last executing test programs:

4m13.16374768s ago: executing program 4 (id=527):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r3 = open(0x0, 0x40a80, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16e024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000067cf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b9242754b1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b466bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe60900bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c000000000000c1eaf0f34cb05ab03943510000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee7417ef02684d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca03bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca601008d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480c4ac6be1093ee5789f44b13e22b7ec0bede71caa71702a8bd83f31dcea1579ea730fd55098cade134d39652c42279c451edbb4eaae1e094ec599eeb275760e36fdd52ea3eece13af08227ba090dc3333749f3d580157f8b06efb793db962c9ff49c6c75a9524cef6b912"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r4, 0xe0, &(0x7f0000000480)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x48, 0x0, 0x0, 0x0, 0xffffffffffffff37, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r6, &(0x7f0000000080)='cgroup.max.descendants\x00', 0x2, 0x0)
r7 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r5}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r7, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x940e, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$MRT_DEL_VIF(r3, 0x0, 0xcb, &(0x7f0000000400)={0x1, 0x0, 0x8, 0x3, @vifc_lcl_ifindex=r8, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x45}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r9, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r9, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000540)='highspeed\x00', 0xa)
sendto$inet(r9, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r9, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

4m11.128473596s ago: executing program 4 (id=530):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x2a, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
socket$pppoe(0x18, 0x1, 0x0)
connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
sendmmsg(r4, &(0x7f00000092c0), 0x4ff, 0x0)

4m7.123417598s ago: executing program 0 (id=540):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x9d, 0xea, 0x78, 0x40, 0x18b4, 0xfffb, 0xdc7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0xa0, 0x1f, 0x71}}]}}]}}, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0))
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
ioctl(r3, 0x5, &(0x7f0000000580)="19ff7964159abeec3ffcb7665eb4119d0e157937f7495af4ba5915ea92e015a07c65db624b191b8d17e7aadeaa02b108fc71fdb555da93a694452d2c0bd88e6e3b48fe2f25b899b0a53e24ac92f9ff037877e23a17dca1e55e4f2ac56d79930ebc21c813e892158c1ca2413f080763faf05b79b9569cc1f56d538cc7bebe555e4a0aaab03dc79c770fd08383d03adb11bd425fa643fc24e0cb3bd2a0544dd313e20d00c54323bd620fed201aa7339cba60d927fc462e877a880a06ec61100cdbc23349042c10cb9846ffc5ab3d723c014958fb3d150e9a2dfc496d8e1681438512aef6d0f961ecf74664c2a15a360151c42c8a5ba3161978401d5b")
r4 = dup(r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r5}], 0x1, 0x0, 0x0, 0x0)
r6 = syz_open_pts(r5, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x11)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r8}, 0x10)
ioctl$TCSETSW2(r7, 0x5437, 0x0)
r9 = fcntl$dupfd(r1, 0x0, r2)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f0000000080)={0x0, r4})

4m4.557851137s ago: executing program 4 (id=545):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x9d, 0xea, 0x78, 0x40, 0x18b4, 0xfffb, 0xdc7b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0xa0, 0x1f, 0x71}}]}}]}}, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000007c0))
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
ioctl(r3, 0x5, &(0x7f0000000580)="19ff7964159abeec3ffcb7665eb4119d0e157937f7495af4ba5915ea92e015a07c65db624b191b8d17e7aadeaa02b108fc71fdb555da93a694452d2c0bd88e6e3b48fe2f25b899b0a53e24ac92f9ff037877e23a17dca1e55e4f2ac56d79930ebc21c813e892158c1ca2413f080763faf05b79b9569cc1f56d538cc7bebe555e4a0aaab03dc79c770fd08383d03adb11bd425fa643fc24e0cb3bd2a0544dd313e20d00c54323bd620fed201aa7339cba60d927fc462e877a880a06ec61100cdbc23349042c10cb9846ffc5ab3d723c014958fb3d150e9a2dfc496d8e1681438512aef6d0f961ecf74664c2a15a360151c42c8a5ba316197840")
r4 = dup(r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r5, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r5}], 0x1, 0x0, 0x0, 0x0)
r6 = syz_open_pts(r5, 0x0)
r7 = dup3(r6, r5, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x11)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r8}, 0x10)
ioctl$TCSETSW2(r7, 0x5437, 0x0)
r9 = fcntl$dupfd(r1, 0x0, r2)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f0000000080)={0x0, r4})

4m3.823583793s ago: executing program 0 (id=546):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8541)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522)
ioctl$USBDEVFS_BULK(r0, 0x5523, 0x0)
syz_open_dev$usbfs(&(0x7f0000000140), 0x76, 0x101301)
close(0x3)

4m3.526674277s ago: executing program 0 (id=548):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1)
ioctl$TCSETS(r1, 0x8926, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "bb5dee00"})
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
readv(r4, 0x0, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r5, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r5, 0x4004743b, 0x20004002)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x7a)
connect$inet6(r6, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast1, 0x7}, 0x1c)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open$dir(&(0x7f0000000280)='./file0\x00', 0x80542, 0x304)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=000000000000000001000\t\x00\x00\x00ser_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00'])
socket$inet6_mptcp(0xa, 0x1, 0x106)

4m2.098136778s ago: executing program 0 (id=551):
r0 = socket$kcm(0x11, 0xa, 0x300)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$PIO_UNIMAP(0xffffffffffffffff, 0x4b67, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f0000000040)={0xf, 0x8, 0xfa00, {r5, 0x13}}, 0x10)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_RESET_DIRTY_RINGS(r7, 0xaec7)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001280)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff030f6044238cb89e14f088a8", 0x0, 0xfe, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x1f4, 0xd50, 0x1000000, &(0x7f0000000100)="ff412f66b0833efc8864968781", 0x0, 0x300, 0x300, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe, 0x2}, 0x50)
r9 = io_uring_setup(0x410f, &(0x7f0000000200)={0x0, 0x8acf, 0x800, 0x1, 0x179})
io_uring_register$IORING_REGISTER_BUFFERS2(r9, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4082, 0xff2}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r9, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_setup(0x80000000, &(0x7f0000000180))
syz_open_procfs(0x0, &(0x7f0000001340)='net/raw6\x00')
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000015c0)={0x8, 0x3, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000021c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r10, 0xffffffffffffffff, 0x0, 0x0, @void}, 0x10)

4m1.811256622s ago: executing program 4 (id=553):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWRULE={0xc4, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_RULE_EXPRESSIONS={0x94, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_FLAGS={0x8}]}}}, {0x40, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @val={0x34, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1b}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x12}]}}}, {0x14, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @connlimit={{0xe}, @void}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xec}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000940)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000200)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b041e7dff102c6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a0120d1b4e671487a7b018d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69ecce", 0xe8}, {&(0x7f0000000100)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435ae156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd58c572f714f6852063afc8358fb33ccb8a90500b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d980ddfa9098d327d9559e82fceb2b1b1ca4b45c9e22b2de", 0xe3}, {&(0x7f0000000380)="c58cf2a0f0f863621a483b19e7ecfce0d34e53fbf2959272146847c314ac0cdfd79dc1815274c3ee57068b3793c243bc98585fab48eb353478689f452328afb023f75f93227bbe5a4aa3fea049ec0862c493e14eb44aacf27f9060bc2c826383c904750402dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e6", 0x87}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125971357630b6f3eb4fb4064c42c2b2519a1c77824df6f0653fb116149fcb5c7e46fce32b1de7f511951d4b1ae47781250afdb11680684c1d2854810a90dbe10016823346663fdf1df6200a0dc3cafe8ec225fda47", 0xff}, {&(0x7f0000000800)="3a0846cacd7448e2015cc9a09c5f5608265e1e0fe02aa9077d7ddd960ba112fe1c64f57cba71e7ad8bbdc06a3299398e39498fc459bc1745e3d21a7ca987a4f4b774fe331d20dab2e846a721ff43b0491dc4cb32e16330e0d7d520f4887da0d6f356f8ef230b9b2374095ca6f14a6d13e03375c7029e28592c419bfb8957ac024ba8dc90ab15427410b870f3035ff95146d6e29f9b56ac096281d2f2b249f20c9fdc3239f838acc6b3433571d3043d", 0xaf}, {&(0x7f0000000500)="8700144add194dc92e62bfdc1de91e98227f67410fae0aa2958eeb11856055f582d7ed3b9ca5bf48d2e97becf8673e1532a8", 0x32}, {&(0x7f00000008c0)="6aa7e221ef79afca996dde651fad6b8f1085c4567b3af29b90b3221f98f93ce7f8d32156d842e64f2dd8e9b969c22d076b5dbfb714449b009ff42ec0e2a2c1785d5129", 0x43}, {&(0x7f0000000dc0)="e94b02666c07", 0x6}], 0x9, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x2f}, @loopback}}}], 0x20}, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x100)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0xc4c85513, &(0x7f0000000040)={0xc})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000001640)=ANY=[@ANYBLOB='%'], 0x10}], 0x1, 0x0, 0x0, 0x4000000}, 0x14008000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r5, &(0x7f0000000700)={&(0x7f0000000000)={0xa, 0x4e22, 0xffffffff, @loopback, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="14c8c12f5e000000000001000000001400000000000000290000000b000000ffffffff00"/48], 0x30}, 0x8)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

4m0.763591148s ago: executing program 4 (id=555):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(0x0, 0xfff, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000940)=""/4096)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

3m59.79251631s ago: executing program 0 (id=559):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xa0bf83d7d46f2cbb})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f00000000c0)={0x800080, 0x0, 0x0, 0x0, 0xa965, 0x2})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="018105000000110000002100000009001f007068793302"], 0x20}}, 0x0)
r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="02002dbd7000fbdbdf25040000000500010000000000140002002001000000000000000000000000000008000500ac1e000108000500ac1414bb08000400e000000114000200ff01000000000000000000000000000108000500ac1414aa0500010001000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0x541b, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r8=>0x0})
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r9, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r9, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r9, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r9, &(0x7f00000001c0)={0x2c, 0x0, r8}, 0x10)
bind$xdp(r6, &(0x7f0000000200)={0x2c, 0x1, r8, 0x0, r9}, 0x10)
recvmsg$qrtr(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x1c, 0x0)
preadv(r5, &(0x7f0000000300)=[{&(0x7f0000000240)=""/100, 0x64}, {&(0x7f00000002c0)=""/2, 0x2}], 0x2, 0x7, 0xb)
close_range(r5, 0xffffffffffffffff, 0x0)

