0x10, &(0x7f0000000600), &(0x7f0000000640), 0x8, 0x53, 0x8, 0x8, &(0x7f0000000680)}}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x0, 0xfffffffd}, 0x0, {0x0, 0x2}, 0x0, 0x0, 0x4})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f0000000200)={0x7, 0x2, 0x1, 'queue0\x00', 0x996a})
tkill(r2, 0x7)
r4 = fcntl$dupfd(r1, 0x0, r1)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000040)=0x3f)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000800)={0x1b, 0x0, 0x0, 0x6, 0x0, 0x1, 0x10001, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x5, 0x0, @void, @value, @void, @value}, 0x50)

33.738509461s ago: executing program 0 (id=702):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a0703000000000000000002000009080003400000000a0900010073807a30000000000c000640000000000000000214000000020a0101"], 0x70}}, 0x0)

32.189630754s ago: executing program 0 (id=704):
r0 = syz_open_dev$radio(&(0x7f0000000200), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000140)={0xfffffffe, 0x1})
syz_open_dev$vbi(0x0, 0x3, 0x2)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
setfsuid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

28.173285334s ago: executing program 0 (id=713):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="d5858783", 0x4}], 0x1)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})

26.16161499s ago: executing program 0 (id=717):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffd, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4811)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600000000000800030001000000df756fc266b29925a5f87eea66faf002b81c4a183ae01092b538bea3e74aba20242304d3fe93cd895f3d53f0b74ce3bd38a4490565d09d265c13e712ec5ccd10ac208364bb0b387840787920fe5b688cc3f464f83ec12a49bb2438921e9e9792d5a36700ea205042"], 0x34}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

24.115259001s ago: executing program 3 (id=721):
sendto(0xffffffffffffffff, &(0x7f00000000c0)="120000001200e7ef007b00000000000000", 0x11, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000700)='attr/current\x00')
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
chdir(0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f00000000c0)=0xa9d, &(0x7f0000000100)=0x4)

23.929705132s ago: executing program 0 (id=723):
r0 = syz_open_dev$radio(&(0x7f0000000200), 0x1, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000140)={0xfffffffe, 0x1})
syz_open_dev$vbi(0x0, 0x3, 0x2)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r2, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
setfsuid(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

23.863938076s ago: executing program 3 (id=725):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400), 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, r3)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="c4000000", @ANYRESOCT=r4, @ANYRESHEX=0x0], 0xc4}}, 0x0)
shutdown(r2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x400448cb, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000600)=[{0x60, 0x4, 0xfd}, {0x2, 0x74, 0x7, 0x9}, {0x7, 0x90, 0x6, 0x9}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f0000000200), 0x12)
ioctl$FS_IOC_RESVSP(r8, 0x4030582a, &(0x7f0000000380)={0x0, 0x0, 0x10, 0x80000000})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', <r9=>0x0})
setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000000140)={r9, 0x1, 0x6, @local}, 0x10)
openat$cgroup_subtree(r8, &(0x7f00000005c0), 0x2, 0x0)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
socket$inet(0x2, 0x2, 0x0)
write(r10, &(0x7f0000000040)="05000000010000", 0x7)

22.883657167s ago: executing program 2 (id=726):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x104}}, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
ioctl$FS_IOC_SETFLAGS(r0, 0xc0606610, &(0x7f0000000040)=0x60)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r1], 0x48)
mlock2(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x0)
r2 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000180)='1', 0x1)

22.877505234s ago: executing program 3 (id=727):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="d5858783", 0x4}], 0x1)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})

22.522892908s ago: executing program 2 (id=729):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x3a, 0x20000000)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0x178)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r5, 0x80046402, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$DRM_IOCTL_AUTH_MAGIC(r7, 0x40046411, &(0x7f0000000000)=0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="000000000100010000000000"])
ioctl$SG_SET_TIMEOUT(r4, 0x2201, &(0x7f0000000000)=0xc)
r8 = io_uring_setup(0x2e34, &(0x7f0000000180))
r9 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
pread64(r9, 0x0, 0x0, 0x7fff)
close_range(r8, 0xffffffffffffffff, 0x0)

21.411401363s ago: executing program 2 (id=730):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r4 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r4, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)

21.411075334s ago: executing program 3 (id=731):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom0\x00', 0x800, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_open_dev$media(&(0x7f00000006c0), 0x2, 0x40b02)
r1 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x8})
io_uring_enter(r1, 0x207a98, 0x0, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
fcntl$lock(r4, 0x7, 0x0)
fcntl$lock(r4, 0x6, &(0x7f0000000000)={0x1})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0x0, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440))
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3bc, @void, @value}, 0x94)

20.378493427s ago: executing program 2 (id=732):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c000000040605000000000000000000030004000900020073797a3200000000090002000100000000000000050001000700000005000100070000000900020073797a310000000005000100070000000900020073797a30"], 0x5c}}, 0x0)

20.305014425s ago: executing program 2 (id=733):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffd, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4811)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000000500050001000000080004000000000005000600000000000800030001000000df756fc266b29925a5f87eea66faf002b81c4a183ae01092b538bea3e74aba20242304d3fe93cd895f3d53f0b74ce3bd38a4490565d09d265c13e712ec5ccd10ac208364bb0b387840787920fe5b688cc3f464f83ec12a49bb2438921e9e9792d5a36700ea205042"], 0x34}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

20.294315449s ago: executing program 3 (id=734):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="adcd1a9a3fc36e96", 0x8)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
read$alg(r1, &(0x7f0000001280)=""/4121, 0x1019)
sendmmsg(r1, &(0x7f000000af40)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000001c0)="7c4ca1be2fde97c23ebec48e6c16d8c46f54c93856d27076b8eac4048a8996474c285ac488a3b203", 0x28}, {&(0x7f0000000280)="16c36b788dc5228a335d26b838d3132c03905c4997", 0x15}, {&(0x7f00000002c0)="b59a3cb16c19e96f271433843ff39237c524449f052b636c486d15a3cb4c5ded70bf5f109c89b01f367ed8387d95d63dad901129f36655f02a909d5af6b25257e70fae3e4251dae1b64a24d572acbbf8c7cd231a3d877746e856ec3d355683b38038397edfbce9050c8b41d72a691b00b8e96b17a4fc630f265e6c16e84c460bcd69fc0ae3b6e15e6a72073ef9d0726ecfbeb634bd66cd7a38069c1b7f105ed19bbed61306ef9c6efbc17e0db810551b0b03a000afefc122d44dd35813", 0xbd}, {&(0x7f00000003c0)="035f5cf4b08d735b5f5045025fe638f05d43fa1546c00321b9be481e6d5ee6e0624addfa6768031a67e7ec26530af491", 0x30}], 0x4, &(0x7f00000022c0)}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000003500)="05f0f0935bb26a7ba34ddc18399976f23c4950a2b128b28e4199a40fd40c215eab0d17b16feae9220b8d7b1990b00b247d4463e080c9a69e1ff9a894e044c89a8f3adba54c3308c72f4156a8f5bc16b82951274aa44d0e34bd92607c7fdaf1f43c3672198e6deffa880f886326e515f8369716594ab05aacd9381da5379171d9084ca69fdc282d4e304fad8aa0592773a163fddf54b77d89ca72e278dfcf3f4dd8ccaadcab5dd9d70175e320a221a8b210fb5c46cbfb71c104a3ed61b7a5d776804bcff19ead0d4925cc3553033cc5af129ab1a53df205e0a00aa840be49c234055465105e3b665fc1e882dccc7c1329ad379df32826348375f2d3292b394acb03e6285e05b7b5783ed7958a95d9a42fb027583aca436e6c8435856c7d8a912b384b5433e3d6611e331cefee7e3d7bd23fc3e02a9d5344611c1d68852e6cc1a6a82c30b478dd38a794c5f6369a50bab1b8f5a64a9ffa6eb5708728464e65e14c8864b651d7591a5bda5bfef473b551251c1302f7703d0f751a3ba88e12d36c74fba7c61ab3056f672d7db4ca812f2f2e71acf3305df11376702a1318e4543fbcc2a4fd962609610e762b369ba63eb30b61ffbbef85af162a2890d3d35275c1b29336c5999ab983bd8ec468addea3f21bfc7861b823f8ee4526a2b8522329227e1b34799ef3a6c7741aa8153f07ef03a987320b22f7d1b7eecf55ae52e5dd6661ef5d8ca7464a376e444e5ac4e24fc696fe4dee3ca157ba7ec8dc38878760f1568e7bc07a24a3ea2e5bb5e086b4f1d7b6277f74e3c345d435f83009e469c71868f7dc2eeabb83cc55cd569a4be01002141f634c39b0a882edc531eafb6596c6bfa1a98901fc097512024c9f62e0c5581d95d806687a89e85bf47e6bd3019514fc3333c571e15a601b029654383f1ef7e9b85f8746e359a48f61d511950e4acabe684c513f6465b843b8c7d208d5fb0d690eeaeea1e3343e1ea0d7a7b6759833ef41d3184a5d74a99f3ab0f4f9b9676df849aa900f4af5665df5ab6a9f3e507dfa67a2183de050461e95d42d58ab4a9cc4e11913cd56712f92e6fd21f50f473ddb75310fb780d0a8b864b27651748d8f775d4ca457a2b70c3b1232af1169b9c647e1ce3f8de9aea1df4bfd303cc34d0f04f13f21fd6d2a848a3903f59ecf7725dd0b8c90d31f2aa4961d7a0cd5617cf1c5a095d05611f0064247a07fc6842bdb06fa48c151f06620c1c55abc7fd409c577e7fae354456b76fa4887b91cec72f09068e90be93edba81b78e46dea107c6753c0145d62c526bc7c386b1c83a501c49f16e81300241b013954580cace5c8fc83b40e97f03ad21b28cae00e216db64795cdc53cc6fbfe90187a9fcb1b6cc6be4f0343ca89876de9c4dae23f07cc25dc69a010c44315ba5d93daaa75ebcf6d7eeea65bd3762ff4c7b748a8ec11adea075f68deaf39d7b77fa6bd1d98c733c2539edb3121946797fbd1493786c8c6353f23ae22e63e1126749aff7adf8eb45bd5c3bf43866286d8f4c782034f5365e6cb2b386ade14a3359e9f334f42fd8ed220ac0f17af87a4d61873ebcccdf2b3c8dde0222c3d16a0485e4a90a16461154bc2d953e98563a9abe5e99dfee243e0c66053f2a87508f72f9ad1af280e6e0ec4291710dccdcf2e1311a04c81c8d6b228e55f30eeff19e6917c89d2d3b6fd93a815e4036222c4a8a709c66a3e537242ac889d2c3e1094faafe51e756a42eee6c5d3dd6ed32db74fe45a8497e572cdb180c3f282c8b5ace4e788ec5a2f1a7f25c30f94c82856a89cb949be69ec4083369a2ce63bf89b38dbe8387f7e1bb0c10dbb5315495780926e15d5207d65d30d6066b29471f37b7e08103635823e303f30342d89ce3e32303477836a456a1a1ede32553d66d88167b2cdf6899baf5cfb9d02aaac444c373485d3c7859c54445145cbae96de1ecf2f574d8f7c26621d417f433f3a2cc684e0ceac84707c40b3ce1bdc92a4a793776f114b8b30e7cd3aa591f0cb519213a5e2337cbad4d4a5c7dde534a135a3a0b0ecf9d3a92f1b59572a52a3ed86f500451009ecd4c32a519a3b286fae102dc5b4122bc969cf2127be287c07237098109255ff71aa2da52f872f61d6563cc77abd6c92f700d26904cf824a19d48306e02b7bd3a063c15777b2c081ea63257ddc287bc49ef39e177698264c321de1f5d3e9d50af711035f8c3c1e77555121db861d7c91ff2d4fbf498140d41eb5b5d83b7c03ebf2d51117c246fc650c9ece99928247eb910b5e15bb55e98c5d21fc983a4eb05c7a843f3188c10ae5a461138bf3860eeb057a84a2341c7713986989c8ffb236c7521ed9b3ad2ae477bf66ed5d12059606424784eb5ccf6729f09f52e72ef5fd4705120d3436219f8c5c1b04bb71284917d21bed2317a255b006e1b04c522754c3124795fce84b0bf2308410b23216e659683764658eb3af86ea4902f9b2285ebe10b207ce036a9eefdc5a16180d198a859a425956b39d95f38aee66199449ec80a4984c5431db81ab2f78057205f9110c4f2a36950e74456897cf67889fa1d023ce645edc6ae8dad2d4d0491f0567e385f015866da27b22e44b32bff4093d6d61eb83c535311732c09811387e8ee861ea73de304032426cc074a067f6f03b1f013550754a563f8c83b9435df434722a9894f9025be149cec639baab6b0c86f424c025f8ea76427ddec62dda7d437dbb47fe88a118e3ed5a18a549342c8f433a0e8aad8dee057aae9a7f2e062a6896a8ca3d8faebc9132bea237085f50f3a5ae1dde57b7426769e8205e9dbfcf1c827fa2528e6df7192acb4e326ab0d73712e593ded9b4a5185cce8c198ff19570213aa9494099d508a9fb8eba2eed2abeef4c063f6e17ff1d9182c995bf9207c98143bf2ad4b3a5ac5c2e2599b66e06b81503fee01254872f4a9db516a7fc2c3cb2cc998c9d86859b9365e2f6456859b15b67542f1dbbb6f4d2dcf93a88f939b276d06561beedc904b4614b951c1718a909bb014e3535a7f2f2c357249a1e431e6cffbdf4d367ece37c8bbfa09a3930dd097d21aa98598f97ffc124175a9531898817f35210e4426bb6179c947b0616fa4669ad1d0fa0635ee05267b773e3c7aed72ecb1ae9c34844ef060bbc7bc6407819f2224e7dc0367d9b1763034b9353d60290b39863faec5fdf7d808ae865bf82534ad2c12c411a22fea28bb41fc7c3ddcd1927da62c410748086bf2c6b761f8b6e6840bb5674d0f6a83658aabee95e5208071e222d912ea2734189ab450ce42e1e445507c0d09cf1b74f5ea9aa69a01d9e6f6b354577e33adfd088fe19a1ae559a70dc4b946b8af03a82413d0d5d76723be0019789736f5389c567e7a1a28e839ef674fead121fa5865f91c49a8e1d12bb160a2b84ca441c385b5a268b22bde4ee90cd2252b0d2d4be4f608feaba3e97c18f6d363105fb0bbae40d56d64f9e6ef6e90377174516599d77afadccf994fe5b31dd8b4d4fd2a5cba0c7081e69d402cdd8641c8f341988d173bf4f196ffbb2a3b2871c51d8a2804b61511dafb69fdacb2651d9904d702eddbd43ad6565a93c3d9a485a624425077d1647d5e94b570618dca4d56751ca8a231a05ed3295dfb53438a6cf6a120602b54a6d600a0fdd040025e575d96ff9978a93a0276a152967aec097e474b8e9c7bc0581c95a82a0b302314d44eaeb9040096be917efae12cf8f43b91de5697434ecc93d6f2a371c65bf421f6fae889100d6535a2779a86b0fc75e2148b153be7bd3acf94732a0473315b9f71d800cf98eb9ed710122b85e6fb1881d6ba8d74c663aa045a5f8446b9afe15be8bf2e7facee8b41e96501001143e5c4bc164e14acabae90dcbc5e4a39eba5d8012c1f441c56822c56126628841018acd37847b17951390145a88494c042fc45c1f75e170a2427078acb3e03f28f2bf7862bed2b927467951bfb37b60efa5ebb857fac6a3055ae5cebab8b1fa2e35e3f68e99b096ba912fd680b4720ef8a85687238fa18fa11a184eb8f45de6df95b4bd4970c6cfd8140a1e898c29977cb18081c3258fdae76947baa0901d606ecd290caf09fa6010c6c898558d0f3a8038cfff0f92b55f1d6a4473fc59898a246ddd644c01dc2a04425ffea0345ed78a541c65e1194e4475ca3155a3b0d3bde5a280ef3c956347d95f41ec8ba3d00df9e08dd4b1d733c786e97bde53036eb7a77a00ad48fe613a84934f9cbf38df93a00bb35af9d38386d1294bada75ae3f75eb4c48904dc05107921c3485183e44776d1cfac1fe85650d6e4741ffe14c7e10d949cfb8d2571ec2b8650c74ffb524e3612f53790a8d42b579ff5271eb8487abb21827705a7cd6b6ea621edec248db3c707990086c2b238672d507eeff0af25b1aa2f73d9fc3122db036b36fd6f9438b105e78d4e97e1f5ac9557b883ef3566d517fadae4084b9658feb01ca3ece723784a71ff7301d484832bccb5caea6cc56eb9df9e6a2298b71568d8a47d0c368e8b4953533ebcfa74b498e28669b65dc6854aeb00da9a0316017a4bfbaf255187bf17efc5d92725a351454958dc39b5a09c3d9aabb91a4b67b34f26eb088a20d476ea99705bd0906210d7ee761568a4ee5aff2cfc0c4c92ff5a7d2392e048a1160c17abe10911d694ca6792c56a09e253f8ffef3a55f734bd8a772a1a17438061df235327ed741f3fd4dfa4e7175ffd678d925db79c71f29ee540acc1ed035ce63419a19538fae993d4906b83134facceb552d4d18402da484cf741ab06393cb35475064ee8bb6cd4654b7c18eaddaebc2a717e494c2050083b26e7166cfe4f250cc0cf52d5aaab50f13dcd6bd554e616595c41ff9823978e16b2024d693df8656dc540032e0cb23ad12db79199dbf216233f079cc3048cd288bfb66b13934dda7805ccaf266974eb7f4935ec8bcd85bf54e9239fced387356a19dd9ee6eb7436d96c3daa3d6e7a69d2f7c3234592144441544ee67138fa95a470d68fab74402e4377650e155b9108ca8bd3c643b40687b98c07e8766c59b0f30b531d683b17dc3486d3a01188bebaa606557d1e85fa28dbe0d19b264fafa3d3247b641ff6f39e7240ed568b20f8c3c831ee531cd0faba9bf9a2a6723e0b63b498d9bd06f79623a085fff3badb53b02dc01640bfce1a4a48f17194745aa7985ab512cb143c2ce5ce20a90ef1204ca7a7314d06cfb5790b478f38d5f9a21619f7122ab9906308ae1df25cc7c24b5bfebc6631f23d1962a90f9c381aff602e8d3d3d64b4002d13a41b0acd5633a5f93968e078395a49fa23f272e0b1b77100cde93066d8d973f0fd0ac6e996a1a3580b6137cfa88853b1e2efb80ba8ccd6268fd2ab9c402f7c209f8e94a78ca36cadaf2d86f64046083bc5792e783f", 0xee5}], 0x1, &(0x7f000000b200)=ANY=[@ANYBLOB="b80000000000000001010000050000003cb61388cc1637eed5ef55c252482bc8bbe04bba9ae20c4d35223e3d622fc5ae4eadec64118a68a817e61d4c53cdb7d526abf79610a9eaed224290dc8640705f559958e9c30da332b2937b639dccae446d2bff454521c5996f060e1fb511bd112f6deddf2f131679dc2692984f41d36c573e435569c6c8a80064969e9cbe69e449e4ba40ed29bbee03444ebde45a92df4e4882eb2ece1bb40cd7dcdd360eef7a802b6ca2f76000001010000000000000020100"], 0x10c8}}], 0x2, 0x40080d5)