3m59.099732068s ago: executing program 0 (id=560):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x268, 0xffffffff, 0xffffffff, 0x268, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast1, @local, [], [], 'gretap0\x00', 'nr0\x00'}, 0x0, 0xa8, 0xf0, 0x60030000, {0x0, 0xff000000}}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'macvlan1\x00'}}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0xffffffff, 0xfffffe00}}, @common=@hbh={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x6, 0x7fffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

3m58.073274342s ago: executing program 4 (id=563):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x0, 0x0, 0x3010})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0, 0x0, <r2=>0xffffffffffffffff})
close_range(r2, r0, 0x0)
r3 = syz_io_uring_setup(0x10c, &(0x7f0000000140), &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)
lchown(&(0x7f0000000000)='./file0/bus\x00', 0xee00, 0x0)
r6 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0xa, 0x0, @fd_index=0x2})
r7 = socket$caif_seqpacket(0x25, 0x5, 0x5)
setsockopt$CAIFSO_REQ_PARAM(r7, 0x116, 0x80, &(0x7f0000000340)="4cd1def191d390565d5d6f5ab7091d41d9c3", 0x12)
setsockopt$inet_dccp_int(r2, 0x21, 0x10, &(0x7f0000000280)=0xfffffff8, 0x4)
bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
sendmsg$SMC_PNETID_FLUSH(r6, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000498cdaab9b869454ae3eeb482962dbd7000fcdbdf25040000000900010073797a3200000000140002007866726d300000000000000000000000050004000200000005000400020000000900030073797a31000000001400020064756d6d7930000000000000000000000500040002000000"], 0x6c}, 0x1, 0x0, 0x0, 0x94}, 0x200440c0)

3m43.880972585s ago: executing program 32 (id=560):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
socket$netlink(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x338, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x268, 0xffffffff, 0xffffffff, 0x268, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@mcast1, @local, [], [], 'gretap0\x00', 'nr0\x00'}, 0x0, 0xa8, 0xf0, 0x60030000, {0x0, 0xff000000}}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@loopback, 'macvlan1\x00'}}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0xffffffff, 0xfffffe00}}, @common=@hbh={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x6, 0x7fffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

3m43.000025922s ago: executing program 33 (id=563):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000000)={0x0, 0x0, 0x3010})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, &(0x7f0000000040)={0x0, 0x0, <r2=>0xffffffffffffffff})
close_range(r2, r0, 0x0)
r3 = syz_io_uring_setup(0x10c, &(0x7f0000000140), &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0/bus\x00', 0x6210, 0x0)
lchown(&(0x7f0000000000)='./file0/bus\x00', 0xee00, 0x0)
r6 = creat(&(0x7f0000000040)='./file0/bus\x00', 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FSYNC={0x3, 0xa, 0x0, @fd_index=0x2})
r7 = socket$caif_seqpacket(0x25, 0x5, 0x5)
setsockopt$CAIFSO_REQ_PARAM(r7, 0x116, 0x80, &(0x7f0000000340)="4cd1def191d390565d5d6f5ab7091d41d9c3", 0x12)
setsockopt$inet_dccp_int(r2, 0x21, 0x10, &(0x7f0000000280)=0xfffffff8, 0x4)
bind$alg(r0, &(0x7f0000000540)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
sendmsg$SMC_PNETID_FLUSH(r6, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000498cdaab9b869454ae3eeb482962dbd7000fcdbdf25040000000900010073797a3200000000140002007866726d300000000000000000000000050004000200000005000400020000000900030073797a31000000001400020064756d6d7930000000000000000000000500040002000000"], 0x6c}, 0x1, 0x0, 0x0, 0x94}, 0x200440c0)

6.373743401s ago: executing program 1 (id=1533):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000040))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, 0x0)
r1 = dup2(r0, r0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000180)=0x5)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
read$FUSE(r1, &(0x7f0000002180)={0x2020}, 0x2020)

6.163404526s ago: executing program 1 (id=1538):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xfed7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r3)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x34, r4, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x34}}, 0x0)

6.160061241s ago: executing program 2 (id=1539):
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)

6.140795989s ago: executing program 5 (id=1540):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff)
r1 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r1, 0xab00, 0xffffffffffffffff)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)

5.947863032s ago: executing program 5 (id=1541):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000340)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x1000, 0x2})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
write$UHID_INPUT(r4, &(0x7f00000009c0)={0xf, {"a2e3ad214fc752f90b5e09094bf70e0dd038e7ff7fc6e5539b1b48078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d075d0736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e2c5070000179c6f30e065cd5b91cd0ae17d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3bb469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918070000003f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860421c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2f09000000000000007747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847354b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042ffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9d1a3d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdfa1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442748af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500", 0x1009}}, 0x1006)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071113a0000000000851000000202000000000000050000009500b300000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getdents(0xffffffffffffffff, &(0x7f0000000380)=""/65, 0xada54abf39c771d5)
socket$unix(0x1, 0x5, 0x0)

5.947676171s ago: executing program 2 (id=1542):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='veno\x00', 0x5)
connect$inet(r0, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x2000000000000}, 0x700)

4.527860461s ago: executing program 2 (id=1545):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x30, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)

4.38567648s ago: executing program 5 (id=1546):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=@newqdisc={0x24, 0x11, 0x1, 0x0, 0x0, {0x10, 0x0, 0x4c}}, 0x24}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.385314368s ago: executing program 1 (id=1547):
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000340)={0xff02, 0x2, 0x0, 0xd, 0xd, "5f730000a9003f00"})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write(r1, &(0x7f0000000300)='(', 0x1)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x86, 0xc95a, 0x3, 0x3, 0x80, 0x2, 0x1, 0x7f, 0x5, 0x4d, 0xfffffff2, 0x2, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x3, 0x24, 0xffffffff, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x3, 0x5, 0x3c, 0x8f, 0x5, 0x6, 0x3, 0x5, 0x8, 0x3, 0x0, 0x80, 0x0, 0x5, 0xfffffff7, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf6, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x9, 0x2f, 0xe, 0x101, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x800009, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0xffff, 0x9, 0x5f31, 0x0, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x2, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0xb, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x6, 0x7fff, 0x0, 0x6, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1f0, 0x5, 0x8, 0x86, 0x8, 0x10000009, 0x3e7, 0x2, 0x2, 0x202, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x25, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x7, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x1, 0x1, 0x5, 0x1, 0x5, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x5, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x2, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x7, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x805, 0x8, 0xc8, 0xca2, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x80000009, 0x1, 0x6c1b, 0x0, 0x4, 0x8, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1f, 0x1}}, 0x3c)

4.331031186s ago: executing program 2 (id=1549):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x98}}, 0x0)

4.220839921s ago: executing program 1 (id=1550):
mknod(0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50}, 0xffd3)
read$FUSE(r0, &(0x7f0000001980)={0x2020}, 0x2020)

4.099446992s ago: executing program 2 (id=1552):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000500), 0xffffffffffffffff)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000300))
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000580001800d0001007564703a73797a300000000044000400200001000a000000000000000000000000000000000000000000000100000000200002000a00000000000000000000000000000000000001"], 0x6c}}, 0x0)

3.87570979s ago: executing program 1 (id=1553):
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

3.401579052s ago: executing program 1 (id=1554):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r4, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000180)={0x1c, r3, 0x100, 0x70bd25, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40040d4}, 0x800)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB='IS\x00\x00\x00\x00\x00\x00\x00\x00g\x00\x00\x00', @ANYBLOB="fb491a227ee6e529f221760a54e07f403af6f512561ec4f7c8"], 0x30}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f0000000400)={'filter\x00', 0x104, 0x4, 0x3a0, 0x1d0, 0x1d0, 0x2b8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0xe8}, @unspec=@MARK={0x28}}, {{@arp={@empty, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'lo\x00'}, 0xc0, 0xe8, 0x0, {0xb000000}}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x2}}, {{@arp={@rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {@mac=@multicast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'xfrm0\x00', 'ipvlan1\x00'}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0)
socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)

3.374395118s ago: executing program 3 (id=1555):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
write$rfkill(r0, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x1}, 0x8)

3.301804972s ago: executing program 3 (id=1556):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000340)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x1000, 0x2})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r4 = dup(0xffffffffffffffff)
write$UHID_INPUT(r4, &(0x7f00000009c0)={0xf, {"a2e3ad214fc752f90b5e09094bf70e0dd038e7ff7fc6e5539b1b48078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d075d0736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e2c5070000179c6f30e065cd5b91cd0ae17d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3bb469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918070000003f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860421c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2f09000000000000007747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847354b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042ffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9d1a3d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdfa1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442748af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500", 0x1009}}, 0x1006)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071113a0000000000851000000202000000000000050000009500b300000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getdents(0xffffffffffffffff, &(0x7f0000000380)=""/65, 0xada54abf39c771d5)
socket$unix(0x1, 0x5, 0x0)

3.205299059s ago: executing program 6 (id=1557):
socket$alg(0x26, 0x5, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b00000000009500"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$igmp6(0xa, 0x3, 0x2)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x0, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)

2.235819121s ago: executing program 2 (id=1558):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xffffffff, 0x0, 0x4, 0x81, 0xfffffffffffffffe, 0x3, 0x9}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x1000000000000000}, 0x0)
munmap(&(0x7f00001a2000/0x1000)=nil, 0x1000)

2.235596518s ago: executing program 5 (id=1559):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x30, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEYS={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)

2.199994278s ago: executing program 3 (id=1560):
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000000)={0xf0f05a, 0x0, @value})

2.084016157s ago: executing program 3 (id=1561):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000000)={'wpan1\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r3)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)={0x34, r5, 0x1, 0x0, 0x0, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_SHORT_ADDR={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r4}]}, 0x34}}, 0x0)

2.023671911s ago: executing program 6 (id=1562):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x98}}, 0x0)

2.006789648s ago: executing program 5 (id=1563):
mknod(0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r1, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r1, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50}, 0xffd3)
read$FUSE(r0, &(0x7f0000001980)={0x2020}, 0x2020)

1.823525918s ago: executing program 6 (id=1564):
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

1.005708701s ago: executing program 3 (id=1565):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket(0x1, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_open_procfs(0x0, &(0x7f0000000300)='fd\x00')
getdents(r3, &(0x7f0000000380)=""/65, 0xada54abf39c771d5)

943.784053ms ago: executing program 6 (id=1566):
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000340)={0xff02, 0x2, 0x0, 0xd, 0xd, "5f730000a9003f00"})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
write(r1, &(0x7f0000000300)='(', 0x1)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x86, 0xc95a, 0x3, 0x3, 0x80, 0x2, 0x1, 0x7f, 0x5, 0x4d, 0xfffffff2, 0x2, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x3, 0x24, 0xffffffff, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x3, 0x5, 0x3c, 0x8f, 0x5, 0x6, 0x3, 0x5, 0x8, 0x3, 0x0, 0x80, 0x0, 0x5, 0xfffffff7, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf6, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x9, 0x2f, 0xe, 0x101, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x800009, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0xffff, 0x9, 0x5f31, 0x0, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x2, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0xb, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x6, 0x7fff, 0x0, 0x6, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1f0, 0x5, 0x8, 0x86, 0x8, 0x10000009, 0x3e7, 0x2, 0x2, 0x202, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x25, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x7, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x1, 0x1, 0x5, 0x1, 0x5, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x5, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x2, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x7, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x805, 0x8, 0xc8, 0xca2, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x80000009, 0x1, 0x6c1b, 0x0, 0x4, 0x8, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1f, 0x1}}, 0x3c)

943.579531ms ago: executing program 5 (id=1567):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(0x0, 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1000001000104)
ioctl$NBD_SET_SOCK(r2, 0xab00, r1)
ioctl$NBD_DO_IT(r0, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

895.694915ms ago: executing program 6 (id=1568):
mremap(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)

835.29966ms ago: executing program 6 (id=1569):
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa2c"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 3 (id=1570):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x1, @empty, 0x6}, 0x1c)
listen(r0, 0xfff)
syz_emit_ethernet(0x4e, &(0x7f0000006340)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, {[@sack_perm={0x4, 0x2}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