20.232539019s ago: executing program 0 (id=735):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f00000000c0)='qdisc_dequeue\x00', r2, 0x0, 0x1}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r5, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x4c, r7, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x31}, @val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))

19.220024435s ago: executing program 3 (id=736):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffd, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4811)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

18.677165299s ago: executing program 2 (id=737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400), 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, r3)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="c4000000", @ANYRESOCT=r4, @ANYRESHEX=0x0], 0xc4}}, 0x0)
shutdown(r2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x400448cb, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000600)=[{0x60, 0x4, 0xfd}, {0x2, 0x74, 0x7, 0x9}, {0x7, 0x90, 0x6, 0x9}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f0000000200), 0x12)
ioctl$FS_IOC_RESVSP(r8, 0x4030582a, &(0x7f0000000380)={0x0, 0x0, 0x10, 0x80000000})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', <r9=>0x0})
setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000000140)={r9, 0x1, 0x6, @local}, 0x10)
openat$cgroup_subtree(r8, &(0x7f00000005c0), 0x2, 0x0)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
socket$inet(0x2, 0x2, 0x0)
write(r10, &(0x7f0000000040)="05000000010000", 0x7)

16.469775014s ago: executing program 4 (id=739):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x104}}, 0x0)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
ioctl$FS_IOC_SETFLAGS(r0, 0xc0606610, &(0x7f0000000040)=0x60)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x6, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT=r1, @ANYRESOCT=r1], 0x48)
mlock2(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x0)
r3 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_enable(r3, &(0x7f0000000180)='1', 0x1)

16.384869598s ago: executing program 4 (id=740):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000140a0703000000000000000002000009080003400000000a0900010073807a30000000000c000640000000000000000214000000020a0101"], 0x70}}, 0x0)

16.333194578s ago: executing program 4 (id=741):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="d5858783", 0x4}], 0x1)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})

15.364500154s ago: executing program 4 (id=742):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r2, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r4 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_msfilter(r4, 0x0, 0x23, &(0x7f0000004b00)=ANY=[@ANYBLOB="e0000808ac1414aa"], 0x10)

15.270926972s ago: executing program 4 (id=743):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="580000000206010100000000140000000000000005000100070000000900020073797a30000000000c0007"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c000000040605000000000000000000030004000900020073797a3200000000090002000100000000000000050001000700000005000100070000000900020073797a310000000005000100070000000900020073797a30"], 0x5c}}, 0x0)

15.201095346s ago: executing program 4 (id=744):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "560400", 0x20, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x200, 0x0, 0x4, {[@timestamp={0x8, 0xa, 0x6, 0x3c46}]}}}}}}}}, 0x0)

5.000306723s ago: executing program 35 (id=735):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x3, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b00)={&(0x7f00000000c0)='qdisc_dequeue\x00', r2, 0x0, 0x1}, 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r5, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x4c, r7, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x31}, @val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r10, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))

4.004097912s ago: executing program 36 (id=736):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x7, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9c, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffd, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x4811)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x8)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0x4, 0xa}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

3.504296418s ago: executing program 37 (id=737):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400), 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(0x0, r3)
sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="c4000000", @ANYRESOCT=r4, @ANYRESHEX=0x0], 0xc4}}, 0x0)
shutdown(r2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYRES32=r1, @ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r5, 0x11b, 0x6, &(0x7f0000000000)=0x40000000, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x400448cb, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r7, 0x401054d5, &(0x7f00000000c0)={0x3, &(0x7f0000000600)=[{0x60, 0x4, 0xfd}, {0x2, 0x74, 0x7, 0x9}, {0x7, 0x90, 0x6, 0x9}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r8, &(0x7f0000000200), 0x12)
ioctl$FS_IOC_RESVSP(r8, 0x4030582a, &(0x7f0000000380)={0x0, 0x0, 0x10, 0x80000000})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00', <r9=>0x0})
setsockopt$packet_drop_memb(r8, 0x107, 0x2, &(0x7f0000000140)={r9, 0x1, 0x6, @local}, 0x10)
openat$cgroup_subtree(r8, &(0x7f00000005c0), 0x2, 0x0)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
socket$inet(0x2, 0x2, 0x0)
write(r10, &(0x7f0000000040)="05000000010000", 0x7)

0s ago: executing program 38 (id=744):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0200", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "560400", 0x20, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x200, 0x0, 0x4, {[@timestamp={0x8, 0xa, 0x6, 0x3c46}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