nterface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.232538][ T5881] usb 3-1: New USB device found, idVendor=044e, idProduct=120c, bcdDevice= 0.00
[  173.253802][ T5881] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.275666][ T5881] usb 3-1: config 0 descriptor??
[  173.334133][ T5955] usb 2-1: device descriptor read/64, error -71
[  173.594506][ T5955] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  174.661835][ T5881] hid-alps 0003:044E:120C.0003: hidraw0: USB HID v0.00 Device [HID 044e:120c] on usb-dummy_hcd.2-1/input0
[  174.774050][ T5955] usb 2-1: device descriptor read/64, error -71
[  174.949353][ T5955] usb usb2-port1: attempt power cycle
[  174.981966][ T5913] gspca_sq930x: ucbus_write failed -71
[  174.987772][ T5913] sq930x 4-1:0.0: probe with driver sq930x failed with error -71
[  175.007867][ T5913] usb 4-1: USB disconnect, device number 13
[  175.127669][  T971] usb 3-1: USB disconnect, device number 8
[  175.346764][ T5955] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  175.379912][ T5955] usb 2-1: device descriptor read/8, error -71
[  175.624000][ T5955] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  175.707432][  T971] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  175.746470][ T5955] usb 2-1: device descriptor read/8, error -71
[  176.566789][ T5955] usb usb2-port1: unable to enumerate USB device
[  176.903203][  T971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.965700][  T971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.030919][  T971] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  177.047652][  T971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.093556][  T971] usb 5-1: config 0 descriptor??
[  177.154500][ T7236] netlink: 'syz.3.356': attribute type 39 has an invalid length.
[  177.162275][ T7236] netlink: 8 bytes leftover after parsing attributes in process `syz.3.356'.
[  177.724907][ T7236] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.737200][ T7236] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.881500][ T7237] overlay: ./file0 is not a directory
[  179.014431][  T971] usbhid 5-1:0.0: can't add hid device: -71
[  179.020462][  T971] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  179.059576][  T971] usb 5-1: USB disconnect, device number 8
[  179.117395][   T29] audit: type=1326 audit(1730272952.755:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7255 comm="syz.2.360" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c02d7e719 code=0x0
[  179.294051][    T8] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  179.374301][ T5955] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  180.183999][    T8] usb 4-1: Using ep0 maxpacket: 8
[  180.194836][    T8] usb 4-1: no configurations
[  180.199466][    T8] usb 4-1: can't read configurations, error -22
[  180.244150][ T5955] usb 1-1: Using ep0 maxpacket: 32
[  180.250978][ T5955] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  180.261034][ T5955] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.271568][ T5955] usb 1-1: config 0 descriptor??
[  180.334100][    T8] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  180.437421][ T5955] gspca_main: sq930x-2.14.0 probing 041e:403c
[  181.254073][    T8] usb 4-1: Using ep0 maxpacket: 8
[  181.260055][    T8] usb 4-1: no configurations
[  181.264825][    T8] usb 4-1: can't read configurations, error -22
[  181.271849][    T8] usb usb4-port1: attempt power cycle
[  181.614533][    T8] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  181.644811][    T8] usb 4-1: Using ep0 maxpacket: 8
[  181.650772][    T8] usb 4-1: no configurations
[  181.656316][    T8] usb 4-1: can't read configurations, error -22
[  181.795322][ T5955] gspca_sq930x: ucbus_write failed -71
[  181.801244][ T5955] sq930x 1-1:0.0: probe with driver sq930x failed with error -71
[  181.824020][    T8] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  181.832028][ T5955] usb 1-1: USB disconnect, device number 7
[  181.864504][    T8] usb 4-1: Using ep0 maxpacket: 8
[  181.870483][    T8] usb 4-1: no configurations
[  181.875362][    T8] usb 4-1: can't read configurations, error -22
[  181.881935][    T8] usb usb4-port1: unable to enumerate USB device
[  182.952194][ T7284] xt_limit: Overflow, try lower: 4294967295/4294966784
[  183.465311][   T29] audit: type=1326 audit(1730272957.105:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7299 comm="syz.2.373" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c02d7e719 code=0x0
[  183.542515][ T7298] ptrace attach of ""[7302] was attempted by "./syz-executor exec"[7298]
[  183.902641][ T7312] xt_limit: Overflow, try lower: 4294967295/4294966784
[  184.930954][ T7317] ./bus: Can't lookup blockdev
[  186.576696][ T7328] FAULT_INJECTION: forcing a failure.
[  186.576696][ T7328] name failslab, interval 1, probability 0, space 0, times 0
[  186.635683][ T7328] CPU: 1 UID: 0 PID: 7328 Comm: syz.2.380 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  186.646321][ T7328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  186.656401][ T7328] Call Trace:
[  186.659673][ T7328]  <TASK>
[  186.662589][ T7328]  dump_stack_lvl+0x241/0x360
[  186.667260][ T7328]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.672447][ T7328]  ? __pfx__printk+0x10/0x10
[  186.677028][ T7328]  ? fs_reclaim_acquire+0x93/0x130
[  186.682130][ T7328]  ? __pfx___might_resched+0x10/0x10
[  186.687410][ T7328]  should_fail_ex+0x3b0/0x4e0
[  186.692086][ T7328]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  186.697809][ T7328]  should_failslab+0xac/0x100
[  186.702633][ T7328]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  186.708363][ T7328]  __kmalloc_noprof+0xd8/0x400
[  186.713129][ T7328]  tomoyo_realpath_from_path+0xcf/0x5e0
[  186.718674][ T7328]  tomoyo_path_number_perm+0x23a/0x880
[  186.724300][ T7328]  ? rcu_read_lock_any_held+0xb7/0x160
[  186.729763][ T7328]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  186.735669][ T7328]  ? tomoyo_path_number_perm+0x208/0x880
[  186.741665][ T7328]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  186.747655][ T7328]  ? sb_end_write+0xe9/0x1c0
[  186.752240][ T7328]  ? vfs_write+0x730/0xd30
[  186.756672][ T7328]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  186.762647][ T7328]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  186.768964][ T7328]  security_file_ioctl+0xc6/0x2a0
[  186.773997][ T7328]  __se_sys_ioctl+0x47/0x170
[  186.778585][ T7328]  do_syscall_64+0xf3/0x230
[  186.783075][ T7328]  ? clear_bhb_loop+0x35/0x90
[  186.787746][ T7328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.793626][ T7328] RIP: 0033:0x7f4c02d7e719
[  186.798025][ T7328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.817636][ T7328] RSP: 002b:00007f4c03b10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.826038][ T7328] RAX: ffffffffffffffda RBX: 00007f4c02f35f80 RCX: 00007f4c02d7e719
[  186.833997][ T7328] RDX: 0000000020000100 RSI: 00000000c0505405 RDI: 000000000000000a
[  186.841953][ T7328] RBP: 00007f4c03b10090 R08: 0000000000000000 R09: 0000000000000000
[  186.849909][ T7328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.857871][ T7328] R13: 0000000000000000 R14: 00007f4c02f35f80 R15: 00007ffeccbbcd38
[  186.865838][ T7328]  </TASK>
[  187.185554][ T7328] ERROR: Out of memory at tomoyo_realpath_from_path.
[  190.627911][ T7377] xt_limit: Overflow, try lower: 4294967295/4294966784
[  191.468889][ T7386] xt_limit: Overflow, try lower: 4294967295/4294966784
[  191.556128][ T7386] overlayfs: workdir and upperdir must reside under the same mount
[  192.555758][   T25] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  192.755348][   T25] usb 3-1: Using ep0 maxpacket: 32
[  193.463176][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  193.481403][   T25] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  193.491445][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.499993][   T25] usb 3-1: Product: syz
[  193.506011][   T25] usb 3-1: Manufacturer: syz
[  193.510836][   T25] usb 3-1: SerialNumber: syz
[  193.523442][   T25] usb 3-1: config 0 descriptor??
[  193.542054][ T7389] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  193.576642][   T25] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  194.479631][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.488133][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  194.640912][ T6171] usb 3-1: Failed to submit usb control message: -110
[  194.677201][ T6171] usb 3-1: unable to send the bmi data to the device: -110
[  194.794655][ T6171] usb 3-1: unable to get target info from device
[  195.433397][ T5840] Bluetooth: hci4: unexpected event for opcode 0x040d
[  195.449168][ T6171] usb 3-1: could not get target info (-110)
[  195.471105][ T6171] usb 3-1: could not probe fw (-110)
[  195.845550][ T5955] usb 3-1: USB disconnect, device number 9
[  195.989315][ T7425] xt_hashlimit: max too large, truncated to 1048576
[  198.335473][ T7453] netlink: 48 bytes leftover after parsing attributes in process `syz.2.409'.
[  198.692848][ T7455] netlink: 12 bytes leftover after parsing attributes in process `syz.4.411'.
[  199.279518][ T7474] batadv0: entered promiscuous mode
[  199.354432][   T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  199.368950][ T7474] bridge0: entered promiscuous mode
[  199.501387][ T7476] kvm: pic: non byte write
[  199.535647][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  199.547873][   T25] usb 5-1: config 0 has no interface number 0
[  199.567498][   T25] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  199.581210][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.608463][   T25] usb 5-1: Product: syz
[  199.629644][   T25] usb 5-1: Manufacturer: syz
[  199.653980][   T25] usb 5-1: SerialNumber: syz
[  199.670694][   T25] usb 5-1: config 0 descriptor??
[  200.007858][ T7486] can0: slcan on pts0.
[  200.075198][ T7486] can0 (unregistered): slcan off pts0.
[  200.104647][   T25] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  200.138447][   T25] usb 5-1: USB disconnect, device number 9
[  201.674295][    T8] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  202.076227][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.086363][    T8] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00b, bcdDevice= 0.00
[  202.134569][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.172968][    T8] usb 1-1: config 0 descriptor??
[  202.559549][ T7541] x_tables: unsorted entry at hook 1
[  202.695159][    T8] aquacomputer_d5next 0003:0C70:F00B.0004: hidraw0: USB HID v0.00 Device [HID 0c70:f00b] on usb-dummy_hcd.0-1/input0
[  202.882099][ T7513] netlink: 8 bytes leftover after parsing attributes in process `syz.0.427'.
[  202.894122][ T7513] netlink: 'syz.0.427': attribute type 1 has an invalid length.
[  202.911135][    T8] usb 1-1: USB disconnect, device number 8
[  203.078282][   T29] audit: type=1326 audit(1730272976.725:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7553 comm="syz.4.434" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f122457e719 code=0x0
[  203.172735][ T7556] ptrace attach of ""[7558] was attempted by "./syz-executor exec"[7556]
[  204.279146][ T6905] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  204.885724][    T8] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  205.094100][ T6905] usb 2-1: Using ep0 maxpacket: 16
[  205.100615][ T6905] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  205.113935][ T6905] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  205.126576][ T6905] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  205.135976][ T6905] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.144089][ T6905] usb 2-1: Product: syz
[  205.148479][ T6905] usb 2-1: Manufacturer: syz
[  205.153097][ T6905] usb 2-1: SerialNumber: syz
[  205.159976][ T6905] usb 2-1: config 0 descriptor??
[  205.168603][ T7570] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  205.174348][    T8] usb 1-1: Using ep0 maxpacket: 16
[  205.183198][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  205.204708][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  205.218140][    T8] usb 1-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  205.227552][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.235744][    T8] usb 1-1: Product: syz
[  205.240016][    T8] usb 1-1: Manufacturer: syz
[  205.244690][    T8] usb 1-1: SerialNumber: syz
[  205.252140][    T8] usb 1-1: config 0 descriptor??
[  205.258862][ T7568] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  205.274282][ T5955] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  205.328694][ T7586] x_tables: unsorted entry at hook 1
[  205.436569][ T7570] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.466608][ T7570] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.487681][ T6905] usb 2-1: Limiting number of CPorts to U8_MAX
[  205.494813][ T5955] usb 4-1: Using ep0 maxpacket: 16
[  205.505149][ T7568] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  205.511121][ T6905] usb 2-1: Not enough endpoints found in device, aborting!
[  205.516413][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  205.554613][ T5955] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  205.570784][ T7568] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  205.607938][    T8] usb 1-1: Limiting number of CPorts to U8_MAX
[  205.618037][ T5955] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  205.638171][    T8] usb 1-1: Not enough endpoints found in device, aborting!
[  205.649679][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.667505][ T5955] usb 4-1: Product: syz
[  205.673657][ T5955] usb 4-1: Manufacturer: syz
[  205.835377][    T8] usb 1-1: USB disconnect, device number 9
[  205.842174][ T5955] usb 4-1: SerialNumber: syz
[  205.879015][ T6905] usb 2-1: USB disconnect, device number 19
[  206.825029][ T5955] usb 4-1: config 0 descriptor??
[  206.831021][ T7581] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  207.061562][ T7581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  207.095329][ T7581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  207.128611][ T5955] usb 4-1: Limiting number of CPorts to U8_MAX
[  207.136475][ T5955] usb 4-1: Not enough endpoints found in device, aborting!
[  207.145235][ T5913] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  207.430078][ T5913] usb 5-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  207.660951][ T5913] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 184
[  207.710738][  T971] usb 4-1: USB disconnect, device number 18
[  207.730569][ T5913] usb 5-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  207.751729][ T5913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.803443][ T5913] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  207.845744][   T29] audit: type=1326 audit(1730272981.475:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7605 comm="syz.0.450" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55fd17e719 code=0x0
[  208.002694][ T5913] gspca_sn9c2028: read1 error -32
[  208.014667][ T5913] gspca_sn9c2028: read1 error -32
[  208.225605][ T5913] usb 5-1: USB disconnect, device number 10
[  208.294005][  T971] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  208.449766][  T971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.460597][  T971] usb 3-1: New USB device found, idVendor=0eef, idProduct=7302, bcdDevice= 0.00
[  208.471018][  T971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.481409][  T971] usb 3-1: config 0 descriptor??
[  208.584241][ T5955] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  208.738187][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.750233][ T5955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.761417][ T5955] usb 4-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  208.772688][ T5955] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.915547][ T5955] usb 4-1: config 0 descriptor??
[  208.918993][  T971] usbhid 3-1:0.0: can't add hid device: -71
[  208.941531][  T971] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  208.951792][  T971] usb 3-1: USB disconnect, device number 10
[  210.132630][ T7630] ptrace attach of ""[7633] was attempted by "./syz-executor exec"[7630]
[  210.190455][ T5955] hid-multitouch 0003:0EEF:72D0.0005: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.3-1/input0
[  210.851388][ T5955] usb 4-1: USB disconnect, device number 19
[  210.939142][ T7636] xt_limit: Overflow, try lower: 4294967295/4294966784
[  211.462920][   T29] audit: type=1326 audit(1730272985.105:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7652 comm="syz.4.465" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f122457e719 code=0x0
[  213.137734][ T7677] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  213.146599][ T7677] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  213.158417][ T7677] overlayfs: missing 'lowerdir'
[  214.476433][ T7692] netlink: 'syz.1.475': attribute type 2 has an invalid length.
[  214.502917][ T7692] netlink: 'syz.1.475': attribute type 1 has an invalid length.
[  214.544343][ T7693] netlink: 'syz.1.475': attribute type 2 has an invalid length.
[  214.570699][ T7693] netlink: 'syz.1.475': attribute type 1 has an invalid length.
[  214.909051][   T29] audit: type=1326 audit(1730272988.555:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7702 comm="syz.1.478" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bbaf7e719 code=0x0
[  215.928492][ T7713] openvswitch: netlink: Actions may not be safe on all matching packets
[  216.030045][ T7713] netlink: 4 bytes leftover after parsing attributes in process `syz.0.482'.
[  217.254050][ T5913] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  217.342286][ T7729] ptrace attach of ""[7734] was attempted by "./syz-executor exec"[7729]
[  217.574275][ T5913] usb 1-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  217.584085][ T5913] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.595671][ T5913] usb 1-1: Product: syz
[  217.599870][ T5913] usb 1-1: Manufacturer: syz
[  217.605772][ T5913] usb 1-1: SerialNumber: syz
[  217.617381][ T5913] usb 1-1: config 0 descriptor??
[  218.423661][ T7722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  218.433128][ T5913] go7007 1-1:0.0: probe with driver go7007 failed with error -12
[  218.477776][ T7722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  218.864926][ T7747] netlink: 168 bytes leftover after parsing attributes in process `syz.0.485'.
[  219.601671][   T29] audit: type=1326 audit(1730272993.245:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7748 comm="syz.4.493" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f122457e719 code=0x0
[  221.164033][ T6905] usb 1-1: USB disconnect, device number 10
[  221.354969][ T7762] openvswitch: netlink: Actions may not be safe on all matching packets
[  221.395015][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.2.495'.
[  224.954738][ T7797] netlink: 48 bytes leftover after parsing attributes in process `syz.0.503'.
[  226.584349][ T7807] ./bus: Can't lookup blockdev
[  228.075849][ T7823] openvswitch: netlink: Actions may not be safe on all matching packets
[  228.829858][ T7823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.509'.
[  233.168755][ T7873] openvswitch: netlink: Actions may not be safe on all matching packets
[  233.244145][ T7873] netlink: 4 bytes leftover after parsing attributes in process `syz.3.523'.
[  236.388002][ T7904] xt_hashlimit: size too large, truncated to 1048576
[  237.045256][   T29] audit: type=1400 audit(1730273010.095:21): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=7899 comm="syz.4.530" dest=20004
[  237.163480][   T29] audit: type=1326 audit(1730273010.725:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7901 comm="syz.0.531" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55fd17e719 code=0x0
[  239.039353][ T7928] openvswitch: netlink: Actions may not be safe on all matching packets
[  239.052751][ T7928] netlink: 4 bytes leftover after parsing attributes in process `syz.3.536'.
[  239.121096][   T29] audit: type=1326 audit(1730273012.755:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7930 comm="syz.3.537" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0ed7e719 code=0x0
[  240.040994][ T7939] 9pnet_fd: Insufficient options for proto=fd
[  240.414238][ T5881] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  240.590859][ T5881] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  240.650915][ T5881] usb 1-1: config 0 has no interface number 0
[  240.728005][ T5881] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  240.812296][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.848503][ T5881] usb 1-1: Product: syz
[  240.870405][ T5881] usb 1-1: Manufacturer: syz
[  240.879750][ T5881] usb 1-1: SerialNumber: syz
[  240.913302][ T5881] usb 1-1: config 0 descriptor??
[  242.044227][ T5881] dvb_usb_ec168 1-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  242.677765][ T7953] can0: slcan on pts0.
[  242.735349][ T7953] can0 (unregistered): slcan off pts0.
[  242.767139][ T5881] usb 1-1: USB disconnect, device number 11
[  243.024186][ T5955] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  243.197165][ T5955] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  243.205714][ T5955] usb 5-1: config 0 has no interface number 0
[  243.216436][ T5955] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  243.226998][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.244079][ T5955] usb 5-1: Product: syz
[  243.248464][ T5955] usb 5-1: Manufacturer: syz
[  243.256799][ T5955] usb 5-1: SerialNumber: syz
[  243.266747][ T5955] usb 5-1: config 0 descriptor??
[  243.607253][ T7969] can0: slcan on pts0.
[  243.929748][ T7969] can0 (unregistered): slcan off pts0.
[  243.936264][ T7973] openvswitch: netlink: Actions may not be safe on all matching packets
[  244.314194][ T5955] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  244.347097][ T5955] usb 5-1: USB disconnect, device number 11
[  244.371113][ T7973] netlink: 4 bytes leftover after parsing attributes in process `syz.2.547'.
[  248.359474][ T5881] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  248.703600][ T8058] xt_limit: Overflow, try lower: 4294967295/4294966784
[  248.715466][ T5881] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  248.882531][ T5881] usb 2-1: config 0 has no interface number 0
[  248.947684][ T5881] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  249.025978][ T5881] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.102714][ T5881] usb 2-1: Product: syz
[  249.214429][ T5881] usb 2-1: Manufacturer: syz
[  249.228058][ T5881] usb 2-1: SerialNumber: syz
[  249.242906][ T5881] usb 2-1: config 0 descriptor??
[  250.396793][ T5881] dvb_usb_ec168 2-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  250.579022][ T6905] usb 2-1: USB disconnect, device number 20
[  251.212687][ T5881] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  251.404491][ T5881] usb 3-1: Using ep0 maxpacket: 16
[  251.498640][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  251.638693][ T5881] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  251.941204][ T5881] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  251.950359][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.958951][ T5881] usb 3-1: Product: syz
[  251.963144][ T5881] usb 3-1: Manufacturer: syz
[  252.138520][ T5881] usb 3-1: SerialNumber: syz
[  252.199699][ T5881] usb 3-1: config 0 descriptor??
[  252.215272][   T29] audit: type=1326 audit(1730273025.845:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8115 comm="syz.1.569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bbaf7e719 code=0x0
[  252.259957][ T8094] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  252.486167][ T8094] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  252.535743][ T8094] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  252.566525][ T5881] usb 3-1: Limiting number of CPorts to U8_MAX
[  252.576194][ T5881] usb 3-1: Not enough endpoints found in device, aborting!
[  252.779997][ T5913] usb 3-1: USB disconnect, device number 11
[  254.415500][ T8132] xt_limit: Overflow, try lower: 4294967295/4294966784
[  254.592718][ T8141] netlink: 12 bytes leftover after parsing attributes in process `syz.1.574'.
[  255.919733][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  255.926651][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  258.050166][ T5913] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  258.544530][ T5913] usb 2-1: Using ep0 maxpacket: 16
[  258.566466][ T5913] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  258.609606][ T5913] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  258.622825][ T5913] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  258.733412][ T5913] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  258.929041][ T5913] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  258.938366][ T5913] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.947818][ T5913] usb 2-1: Product: syz
[  258.952074][ T5913] usb 2-1: Manufacturer: syz
[  258.966254][ T5913] usb 2-1: SerialNumber: syz
[  259.684975][ T5913] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  259.929385][ T5913] usb 2-1: found format II with max.bitrate = 0, frame size=0
[  259.954025][ T5913] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  260.452398][ T5913] usb 2-1: USB disconnect, device number 21
[  260.630929][ T5841] udevd[5841]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  262.712400][ T8215] netlink: 12 bytes leftover after parsing attributes in process `syz.1.598'.
[  264.197015][ T8229] x_tables: unsorted entry at hook 1
[  264.902027][   T29] audit: type=1326 audit(1730273038.425:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8233 comm="syz.3.604" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0ed7e719 code=0x0
[  264.988907][ T5141] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  265.006564][ T5141] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  265.015265][ T5141] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  265.023688][ T5141] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  265.034474][ T5141] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  265.041899][ T5141] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  266.061898][ T5840] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  266.071288][ T5840] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  266.079415][ T5840] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  266.088234][ T5840] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  266.096098][ T5840] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  266.105334][ T5840] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  266.185170][ T8240] chnl_net:caif_netlink_parms(): no params data found
[  266.249216][ T8257] x_tables: unsorted entry at hook 1
[  266.507379][ T8264] netlink: 'syz.2.609': attribute type 1 has an invalid length.
[  266.518267][ T8264] netlink: 'syz.2.609': attribute type 2 has an invalid length.
[  266.841853][   T29] audit: type=1326 audit(1730273040.485:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8265 comm="syz.1.610" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bbaf7e719 code=0x0
[  266.868831][ T5828] syz-executor (5828) used greatest stack depth: 19376 bytes left
[  266.945518][ T8240] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.971498][ T8240] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.980043][ T8240] bridge_slave_0: entered allmulticast mode
[  266.987252][ T8240] bridge_slave_0: entered promiscuous mode
[  266.995092][ T8240] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.002220][ T8240] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.009534][ T8240] bridge_slave_1: entered allmulticast mode
[  267.016744][ T8240] bridge_slave_1: entered promiscuous mode
[  267.124484][ T5840] Bluetooth: hci5: command tx timeout
[  267.429305][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.471300][ T8240] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.326539][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.343798][ T8240] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.407922][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.516532][ T8240] team0: Port device team_slave_0 added