 filter on device team0
[   98.905429][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   98.928706][ T1073] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.935927][ T1073] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.000356][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   99.031429][ T5833] veth0_vlan: entered promiscuous mode
[   99.076141][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.083396][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   99.096260][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.103411][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.129963][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.137328][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   99.189580][ T5833] veth1_vlan: entered promiscuous mode
[   99.298590][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   99.338768][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.351513][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.448669][ T5833] veth0_macvtap: entered promiscuous mode
[   99.499782][ T5833] veth1_macvtap: entered promiscuous mode
[   99.678394][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   99.720395][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   99.759358][ T5834] veth0_vlan: entered promiscuous mode
[   99.776185][ T5833] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   99.786353][ T5833] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   99.795976][ T5833] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   99.804986][ T5833] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   99.845041][ T5834] veth1_vlan: entered promiscuous mode
[   99.879022][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.085863][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.135792][ T5834] veth0_macvtap: entered promiscuous mode
[  100.177476][ T5834] veth1_macvtap: entered promiscuous mode
[  100.210457][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[  100.229556][ T3471] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.260400][ T3471] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.297639][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.306455][ T5835] veth0_vlan: entered promiscuous mode
[  100.371207][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[  100.397926][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.402836][ T5835] veth1_vlan: entered promiscuous mode
[  100.421649][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.433913][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.445329][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.458250][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.467190][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.568230][ T5831] veth0_vlan: entered promiscuous mode
[  100.615237][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  100.625987][ T5832] veth0_vlan: entered promiscuous mode
[  100.719924][ T5831] veth1_vlan: entered promiscuous mode
[  100.762069][ T5838] Bluetooth: hci1: command tx timeout
[  100.762085][ T5855] Bluetooth: hci0: command tx timeout
[  100.786754][ T5832] veth1_vlan: entered promiscuous mode
[  100.826637][ T5893] IPVS: starting estimator thread 0...
[  100.841977][ T5838] Bluetooth: hci4: command tx timeout
[  100.864411][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  100.890006][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.903686][ T5835] veth0_macvtap: entered promiscuous mode
[  100.914288][ T5838] Bluetooth: hci2: command tx timeout
[  100.914311][ T5855] Bluetooth: hci3: command tx timeout
[  100.919737][ T5838] Bluetooth: hci5: command tx timeout
[  100.933082][ T5937] IPVS: using max 25 ests per chain, 60000 per kthread
[  101.009963][ T5835] veth1_macvtap: entered promiscuous mode
[  101.050531][ T5831] veth0_macvtap: entered promiscuous mode
[  101.073439][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.092044][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.095805][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.112042][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.120584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.129161][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.137786][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.146529][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  101.155343][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  101.192172][ T5831] veth1_macvtap: entered promiscuous mode
[  101.328001][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.351283][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  101.451982][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.494602][ T5832] veth0_macvtap: entered promiscuous mode
[  101.519053][ T5830] veth0_vlan: entered promiscuous mode
[  101.531225][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.595663][ T5830] veth1_vlan: entered promiscuous mode
[  101.626815][ T5835] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.642888][ T5835] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.652863][ T5835] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.662160][ T5835] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.680235][ T5832] veth1_macvtap: entered promiscuous mode
[  101.704328][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[  101.761620][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  102.127752][ T5830] veth0_macvtap: entered promiscuous mode
[  102.145735][ T5830] veth1_macvtap: entered promiscuous mode
[  102.187336][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.397898][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  102.440714][ T5831] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.457996][ T5831] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.468827][ T5831] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.480813][ T5831] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.556689][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  102.669698][ T5832] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.686275][ T5832] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.701829][ T5832] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.718091][ T5832] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.549591][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.636528][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.737668][ T5830] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.753095][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  103.761954][ T5830] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.800980][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  103.811121][ T5830] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.835858][ T5830] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.916096][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.927514][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.206760][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.253527][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.444860][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.463224][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.613311][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.621205][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.665238][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.689017][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.890385][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  106.919719][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  106.968319][    T9] IPVS: starting estimator thread 0...
[  107.061679][ T5978] IPVS: using max 24 ests per chain, 57600 per kthread
[  107.205609][ T3471] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.979392][ T3471] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.108157][ T5971] loop2: detected capacity change from 0 to 32768
[  108.258763][ T5971] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.13 (5971)
[  108.355570][ T5896] IPVS: starting estimator thread 0...
[  108.379370][ T5971] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  108.397825][ T5971] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  108.409735][ T5971] BTRFS info (device loop2): using free-space-tree
[  108.581357][ T5987] IPVS: using max 24 ests per chain, 57600 per kthread
[  109.436727][ T5971] BTRFS info (device loop2): rebuilding free space tree
[  109.784647][ T6017] netlink: 12 bytes leftover after parsing attributes in process `syz.3.17'.
[  110.031242][ T6017] Zero length message leads to an empty skb
[  110.309388][ T6019] netlink: 'syz.5.19': attribute type 1 has an invalid length.
[  110.371149][ T6022] loop3: detected capacity change from 0 to 512
[  110.414626][ T6022] =======================================================
[  110.414626][ T6022] WARNING: The mand mount option has been deprecated and
[  110.414626][ T6022]          and is ignored by this kernel. Remove the mand
[  110.414626][ T6022]          option from the mount to silence this warning.
[  110.414626][ T6022] =======================================================
[  110.536228][ T5833] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.551808][ T6019] veth3: entered promiscuous mode
[  110.552262][ T6022] EXT4-fs: quotafile must be on filesystem root
[  110.708329][ T6025] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  114.130417][ T5837] IPVS: starting estimator thread 0...
[  114.232314][ T6044] IPVS: using max 24 ests per chain, 57600 per kthread
[  114.398403][ T6054] Bluetooth: MGMT ver 1.23
[  114.417043][ T6052] fuse: Unknown parameter 'use00000000000000000000'
[  115.216278][ T6048] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  116.710215][ T6071] loop2: detected capacity change from 0 to 32768
[  116.783509][ T6071] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.36 (6071)
[  116.812102][ T6071] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  116.830980][ T6060] loop1: detected capacity change from 0 to 32768
[  116.850693][ T6071] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  116.882695][ T6071] BTRFS info (device loop2): using free-space-tree
[  116.918352][ T6060] BTRFS: device /dev/loop1 (7:1) using temp-fsid fc02eef7-5422-4f8b-bce9-cdc1f2986350
[  116.978462][ T6060] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.31 (6060)
[  117.093170][ T6060] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.152624][ T6060] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  117.161476][ T6060] BTRFS info (device loop1): using free-space-tree
[  117.264891][ T6068] loop0: detected capacity change from 0 to 32768
[  117.312545][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.320321][ T6068] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.35 (6068)
[  117.425756][ T6065] loop4: detected capacity change from 0 to 32768
[  117.438044][   T30] audit: type=1800 audit(1748511735.478:2): pid=6071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.36" name="bus" dev="loop2" ino=263 res=0 errno=0
[  117.526275][ T6068] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  117.571050][ T6065] BTRFS: device /dev/loop4 (7:4) using temp-fsid 29d2e260-1e1f-415a-bf14-a4eaf671ec4a
[  117.642222][ T6068] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  117.665188][ T6065] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.34 (6065)
[  117.679553][ T6068] BTRFS info (device loop0): using free-space-tree
[  117.773787][ T6065] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  117.798553][ T6065] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  117.823212][   T30] audit: type=1800 audit(1748511735.878:3): pid=6060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.31" name="bus" dev="loop1" ino=263 res=0 errno=0
[  117.846061][ T6065] BTRFS info (device loop4): using free-space-tree
[  118.140256][ T5833] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  118.197679][ T6127] netlink: zone id is out of range
[  118.236311][ T6127] netlink: zone id is out of range
[  118.241485][ T6127] netlink: zone id is out of range
[  118.290506][ T6127] netlink: zone id is out of range
[  118.291256][ T6068] BTRFS info (device loop0): rebuilding free space tree
[  118.382917][ T6143] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  118.417506][ T6127] netlink: zone id is out of range
[  118.452686][ T6127] netlink: del zone limit has 4 unknown bytes
[  118.462238][ T6065] BTRFS info (device loop4): rebuilding free space tree
[  118.538064][ T5834] BTRFS info (device loop1): last unmount of filesystem fc02eef7-5422-4f8b-bce9-cdc1f2986350
[  118.691364][   T59] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  118.935746][   T12] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  119.268077][ T5835] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  119.297015][ T5831] BTRFS info (device loop4): last unmount of filesystem 29d2e260-1e1f-415a-bf14-a4eaf671ec4a
[  119.297526][ T6159] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  119.864739][ T6166] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  120.356047][ T6182] loop3: detected capacity change from 0 to 128
[  120.363982][ T6180] netlink: 12 bytes leftover after parsing attributes in process `syz.0.47'.
[  120.553039][ T6182] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  120.658591][ T6182] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  121.204119][ T5832] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  121.953087][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  122.244710][ T6237] netlink: zone id is out of range
[  122.296494][ T6237] netlink: zone id is out of range
[  122.631291][ T6240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.54'.
[  123.224206][ T6195] loop4: detected capacity change from 0 to 32768
[  123.305158][ T6195] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.51 (6195)
[  123.482443][ T6195] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  123.496202][ T6195] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  123.508651][ T6195] BTRFS info (device loop4): using free-space-tree
[  124.055758][   T30] audit: type=1800 audit(1748511742.118:4): pid=6195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.51" name="bus" dev="loop4" ino=263 res=0 errno=0
[  124.068684][ T6276] block nbd3: shutting down sockets
[  124.779560][ T6244] loop0: detected capacity change from 0 to 32768
[  124.894741][ T6244] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.55 (6244)
[  125.053277][ T5831] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  125.149310][ T6244] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  125.205232][ T6244] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  126.062051][ T6244] BTRFS info (device loop0): using free-space-tree
[  126.075880][ T6297] net_ratelimit: 5 callbacks suppressed
[  126.075899][ T6297] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  126.081980][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  126.762533][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  126.789284][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  126.855157][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  126.940524][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  127.024401][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  127.082876][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  127.132211][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  127.211399][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  127.222515][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  127.325770][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  127.380748][ T6319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.70'.
[  127.424951][ T6244] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  127.499410][ T6244] BTRFS error (device loop0): open_ctree failed: -12
[  129.550137][ T6318] loop2: detected capacity change from 0 to 32768
[  129.839522][ T6318] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  130.028149][ T6318] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  130.028149][ T6318]   allowing incompatible features above 0.0: (unknown version)
[  130.028149][ T6318]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  130.204850][ T6318] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[  130.237894][ T6318] bcachefs (loop2): Version upgrade required:
[  130.237894][ T6318] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  130.237894][ T6318] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  130.237894][ T6318]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  130.503981][ T6318] bcachefs (loop2): dropping and reconstructing all alloc info
[  130.955108][ T6318] syz.2.71: vmalloc error: size 8388608, failed to allocated page array size 16384, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  131.067870][ T6318] CPU: 1 UID: 0 PID: 6318 Comm: syz.2.71 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  131.067906][ T6318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  131.067922][ T6318] Call Trace:
[  131.067932][ T6318]  <TASK>
[  131.067942][ T6318]  dump_stack_lvl+0x189/0x250
[  131.067993][ T6318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.068035][ T6318]  ? __pfx__printk+0x10/0x10
[  131.068069][ T6318]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  131.068112][ T6318]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  131.068155][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.068184][ T6318]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  131.068230][ T6318]  warn_alloc+0x214/0x310
[  131.068263][ T6318]  ? __pfx_warn_alloc+0x10/0x10
[  131.068296][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.068325][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.068354][ T6318]  ? __get_vm_area_node+0x28f/0x300
[  131.068394][ T6318]  ? bch2_fs_journal_start+0x480/0x1500
[  131.068439][ T6318]  __vmalloc_node_range_noprof+0x67e/0x1340
[  131.068516][ T6318]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  131.068556][ T6318]  ? __kasan_kmalloc_large+0x1c/0xa0
[  131.068596][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.068626][ T6318]  ? rcu_is_watching+0x15/0xb0
[  131.068666][ T6318]  ? bch2_fs_journal_start+0x480/0x1500
[  131.068704][ T6318]  ? bch2_fs_journal_start+0x480/0x1500
[  131.068741][ T6318]  __kvmalloc_node_noprof+0x3bf/0x600
[  131.068781][ T6318]  ? bch2_fs_journal_start+0x480/0x1500
[  131.068829][ T6318]  bch2_fs_journal_start+0x480/0x1500
[  131.068887][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.068920][ T6318]  ? bch2_journal_log_msg+0xd9/0x120
[  131.068953][ T6318]  ? __pfx_bch2_fs_journal_start+0x10/0x10
[  131.068992][ T6318]  ? __pfx_bch2_journal_log_msg+0x10/0x10
[  131.069022][ T6318]  ? bch2_reconstruct_alloc+0x32b/0x360
[  131.069059][ T6318]  bch2_fs_recovery+0x20ca/0x3970
[  131.069086][ T6318]  ? check_noncircular+0xe0/0x160
[  131.069144][ T6318]  ? __pfx_bch2_fs_recovery+0x10/0x10
[  131.069190][ T6318]  ? __lock_acquire+0xab9/0xd20
[  131.069237][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069266][ T6318]  ? __lock_acquire+0xab9/0xd20
[  131.069308][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069337][ T6318]  ? __lock_acquire+0xab9/0xd20
[  131.069395][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069428][ T6318]  ? bch2_fs_start+0x9a3/0xd30
[  131.069459][ T6318]  ? up_write+0x1c4/0x420
[  131.069488][ T6318]  bch2_fs_start+0xa43/0xd30
[  131.069517][ T6318]  ? bch2_fs_start+0x575/0xd30
[  131.069546][ T6318]  ? __pfx_bch2_fs_start+0x10/0x10
[  131.069598][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069627][ T6318]  ? sget+0x28a/0x650
[  131.069664][ T6318]  bch2_fs_get_tree+0xbfc/0x15f0
[  131.069724][ T6318]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[  131.069776][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069804][ T6318]  ? aa_get_newest_label+0xf7/0x5d0
[  131.069835][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069864][ T6318]  ? vfs_parse_monolithic_sep+0x2df/0x310
[  131.069918][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.069946][ T6318]  ? apparmor_capable+0x137/0x1b0
[  131.069988][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.070049][ T6318]  vfs_get_tree+0x92/0x2b0
[  131.070093][ T6318]  do_new_mount+0x24a/0xa40
[  131.070142][ T6318]  __se_sys_mount+0x317/0x410
[  131.070189][ T6318]  ? __pfx___se_sys_mount+0x10/0x10
[  131.070226][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.070264][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.070293][ T6318]  ? __x64_sys_mount+0x20/0xc0
[  131.070336][ T6318]  do_syscall_64+0xfa/0x3b0
[  131.070369][ T6318]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.070400][ T6318]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.070424][ T6318]  ? srso_alias_return_thunk+0x5/0xfbef5
[  131.070453][ T6318]  ? exc_page_fault+0x9f/0xf0
[  131.070486][ T6318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.070510][ T6318] RIP: 0033:0x7fafd4d9010a
[  131.070532][ T6318] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.070552][ T6318] RSP: 002b:00007fafd5b23e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  131.070578][ T6318] RAX: ffffffffffffffda RBX: 00007fafd5b23ef0 RCX: 00007fafd4d9010a
[  131.070596][ T6318] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 00007fafd5b23eb0
[  131.070614][ T6318] RBP: 0000200000000080 R08: 00007fafd5b23ef0 R09: 0000000000800000
[  131.070632][ T6318] R10: 0000000000800000 R11: 0000000000000246 R12: 0000200000000000
[  131.070649][ T6318] R13: 00007fafd5b23eb0 R14: 000000000000592a R15: 0000200000000180
[  131.070686][ T6318]  </TASK>
[  131.261786][ T6318] Mem-Info:
[  131.571772][ T6318] active_anon:12216 inactive_anon:0 isolated_anon:0
[  131.571772][ T6318]  active_file:1275 inactive_file:39924 isolated_file:0
[  131.571772][ T6318]  unevictable:768 dirty:168 writeback:0
[  131.571772][ T6318]  slab_reclaimable:10120 slab_unreclaimable:102912
[  131.571772][ T6318]  mapped:39591 shmem:7201 pagetables:969