[  268.565852][ T8240] team0: Port device team_slave_1 added
[  268.693393][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.715633][ T5840] Bluetooth: hci6: command tx timeout
[  268.802820][   T29] audit: type=1326 audit(1730273042.445:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8287 comm="syz.1.616" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bbaf7e719 code=0x0
[  268.836821][ T8240] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.843774][ T8240] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.876808][ T8240] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.890181][ T8240] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.897250][ T8240] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.923217][ T8240] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.996154][ T8240] hsr_slave_0: entered promiscuous mode
[  269.010817][ T8240] hsr_slave_1: entered promiscuous mode
[  269.028800][ T8240] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.043096][ T8240] Cannot create hsr debugfs directory
[  269.174018][ T5913] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  269.194436][ T5840] Bluetooth: hci5: command tx timeout
[  269.334452][ T5913] usb 3-1: Using ep0 maxpacket: 32
[  269.342304][ T5913] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  269.359411][ T5913] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  269.368817][ T5913] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.384052][ T5913] usb 3-1: Product: syz
[  269.388305][ T5913] usb 3-1: Manufacturer: syz
[  269.404013][ T5913] usb 3-1: SerialNumber: syz
[  269.410065][ T5913] usb 3-1: config 0 descriptor??
[  269.421251][ T8290] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  269.448144][ T5913] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  269.622786][ T8245] chnl_net:caif_netlink_parms(): no params data found
[  269.688128][   T12] bridge_slave_1: left allmulticast mode
[  269.695889][   T12] bridge_slave_1: left promiscuous mode
[  269.706969][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  269.722707][   T12] bridge_slave_0: left allmulticast mode
[  269.731091][   T12] bridge_slave_0: left promiscuous mode
[  269.755129][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.654212][   T35] usb 3-1: Failed to submit usb control message: -110
[  270.661283][   T35] usb 3-1: unable to send the bmi data to the device: -110
[  270.668864][   T35] usb 3-1: unable to get target info from device
[  270.677900][   T35] usb 3-1: could not get target info (-110)
[  270.700375][   T35] usb 3-1: could not probe fw (-110)
[  270.794410][ T5840] Bluetooth: hci6: command tx timeout
[  271.274114][ T5840] Bluetooth: hci5: command tx timeout
[  271.817911][ T5881] usb 3-1: USB disconnect, device number 12
[  272.017696][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.077212][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.118898][   T12] bond0 (unregistering): Released all slaves
[  272.875155][ T5840] Bluetooth: hci6: command tx timeout
[  273.142384][ T8323] x_tables: unsorted entry at hook 1
[  273.354203][ T5840] Bluetooth: hci5: command tx timeout
[  274.324154][   T29] audit: type=1326 audit(1730273047.945:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8335 comm="syz.3.625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0ed7e719 code=0x0
[  274.594792][ T8245] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.602307][ T8245] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.636029][ T8245] bridge_slave_0: entered allmulticast mode
[  274.659022][ T8245] bridge_slave_0: entered promiscuous mode
[  275.020766][ T5840] Bluetooth: hci6: command tx timeout
[  275.506427][   T12] hsr_slave_0: left promiscuous mode
[  275.621406][   T12] hsr_slave_1: left promiscuous mode
[  275.631506][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.640096][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.658132][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.666584][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.822994][   T12] veth1_macvtap: left promiscuous mode
[  275.829406][   T12] veth0_macvtap: left promiscuous mode
[  275.843473][   T12] veth1_vlan: left promiscuous mode
[  276.035119][   T12] veth0_vlan: left promiscuous mode
[  276.692858][   T29] audit: type=1326 audit(1730273050.335:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8371 comm="syz.2.630" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c02d7e719 code=0x0
[  277.758407][   T12] team0 (unregistering): Port device team_slave_1 removed
[  277.802490][   T12] team0 (unregistering): Port device team_slave_0 removed
[  278.185657][ T8245] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.193799][ T8245] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.208771][ T8245] bridge_slave_1: entered allmulticast mode
[  278.219318][ T8245] bridge_slave_1: entered promiscuous mode
[  278.241231][ T8370] netlink: 48 bytes leftover after parsing attributes in process `syz.1.628'.
[  278.346039][ T8240] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  278.411232][ T8240] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  279.764614][ T8240] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  279.902193][ T8240] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  280.170509][ T8245] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  280.774457][ T8245] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  281.520947][ T8245] team0: Port device team_slave_0 added
[  281.620949][ T8245] team0: Port device team_slave_1 added
[  281.644226][   T25] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  281.829754][ T8245] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.847145][   T25] usb 2-1: Using ep0 maxpacket: 16
[  281.857793][ T8245] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.907277][   T25] usb 2-1: New USB device found, idVendor=0fc5, idProduct=1227, bcdDevice=d9.10
[  281.929307][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.940188][ T8245] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.947768][   T25] usb 2-1: Product: syz
[  281.961865][   T25] usb 2-1: Manufacturer: syz
[  281.968167][ T8245] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.980457][   T25] usb 2-1: SerialNumber: syz
[  282.002372][   T25] usb 2-1: config 0 descriptor??
[  282.002796][ T8245] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  282.037601][ T8412] ptrace attach of ""[8414] was attempted by "./syz-executor exec"[8412]
[  282.050476][   T25] usbsevseg 2-1:0.0: USB 7 Segment device now attached
[  282.095638][ T8245] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  282.200925][ T8245] hsr_slave_0: entered promiscuous mode
[  282.208617][ T8245] hsr_slave_1: entered promiscuous mode
[  282.215365][ T8245] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  282.226221][ T8245] Cannot create hsr debugfs directory
[  282.298357][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.304033][    T8] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  282.368234][ T5881] usb 2-1: USB disconnect, device number 22
[  282.375392][ T5881] usbsevseg 2-1:0.0: USB 7 Segment now disconnected
[  282.428844][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.464247][    T8] usb 3-1: Using ep0 maxpacket: 32
[  282.486367][    T8] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  282.499037][    T8] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  282.509736][ T8240] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.510053][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.528307][    T8] usb 3-1: config 0 descriptor??
[  282.577146][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.632135][ T8240] 8021q: adding VLAN 0 to HW filter on device team0
[  282.692023][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.716260][ T8401] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.724069][ T8401] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.761331][ T8401] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.768556][ T8401] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.843129][ T8245] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  282.871178][ T8245] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  282.886384][ T8245] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  282.932441][ T8245] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  283.061542][   T12] bridge_slave_1: left allmulticast mode
[  283.094069][   T12] bridge_slave_1: left promiscuous mode
[  283.099828][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.137656][   T12] bridge_slave_0: left allmulticast mode
[  283.149041][   T12] bridge_slave_0: left promiscuous mode
[  283.170691][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.004474][ T8408] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  284.047786][   T25] usb 3-1: USB disconnect, device number 13
[  284.731107][   T12] bridge0 (unregistering): left promiscuous mode
[  284.948322][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  284.967224][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.982936][   T12] bond0 (unregistering): Released all slaves
[  285.013178][ T8448] netlink: 48 bytes leftover after parsing attributes in process `syz.3.641'.
[  285.424307][ T8240] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.133368][ T8245] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.201844][ T8245] 8021q: adding VLAN 0 to HW filter on device team0
[  286.254389][ T5881] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  286.399846][ T8401] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.407051][ T8401] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.643118][ T8401] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.650344][ T8401] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.156218][ T5881] usb 3-1: Using ep0 maxpacket: 16
[  287.164634][ T5881] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  287.189743][ T5881] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  287.232104][   T12] batadv0: left promiscuous mode
[  287.261903][ T5881] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  287.286551][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.304206][   T12] hsr_slave_0: left promiscuous mode
[  287.317964][ T5881] usb 3-1: Product: syz
[  287.340713][ T5881] usb 3-1: Manufacturer: syz
[  287.346376][   T12] hsr_slave_1: left promiscuous mode
[  287.353029][ T5881] usb 3-1: SerialNumber: syz
[  287.370037][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  287.378632][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.444006][ T5881] usb 3-1: config 0 descriptor??
[  287.484486][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  287.505000][ T8461] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  287.540314][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.792045][   T12] veth1_macvtap: left promiscuous mode
[  287.836299][   T12] veth0_macvtap: left promiscuous mode
[  287.885913][   T12] veth1_vlan: left promiscuous mode
[  287.915439][ T8461] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  287.920394][   T12] veth0_vlan: left promiscuous mode
[  287.929733][ T8461] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.009739][ T5881] usb 3-1: Limiting number of CPorts to U8_MAX
[  288.016898][ T5881] usb 3-1: Not enough endpoints found in device, aborting!
[  288.279527][ T5881] usb 3-1: USB disconnect, device number 14
[  290.620996][   T12] team0 (unregistering): Port device team_slave_1 removed
[  290.674093][ T5955] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  290.701470][   T12] team0 (unregistering): Port device team_slave_0 removed
[  290.829726][ T5955] usb 3-1: Using ep0 maxpacket: 32
[  290.840898][ T5955] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  290.850056][ T5955] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  290.859664][ T5955] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.870529][ T5955] usb 3-1: config 0 descriptor??
[  291.054083][ T5881] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  291.200012][ T8509] netlink: 48 bytes leftover after parsing attributes in process `syz.3.651'.
[  291.209862][ T5881] usb 2-1: Using ep0 maxpacket: 32
[  291.237776][ T5881] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  291.267668][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.315611][ T5881] usb 2-1: config 0 descriptor??
[  291.342374][ T5881] gspca_main: sq930x-2.14.0 probing 041e:403c
[  291.451454][ T8240] veth0_vlan: entered promiscuous mode
[  291.507499][ T8240] veth1_vlan: entered promiscuous mode
[  291.607253][ T8240] veth0_macvtap: entered promiscuous mode
[  291.646222][ T8240] veth1_macvtap: entered promiscuous mode
[  292.087538][ T5881] gspca_sq930x: ucbus_write failed -110
[  292.096014][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.188326][ T5881] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[  292.259693][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.360435][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.394230][ T8512] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  292.398684][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.410313][ T5881] usb 3-1: USB disconnect, device number 15
[  292.416431][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.437281][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.473367][ T8240] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.552563][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.572773][ T8542] netlink: 12 bytes leftover after parsing attributes in process `syz.3.657'.
[  292.573661][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.592083][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.611267][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.621859][ T8240] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  292.641664][ T8240] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.672840][ T8240] batman_adv: batadv0: Interface activated: batadv_slave_1