[  131.571772][ T6318]  sec_pagetables:0 bounce:0
[  131.571772][ T6318]  kernel_misc_reclaimable:0
[  131.571772][ T6318]  free:1311892 free_pcp:513 free_cma:0
[  131.698611][ T6318] Node 0 active_anon:50664kB inactive_anon:0kB active_file:5100kB inactive_file:159488kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:158464kB dirty:668kB writeback:0kB shmem:28868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11776kB pagetables:3776kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  131.737254][ T6351] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  131.869920][ T6318] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  131.870115][ T5854] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  132.007042][ T5854] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  132.015521][ T5854] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  132.024580][ T5854] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  132.032638][ T5854] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  132.141677][ T6318] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  132.197629][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  132.226724][ T6318] lowmem_reserve[]: 0 2501 2503 2503 2503
[  132.266101][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  132.541314][ T6318] Node 0 DMA32 free:1289036kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:67580kB inactive_anon:0kB active_file:5100kB inactive_file:157648kB unevictable:1536kB writepending:668kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:1332kB local_pcp:736kB free_cma:0kB
[  132.863333][ T6363] 9pnet_virtio: no channels available for device syz
[  132.932309][ T6318] lowmem_reserve[]: 0 0 1 1 1
[  132.992285][ T6318] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  133.039259][ T6052] Set syz1 is full, maxelem 65536 reached
[  133.051368][ T6346] loop3: detected capacity change from 0 to 32768
[  133.114404][ T6318] lowmem_reserve[]: 0 0 0 0 0
[  133.133879][ T6318] Node 1 Normal free:3923288kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:376kB local_pcp:248kB free_cma:0kB
[  133.275813][ T6318] lowmem_reserve[]: 0 0 0 0 0
[  133.296240][ T6318] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  133.359997][ T6318] Node 0 DMA32: 12*4kB (UE) 42*8kB (UE) 22*16kB (UE) 39*32kB (UME) 133*64kB (UME) 82*128kB (UME) 34*256kB (UM) 24*512kB (UME) 3*1024kB (ME) 1*2048kB (E) 304*4096kB (M) = 1292288kB
[  133.427125][ T6318] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  133.541811][ T6318] Node 1 Normal: 71*4kB (UME) 32*8kB (UME) 31*16kB (UME) 218*32kB (UME) 101*64kB (UME) 26*128kB (UME) 16*256kB (UME) 6*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3923340kB
[  134.259655][ T5838] Bluetooth: hci6: command tx timeout
[  134.430027][ T6369] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  134.456194][ T6318] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.465913][ T6318] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  134.475274][ T6318] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  134.484912][ T6318] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  134.494316][ T6318] 53688 total pagecache pages
[  134.499057][ T6318] 0 pages in swap cache
[  134.503843][ T6318] Free swap  = 124996kB
[  134.508583][ T6318] Total swap = 124996kB
[  134.513006][ T6318] 2097051 pages RAM
[  134.516822][ T6318] 0 pages HighMem/MovableOnly
[  134.521513][ T6318] 424631 pages reserved
[  134.528390][ T6318] 0 pages cma reserved
[  134.562491][ T6318] bcachefs (loop2): error reallocating journal fifo (32768 open entries)
[  134.580126][ T6318] bcachefs (loop2): error in recovery: ENOMEM_journal_pin_fifoemergency read only at seq 0
[  134.647108][ T6318] bcachefs (loop2): bch2_fs_start(): error starting filesystem ENOMEM_journal_pin_fifo
[  134.731309][ T6318] bcachefs (loop2): shutting down
[  134.820692][ T6318] bcachefs (loop2): shutdown complete
[  135.010435][ T6389] netlink: 12 bytes leftover after parsing attributes in process `syz.3.94'.
[  135.296156][ T6398] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  135.620450][ T6353] chnl_net:caif_netlink_parms(): no params data found
[  135.631310][ T2145] IPVS: starting estimator thread 0...
[  135.849911][ T6409] netlink: 4 bytes leftover after parsing attributes in process `syz.3.100'.
[  136.112277][ T6406] IPVS: using max 23 ests per chain, 55200 per kthread
[  136.271760][ T5855] Bluetooth: hci6: command tx timeout
[  136.557864][ T6405] netlink: 4 bytes leftover after parsing attributes in process `syz.3.100'.
[  136.592828][ T5854] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  136.730716][ T6392] loop4: detected capacity change from 0 to 32768
[  136.738037][ T6409] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  136.752135][ T5838] block nbd0: Receive control failed (result -32)
[  136.759780][ T6409] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  136.887573][ T6392] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  136.901175][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.971633][ T6392] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  137.079618][ T6392] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  137.128785][ T5839] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  137.145174][ T6423] input: syz1 as /devices/virtual/input/input5
[  137.151845][ T5839] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  137.169015][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.410087][ T6425] bridge0: port 3(wlan1) entered blocking state
[  137.425888][ T5839] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 274ms
[  137.446287][ T6425] bridge0: port 3(wlan1) entered disabled state
[  137.458223][ T6425] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode
[  137.467651][ T5839] gfs2: fsid=syz:syz.0: jid=0: Done
[  137.483310][ T6392] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  137.509965][ T6425] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode
[  137.528578][ T6425] bridge0: port 3(wlan1) entered blocking state
[  137.535191][ T6425] bridge0: port 3(wlan1) entered forwarding state
[  137.577175][ T6412] loop1: detected capacity change from 0 to 32768
[  137.587575][ T6412] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.101 (6412)
[  138.263848][ T6412] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  138.330582][ T6318] bcachefs: bch2_fs_get_tree() error: ENOMEM_journal_pin_fifo
[  138.352788][ T5838] Bluetooth: hci6: command tx timeout
[  138.360898][ T6412] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  138.401700][ T6412] BTRFS info (device loop1): using free-space-tree
[  138.508895][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.667261][ T6446] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  138.698561][   T30] audit: type=1800 audit(2000000010.229:5): pid=6412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.101" name="bus" dev="loop1" ino=263 res=0 errno=0
[  138.778300][   T36] bridge0: port 3(wlan1) entered disabled state
[  140.850399][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  140.851633][ T5854] Bluetooth: hci6: command tx timeout
[  142.704171][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  142.719633][ T5834] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  142.793620][ T6353] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.800802][ T6353] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.862253][ T6353] bridge_slave_0: entered allmulticast mode
[  142.905440][ T6353] bridge_slave_0: entered promiscuous mode
[  142.951512][ T6478] netlink: 12 bytes leftover after parsing attributes in process `syz.4.108'.
[  143.111390][ T5854] Bluetooth: hci5: command 0x0406 tx timeout
[  143.235555][ T6353] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.313701][ T6353] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.540896][ T6353] bridge_slave_1: entered allmulticast mode
[  143.857079][ T6353] bridge_slave_1: entered promiscuous mode
[  144.073869][ T6492] warning: `syz.4.114' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  144.273625][ T6494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.115'.
[  144.295760][ T6502] netlink: 'syz.1.116': attribute type 4 has an invalid length.
[  144.374456][ T6494] veth0_macvtap: entered allmulticast mode
[  144.446188][ T6494] netlink: 4 bytes leftover after parsing attributes in process `syz.0.115'.
[  144.489692][ T6353] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  144.509207][ T6505] bridge0: port 3(wlan1) entered blocking state
[  144.517848][ T5838] block nbd1: Receive control failed (result -32)
[  144.547396][ T6505] bridge0: port 3(wlan1) entered disabled state
[  144.559757][ T6505] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  144.573991][ T6505] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  144.619897][ T6505] bridge0: port 3(wlan1) entered blocking state
[  144.626337][ T6505] bridge0: port 3(wlan1) entered forwarding state
[  144.691817][ T6353] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  144.969196][ T6353] team0: Port device team_slave_0 added
[  144.997993][ T6353] team0: Port device team_slave_1 added
[  145.248627][ T6353] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.276075][ T6353] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.361819][ T6353] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.372800][ T6501] loop3: detected capacity change from 0 to 32768
[  145.416539][ T4372] bridge0: port 3(wlan1) entered disabled state
[  145.586124][ T6501] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  145.662525][ T6353] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.669513][ T6353] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.920691][ T6353] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.964859][ T6501] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  145.964859][ T6501]   allowing incompatible features above 0.0: (unknown version)
[  145.964859][ T6501]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  146.126165][ T6515] loop2: detected capacity change from 0 to 32768
[  146.197925][ T6515] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.122 (6515)
[  146.244529][ T6501] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  146.272713][ T6501] bcachefs (loop3): Version upgrade required:
[  146.272713][ T6501] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  146.272713][ T6501] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  146.272713][ T6501]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  146.345883][    C1] vkms_vblank_simulate: vblank timer overrun
[  146.426901][ T6515] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  146.433785][ T6509] loop4: detected capacity change from 0 to 32768
[  146.476120][ T6515] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  146.521634][ T6515] BTRFS info (device loop2): using free-space-tree
[  146.529176][ T6524] warn_alloc: 3 callbacks suppressed
[  146.529194][ T6524] syz.0.124: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  146.564312][   T13] bridge_slave_1: left allmulticast mode
[  146.570219][   T13] bridge_slave_1: left promiscuous mode
[  146.576237][ T6524] CPU: 1 UID: 0 PID: 6524 Comm: syz.0.124 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  146.576269][ T6524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  146.576284][ T6524] Call Trace:
[  146.576294][ T6524]  <TASK>
[  146.576304][ T6524]  dump_stack_lvl+0x189/0x250
[  146.576351][ T6524]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.576390][ T6524]  ? __pfx__printk+0x10/0x10
[  146.576417][ T6524]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  146.576459][ T6524]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  146.576501][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.576529][ T6524]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  146.576572][ T6524]  warn_alloc+0x214/0x310
[  146.576596][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.576622][ T6524]  ? stack_depot_save_flags+0x40/0x900
[  146.576660][ T6524]  ? __pfx_warn_alloc+0x10/0x10
[  146.576685][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.576712][ T6524]  ? kasan_save_track+0x4f/0x80
[  146.576744][ T6524]  ? xskq_create+0x56/0x170
[  146.576771][ T6524]  ? xsk_init_queue+0xb0/0x110
[  146.576796][ T6524]  ? xsk_setsockopt+0x43f/0x710
[  146.576818][ T6524]  ? do_sock_setsockopt+0x25a/0x3e0
[  146.576855][ T6524]  ? __x64_sys_setsockopt+0x18b/0x220
[  146.576891][ T6524]  ? do_syscall_64+0xfa/0x3b0
[  146.576920][ T6524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.576953][ T6524]  __vmalloc_node_range_noprof+0x125/0x1340
[  146.577028][ T6524]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  146.577069][ T6524]  ? xskq_create+0x56/0x170
[  146.577105][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577132][ T6524]  ? __kasan_kmalloc+0x93/0xb0
[  146.577170][ T6524]  vmalloc_user_noprof+0xad/0xf0
[  146.577193][ T6524]  ? xskq_create+0xbf/0x170
[  146.577222][ T6524]  xskq_create+0xbf/0x170
[  146.577255][ T6524]  xsk_init_queue+0xb0/0x110
[  146.577286][ T6524]  xsk_setsockopt+0x43f/0x710
[  146.577315][ T6524]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.577338][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577365][ T6524]  ? __lock_acquire+0xab9/0xd20
[  146.577402][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577434][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577461][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577488][ T6524]  ? __pfx_xsk_setsockopt+0x10/0x10
[  146.577516][ T6524]  do_sock_setsockopt+0x25a/0x3e0
[  146.577558][ T6524]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  146.577600][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577629][ T6524]  ? __fget_files+0x2a/0x420
[  146.577676][ T6524]  __x64_sys_setsockopt+0x18b/0x220
[  146.577722][ T6524]  do_syscall_64+0xfa/0x3b0
[  146.577751][ T6524]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.577780][ T6524]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.577802][ T6524]  ? srso_alias_return_thunk+0x5/0xfbef5
[  146.577829][ T6524]  ? exc_page_fault+0x9f/0xf0
[  146.577860][ T6524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.577883][ T6524] RIP: 0033:0x7fe3eeb8e969
[  146.577904][ T6524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.577924][ T6524] RSP: 002b:00007fe3ec9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  146.577948][ T6524] RAX: ffffffffffffffda RBX: 00007fe3eedb5fa0 RCX: 00007fe3eeb8e969
[  146.577966][ T6524] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  146.577980][ T6524] RBP: 00007fe3eec10ab1 R08: 0000000000000004 R09: 0000000000000000
[  146.577995][ T6524] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  146.578011][ T6524] R13: 0000000000000000 R14: 00007fe3eedb5fa0 R15: 00007ffd47cf7968
[  146.578047][ T6524]  </TASK>
[  146.578057][ T6524] Mem-Info:
[  146.663942][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.672194][ T6501] bcachefs (loop3): dropping and reconstructing all alloc info
[  146.681316][ T6524] active_anon:18501 inactive_anon:1 isolated_anon:0
[  146.681316][ T6524]  active_file:1275 inactive_file:40084 isolated_file:0
[  146.681316][ T6524]  unevictable:768 dirty:187 writeback:0
[  146.681316][ T6524]  slab_reclaimable:10340 slab_unreclaimable:104609
[  146.681316][ T6524]  mapped:34546 shmem:13654 pagetables:928
[  146.681316][ T6524]  sec_pagetables:0 bounce:0
[  146.681316][ T6524]  kernel_misc_reclaimable:0
[  146.681316][ T6524]  free:1315444 free_pcp:396 free_cma:0
[  146.696037][ T6528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.125'.
[  146.759703][ T6524] Node 0 active_anon:74004kB inactive_anon:4kB active_file:5100kB inactive_file:160128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138184kB dirty:748kB writeback:0kB shmem:53080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12124kB pagetables:3712kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  146.956591][ T6509] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  146.967045][ T6524] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  147.003240][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.094361][ T6524] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  147.113739][ T6509] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  147.121618][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.137107][   T13] bridge_slave_0: left allmulticast mode
[  147.161195][   T13] bridge_slave_0: left promiscuous mode
[  147.172164][ T6501] bcachefs (loop3): accounting_read... done
[  147.180560][ T6524] lowmem_reserve[]: 0 2501 2503 2503 2503
[  147.187896][ T6529] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  147.199403][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.204727][ T6501] bcachefs (loop3): alloc_read... done
[  147.214151][ T6524] Node 0 DMA32 free:1312980kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:74056kB inactive_anon:4kB active_file:5100kB inactive_file:157988kB unevictable:1536kB writepending:744kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:1208kB local_pcp:1208kB free_cma:0kB
[  147.217471][ T6501] bcachefs (loop3): snapshots_read...
[  147.244487][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.263188][ T6501]  done
[  147.268578][ T6501] bcachefs (loop3): done starting filesystem
[  147.275927][ T6524] lowmem_reserve[]: 0 0 1 1 1
[  147.280741][ T6524] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  147.286234][ T6509] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  147.308242][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.323431][ T6524] lowmem_reserve[]: 0
[  147.335575][ T5839] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  147.371320][ T6524]  0 0 0 0
[  147.381510][ T5832] bcachefs (loop3): shutting down
[  147.390674][ T5839] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  147.397976][ T6524] Node 1 Normal free:3924008kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  147.426846][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.433476][ T6524] lowmem_reserve[]: 0 0 0 0 0
[  147.438451][ T6524] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  147.451991][ T6524] Node 0 DMA32: 155*4kB (UM) 502*8kB (UE) 145*16kB (UM) 141*32kB (UM) 89*64kB (UME) 42*128kB (UM) 55*256kB (UM) 32*512kB (UME) 15*1024kB (UM) 1*2048kB (E) 302*4096kB (M) = 1307404kB
[  147.470246][    C1] vkms_vblank_simulate: vblank timer overrun
[  147.480794][ T6524] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  147.574797][ T6524] Node 1 Normal: 134*4kB (UME) 32*8kB (UME) 31*16kB (UME) 217*32kB (UME) 98*64kB (UME) 29*128kB (UME) 17*256kB (UME) 6*512kB (UME) 3*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3924008kB
[  147.596620][ T5832] bcachefs (loop3): shutdown complete
[  147.634971][   T30] audit: type=1800 audit(2000000019.169:6): pid=6515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.122" name="bus" dev="loop2" ino=263 res=0 errno=0
[  147.678588][ T6524] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  147.751686][ T6524] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  147.801657][ T6524] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  147.811286][ T6524] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  147.857788][ T6524] 55115 total pagecache pages
[  147.872240][ T6524] 0 pages in swap cache
[  147.876434][ T6524] Free swap  = 124996kB
[  147.880594][ T6524] Total swap = 124996kB
[  147.881038][ T5839] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 490ms
[  147.890985][ T6524] 2097051 pages RAM
[  147.896433][ T6524] 0 pages HighMem/MovableOnly
[  147.901214][ T6524] 424631 pages reserved
[  147.913295][ T6524] 0 pages cma reserved
[  147.936148][ T5839] gfs2: fsid=syz:syz.0: jid=0: Done
[  147.972152][ T6509] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  148.013469][ T6509] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  148.176030][ T5833] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  149.233209][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  150.663196][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  150.678001][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  150.688656][   T13] bond0 (unregistering): Released all slaves
[  150.725223][ T6353] hsr_slave_0: entered promiscuous mode
[  150.739130][ T6353] hsr_slave_1: entered promiscuous mode
[  150.746487][ T6353] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  150.762245][ T6353] Cannot create hsr debugfs directory
[  150.784594][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.2.133'.
[  150.835236][ T6578] netlink: 4 bytes leftover after parsing attributes in process `syz.2.133'.
[  151.119779][ T6577] ip6gretap0: entered promiscuous mode
[  151.188636][ T6577] macvtap1: entered promiscuous mode
[  151.228736][ T6577] macvtap1: entered allmulticast mode
[  151.235082][ T6577] ip6gretap0: entered allmulticast mode
[  151.258036][ T5838] block nbd2: Receive control failed (result -32)
[  151.320144][ T6585] syz.0.135 uses obsolete (PF_INET,SOCK_PACKET)
[  151.421177][ T6585] bridge_slave_0: left allmulticast mode
[  151.470095][ T6585] bridge_slave_0: left promiscuous mode
[  151.497844][ T6589] loop3: detected capacity change from 0 to 512
[  151.529854][ T6585] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.542043][ T6589] EXT4-fs: quotafile must be on filesystem root
[  151.636157][ T6585] bridge_slave_1: left allmulticast mode
[  151.674503][ T6585] bridge_slave_1: left promiscuous mode
[  151.681298][ T6585] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.819663][ T6585] bond0: (slave bond_slave_0): Releasing backup interface
[  151.919774][ T6585] bond0: (slave bond_slave_1): Releasing backup interface
[  152.205134][ T6585] team0: Port device team_slave_0 removed
[  152.244381][ T6585] team0: Port device team_slave_1 removed
[  152.256140][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  152.271406][ T6585] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.299967][ T6585] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.338439][ T6585] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.386097][ T6585] mac80211_hwsim hwsim8 wlan1: left allmulticast mode
[  152.406786][ T6585] mac80211_hwsim hwsim8 wlan1: left promiscuous mode
[  152.438378][ T6585] bridge0: port 3(wlan1) entered disabled state
[  153.260876][ T6601] loop2: detected capacity change from 0 to 32768
[  153.480852][   T13] hsr_slave_0: left promiscuous mode
[  153.517385][   T13] hsr_slave_1: left promiscuous mode
[  153.556452][ T6601] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  153.585642][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  153.639882][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  153.756695][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  153.837148][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  153.848169][ T6601] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io
[  153.848169][ T6601]   allowing incompatible features above 0.0: (unknown version)
[  153.848169][ T6601]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  153.951783][ T6601] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[  153.960153][ T6601] bcachefs (loop2): Version upgrade required:
[  153.960153][ T6601] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  153.960153][ T6601] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  153.960153][ T6601]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  154.092909][ T6601] bcachefs (loop2): dropping and reconstructing all alloc info
[  154.215581][ T6601] bcachefs (loop2): accounting_read... done
[  154.304369][   T13] veth1_macvtap: left promiscuous mode
[  154.335795][ T6601] bcachefs (loop2): alloc_read... done
[  154.341839][   T13] veth0_macvtap: left promiscuous mode
[  154.342818][   T13] veth1_vlan: left promiscuous mode
[  154.388955][ T6601] bcachefs (loop2): snapshots_read... done
[  154.391975][   T13] veth0_vlan: left promiscuous mode
[  154.402726][ T6601] bcachefs (loop2): done starting filesystem
[  154.519082][   T30] audit: type=1800 audit(2000000026.049:7): pid=6601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.138" name="file1" dev="loop2" ino=536870912 res=0 errno=0
[  154.601040][ T6614] loop0: detected capacity change from 0 to 32768
[  154.661339][ T6614] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.141 (6614)
[  154.721778][ T5833] bcachefs (loop2): shutting down
[  154.827491][ T6614] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.894587][ T6614] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  154.908960][ T5833] bcachefs (loop2): shutdown complete
[  154.923608][ T6614] BTRFS info (device loop0): using free-space-tree
[  155.077998][   T30] audit: type=1800 audit(2000000026.609:8): pid=6614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.141" name="bus" dev="loop0" ino=263 res=0 errno=0
[  155.344277][ T6618] loop4: detected capacity change from 0 to 32768
[  155.393441][ T6618] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  155.412650][ T6618] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  155.509597][ T6618] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  155.550653][ T1202] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  155.565024][ T1202] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  155.729509][ T5835] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  155.866070][ T1202] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 301ms
[  155.909466][ T1202] gfs2: fsid=syz:syz.0: jid=0: Done
[  155.928688][ T6618] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  155.992316][ T6618] gfs2: fsid=syz:syz.0: can't create logd thread: -4
[  156.191802][ T6660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.148'.
[  156.307038][ T6665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.148'.
[  156.764480][   T13] team0 (unregistering): Port device team_slave_1 removed
[  156.844859][   T13] team0 (unregistering): Port device team_slave_0 removed
[  156.893388][ T5838] block nbd3: Receive control failed (result -32)
[  157.152059][ T6676] syz.2.146: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  157.175417][ T6676] CPU: 1 UID: 0 PID: 6676 Comm: syz.2.146 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  157.175452][ T6676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  157.175467][ T6676] Call Trace:
[  157.175477][ T6676]  <TASK>
[  157.175487][ T6676]  dump_stack_lvl+0x189/0x250
[  157.175537][ T6676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.175578][ T6676]  ? __pfx__printk+0x10/0x10
[  157.175606][ T6676]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  157.175649][ T6676]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  157.175713][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.175743][ T6676]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  157.175789][ T6676]  warn_alloc+0x214/0x310
[  157.175814][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.175841][ T6676]  ? stack_depot_save_flags+0x40/0x900
[  157.175881][ T6676]  ? __pfx_warn_alloc+0x10/0x10
[  157.175908][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.175936][ T6676]  ? kasan_save_track+0x4f/0x80
[  157.175970][ T6676]  ? xskq_create+0x56/0x170
[  157.175998][ T6676]  ? xsk_init_queue+0xb0/0x110
[  157.176023][ T6676]  ? xsk_setsockopt+0x43f/0x710
[  157.176046][ T6676]  ? do_sock_setsockopt+0x25a/0x3e0
[  157.176091][ T6676]  ? __x64_sys_setsockopt+0x18b/0x220
[  157.176129][ T6676]  ? do_syscall_64+0xfa/0x3b0
[  157.176159][ T6676]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.176195][ T6676]  __vmalloc_node_range_noprof+0x125/0x1340
[  157.176277][ T6676]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  157.176327][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176355][ T6676]  ? __kasan_kmalloc+0x93/0xb0
[  157.176394][ T6676]  vmalloc_user_noprof+0xad/0xf0
[  157.176418][ T6676]  ? xskq_create+0xbf/0x170
[  157.176450][ T6676]  xskq_create+0xbf/0x170
[  157.176483][ T6676]  xsk_init_queue+0xb0/0x110
[  157.176516][ T6676]  xsk_setsockopt+0x43f/0x710
[  157.176547][ T6676]  ? __pfx_xsk_setsockopt+0x10/0x10
[  157.176572][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176601][ T6676]  ? __lock_acquire+0xab9/0xd20
[  157.176640][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176675][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176704][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176732][ T6676]  ? __pfx_xsk_setsockopt+0x10/0x10
[  157.176762][ T6676]  do_sock_setsockopt+0x25a/0x3e0
[  157.176807][ T6676]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  157.176852][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.176884][ T6676]  ? __fget_files+0x2a/0x420
[  157.176936][ T6676]  __x64_sys_setsockopt+0x18b/0x220
[  157.176985][ T6676]  do_syscall_64+0xfa/0x3b0
[  157.177017][ T6676]  ? lockdep_hardirqs_on+0x9c/0x150
[  157.177046][ T6676]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.177078][ T6676]  ? srso_alias_return_thunk+0x5/0xfbef5
[  157.177107][ T6676]  ? exc_page_fault+0x9f/0xf0
[  157.177140][ T6676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.177164][ T6676] RIP: 0033:0x7fafd4d8e969
[  157.177186][ T6676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  157.177207][ T6676] RSP: 002b:00007fafd5b24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  157.177232][ T6676] RAX: ffffffffffffffda RBX: 00007fafd4fb5fa0 RCX: 00007fafd4d8e969
[  157.177251][ T6676] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000006
[  157.177266][ T6676] RBP: 00007fafd4e10ab1 R08: 0000000000000004 R09: 0000000000000000
[  157.177282][ T6676] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.177298][ T6676] R13: 0000000000000000 R14: 00007fafd4fb5fa0 R15: 00007ffe2b5df698
[  157.177337][ T6676]  </TASK>
[  157.177346][ T6676] Mem-Info:
[  157.532932][ T6676] active_anon:6273 inactive_anon:0 isolated_anon:0
[  157.532932][ T6676]  active_file:1324 inactive_file:39853 isolated_file:0
[  157.532932][ T6676]  unevictable:768 dirty:108 writeback:0
[  157.532932][ T6676]  slab_reclaimable:10342 slab_unreclaimable:101554
[  157.532932][ T6676]  mapped:34588 shmem:1365 pagetables:965
[  157.532932][ T6676]  sec_pagetables:0 bounce:0
[  157.532932][ T6676]  kernel_misc_reclaimable:0
[  157.532932][ T6676]  free:1330315 free_pcp:295 free_cma:0
[  157.594144][ T6676] Node 0 active_anon:25092kB inactive_anon:0kB active_file:5296kB inactive_file:159204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142352kB dirty:424kB writeback:0kB shmem:3924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11988kB pagetables:3860kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  157.629812][ T6676] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  157.672370][ T6676] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  157.690208][ T6677] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  157.725479][ T6676] lowmem_reserve[]: 0 2501 2503 2503 2503
[  157.731441][ T6676] Node 0 DMA32 free:1381084kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:25044kB inactive_anon:0kB active_file:5296kB inactive_file:157364kB unevictable:1536kB writepending:420kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:1684kB local_pcp:800kB free_cma:0kB
[  157.764740][ T6676] lowmem_reserve[]: 0 0 1 1 1
[  157.769543][ T6676] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  157.799023][ T6676] lowmem_reserve[]: 0 0 0 0 0
[  157.804197][ T6676] Node 1 Normal free:3924112kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:68kB local_pcp:36kB free_cma:0kB
[  157.837070][ T6676] lowmem_reserve[]: 0 0 0 0 0
[  157.842248][ T6676] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  157.855545][ T6676] Node 0 DMA32: 584*4kB (UME) 688*8kB (UME) 386*16kB (UME) 302*32kB (UME) 202*64kB (UME) 167*128kB (UME) 121*256kB (UME) 72*512kB (UME) 18*1024kB (UME) 3*2048kB (UME) 301*4096kB (M) = 1383296kB
[  157.875444][ T6676] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  157.893482][ T6676] Node 1 Normal: 136*4kB (UME) 32*8kB (UME) 31*16kB (UME) 214*32kB (UME) 95*64kB (UME) 26*128kB (UME) 16*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3924112kB
[  157.913043][ T6676] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  157.923069][ T6676] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  157.933031][ T6676] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  157.945744][ T6676] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  157.955442][ T6676] 42535 total pagecache pages
[  157.960252][ T6676] 0 pages in swap cache
[  157.964641][ T6676] Free swap  = 124996kB
[  157.969011][ T6676] Total swap = 124996kB
[  157.974467][ T6676] 2097051 pages RAM
[  157.978290][ T6676] 0 pages HighMem/MovableOnly
[  157.983376][ T6676] 424631 pages reserved
[  157.987633][ T6676] 0 pages cma reserved
[  158.090899][ T6660] ip6gretap0: entered promiscuous mode
[  158.099081][ T6660] macvtap1: entered promiscuous mode
[  158.110428][ T6660] macvtap1: entered allmulticast mode
[  158.121638][ T6660] ip6gretap0: entered allmulticast mode
[  158.158443][ T6661] ip6gretap0: left allmulticast mode
[  158.167895][ T6661] ip6gretap0: left promiscuous mode
[  158.211937][ T6669] bridge0: port 3(wlan1) entered blocking state
[  158.227783][ T6669] bridge0: port 3(wlan1) entered disabled state
[  158.258352][ T6673] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  159.357827][ T6702] 9pnet_virtio: no channels available for device syz
[  159.772198][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  160.660223][ T6353] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  160.750044][ T6353] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  160.962799][ T6353] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  161.162309][ T6730] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  161.339098][ T6721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.166'.
[  161.339180][ T6353] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  161.444891][ T6734] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  161.463026][ T6729] netlink: 4 bytes leftover after parsing attributes in process `syz.4.166'.
[  161.480411][ T6726] netlink: 4 bytes leftover after parsing attributes in process `syz.0.165'.
[  161.522928][ T6721] ip6gretap0: entered promiscuous mode
[  161.528745][ T6721] macvtap1: entered promiscuous mode
[  161.545121][ T6721] macvtap1: entered allmulticast mode
[  161.556270][ T6721] ip6gretap0: entered allmulticast mode
[  161.611233][ T6725] ip6gretap0: left allmulticast mode
[  161.652560][ T5838] block nbd4: Receive control failed (result -32)
[  161.668767][ T6725] ip6gretap0: left promiscuous mode
[  162.179703][ T6744] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  162.366116][ T6756] binder: BINDER_SET_CONTEXT_MGR already set
[  162.408989][ T6756] binder: 6754:6756 ioctl 4018620d 200000000040 returned -16
[  163.459155][ T6353] 8021q: adding VLAN 0 to HW filter on device bond0
[  163.585734][ T6353] 8021q: adding VLAN 0 to HW filter on device team0
[  163.626438][ T6219] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.633632][ T6219] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.707471][ T6219] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.714723][ T6219] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.272428][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  164.695812][ T6353] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  167.672891][   T30] audit: type=1326 audit(2000000002.439:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6806 comm="syz.1.185" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1869f8e969 code=0x0
[  167.794330][ T6802] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  167.890977][ T6353] 8021q: adding VLAN 0 to HW filter on device batadv0
[  169.354008][ T6827] netlink: 'syz.3.190': attribute type 1 has an invalid length.
[  169.993842][ T5838] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  170.600878][ T6834] veth3: entered promiscuous mode
[  170.632449][ T6834] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  170.931656][ T6848] netlink: 116 bytes leftover after parsing attributes in process `syz.1.195'.
[  170.990872][ T6848] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  172.287523][ T6353] veth0_vlan: entered promiscuous mode
[  172.849165][ T6353] veth1_vlan: entered promiscuous mode
[  173.065246][   T30] audit: type=1326 audit(2000000001.619:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6865 comm="syz.3.200" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f137df8e969 code=0x0
[  173.075015][ T6353] veth0_macvtap: entered promiscuous mode
[  173.329267][ T6353] veth1_macvtap: entered promiscuous mode
[  174.436377][ T6353] batman_adv: batadv0: Interface activated: batadv_slave_0
[  174.474766][ T6353] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.500825][ T6353] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.531694][ T6353] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  174.601594][ T6353] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  174.610359][ T6353] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.364314][ T6879] loop4: detected capacity change from 0 to 32768
[  176.395369][ T6879] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.205 (6879)
[  176.549672][ T6217] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.726120][ T6217] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.143171][ T6879] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  177.176838][ T4372] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.207629][ T6879] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  177.222965][ T6879] BTRFS info (device loop4): using free-space-tree
[  177.303635][ T4372] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.325441][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  177.327965][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  177.395220][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  177.455673][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  177.503515][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  177.565064][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  177.612733][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  177.656943][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  177.728271][ T6879] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  177.883538][ T6879] BTRFS error (device loop4): open_ctree failed: -12
[  178.671917][ T6944] netlink: 36 bytes leftover after parsing attributes in process `syz.6.78'.
[  178.916123][   T30] audit: type=1326 audit(2000000007.469:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.0.217" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3eeb8e969 code=0x0
[  182.078874][ T6985] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.689249][ T6985] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.250444][ T6985] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.460278][ T6985] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.381373][ T6985] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.464651][ T6985] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.520399][ T6995] loop3: detected capacity change from 0 to 32768
[  184.612204][ T6995] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.232 (6995)
[  184.670264][ T6985] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.717336][ T6995] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  184.759791][ T6985] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.781769][ T6995] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  184.791861][ T6995] BTRFS info (device loop3): using free-space-tree
[  185.771841][ T6995] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  185.772331][ T6995] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  185.974348][ T6995] BTRFS error (device loop3): open_ctree failed: -12
[  186.783707][ T7054] netlink: 'syz.3.242': attribute type 1 has an invalid length.
[  186.837198][ T7055] netlink: 52 bytes leftover after parsing attributes in process `syz.3.242'.
[  187.761223][ T7058] veth5: entered promiscuous mode
[  188.528153][ T7058] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  188.899162][ T7071] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  189.526146][ T7040] netlink: 12 bytes leftover after parsing attributes in process `syz.2.237'.
[  192.307628][ T7094] netlink: 'syz.3.251': attribute type 23 has an invalid length.
[  193.731015][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  193.748053][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  194.037768][ T7132] netlink: 'syz.2.261': attribute type 1 has an invalid length.
[  194.090511][ T7101] loop6: detected capacity change from 0 to 32768
[  194.167975][ T7101] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.254 (7101)
[  194.239285][ T7138] netlink: 52 bytes leftover after parsing attributes in process `syz.2.261'.
[  194.457428][ T7142] futex_wake_op: syz.4.260 tries to shift op by -33; fix this program
[  195.097495][ T7138] veth3: entered promiscuous mode
[  200.674707][ T7204] netlink: 'syz.4.278': attribute type 1 has an invalid length.
[  200.993910][ T7215] netlink: 52 bytes leftover after parsing attributes in process `syz.4.278'.
[  202.672100][ T7217] veth3: entered promiscuous mode
[  202.785361][ T7217] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  203.016293][ T7230] process 'syz.4.286' launched '/dev/fd/3' with NULL argv: empty string added
[  203.291880][ T7235] serio: Serial port ptm0
[  204.760211][   T30] audit: type=1400 audit(2000000004.679:12): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7257 comm="syz.4.295"
[  205.037562][ T7266] mmap: syz.4.295 (7266) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  206.412442][ T5896] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  206.655636][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  206.680312][ T5896] usb 1-1: config index 0 descriptor too short (expected 5924, got 36)
[  206.719222][ T5896] usb 1-1: config 250 has an invalid interface number: 228 but max is -1
[  206.773885][ T5896] usb 1-1: config 250 has 1 interface, different from the descriptor's value: 0
[  206.838510][ T5896] usb 1-1: config 250 has no interface number 0
[  206.871093][ T5896] usb 1-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  206.930876][ T5896] usb 1-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  206.992978][ T5896] usb 1-1: config 250 interface 228 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  207.011087][ T7284] netlink: 'syz.4.299': attribute type 1 has an invalid length.
[  207.061420][ T5896] usb 1-1: config 250 interface 228 has no altsetting 0
[  207.105630][ T5896] usb 1-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  207.114401][ T7289] netlink: 52 bytes leftover after parsing attributes in process `syz.4.299'.
[  207.123598][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  207.123641][ T5896] usb 1-1: Product: syz
[  207.123660][ T5896] usb 1-1: SerialNumber: syz
[  207.135534][ T5896] hub 1-1:250.228: bad descriptor, ignoring hub
[  207.148339][ T5896] hub 1-1:250.228: probe with driver hub failed with error -5
[  208.084474][ T7292] veth5: entered promiscuous mode
[  208.107031][ T7292] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  208.937614][ T2145] usb 1-1: USB disconnect, device number 2
[  209.003374][   T30] audit: type=1326 audit(2000000008.909:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  209.417960][   T30] audit: type=1326 audit(2000000008.909:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  209.842415][   T30] audit: type=1326 audit(2000000008.909:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  209.864616][    C0] vkms_vblank_simulate: vblank timer overrun