[  292.694379][ T8245] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.705887][ T8240] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  292.719182][ T8240] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  292.729563][ T8240] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  292.741410][ T8240] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.035198][ T6773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.063716][ T6773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.092834][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.118391][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.332074][ T8245] veth0_vlan: entered promiscuous mode
[  293.343567][ T8245] veth1_vlan: entered promiscuous mode
[  293.368062][ T8245] veth0_macvtap: entered promiscuous mode
[  293.377395][ T8245] veth1_macvtap: entered promiscuous mode
[  293.392872][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.403481][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.413481][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.424217][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.434264][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.444812][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.455228][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.466264][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.477448][ T8245] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.498076][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.509132][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.521985][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.532597][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.553964][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.574258][ T6905] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  293.576559][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.592142][ T8245] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.604687][ T8245] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.617813][ T8245] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.651400][ T8245] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.677483][ T8245] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.691357][ T8245] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.702002][ T8245] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.734223][ T6905] usb 4-1: Using ep0 maxpacket: 32
[  293.745307][ T6905] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  293.757969][ T6905] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  293.770027][ T6905] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.779187][ T6905] usb 4-1: Product: syz
[  293.783663][ T6905] usb 4-1: Manufacturer: syz
[  293.788824][ T6905] usb 4-1: SerialNumber: syz
[  293.813712][ T6905] usb 4-1: config 0 descriptor??
[  293.830213][ T8557] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  293.848818][ T1077] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.860985][ T1077] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.888961][ T6905] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  293.904061][   T25] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  293.930348][ T6773] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.968091][ T6773] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.066003][   T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  294.100136][   T25] usb 3-1: config 0 has no interface number 0
[  294.132578][   T25] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  294.169025][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.191493][   T25] usb 3-1: Product: syz
[  294.197012][ T6905] usb 2-1: USB disconnect, device number 23
[  294.219337][   T25] usb 3-1: Manufacturer: syz
[  294.244062][   T25] usb 3-1: SerialNumber: syz
[  294.267371][   T25] usb 3-1: config 0 descriptor??
[  294.447579][ T8597] xt_limit: Overflow, try lower: 4294967295/4294966784
[  295.004001][   T12] usb 4-1: Failed to submit usb control message: -110
[  295.011243][   T12] usb 4-1: unable to send the bmi data to the device: -110
[  295.018793][   T12] usb 4-1: unable to get target info from device
[  295.025243][   T12] usb 4-1: could not get target info (-110)
[  295.031185][   T12] usb 4-1: could not probe fw (-110)
[  295.125849][   T25] dvb_usb_ec168 3-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  295.172486][   T25] usb 3-1: USB disconnect, device number 16
[  295.249856][ T8604] netlink: 48 bytes leftover after parsing attributes in process `syz.6.663'.
[  295.381999][   T29] audit: type=1326 audit(1730273069.025:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8612 comm="syz.5.665" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b6597e719 code=0x0
[  295.754181][  T971] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  295.924748][  T971] usb 2-1: Using ep0 maxpacket: 32
[  295.936670][  T971] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  295.950417][  T971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.990633][  T971] usb 2-1: config 0 descriptor??
[  296.038980][  T971] gspca_main: sq930x-2.14.0 probing 041e:403c
[  296.110264][  T968] usb 4-1: USB disconnect, device number 20
[  296.128622][ T6905] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  296.325881][ T6905] usb 3-1: Using ep0 maxpacket: 32
[  296.395036][ T6905] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  296.434248][ T6905] usb 3-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  296.494416][ T6905] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.539715][ T6905] usb 3-1: config 0 descriptor??
[  297.162591][  T971] gspca_sq930x: ucbus_write failed -71
[  297.171421][  T971] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  297.188514][  T971] usb 2-1: USB disconnect, device number 24
[  297.914495][ T8627] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  298.340829][  T968] usb 3-1: USB disconnect, device number 17
[  299.614076][ T5880] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  299.975287][ T5880] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  299.983463][ T5880] usb 7-1: config 0 has no interface number 0
[  300.119828][ T5880] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  300.156654][ T5880] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.177260][ T5880] usb 7-1: Product: syz
[  300.181656][ T5880] usb 7-1: Manufacturer: syz
[  300.191840][ T5880] usb 7-1: SerialNumber: syz
[  300.299581][ T5880] usb 7-1: config 0 descriptor??
[  300.498817][ T5840] Bluetooth: hci1: unexpected event for opcode 0x040d
[  300.712236][ T8711] can0: slcan on pts0.
[  301.318598][ T8720] ./bus: Can't lookup blockdev
[  301.681805][ T5880] dvb_usb_ec168 7-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  301.823526][ T8709] netlink: 4 bytes leftover after parsing attributes in process `syz.2.682'.
[  301.875739][ T8711] can0 (unregistered): slcan off pts0.
[  301.926747][  T968] usb 7-1: USB disconnect, device number 2
[  302.344480][ T5913] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  302.409365][ T8737] netlink: 48 bytes leftover after parsing attributes in process `syz.2.685'.
[  302.756061][ T5913] usb 4-1: Using ep0 maxpacket: 32
[  302.899635][ T5913] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  302.911925][ T5913] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  302.921337][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.941952][ T5913] usb 4-1: Product: syz
[  302.976457][ T5913] usb 4-1: Manufacturer: syz
[  303.372169][ T5913] usb 4-1: SerialNumber: syz
[  303.417705][ T5913] usb 4-1: config 0 descriptor??
[  303.492839][ T8725] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  303.578525][ T5913] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  304.032292][ T8768] netlink: 4 bytes leftover after parsing attributes in process `syz.6.695'.
[  304.653599][ T8401] usb 4-1: Failed to submit usb control message: -110
[  304.665769][ T8401] usb 4-1: unable to send the bmi data to the device: -110
[  304.689466][ T8401] usb 4-1: unable to get target info from device
[  304.719926][ T8401] usb 4-1: could not get target info (-110)
[  304.746463][ T8401] usb 4-1: could not probe fw (-110)
[  305.517491][ T5955] usb 4-1: USB disconnect, device number 21
[  305.897317][ T8796] netlink: 48 bytes leftover after parsing attributes in process `syz.1.700'.
[  306.685937][ T5913] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  307.308841][ T5913] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.326646][ T5913] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.363171][ T5913] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  307.400576][ T5913] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.485693][ T5913] usb 6-1: config 0 descriptor??
[  307.749898][ T5955] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  308.094392][ T5913] usbhid 6-1:0.0: can't add hid device: -71
[  308.174207][ T5913] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  308.248507][ T5913] usb 6-1: USB disconnect, device number 2
[  308.589442][ T5955] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.275040][ T5955] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.285011][ T5955] usb 7-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  309.294282][ T5955] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.304616][ T5955] usb 7-1: config 0 descriptor??
[  311.793560][ T5955] usbhid 7-1:0.0: can't add hid device: -71
[  311.799630][ T5955] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  311.810739][ T5955] usb 7-1: USB disconnect, device number 3
[  313.137394][ T8860] ./bus: Can't lookup blockdev
[  315.257960][   T29] audit: type=1326 audit(1730273088.895:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8864 comm="syz.6.712" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86da17e719 code=0x0
[  316.127800][ T8879] netlink: 48 bytes leftover after parsing attributes in process `syz.1.714'.
[  317.366855][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.373601][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  318.134481][ T8923] netlink: 'syz.2.723': attribute type 1 has an invalid length.
[  318.144147][ T8923] netlink: 224 bytes leftover after parsing attributes in process `syz.2.723'.
[  318.431920][ T8929] overlayfs: missing 'lowerdir'
[  319.080152][ T5913] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  319.193487][ T8940] netlink: 48 bytes leftover after parsing attributes in process `syz.6.725'.
[  319.393992][  T968] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  319.664044][ T5913] usb 2-1: Using ep0 maxpacket: 16
[  319.944955][ T5913] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 30768, setting to 1024
[  319.957225][ T5913] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  319.970293][ T5913] usb 2-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  319.981947][  T968] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.999138][  T968] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  320.019927][  T968] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  320.030311][ T5913] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.055424][ T5913] usb 2-1: Product: syz
[  320.061657][  T968] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.074070][ T5913] usb 2-1: Manufacturer: syz
[  320.083768][   T29] audit: type=1326 audit(1730273093.725:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8950 comm="syz.6.727" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86da17e719 code=0x0
[  320.114212][ T5913] usb 2-1: SerialNumber: syz
[  320.136270][  T968] usb 6-1: config 0 descriptor??
[  320.146002][ T5913] usb 2-1: config 0 descriptor??
[  320.151973][ T8910] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  320.392662][ T8910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  320.405742][ T8910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  320.486687][ T5913] usb 2-1: Limiting number of CPorts to U8_MAX
[  320.495028][ T5913] usb 2-1: Not enough endpoints found in device, aborting!
[  320.604650][  T968] usbhid 6-1:0.0: can't add hid device: -71
[  320.616139][  T968] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  320.642893][  T968] usb 6-1: USB disconnect, device number 3
[  320.696168][ T5913] usb 2-1: USB disconnect, device number 25
[  320.890669][   T25] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  321.012960][ T8974] syz.3.729 (8974): /proc/8974/oom_adj is deprecated, please use /proc/8974/oom_score_adj instead.
[  322.014697][   T25] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  322.024924][   T25] usb 3-1: config 0 has no interface number 0
[  322.033197][   T25] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  322.042486][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.074837][   T25] usb 3-1: Product: syz
[  322.080178][   T25] usb 3-1: Manufacturer: syz
[  322.090105][   T25] usb 3-1: SerialNumber: syz
[  322.102261][   T25] usb 3-1: config 0 descriptor??
[  322.141689][   T29] audit: type=1326 audit(1730273095.785:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8986 comm="syz.6.733" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86da17e719 code=0x0
[  322.565398][ T8993] can0: slcan on ptm0.
[  323.384076][   T25] dvb_usb_ec168 3-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  323.466391][   T29] audit: type=1326 audit(1730273097.115:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9008 comm="syz.3.734" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0ed7e719 code=0x0
[  323.573974][ T5880] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  323.914170][ T5880] usb 6-1: Using ep0 maxpacket: 32
[  323.917960][ T9022] overlayfs: missing 'lowerdir'
[  323.957818][ T5880] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  323.999130][ T6905] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  324.300157][ T6905] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  324.345769][ T8962] can0 (unregistered): slcan off ptm0.
[  324.351306][ T6905] usb 2-1: config 0 has no interface number 0