[  210.227235][   T30] audit: type=1326 audit(2000000008.919:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.250695][   T30] audit: type=1326 audit(2000000008.919:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.275762][   T30] audit: type=1326 audit(2000000008.919:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.299154][   T30] audit: type=1326 audit(2000000008.919:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.322161][   T30] audit: type=1326 audit(2000000008.919:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.382033][   T30] audit: type=1326 audit(2000000008.919:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  210.502188][   T30] audit: type=1326 audit(2000000008.929:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  211.042064][   T30] audit: type=1326 audit(2000000008.949:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  211.068205][   T30] audit: type=1326 audit(2000000008.949:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7305 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15f658e969 code=0x7ffc0000
[  213.459240][ T7344] netlink: 'syz.1.315': attribute type 1 has an invalid length.
[  214.479611][ T7351] netlink: 52 bytes leftover after parsing attributes in process `syz.1.315'.
[  214.832816][ T7353] veth3: entered promiscuous mode
[  214.880694][ T7353] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  216.441697][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  216.447787][ T5842] Bluetooth: hci4: command 0x0406 tx timeout
[  216.454294][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  216.633034][ T7379] netlink: 16 bytes leftover after parsing attributes in process `syz.4.321'.
[  216.694332][ T7377] netlink: 'syz.4.321': attribute type 11 has an invalid length.
[  216.801430][ T7377] netlink: 224 bytes leftover after parsing attributes in process `syz.4.321'.
[  216.902229][ T7380] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  217.136919][ T7386] netlink: 'syz.1.325': attribute type 27 has an invalid length.
[  217.535755][ T7386] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.543578][ T7386] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.644278][ T7386] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  219.692543][ T7386] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.098880][ T7415] netlink: 'syz.4.334': attribute type 1 has an invalid length.
[  220.107600][ T7386] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.120785][ T7416] 9pnet_fd: Insufficient options for proto=fd
[  220.127004][ T7386] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.145977][ T7386] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.156150][ T7386] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  220.168836][ T7417] netlink: 52 bytes leftover after parsing attributes in process `syz.4.334'.
[  220.298340][ T7386] veth3: left promiscuous mode
[  220.369903][ T7388] 8021q: adding VLAN 0 to HW filter on device bond0
[  220.380002][ T7388] 8021q: adding VLAN 0 to HW filter on device team0
[  220.398333][ T7388] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  220.567219][ T7388] syz.1.325 (7388) used greatest stack depth: 20024 bytes left
[  220.695594][ T7427] netlink: 'syz.3.335': attribute type 10 has an invalid length.
[  220.793884][ T7418] veth7: entered promiscuous mode
[  220.839469][ T7418] bond3: (slave veth7): Enslaving as a backup interface with a down link
[  221.055852][ T7427] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  225.593289][   T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  226.798574][   T10] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  226.913188][   T10] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  226.955020][   T10] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  226.987077][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.041236][ T7464] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  227.070942][   T10] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  227.352648][ T7488] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  227.392010][ T7488] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  227.467032][ T7488] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  227.530923][ T7488] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  227.678677][   T10] usb 7-1: USB disconnect, device number 2
[  227.686684][ T7488] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  227.752288][ T7488] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[  228.690925][ T7488] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  228.822218][ T7488] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  228.858380][ T7488] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  228.903774][ T7502] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  228.937656][ T7488] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  228.981422][ T7502] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  229.080599][ T7502] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  229.171977][ T7502] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  229.229713][ T7502] geneve2: entered promiscuous mode
[  229.299500][ T7502] geneve2: entered allmulticast mode
[  229.648623][ T7488] bridge0: port 3(wlan1) entered disabled state
[  231.281776][ T7488] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  231.287955][ T7488] Bluetooth: hci6: Error when powering off device on rfkill (-4)
[  233.435887][ T7559] block nbd1: Cannot use ioctl interface on a netlink controlled device.
[  233.495027][ T7567] netlink: 36 bytes leftover after parsing attributes in process `syz.4.369'.
[  233.655600][ T7559] block nbd1: Cannot use ioctl interface on a netlink controlled device.
[  233.761007][ T7570] netlink: 12 bytes leftover after parsing attributes in process `syz.2.371'.
[  234.382330][ T7571] block nbd1: shutting down sockets
[  242.336320][ T7643] netlink: 36 bytes leftover after parsing attributes in process `syz.4.386'.
[  244.202500][ T7657] 9pnet_virtio: no channels available for device syz
[  245.110429][ T7659] batadv_slave_0: entered promiscuous mode
[  246.340358][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  246.340379][   T30] audit: type=1326 audit(2000000046.259:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7668 comm="syz.0.393" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3eeb8e969 code=0x0
[  248.751245][ T7697] block device autoloading is deprecated and will be removed.
[  250.920250][ T7708] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 20000 - 0
[  250.928830][ T7708] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 20000 - 0
[  250.937387][ T7708] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 20000 - 0
[  250.945876][ T7708] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 20000 - 0
[  250.956562][ T7708] geneve2: entered promiscuous mode
[  250.961858][ T7708] geneve2: entered allmulticast mode
[  252.091908][ T7720] usb usb1: usbfs: process 7720 (syz.6.406) did not claim interface 0 before use
[  253.261940][ T7735] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[  253.284463][   T30] audit: type=1326 audit(2000000053.199:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7730 comm="syz.1.409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1869f8e969 code=0x0
[  253.332107][ T7735] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[  253.512924][ T7738] netlink: 36 bytes leftover after parsing attributes in process `syz.2.410'.
[  253.971845][ T1202] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  254.156200][ T1202] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  254.201710][ T1202] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  254.412850][ T7757] block nbd4: Cannot use ioctl interface on a netlink controlled device.
[  254.457335][ T1202] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  254.471891][ T7757] block nbd4: Cannot use ioctl interface on a netlink controlled device.
[  254.495467][ T7757] block nbd4: shutting down sockets
[  254.504372][ T1202] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  254.529819][ T1202] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  254.563398][ T1202] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  254.572902][ T1202] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  254.581055][ T1202] usb 7-1: Product: syz
[  254.608928][ T1202] usb 7-1: Manufacturer: syz
[  254.801414][ T1202] cdc_wdm 7-1:1.0: skipping garbage
[  254.811608][ T1202] cdc_wdm 7-1:1.0: skipping garbage
[  254.823183][ T1202] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  254.829193][ T1202] cdc_wdm 7-1:1.0: Unknown control protocol
[  255.097255][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  255.103937][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  255.616229][   T30] audit: type=1804 audit(2000000055.369:55): pid=7779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.421" name="/newroot/69/bus/bus" dev="overlay" ino=385 res=1 errno=0
[  255.681954][   T30] audit: type=1804 audit(2000000055.379:56): pid=7779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.421" name="/newroot/69/bus/bus" dev="overlay" ino=385 res=1 errno=0
[  258.658493][    C0] cdc_wdm 7-1:1.0: nonzero urb status received: -71
[  258.659263][ T5895] usb 7-1: USB disconnect, device number 3
[  258.665332][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - 0 bytes
[  258.677231][    C0] cdc_wdm 7-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  258.818457][ T7801] netlink: 36 bytes leftover after parsing attributes in process `syz.6.427'.
[  259.605900][ T7809] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  260.982996][   T30] audit: type=1326 audit(2000000003.389:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7812 comm="syz.1.432" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1869f8e969 code=0x7fc00000
[  263.464583][ T7854] netlink: 36 bytes leftover after parsing attributes in process `syz.1.440'.
[  270.372863][ T7909] netlink: 'syz.2.452': attribute type 1 has an invalid length.
[  270.827041][ T7917] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'.
[  271.284211][ T7928] netlink: 12 bytes leftover after parsing attributes in process `syz.1.457'.
[  271.809472][ T7924] veth5: entered promiscuous mode
[  272.113090][ T7947] trusted_key: encrypted_key: insufficient parameters specified
[  272.485823][ T7924] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  272.778163][ T7945] netlink: 44 bytes leftover after parsing attributes in process `syz.3.459'.
[  276.840585][ T8004] netlink: 'syz.1.477': attribute type 1 has an invalid length.
[  276.968116][ T8011] netlink: 12 bytes leftover after parsing attributes in process `syz.4.476'.
[  277.055063][ T8010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.477'.
[  277.371343][ T8012] veth5: entered promiscuous mode
[  277.398111][ T8012] bond2: (slave veth5): Enslaving as a backup interface with a down link
[  277.433325][ T8021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.480'.
[  277.458169][ T8021] netlink: 12 bytes leftover after parsing attributes in process `syz.2.480'.
[  277.757255][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  277.805332][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  277.856437][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  277.901611][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  277.929367][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  277.973931][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.006274][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.029330][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.062732][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.119992][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.158103][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.188788][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.215898][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.235141][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.278622][   T24] hid-generic 00A0:0006:0003.0001: unknown main item tag 0x0
[  278.326486][   T24] hid-generic 00A0:0006:0003.0001: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  279.443761][ T8045] fido_id[8045]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  280.779528][ T8077] netlink: 'syz.3.495': attribute type 1 has an invalid length.
[  280.847490][ T8081] netlink: 8 bytes leftover after parsing attributes in process `syz.3.495'.
[  281.117111][ T8077] veth7: entered promiscuous mode
[  281.163312][ T8077] bond3: (slave veth7): Enslaving as a backup interface with a down link
[  282.284983][ T8052] block device autoloading is deprecated and will be removed.
[  282.313293][ T8052] syz.2.488: attempt to access beyond end of device
[  282.313293][ T8052] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  284.055794][ T8124] netlink: 40 bytes leftover after parsing attributes in process `syz.2.505'.
[  284.268522][ T5893] libceph: connect (1)[c::]:6789 error -101
[  284.277191][ T5893] libceph: mon0 (1)[c::]:6789 connect error
[  284.288161][ T5893] libceph: connect (1)[c::]:6789 error -101
[  284.296526][ T8124] ceph: No mds server is up or the cluster is laggy
[  284.303590][ T5893] libceph: mon0 (1)[c::]:6789 connect error
[  288.349993][ T8170] 9pnet_fd: p9_fd_create_tcp (8170): problem connecting socket to 127.0.0.1
[  294.580588][ T8243] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  296.188144][ T8261] tipc: Started in network mode
[  296.193447][ T8261] tipc: Node identity 4000004, cluster identity 4711
[  296.200191][ T8261] tipc: Node number set to 67108868
[  298.445004][ T8281] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  300.862504][ T8314] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[  300.872290][ T8314] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[  300.882774][ T8314] block nbd0: shutting down sockets
[  301.331721][ T5893] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  301.336328][ T8326] @: renamed from vlan0 (while UP)
[  301.512756][ T5893] usb 5-1: Using ep0 maxpacket: 8
[  301.525224][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  301.542103][ T5893] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  301.551431][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.585364][ T5893] usb 5-1: config 0 descriptor??
[  301.816502][ T5893] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  302.085129][ T8353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.094288][ T8353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.126817][ T8353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.167665][ T8357] block nbd2: Cannot use ioctl interface on a netlink controlled device.
[  302.177474][ T8353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.182960][ T8357] block nbd2: Cannot use ioctl interface on a netlink controlled device.
[  302.280141][ T8350] block nbd2: shutting down sockets
[  302.504925][ T1202] usb 5-1: USB disconnect, device number 2
[  307.255854][ T8409] block nbd0: shutting down sockets
[  308.204334][ T8423] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.215186][ T8423] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  309.527612][ T8434] sctp: failed to load transform for md5: -2
[  309.557900][ T8423] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.611611][ T8423] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  310.226877][ T8423] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.402769][ T8423] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  310.829296][ T8423] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.932310][ T8423] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  311.719342][ T8423] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0
[  311.739072][ T8423] netdevsim netdevsim3 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[  311.880651][ T8423] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0
[  311.906517][ T8423] netdevsim netdevsim3 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[  311.946830][ T8423] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0
[  312.066216][ T8423] netdevsim netdevsim3 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[  314.615440][ T8423] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0
[  314.651709][ T8423] netdevsim netdevsim3 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[  315.483257][ T8501] netlink: 36 bytes leftover after parsing attributes in process `syz.4.594'.
[  316.577393][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  316.590309][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  317.868854][ T8525] netlink: 'syz.2.600': attribute type 1 has an invalid length.
[  318.016531][ T8528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.600'.
[  318.095092][ T5893] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  318.321514][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.998096][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.009356][ T5893] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  319.046351][ T5893] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  319.076442][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.098220][ T5893] usb 1-1: config 0 descriptor??
[  319.134438][ T8532] veth7: entered promiscuous mode
[  319.356655][ T8532] bond3: (slave veth7): Enslaving as a backup interface with a down link
[  320.094719][ T5893] usbhid 1-1:0.0: can't add hid device: -71
[  320.101351][ T5893] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  320.171895][ T5893] usb 1-1: USB disconnect, device number 3
[  324.394529][   T30] audit: type=1326 audit(2000000001.389:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8604 comm="syz.3.617" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f137df8e969 code=0x0
[  328.658626][ T8658] program syz.4.629 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  329.504515][   T30] audit: type=1326 audit(2000000002.079:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8662 comm="syz.2.632" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fafd4d8e969 code=0x0
[  337.123022][ T8770] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  342.257706][ T8816] ubi0: attaching mtd0
[  342.273781][ T8816] ubi0: scanning is finished
[  342.278494][ T8816] ubi0: empty MTD device detected
[  342.889532][ T8816] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  343.068377][ T8816] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  343.241564][ T8816] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  343.248561][ T8816] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  343.361796][ T8816] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  343.368718][ T8816] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  343.491647][ T8816] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 189101579
[  343.563022][ T8833] warn_alloc: 2 callbacks suppressed
[  343.563044][ T8833] syz.0.677: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  343.588178][ T8816] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  343.615422][ T8827] ubi0: background thread "ubi_bgt0d" started, PID 8827
[  343.622271][ T8823] ubi0: detaching mtd0
[  343.628606][ T8833] CPU: 1 UID: 0 PID: 8833 Comm: syz.0.677 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  343.628639][ T8833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  343.628654][ T8833] Call Trace:
[  343.628664][ T8833]  <TASK>
[  343.628674][ T8833]  dump_stack_lvl+0x189/0x250
[  343.628723][ T8833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.628763][ T8833]  ? __pfx__printk+0x10/0x10
[  343.628791][ T8833]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  343.628833][ T8833]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  343.628875][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.628904][ T8833]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  343.628948][ T8833]  warn_alloc+0x214/0x310
[  343.628972][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629000][ T8833]  ? stack_depot_save_flags+0x40/0x900
[  343.629040][ T8833]  ? __pfx_warn_alloc+0x10/0x10
[  343.629067][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629095][ T8833]  ? kasan_save_track+0x4f/0x80
[  343.629129][ T8833]  ? xskq_create+0x56/0x170
[  343.629157][ T8833]  ? xsk_init_queue+0xb0/0x110
[  343.629189][ T8833]  ? xsk_setsockopt+0x43f/0x710
[  343.629213][ T8833]  ? do_sock_setsockopt+0x25a/0x3e0
[  343.629251][ T8833]  ? __x64_sys_setsockopt+0x18b/0x220
[  343.629289][ T8833]  ? do_syscall_64+0xfa/0x3b0
[  343.629319][ T8833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.629352][ T8833]  __vmalloc_node_range_noprof+0x125/0x1340
[  343.629429][ T8833]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  343.629476][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629504][ T8833]  ? __kasan_kmalloc+0x93/0xb0
[  343.629542][ T8833]  vmalloc_user_noprof+0xad/0xf0
[  343.629565][ T8833]  ? xskq_create+0xbf/0x170
[  343.629596][ T8833]  xskq_create+0xbf/0x170
[  343.629628][ T8833]  xsk_init_queue+0xb0/0x110
[  343.629659][ T8833]  xsk_setsockopt+0x43f/0x710
[  343.629689][ T8833]  ? __pfx_xsk_setsockopt+0x10/0x10
[  343.629712][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629739][ T8833]  ? __lock_acquire+0xab9/0xd20
[  343.629777][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629809][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629837][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.629864][ T8833]  ? __pfx_xsk_setsockopt+0x10/0x10
[  343.629893][ T8833]  do_sock_setsockopt+0x25a/0x3e0
[  343.629936][ T8833]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  343.629978][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.630007][ T8833]  ? __fget_files+0x2a/0x420
[  343.630054][ T8833]  __x64_sys_setsockopt+0x18b/0x220
[  343.630102][ T8833]  do_syscall_64+0xfa/0x3b0
[  343.630132][ T8833]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.630166][ T8833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.630190][ T8833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  343.630219][ T8833]  ? exc_page_fault+0x9f/0xf0
[  343.630250][ T8833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.630274][ T8833] RIP: 0033:0x7fe3eeb8e969
[  343.630296][ T8833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.630317][ T8833] RSP: 002b:00007fe3ec9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  343.630343][ T8833] RAX: ffffffffffffffda RBX: 00007fe3eedb5fa0 RCX: 00007fe3eeb8e969
[  343.630362][ T8833] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  343.630377][ T8833] RBP: 00007fe3eec10ab1 R08: 0000000000000004 R09: 0000000000000000
[  343.630393][ T8833] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  343.630410][ T8833] R13: 0000000000000000 R14: 00007fe3eedb5fa0 R15: 00007ffd47cf7968
[  343.630448][ T8833]  </TASK>
[  343.630458][ T8833] Mem-Info:
[  344.004526][ T8833] active_anon:10858 inactive_anon:0 isolated_anon:0
[  344.004526][ T8833]  active_file:2358 inactive_file:39953 isolated_file:0
[  344.004526][ T8833]  unevictable:768 dirty:241 writeback:0
[  344.004526][ T8833]  slab_reclaimable:10664 slab_unreclaimable:104552
[  344.004526][ T8833]  mapped:48289 shmem:4226 pagetables:1190
[  344.004526][ T8833]  sec_pagetables:0 bounce:0
[  344.004526][ T8833]  kernel_misc_reclaimable:0
[  344.004526][ T8833]  free:1299012 free_pcp:103 free_cma:0
[  344.058662][ T8823] ubi0: mtd0 is detached
[  344.121720][ T8833] Node 0 active_anon:43432kB inactive_anon:0kB active_file:9432kB inactive_file:159604kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:193156kB dirty:960kB writeback:0kB shmem:15368kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12656kB pagetables:4760kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  344.189066][ T8833] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  344.251765][ T8833] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  344.495468][ T8833] lowmem_reserve[]: 0 2501 2503 2503 2503
[  344.522180][ T8833] Node 0 DMA32 free:1239016kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:54808kB inactive_anon:0kB active_file:9432kB inactive_file:157764kB unevictable:1536kB writepending:972kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:5632kB local_pcp:224kB free_cma:0kB
[  344.609508][ T8833] lowmem_reserve[]: 0 0 1 1 1
[  344.618517][ T8833] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  344.697216][ T8833] lowmem_reserve[]: 0 0 0 0 0
[  344.706750][ T8833] Node 1 Normal free:3924308kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  344.768837][ T8833] lowmem_reserve[]: 0 0 0 0 0
[  344.774152][ T8833] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  344.791134][ T8833] Node 0 DMA32: 67*4kB (UME) 55*8kB (UE) 10*16kB (UME) 14*32kB (UE) 27*64kB (UE) 78*128kB (UME) 52*256kB (UME) 33*512kB (UME) 13*1024kB (UME) 1*2048kB (E) 288*4096kB (UM) = 1238244kB
[  344.837374][ T8833] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  344.854208][ T8833] Node 1 Normal: 145*4kB (UME) 32*8kB (UME) 31*16kB (UME) 215*32kB (UME) 93*64kB (UME) 28*128kB (UME) 16*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3924308kB
[  344.878368][ T8833] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  344.901625][ T8833] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  344.923029][ T8833] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  344.944797][ T8833] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  344.956547][ T8833] 49400 total pagecache pages
[  344.962476][ T8833] 0 pages in swap cache
[  344.967270][ T8833] Free swap  = 124996kB
[  344.974444][ T8833] Total swap = 124996kB
[  344.994370][ T8833] 2097051 pages RAM
[  344.998330][ T8833] 0 pages HighMem/MovableOnly
[  345.015314][ T8833] 424631 pages reserved
[  345.024383][ T8833] 0 pages cma reserved
[  350.251555][   T30] audit: type=1326 audit(2000000022.819:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8879 comm="syz.3.689" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f137df8e969 code=0x0
[  350.763122][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.691'.
[  357.927542][ T8951] warn_alloc: 1 callbacks suppressed
[  357.927561][ T8951] syz.3.709: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  357.949654][ T8951] CPU: 0 UID: 0 PID: 8951 Comm: syz.3.709 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  357.949687][ T8951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  357.949702][ T8951] Call Trace:
[  357.949713][ T8951]  <TASK>
[  357.949723][ T8951]  dump_stack_lvl+0x189/0x250
[  357.949770][ T8951]  ? __pfx_dump_stack_lvl+0x10/0x10
[  357.949809][ T8951]  ? __pfx__printk+0x10/0x10
[  357.949837][ T8951]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  357.949877][ T8951]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  357.949929][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.949958][ T8951]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  357.950003][ T8951]  warn_alloc+0x214/0x310
[  357.950028][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950057][ T8951]  ? stack_depot_save_flags+0x40/0x900
[  357.950095][ T8951]  ? __pfx_warn_alloc+0x10/0x10
[  357.950121][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950150][ T8951]  ? kasan_save_track+0x4f/0x80
[  357.950182][ T8951]  ? xskq_create+0x56/0x170
[  357.950210][ T8951]  ? xsk_init_queue+0xb0/0x110
[  357.950235][ T8951]  ? xsk_setsockopt+0x43f/0x710
[  357.950258][ T8951]  ? do_sock_setsockopt+0x25a/0x3e0
[  357.950295][ T8951]  ? __x64_sys_setsockopt+0x18b/0x220
[  357.950331][ T8951]  ? do_syscall_64+0xfa/0x3b0
[  357.950361][ T8951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.950395][ T8951]  __vmalloc_node_range_noprof+0x125/0x1340
[  357.950472][ T8951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  357.950519][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950546][ T8951]  ? __kasan_kmalloc+0x93/0xb0
[  357.950584][ T8951]  vmalloc_user_noprof+0xad/0xf0
[  357.950607][ T8951]  ? xskq_create+0xbf/0x170
[  357.950637][ T8951]  xskq_create+0xbf/0x170
[  357.950670][ T8951]  xsk_init_queue+0xb0/0x110
[  357.950701][ T8951]  xsk_setsockopt+0x43f/0x710
[  357.950732][ T8951]  ? __pfx_xsk_setsockopt+0x10/0x10
[  357.950756][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950785][ T8951]  ? __lock_acquire+0xab9/0xd20
[  357.950824][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950856][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950883][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.950910][ T8951]  ? __pfx_xsk_setsockopt+0x10/0x10
[  357.950943][ T8951]  do_sock_setsockopt+0x25a/0x3e0
[  357.950986][ T8951]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  357.951027][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.951056][ T8951]  ? __fget_files+0x2a/0x420
[  357.951104][ T8951]  __x64_sys_setsockopt+0x18b/0x220
[  357.951151][ T8951]  do_syscall_64+0xfa/0x3b0
[  357.951180][ T8951]  ? lockdep_hardirqs_on+0x9c/0x150
[  357.951209][ T8951]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.951232][ T8951]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.951259][ T8951]  ? exc_page_fault+0x9f/0xf0
[  357.951290][ T8951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.951313][ T8951] RIP: 0033:0x7f137df8e969
[  357.951334][ T8951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.951354][ T8951] RSP: 002b:00007f137eea9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  357.951378][ T8951] RAX: ffffffffffffffda RBX: 00007f137e1b5fa0 RCX: 00007f137df8e969
[  357.951397][ T8951] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  357.951411][ T8951] RBP: 00007f137e010ab1 R08: 0000000000000004 R09: 0000000000000000
[  357.951428][ T8951] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  357.951447][ T8951] R13: 0000000000000000 R14: 00007f137e1b5fa0 R15: 00007ffe3151d198
[  357.951485][ T8951]  </TASK>
[  358.350377][ T8951] Mem-Info:
[  358.356794][ T8951] active_anon:8212 inactive_anon:0 isolated_anon:0
[  358.356794][ T8951]  active_file:2358 inactive_file:39960 isolated_file:0
[  358.356794][ T8951]  unevictable:768 dirty:201 writeback:0
[  358.356794][ T8951]  slab_reclaimable:10661 slab_unreclaimable:104160
[  358.356794][ T8951]  mapped:50567 shmem:1376 pagetables:1185
[  358.356794][ T8951]  sec_pagetables:0 bounce:0
[  358.356794][ T8951]  kernel_misc_reclaimable:0
[  358.356794][ T8951]  free:1289265 free_pcp:1401 free_cma:0
[  358.403445][ T8951] Node 0 active_anon:32848kB inactive_anon:0kB active_file:9432kB inactive_file:159632kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:202268kB dirty:800kB writeback:0kB shmem:3968kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12696kB pagetables:4740kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  358.440172][ T8951] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  358.479478][ T8951] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  358.507411][ T8951] lowmem_reserve[]: 0 2501 2503 2503 2503
[  358.513680][ T8951] Node 0 DMA32 free:1217196kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:32724kB inactive_anon:0kB active_file:9432kB inactive_file:157792kB unevictable:1536kB writepending:796kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:5516kB local_pcp:5276kB free_cma:0kB
[  358.545716][ T8951] lowmem_reserve[]: 0 0 1 1 1
[  358.550510][ T8951] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  358.578290][ T8951] lowmem_reserve[]: 0 0 0 0 0
[  358.583144][ T8951] Node 1 Normal free:3924308kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  358.612787][ T8951] lowmem_reserve[]: 0 0 0 0 0
[  358.617614][ T8951] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  358.658424][ T8951] Node 0 DMA32: 168*4kB (UM) 514*8kB (UME) 524*16kB (UME) 381*32kB (UME) 198*64kB (UME) 55*128kB (UME) 36*256kB (UME) 26*512kB (UME) 13*1024kB (UME) 1*2048kB (E) 278*4096kB (M) = 1221648kB
[  358.690690][ T8951] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  358.712650][ T8951] Node 1 Normal: 145*4kB (UME) 32*8kB (UME) 31*16kB (UME) 215*32kB (UME) 93*64kB (UME) 28*128kB (UME) 16*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3924308kB
[  358.933217][ T8951] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  359.362603][ T8951] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  359.455466][ T8951] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  359.483879][ T8951] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  359.566884][ T8951] 46782 total pagecache pages
[  359.612575][ T8951] 0 pages in swap cache
[  359.632051][ T8951] Free swap  = 124996kB
[  359.641872][ T8951] Total swap = 124996kB
[  359.646084][ T8951] 2097051 pages RAM
[  359.649904][ T8951] 0 pages HighMem/MovableOnly
[  359.681040][ T8951] 424631 pages reserved
[  359.690949][ T8951] 0 pages cma reserved
[  362.405795][ T8989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.718'.
[  365.575174][ T9021] program syz.2.729 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  366.323567][ T9024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.730'.
[  369.625612][ T9056] warn_alloc: 1 callbacks suppressed
[  369.625635][ T9056] syz.2.737: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  369.653365][ T9056] CPU: 1 UID: 0 PID: 9056 Comm: syz.2.737 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  369.653398][ T9056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  369.653413][ T9056] Call Trace:
[  369.653422][ T9056]  <TASK>
[  369.653433][ T9056]  dump_stack_lvl+0x189/0x250
[  369.653481][ T9056]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.653521][ T9056]  ? __pfx__printk+0x10/0x10
[  369.653549][ T9056]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  369.653591][ T9056]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  369.653634][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.653663][ T9056]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  369.653708][ T9056]  warn_alloc+0x214/0x310
[  369.653732][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.653760][ T9056]  ? stack_depot_save_flags+0x40/0x900
[  369.653798][ T9056]  ? __pfx_warn_alloc+0x10/0x10
[  369.653824][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.653852][ T9056]  ? kasan_save_track+0x4f/0x80
[  369.653886][ T9056]  ? xskq_create+0x56/0x170
[  369.653913][ T9056]  ? xsk_init_queue+0xb0/0x110
[  369.653938][ T9056]  ? xsk_setsockopt+0x43f/0x710
[  369.653962][ T9056]  ? do_sock_setsockopt+0x25a/0x3e0
[  369.653997][ T9056]  ? __x64_sys_setsockopt+0x18b/0x220
[  369.654035][ T9056]  ? do_syscall_64+0xfa/0x3b0
[  369.654064][ T9056]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.654099][ T9056]  __vmalloc_node_range_noprof+0x125/0x1340
[  369.654176][ T9056]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  369.654223][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654258][ T9056]  ? __kasan_kmalloc+0x93/0xb0
[  369.654296][ T9056]  vmalloc_user_noprof+0xad/0xf0
[  369.654319][ T9056]  ? xskq_create+0xbf/0x170
[  369.654350][ T9056]  xskq_create+0xbf/0x170
[  369.654382][ T9056]  xsk_init_queue+0xb0/0x110
[  369.654413][ T9056]  xsk_setsockopt+0x43f/0x710
[  369.654442][ T9056]  ? __pfx_xsk_setsockopt+0x10/0x10
[  369.654466][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654494][ T9056]  ? __lock_acquire+0xab9/0xd20
[  369.654532][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654565][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654593][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654621][ T9056]  ? __pfx_xsk_setsockopt+0x10/0x10
[  369.654650][ T9056]  do_sock_setsockopt+0x25a/0x3e0
[  369.654694][ T9056]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  369.654737][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654767][ T9056]  ? __fget_files+0x2a/0x420
[  369.654816][ T9056]  __x64_sys_setsockopt+0x18b/0x220
[  369.654863][ T9056]  do_syscall_64+0xfa/0x3b0
[  369.654893][ T9056]  ? lockdep_hardirqs_on+0x9c/0x150
[  369.654923][ T9056]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.654946][ T9056]  ? srso_alias_return_thunk+0x5/0xfbef5
[  369.654974][ T9056]  ? exc_page_fault+0x9f/0xf0
[  369.655005][ T9056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.655028][ T9056] RIP: 0033:0x7fafd4d8e969
[  369.655049][ T9056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.655071][ T9056] RSP: 002b:00007fafd5b24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  369.655095][ T9056] RAX: ffffffffffffffda RBX: 00007fafd4fb5fa0 RCX: 00007fafd4d8e969
[  369.655114][ T9056] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  369.655129][ T9056] RBP: 00007fafd4e10ab1 R08: 0000000000000004 R09: 0000000000000000
[  369.655145][ T9056] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  369.655161][ T9056] R13: 0000000000000000 R14: 00007fafd4fb5fa0 R15: 00007ffe2b5df698
[  369.655198][ T9056]  </TASK>
[  369.655208][ T9056] Mem-Info:
[  370.012584][ T9056] active_anon:12559 inactive_anon:0 isolated_anon:0
[  370.012584][ T9056]  active_file:2351 inactive_file:39965 isolated_file:0
[  370.012584][ T9056]  unevictable:768 dirty:112 writeback:0
[  370.012584][ T9056]  slab_reclaimable:10707 slab_unreclaimable:103389
[  370.012584][ T9056]  mapped:61811 shmem:5462 pagetables:1260
[  370.012584][ T9056]  sec_pagetables:0 bounce:0
[  370.012584][ T9056]  kernel_misc_reclaimable:0
[  370.012584][ T9056]  free:1273972 free_pcp:1351 free_cma:0
[  370.079310][ T9056] Node 0 active_anon:51736kB inactive_anon:0kB active_file:9404kB inactive_file:159652kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:248644kB dirty:444kB writeback:0kB shmem:21712kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12812kB pagetables:5040kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  370.139527][ T9056] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  370.176160][ T9056] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  370.210961][ T9056] lowmem_reserve[]: 0 2501 2503 2503 2503
[  370.217791][ T9056] Node 0 DMA32 free:1153388kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB active_anon:53912kB inactive_anon:0kB active_file:9404kB inactive_file:157812kB unevictable:1536kB writepending:544kB present:3129332kB managed:2561256kB mlocked:0kB bounce:0kB free_pcp:4768kB local_pcp:3856kB free_cma:0kB
[  370.255925][ T9056] lowmem_reserve[]: 0 0 1 1 1
[  370.262564][ T9056] Node 0 Normal free:4kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1840kB unevictable:0kB writepending:4kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  370.302249][ T9056] lowmem_reserve[]: 0 0 0 0 0
[  370.311813][ T9056] Node 1 Normal free:3924340kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  370.341290][ T9056] lowmem_reserve[]: 0 0 0 0 0
[  370.346776][ T9056] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  370.365249][ T9056] Node 0 DMA32: 3*4kB (UM) 72*8kB (UME) 25*16kB (U) 66*32kB (UME) 56*64kB (UME) 16*128kB (UME) 33*256kB (UME) 26*512kB (UME) 12*1024kB (ME) 1*2048kB (E) 269*4096kB (UM) = 1146652kB
[  370.385686][ T9056] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  370.398057][ T9056] Node 1 Normal: 145*4kB (UME) 32*8kB (UME) 31*16kB (UME) 214*32kB (UME) 92*64kB (UME) 27*128kB (UME) 17*256kB (UME) 6*512kB (UME) 4*1024kB (UME) 2*2048kB (UE) 950*4096kB (M) = 3924340kB
[  370.417560][ T9056] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  370.428905][ T9056] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  370.958933][ T9056] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  370.972898][ T9056] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  370.982717][ T9056] 49425 total pagecache pages
[  370.987588][ T9056] 0 pages in swap cache
[  370.992225][ T9056] Free swap  = 124996kB
[  370.996390][ T9056] Total swap = 124996kB
[  371.000592][ T9056] 2097051 pages RAM
[  371.004695][ T9056] 0 pages HighMem/MovableOnly
[  371.009385][ T9056] 424631 pages reserved
[  371.013624][ T9056] 0 pages cma reserved
[  372.345835][ T9072] netlink: 4 bytes leftover after parsing attributes in process `syz.4.742'.
[  372.437664][ T9074] netlink: 36 bytes leftover after parsing attributes in process `syz.4.743'.
[  377.955735][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  377.963251][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  435.551698][   T31] INFO: task kworker/1:2:2145 blocked for more than 143 seconds.
[  435.559517][   T31]       Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0
[  435.566929][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  435.575654][   T31] task:kworker/1:2     state:D stack:23112 pid:2145  tgid:2145  ppid:2      task_flags:0x4208060 flags:0x00004000
[  435.587772][   T31] Workqueue: events rfkill_sync_work
[  435.593164][   T31] Call Trace:
[  435.596450][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  435.599409][   T31]  __schedule+0x16f5/0x4d00
[  435.604022][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  435.609417][   T31]  ? schedule+0x165/0x360
[  435.613812][   T31]  ? __pfx___schedule+0x10/0x10
[  435.618698][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.624399][   T31]  ? schedule+0x91/0x360
[  435.628667][   T31]  schedule+0x165/0x360
[  435.632946][   T31]  schedule_preempt_disabled+0x13/0x30
[  435.671498][   T31]  __mutex_lock+0x724/0xe80
[  435.676052][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.719860][   T31]  ? __lock_acquire+0xab9/0xd20
[  435.736204][   T31]  ? __mutex_lock+0x51b/0xe80
[  435.740926][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[  435.746467][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  435.751607][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.757250][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.762790][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.768440][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  435.774388][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  435.780732][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  435.786571][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[  435.791798][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  435.797539][   T31]  rfkill_set_block+0x1d2/0x440
[  435.802477][   T31]  rfkill_sync_work+0x114/0x200
[  435.807344][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  435.813126][   T31]  process_scheduled_works+0xae1/0x17b0
[  435.818748][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  435.824858][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.830533][   T31]  worker_thread+0x8a0/0xda0
[  435.835216][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  435.841620][   T31]  ? __kthread_parkme+0x7b/0x200
[  435.846572][   T31]  kthread+0x711/0x8a0
[  435.850635][   T31]  ? __pfx_worker_thread+0x10/0x10
[  435.855802][   T31]  ? __pfx_kthread+0x10/0x10
[  435.860413][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.866145][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  435.871358][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.877089][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.882393][   T31]  ? __pfx_kthread+0x10/0x10
[  435.886999][   T31]  ret_from_fork+0x3fc/0x770
[  435.891654][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  435.896790][   T31]  ? __switch_to_asm+0x39/0x70
[  435.901630][   T31]  ? __switch_to_asm+0x33/0x70
[  435.906411][   T31]  ? __pfx_kthread+0x10/0x10
[  435.911022][   T31]  ret_from_fork_asm+0x1a/0x30
[  435.915867][   T31]  </TASK>
[  435.919002][   T31] INFO: task kworker/1:4:5895 blocked for more than 143 seconds.
[  435.926813][   T31]       Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0
[  435.934146][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  435.942922][   T31] task:kworker/1:4     state:D stack:24296 pid:5895  tgid:5895  ppid:2      task_flags:0x4208060 flags:0x00004000
[  435.955019][   T31] Workqueue: events rfkill_global_led_trigger_worker
[  435.961790][   T31] Call Trace:
[  435.965077][   T31]  <TASK>
[  435.968034][   T31]  __schedule+0x16f5/0x4d00
[  435.972646][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  435.978037][   T31]  ? schedule+0x165/0x360
[  435.982463][   T31]  ? __pfx___schedule+0x10/0x10
[  435.987344][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  435.993030][   T31]  ? schedule+0x91/0x360
[  435.997391][   T31]  schedule+0x165/0x360
[  436.001593][   T31]  schedule_preempt_disabled+0x13/0x30
[  436.007068][   T31]  __mutex_lock+0x724/0xe80
[  436.011659][   T31]  ? look_up_lock_class+0x74/0x170
[  436.016807][   T31]  ? __mutex_lock+0x51b/0xe80
[  436.021648][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[  436.027935][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  436.033140][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.038781][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.044497][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  436.050322][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[  436.056476][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[  436.062289][   T31]  process_scheduled_works+0xae1/0x17b0
[  436.067992][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  436.074093][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.079757][   T31]  worker_thread+0x8a0/0xda0
[  436.084442][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  436.090817][   T31]  ? __kthread_parkme+0x7b/0x200
[  436.096359][   T31]  kthread+0x711/0x8a0
[  436.100477][   T31]  ? __pfx_worker_thread+0x10/0x10
[  436.106125][   T31]  ? __pfx_kthread+0x10/0x10
[  436.110740][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.116665][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  436.122106][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.127804][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  436.133130][   T31]  ? __pfx_kthread+0x10/0x10
[  436.137746][   T31]  ret_from_fork+0x3fc/0x770
[  436.143295][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  436.148449][   T31]  ? __switch_to_asm+0x39/0x70
[  436.153286][   T31]  ? __switch_to_asm+0x33/0x70
[  436.158061][   T31]  ? __pfx_kthread+0x10/0x10
[  436.162730][   T31]  ret_from_fork_asm+0x1a/0x30
[  436.167566][   T31]  </TASK>
[  436.170628][   T31] INFO: task syz.6.455:7910 blocked for more than 144 seconds.
[  436.178298][   T31]       Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0
[  436.186529][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  436.195430][   T31] task:syz.6.455       state:D stack:25352 pid:7910  tgid:7910  ppid:6353   task_flags:0x400040 flags:0x00004004
[  436.207540][   T31] Call Trace:
[  436.210822][   T31]  <TASK>
[  436.214642][   T31]  __schedule+0x16f5/0x4d00
[  436.219197][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.225033][   T31]  ? schedule+0x165/0x360
[  436.229427][   T31]  ? __lock_acquire+0xab9/0xd20
[  436.234533][   T31]  ? __pfx___schedule+0x10/0x10
[  436.239426][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.245228][   T31]  ? schedule+0x91/0x360
[  436.249523][   T31]  schedule+0x165/0x360
[  436.253906][   T31]  schedule_timeout+0x9a/0x270
[  436.258702][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  436.264231][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.269903][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  436.275437][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.281133][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  436.286411][   T31]  ? wait_for_completion+0x267/0x5d0
[  436.291842][   T31]  wait_for_completion+0x2bf/0x5d0
[  436.296984][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.302816][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  436.308503][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.314618][   T31]  ? __flush_work+0xd2/0xbc0
[  436.319230][   T31]  ? __flush_work+0xd2/0xbc0
[  436.323926][   T31]  __flush_work+0x9b9/0xbc0
[  436.328462][   T31]  ? __flush_work+0xd2/0xbc0
[  436.333172][   T31]  ? __pfx___flush_work+0x10/0x10
[  436.338271][   T31]  ? __pfx_wq_barrier_func+0x10/0x10
[  436.343737][   T31]  ? __pfx___cancel_work+0x10/0x10
[  436.348864][   T31]  ? nfc_genl_device_removed+0x23c/0x330
[  436.354745][   T31]  __cancel_work_sync+0xbe/0x110
[  436.359703][   T31]  rfkill_unregister+0x92/0x220
[  436.364684][   T31]  nfc_unregister_device+0x96/0x2a0
[  436.369920][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  436.375755][   T31]  virtual_ncidev_close+0x56/0x90
[  436.380815][   T31]  __fput+0x44c/0xa70
[  436.384918][   T31]  task_work_run+0x1d4/0x260
[  436.389536][   T31]  ? __pfx_task_work_run+0x10/0x10
[  436.394942][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  436.400450][   T31]  exit_to_user_mode_loop+0xec/0x110
[  436.405935][   T31]  do_syscall_64+0x2bd/0x3b0
[  436.410543][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  436.415861][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.422276][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.427933][   T31]  ? exc_page_fault+0x9f/0xf0
[  436.435198][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.441152][   T31] RIP: 0033:0x7faec0b8e969
[  436.445743][   T31] RSP: 002b:00007ffdb8dab568 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  436.454328][   T31] RAX: 0000000000000000 RBX: 00007faec0db7ba0 RCX: 00007faec0b8e969
[  436.462429][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  436.470434][   T31] RBP: 00007faec0db7ba0 R08: 000000000000016c R09: 00000010b8dab85f
[  436.479559][   T31] R10: 00007faec0db7ac0 R11: 0000000000000246 R12: 0000000000042491
[  436.487595][   T31] R13: 00007faec0db5fa0 R14: ffffffffffffffff R15: 00007ffdb8dab680
[  436.495647][   T31]  </TASK>
[  436.498780][   T31] INFO: task syz.1.508:8123 blocked for more than 144 seconds.
[  436.510754][   T31]       Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0
[  436.518152][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  436.526936][   T31] task:syz.1.508       state:D stack:26584 pid:8123  tgid:8122  ppid:5834   task_flags:0x400140 flags:0x00004004
[  436.539044][   T31] Call Trace:
[  436.542376][   T31]  <TASK>
[  436.545304][   T31]  __schedule+0x16f5/0x4d00
[  436.549823][   T31]  ? schedule+0x165/0x360
[  436.554250][   T31]  ? __pfx___schedule+0x10/0x10
[  436.559141][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.564882][   T31]  ? schedule+0x91/0x360
[  436.569149][   T31]  schedule+0x165/0x360
[  436.573375][   T31]  schedule_preempt_disabled+0x13/0x30
[  436.578874][   T31]  __mutex_lock+0x724/0xe80
[  436.583522][   T31]  ? __mutex_lock+0x51b/0xe80
[  436.588225][   T31]  ? rfkill_register+0x37/0x8e0
[  436.593151][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  436.598222][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.603915][   T31]  ? __init_waitqueue_head+0xa9/0x150
[  436.609313][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.614989][   T31]  ? device_initialize+0x24b/0x440
[  436.620121][   T31]  rfkill_register+0x37/0x8e0
[  436.624844][   T31]  hci_register_dev+0x3f5/0x890
[  436.629853][   T31]  hci_uart_tty_ioctl+0x828/0xa00
[  436.635009][   T31]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  436.640613][   T31]  tty_ioctl+0x9c6/0xde0
[  436.644920][   T31]  ? __pfx_tty_ioctl+0x10/0x10
[  436.649730][   T31]  __se_sys_ioctl+0xfc/0x170
[  436.654380][   T31]  do_syscall_64+0xfa/0x3b0
[  436.658914][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.665125][   T31]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  436.671303][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.677276][   T31] RIP: 0033:0x7f1869f8e969
[  436.681745][   T31] RSP: 002b:00007f186adfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  436.690182][   T31] RAX: ffffffffffffffda RBX: 00007f186a1b5fa0 RCX: 00007f1869f8e969
[  436.698252][   T31] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000007
[  436.706277][   T31] RBP: 00007f186a010ab1 R08: 0000000000000000 R09: 0000000000000000
[  436.714320][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  436.722395][   T31] R13: 0000000000000000 R14: 00007f186a1b5fa0 R15: 00007ffce61210d8
[  436.730429][   T31]  </TASK>
[  436.733540][   T31] INFO: task syz-executor:8179 blocked for more than 144 seconds.
[  436.741447][   T31]       Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0
[  436.748760][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  436.757539][   T31] task:syz-executor    state:D stack:27720 pid:8179  tgid:8179  ppid:1      task_flags:0x400040 flags:0x00004000
[  436.769641][   T31] Call Trace:
[  436.773005][   T31]  <TASK>
[  436.775963][   T31]  __schedule+0x16f5/0x4d00
[  436.780498][   T31]  ? __lock_acquire+0xa11/0xd20
[  436.785428][   T31]  ? schedule+0x165/0x360
[  436.789791][   T31]  ? __pfx___schedule+0x10/0x10
[  436.794717][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.800378][   T31]  ? schedule+0x91/0x360
[  436.804697][   T31]  schedule+0x165/0x360
[  436.808879][   T31]  schedule_preempt_disabled+0x13/0x30
[  436.814451][   T31]  __mutex_lock+0x724/0xe80
[  436.818999][   T31]  ? __mutex_lock+0x51b/0xe80
[  436.823771][   T31]  ? rfkill_register+0x37/0x8e0
[  436.828673][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  436.833836][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.839496][   T31]  ? __raw_spin_lock_init+0x45/0x100
[  436.845015][   T31]  ? __init_waitqueue_head+0xa9/0x150
[  436.850442][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.856142][   T31]  ? device_initialize+0x24b/0x440
[  436.861289][   T31]  rfkill_register+0x37/0x8e0
[  436.866076][   T31]  hci_register_dev+0x3f5/0x890
[  436.870968][   T31]  vhci_create_device+0x39c/0x6e0
[  436.876073][   T31]  vhci_write+0x3ce/0x4a0
[  436.880434][   T31]  vfs_write+0x54b/0xa90
[  436.884769][   T31]  ? __pfx_vhci_write+0x10/0x10
[  436.889654][   T31]  ? __pfx_vfs_write+0x10/0x10
[  436.894498][   T31]  ? count_memcg_event_mm+0x92/0x3b0
[  436.899821][   T31]  ? lock_vma_under_rcu+0xf8/0x710
[  436.905041][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.910697][   T31]  ksys_write+0x145/0x250
[  436.915231][   T31]  ? __pfx_ksys_write+0x10/0x10
[  436.920125][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.925838][   T31]  ? do_syscall_64+0xbe/0x3b0
[  436.930544][   T31]  do_syscall_64+0xfa/0x3b0
[  436.935099][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  436.940318][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.946481][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  436.952190][   T31]  ? exc_page_fault+0x9f/0xf0
[  436.956908][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  436.962871][   T31] RIP: 0033:0x7fe42078d3e0
[  436.967295][   T31] RSP: 002b:00007fff07e313a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  436.975751][   T31] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fe42078d3e0
[  436.983796][   T31] RDX: 0000000000000002 RSI: 00007fff07e313ba RDI: 00000000000000ca
[  436.991847][   T31] RBP: 00007fe4209b6738 R08: 0000000000000000 R09: 00007fe4214ed6c0
[  436.999851][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  437.007881][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  437.015945][   T31]  </TASK>
[  437.019018][   T31] 
[  437.019018][   T31] Showing all locks held in the system:
[  437.026834][   T31] 2 locks held by kworker/u8:0/12:
[  437.032034][   T31] 1 lock held by khungtaskd/31:
[  437.036907][   T31]  #0: ffffffff8e13ccc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  437.046863][   T31] 4 locks held by kworker/1:2/2145:
[  437.052087][   T31]  #0: ffff88801a478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  437.063140][   T31]  #1: ffffc900054c7bc0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  437.075593][   T31]  #2: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[  437.085703][   T31]  #3: ffff888011f4e100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[  437.095479][   T31] 2 locks held by getty/5584:
[  437.100145][   T31]  #0: ffff8880309870a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  437.110003][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  437.120202][   T31] 3 locks held by kworker/1:4/5895:
[  437.125462][   T31]  #0: ffff88801a478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  437.136529][   T31]  #1: ffffc90003257bc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  437.150151][   T31]  #2: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  437.161608][   T31] 5 locks held by kworker/u8:11/6217:
[  437.166997][   T31] 1 lock held by syz.6.455/7910:
[  437.172008][   T31]  #0: ffff888011f4e100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[  437.181894][   T31] 2 locks held by syz.1.508/8123:
[  437.186937][   T31]  #0: ffff8880591300a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  437.196835][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  437.206862][   T31] 2 locks held by syz-executor/8179:
[  437.212199][   T31]  #0: ffff888050aa9118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  437.222340][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  437.232547][   T31] 2 locks held by syz-executor/8315:
[  437.237873][   T31]  #0: ffff88802ae72918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  437.248007][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  437.258071][   T31] 2 locks held by syz-executor/8882:
[  437.263446][   T31]  #0: ffff88807daeb118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  437.273576][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  437.283610][   T31] 2 locks held by syz-executor/8971:
[  437.288905][   T31]  #0: ffff88807db12918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  437.299029][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  437.309114][   T31] 2 locks held by syz.0.735/9036:
[  437.314253][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.322843][   T31]  #1: ffffffff8f7e5408 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[  437.332990][   T31] 1 lock held by syz.3.736/9050:
[  437.337974][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.346514][   T31] 1 lock held by syz.2.737/9060:
[  437.351512][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.360020][   T31] 1 lock held by syz.4.744/9076:
[  437.365005][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.373563][   T31] 1 lock held by syz-executor/9080:
[  437.378754][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.387288][   T31] 1 lock held by syz-executor/9082:
[  437.392598][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.401155][   T31] 1 lock held by syz-executor/9084:
[  437.406432][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.415041][   T31] 1 lock held by syz-executor/9086:
[  437.420266][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.428825][   T31] 1 lock held by syz-executor/9091:
[  437.434065][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.442635][   T31] 1 lock held by syz-executor/9094:
[  437.447840][   T31]  #0: ffffffff8e9bfd88 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[  437.456468][   T31] 
[  437.458830][   T31] =============================================
[  437.458830][   T31] 
[  437.467329][   T31] NMI backtrace for cpu 1
[  437.467347][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  437.467375][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.467391][   T31] Call Trace:
[  437.467399][   T31]  <TASK>
[  437.467410][   T31]  dump_stack_lvl+0x189/0x250
[  437.467451][   T31]  ? __wake_up_klogd+0xd9/0x110
[  437.467476][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.467508][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.467548][   T31]  ? __pfx__printk+0x10/0x10
[  437.467590][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  437.467619][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  437.467640][   T31]  ? _printk+0xcf/0x120
[  437.467672][   T31]  ? __pfx__printk+0x10/0x10
[  437.467701][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  437.467736][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  437.467764][   T31]  watchdog+0xfee/0x1030
[  437.467797][   T31]  ? watchdog+0x1de/0x1030
[  437.467836][   T31]  kthread+0x711/0x8a0
[  437.467867][   T31]  ? __pfx_watchdog+0x10/0x10
[  437.467896][   T31]  ? __pfx_kthread+0x10/0x10
[  437.467919][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.467960][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  437.467989][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.468014][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.468038][   T31]  ? __pfx_kthread+0x10/0x10
[  437.468063][   T31]  ret_from_fork+0x3fc/0x770
[  437.468097][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  437.468132][   T31]  ? __switch_to_asm+0x39/0x70
[  437.468154][   T31]  ? __switch_to_asm+0x33/0x70
[  437.468174][   T31]  ? __pfx_kthread+0x10/0x10
[  437.468198][   T31]  ret_from_fork_asm+0x1a/0x30
[  437.468237][   T31]  </TASK>
[  437.468252][   T31] Sending NMI from CPU 1 to CPUs 0:
[  437.642117][    C0] NMI backtrace for cpu 0
[  437.642136][    C0] CPU: 0 UID: 0 PID: 3471 Comm: kworker/u8:7 Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  437.642162][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.642177][    C0] Workqueue: bat_events batadv_nc_worker
[  437.642215][    C0] RIP: 0010:__lock_acquire+0x6c9/0xd20
[  437.642246][    C0] Code: 08 00 00 00 e8 88 25 00 00 45 31 ff 85 c0 0f 84 f5 05 00 00 83 3d b6 04 09 18 00 75 13 48 63 44 24 20 48 0f a3 05 47 75 05 12 <0f> 83 15 05 00 00 31 ed 48 8b 3c 24 4c 8b bf e0 0a 00 00 48 83 7c
[  437.642266][    C0] RSP: 0018:ffffc9000c2778f0 EFLAGS: 00000047
[  437.642284][    C0] RAX: 0000000000000007 RBX: 0000000000000002 RCX: ffffffff934468e8
[  437.642298][    C0] RDX: 0000000000000008 RSI: ffff888030ee2940 RDI: ffff888030ee1e00
[  437.642314][    C0] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8b315602
[  437.642328][    C0] R10: dffffc0000000000 R11: ffffffff8b315530 R12: 00000000ffffff05
[  437.642344][    C0] R13: 0000000000000001 R14: ffff888030ee2940 R15: 0000000000000000
[  437.642361][    C0] FS:  0000000000000000(0000) GS:ffff888125c66000(0000) knlGS:0000000000000000
[  437.642379][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  437.642395][    C0] CR2: 0000555b7fb9a000 CR3: 000000000df36000 CR4: 0000000000350ef0
[  437.642412][    C0] Call Trace:
[  437.642420][    C0]  <TASK>
[  437.642433][    C0]  ? batadv_nc_worker+0xd2/0x610
[  437.642455][    C0]  lock_acquire+0x120/0x360
[  437.642481][    C0]  ? batadv_nc_worker+0xd2/0x610
[  437.642507][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.642535][    C0]  ? batadv_nc_worker+0xd2/0x610
[  437.642557][    C0]  ? batadv_nc_worker+0xd2/0x610
[  437.642580][    C0]  batadv_nc_worker+0xef/0x610
[  437.642602][    C0]  ? batadv_nc_worker+0xd2/0x610
[  437.642625][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  437.642659][    C0]  process_scheduled_works+0xae1/0x17b0
[  437.642707][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  437.642744][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.642774][    C0]  worker_thread+0x8a0/0xda0
[  437.642808][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  437.642839][    C0]  ? __kthread_parkme+0x7b/0x200
[  437.642879][    C0]  kthread+0x711/0x8a0
[  437.642903][    C0]  ? __pfx_worker_thread+0x10/0x10
[  437.642935][    C0]  ? __pfx_kthread+0x10/0x10
[  437.642955][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.642983][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  437.643006][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.643030][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  437.643056][    C0]  ? __pfx_kthread+0x10/0x10
[  437.643079][    C0]  ret_from_fork+0x3fc/0x770
[  437.643110][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  437.643143][    C0]  ? __switch_to_asm+0x39/0x70
[  437.643166][    C0]  ? __switch_to_asm+0x33/0x70
[  437.643187][    C0]  ? __pfx_kthread+0x10/0x10
[  437.643215][    C0]  ret_from_fork_asm+0x1a/0x30
[  437.643247][    C0]  </TASK>
[  437.644511][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  437.932595][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-syzkaller-07774-g90b83efa6701 #0 PREEMPT(full) 
[  437.944063][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.954210][   T31] Call Trace:
[  437.957484][   T31]  <TASK>
[  437.960411][   T31]  dump_stack_lvl+0x99/0x250
[  437.965023][   T31]  ? __asan_memcpy+0x40/0x70
[  437.969617][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  437.974830][   T31]  ? __pfx__printk+0x10/0x10
[  437.979457][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.985096][   T31]  panic+0x2db/0x790
[  437.989003][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  437.994643][   T31]  ? __pfx_panic+0x10/0x10
[  437.999068][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  438.004701][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  438.010528][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  438.016164][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  438.021544][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  438.027726][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  438.033366][   T31]  watchdog+0x102d/0x1030
[  438.037707][   T31]  ? watchdog+0x1de/0x1030
[  438.042139][   T31]  kthread+0x711/0x8a0
[  438.046214][   T31]  ? __pfx_watchdog+0x10/0x10
[  438.050895][   T31]  ? __pfx_kthread+0x10/0x10
[  438.055484][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  438.061126][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  438.066344][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  438.071982][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  438.077182][   T31]  ? __pfx_kthread+0x10/0x10
[  438.081778][   T31]  ret_from_fork+0x3fc/0x770
[  438.086382][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  438.091509][   T31]  ? __switch_to_asm+0x39/0x70
[  438.096274][   T31]  ? __switch_to_asm+0x33/0x70
[  438.101048][   T31]  ? __pfx_kthread+0x10/0x10
[  438.105648][   T31]  ret_from_fork_asm+0x1a/0x30
[  438.110430][   T31]  </TASK>
[  438.113666][   T31] Kernel Offset: disabled
[  438.117987][   T31] Rebooting in 86400 seconds..