[  324.374809][ T5880] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  324.422422][ T5881] usb 3-1: USB disconnect, device number 18
[  324.439070][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.494025][ T5880] usb 6-1: Product: syz
[  324.498252][ T5880] usb 6-1: Manufacturer: syz
[  324.502888][ T5880] usb 6-1: SerialNumber: syz
[  324.677115][ T5880] usb 6-1: config 0 descriptor??
[  324.682654][ T8994] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  324.825329][ T6905] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  324.834654][ T6905] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  324.842682][ T6905] usb 2-1: Product: syz
[  324.847043][ T6905] usb 2-1: Manufacturer: syz
[  324.851665][ T6905] usb 2-1: SerialNumber: syz
[  324.858810][ T6905] usb 2-1: config 0 descriptor??
[  324.877852][ T5880] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  324.904092][ T5881] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  325.365869][   T29] audit: type=1400 audit(1730273098.845:35): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=9030 comm="syz.6.739" dest=20004
[  325.921098][ T6905] dvb_usb_ec168 2-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  325.931073][ T1077] usb 6-1: Failed to submit usb control message: -110
[  326.047525][ T1077] usb 6-1: unable to send the bmi data to the device: -110
[  326.070954][ T5881] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  326.079242][ T5881] usb 3-1: config 0 has no interface number 0
[  326.096022][ T5881] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  326.109027][ T1077] usb 6-1: unable to get target info from device
[  326.135632][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.144621][ T5881] usb 3-1: Product: syz
[  326.148345][ T1077] usb 6-1: could not get target info (-110)
[  326.159620][ T5881] usb 3-1: Manufacturer: syz
[  326.167790][ T5881] usb 3-1: SerialNumber: syz
[  326.169724][ T1077] usb 6-1: could not probe fw (-110)
[  326.186756][ T5881] usb 3-1: config 0 descriptor??
[  326.188947][ T9041] can0: slcan on pts0.
[  326.255284][ T9041] can0 (unregistered): slcan off pts0.
[  326.281840][ T6905] usb 2-1: USB disconnect, device number 26
[  326.385303][ T5913] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  326.735812][ T5913] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.884339][ T5881] dvb_usb_ec168 3-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  326.900428][ T5913] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  326.920175][ T5913] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.932917][ T5881] usb 3-1: USB disconnect, device number 19
[  326.950391][ T5913] usb 7-1: Product: syz
[  326.973008][ T5913] usb 7-1: Manufacturer: syz
[  327.004260][ T5913] usb 7-1: SerialNumber: syz
[  327.127561][ T5881] usb 6-1: USB disconnect, device number 4
[  327.800138][ T9061] xt_limit: Overflow, try lower: 4294967295/4294966784
[  327.828283][ T9070] netlink: 12 bytes leftover after parsing attributes in process `syz.2.745'.
[  327.841337][  T968] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  327.949083][ T9074] FAULT_INJECTION: forcing a failure.
[  327.949083][ T9074] name failslab, interval 1, probability 0, space 0, times 0
[  328.029710][ T9074] CPU: 1 UID: 0 PID: 9074 Comm: syz.5.746 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  328.040356][ T9074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  328.050439][ T9074] Call Trace:
[  328.053736][ T9074]  <TASK>
[  328.056680][ T9074]  dump_stack_lvl+0x241/0x360
[  328.061382][ T9074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.067041][ T9074]  ? __pfx__printk+0x10/0x10
[  328.071668][ T9074]  ? __kmalloc_node_track_caller_noprof+0xb2/0x440
[  328.078197][ T9074]  ? __pfx___might_resched+0x10/0x10
[  328.083515][ T9074]  should_fail_ex+0x3b0/0x4e0
[  328.088215][ T9074]  should_failslab+0xac/0x100
[  328.092917][ T9074]  __kmalloc_node_track_caller_noprof+0xda/0x440
[  328.099265][ T9074]  ? ovl_parse_layer+0x128/0x1080
[  328.104321][ T9074]  kstrdup+0x3a/0x80
[  328.108236][ T9074]  ovl_parse_layer+0x128/0x1080
[  328.113109][ T9074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.119200][ T9074]  ? __pfx_ovl_parse_layer+0x10/0x10
[  328.124511][ T9074]  ? fs_param_is_string+0xa2/0x1b0
[  328.129648][ T9074]  ? __fs_parse+0x4e0/0x710
[  328.134186][ T9074]  ovl_parse_param+0x5b3/0x10b0
[  328.139067][ T9074]  ? smack_fs_context_parse_param+0xff/0x170
[  328.145078][ T9074]  ? __pfx_ovl_parse_param+0x10/0x10
[  328.150390][ T9074]  ? static_key_count+0x41/0x70
[  328.155267][ T9074]  vfs_parse_fs_param+0x1a5/0x420
[  328.160316][ T9074]  ? __pfx_ovl_next_opt+0x10/0x10
[  328.165365][ T9074]  vfs_parse_monolithic_sep+0x2d9/0x420
[  328.170942][ T9074]  ? __pfx_vfs_parse_monolithic_sep+0x10/0x10
[  328.177061][ T9074]  do_new_mount+0x28f/0xb40
[  328.181593][ T9074]  ? __pfx_do_new_mount+0x10/0x10
[  328.186644][ T9074]  __se_sys_mount+0x2d6/0x3c0
[  328.191348][ T9074]  ? __pfx___se_sys_mount+0x10/0x10
[  328.196568][ T9074]  ? do_syscall_64+0x100/0x230
[  328.201357][ T9074]  ? __x64_sys_mount+0x20/0xc0
[  328.206143][ T9074]  do_syscall_64+0xf3/0x230
[  328.210665][ T9074]  ? clear_bhb_loop+0x35/0x90
[  328.215360][ T9074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.221281][ T9074] RIP: 0033:0x7f9b6597e719
[  328.225713][ T9074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.245343][ T9074] RSP: 002b:00007f9b6671a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  328.253783][ T9074] RAX: ffffffffffffffda RBX: 00007f9b65b35f80 RCX: 00007f9b6597e719
[  328.261776][ T9074] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  328.269771][ T9074] RBP: 00007f9b6671a090 R08: 0000000020000100 R09: 0000000000000000
[  328.272154][  T968] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  328.277780][ T9074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  328.277798][ T9074] R13: 0000000000000000 R14: 00007f9b65b35f80 R15: 00007ffc03b0c088
[  328.277826][ T9074]  </TASK>
[  328.343685][  T968] usb 4-1: config 0 has no interface number 0
[  328.410924][  T968] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  328.420325][  T968] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.428565][  T968] usb 4-1: Product: syz
[  328.432768][  T968] usb 4-1: Manufacturer: syz
[  328.437493][  T968] usb 4-1: SerialNumber: syz
[  328.449457][  T968] usb 4-1: config 0 descriptor??
[  328.564885][ T5913] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  328.571435][ T5913] cdc_ncm 7-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  328.694549][ T5913] cdc_ncm 7-1:1.0: setting rx_max = 2048
[  329.010726][ T5913] cdc_ncm 7-1:1.0: setting tx_max = 88
[  329.028003][ T5913] cdc_ncm 7-1:1.0 eth9: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  329.074081][ T6905] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  329.100739][ T5913] usb 7-1: USB disconnect, device number 4
[  329.121447][ T5913] cdc_ncm 7-1:1.0 eth9: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM (NO ZLP)
[  329.162042][   T29] audit: type=1326 audit(1730273102.795:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9092 comm="syz.1.750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bbaf7e719 code=0x0
[  329.234437][ T6905] usb 3-1: Using ep0 maxpacket: 32
[  329.260193][ T6905] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  329.308806][ T6905] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  329.327198][ T6905] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.346035][ T9101] FAULT_INJECTION: forcing a failure.
[  329.346035][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  329.364088][ T6905] usb 3-1: Product: syz
[  329.368306][ T6905] usb 3-1: Manufacturer: syz
[  329.384777][ T6905] usb 3-1: SerialNumber: syz
[  329.396152][ T9101] CPU: 1 UID: 0 PID: 9101 Comm: syz.5.751 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  329.406788][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  329.417050][ T9101] Call Trace:
[  329.420370][ T9101]  <TASK>
[  329.423331][ T9101]  dump_stack_lvl+0x241/0x360
[  329.428049][ T9101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  329.433281][ T9101]  ? __pfx__printk+0x10/0x10
[  329.437907][ T9101]  ? __pfx_lock_release+0x10/0x10
[  329.442992][ T9101]  should_fail_ex+0x3b0/0x4e0
[  329.447706][ T9101]  _copy_from_iter+0x21f/0x1e70
[  329.452606][ T9101]  ? __virt_addr_valid+0x183/0x530
[  329.457747][ T9101]  ? __pfx_lock_release+0x10/0x10
[  329.462818][ T9101]  ? __alloc_skb+0x28f/0x440
[  329.467439][ T9101]  ? __pfx__copy_from_iter+0x10/0x10
[  329.472759][ T9101]  ? __virt_addr_valid+0x183/0x530
[  329.477895][ T9101]  ? __virt_addr_valid+0x183/0x530
[  329.483022][ T9101]  ? __virt_addr_valid+0x45f/0x530
[  329.488135][ T9101]  ? __check_object_size+0x48e/0x900
[  329.493426][ T9101]  netlink_sendmsg+0x73d/0xcb0
[  329.498205][ T9101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.503499][ T9101]  ? __pfx_netlink_sendmsg+0x10/0x10
[  329.508791][ T9101]  __sock_sendmsg+0x221/0x270
[  329.513480][ T9101]  ____sys_sendmsg+0x52a/0x7e0
[  329.518254][ T9101]  ? __pfx_____sys_sendmsg+0x10/0x10
[  329.523556][ T9101]  __sys_sendmsg+0x292/0x380
[  329.528151][ T9101]  ? __pfx___sys_sendmsg+0x10/0x10
[  329.533270][ T9101]  ? __pfx_vfs_write+0x10/0x10
[  329.538057][ T9101]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  329.544388][ T9101]  ? do_syscall_64+0x100/0x230
[  329.549151][ T9101]  ? do_syscall_64+0xb6/0x230
[  329.553829][ T9101]  do_syscall_64+0xf3/0x230
[  329.558336][ T9101]  ? clear_bhb_loop+0x35/0x90
[  329.563020][ T9101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.568924][ T9101] RIP: 0033:0x7f9b6597e719
[  329.573338][ T9101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  329.592946][ T9101] RSP: 002b:00007f9b6671a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  329.601370][ T9101] RAX: ffffffffffffffda RBX: 00007f9b65b35f80 RCX: 00007f9b6597e719
[  329.609348][ T9101] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000004
[  329.617323][ T9101] RBP: 00007f9b6671a090 R08: 0000000000000000 R09: 0000000000000000
[  329.625293][ T9101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  329.633260][ T9101] R13: 0000000000000000 R14: 00007f9b65b35f80 R15: 00007ffc03b0c088
[  329.641244][ T9101]  </TASK>
[  329.651973][  T968] dvb_usb_ec168 4-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  329.656360][ T6905] usb 3-1: config 0 descriptor??
[  329.678679][ T9086] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  329.955090][ T6905] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  330.852578][  T968] usb 4-1: USB disconnect, device number 22
[  331.034376][ T6773] usb 3-1: Failed to submit usb control message: -110
[  331.042209][ T6773] usb 3-1: unable to send the bmi data to the device: -110
[  331.065872][ T6773] usb 3-1: unable to get target info from device
[  331.107414][ T6773] usb 3-1: could not get target info (-110)
[  331.146823][ T9131] sctp: [Deprecated]: syz.5.754 (pid 9131) Use of int in max_burst socket option deprecated.
[  331.146823][ T9131] Use struct sctp_assoc_value instead
[  331.176893][ T6773] usb 3-1: could not probe fw (-110)
[  331.297479][ T9149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.758'.
[  332.793178][  T968] usb 3-1: USB disconnect, device number 20
[  333.869351][ T9177] netlink: 12 bytes leftover after parsing attributes in process `syz.6.763'.
[  335.041705][ T9194] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'.
[  335.334519][ T6905] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  335.530967][ T9204] ./bus: Can't lookup blockdev
[  335.764675][ T6905] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  335.773417][ T6905] usb 6-1: config 0 has no interface number 0
[  335.792627][ T6905] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  335.814970][ T6905] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.825298][ T6905] usb 6-1: Product: syz
[  335.830025][ T6905] usb 6-1: Manufacturer: syz
[  336.100097][ T6905] usb 6-1: SerialNumber: syz
[  336.269453][ T6905] usb 6-1: config 0 descriptor??
[  336.386205][ T9206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.767'.
[  337.212295][ T9219] netlink: 'syz.2.774': attribute type 1 has an invalid length.
[  337.225105][ T9219] netlink: 'syz.2.774': attribute type 2 has an invalid length.
[  337.365779][ T6905] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  337.780356][ T6905] usb 6-1: USB disconnect, device number 5
[  338.383116][ T9242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.780'.
[  339.912616][ T9278] overlayfs: missing 'lowerdir'
[  340.451236][ T9294] FAULT_INJECTION: forcing a failure.
[  340.451236][ T9294] name failslab, interval 1, probability 0, space 0, times 0
[  340.614384][   T25] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  340.678237][ T9294] CPU: 1 UID: 0 PID: 9294 Comm: syz.3.790 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  340.688872][ T9294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  340.698939][ T9294] Call Trace:
[  340.702224][ T9294]  <TASK>
[  340.705174][ T9294]  dump_stack_lvl+0x241/0x360
[  340.709849][ T9294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.715047][ T9294]  ? __pfx__printk+0x10/0x10
[  340.719634][ T9294]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  340.725176][ T9294]  ? __pfx___might_resched+0x10/0x10
[  340.730455][ T9294]  should_fail_ex+0x3b0/0x4e0
[  340.735130][ T9294]  ? getname_flags+0xb7/0x540
[  340.739800][ T9294]  should_failslab+0xac/0x100
[  340.744475][ T9294]  ? getname_flags+0xb7/0x540
[  340.749144][ T9294]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  340.754510][ T9294]  getname_flags+0xb7/0x540
[  340.759011][ T9294]  user_path_at+0x24/0x60
[  340.763348][ T9294]  __se_sys_mount+0x297/0x3c0
[  340.768044][ T9294]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.774022][ T9294]  ? __pfx___se_sys_mount+0x10/0x10
[  340.779218][ T9294]  ? do_syscall_64+0x100/0x230
[  340.783985][ T9294]  ? __x64_sys_mount+0x20/0xc0
[  340.788753][ T9294]  do_syscall_64+0xf3/0x230
[  340.793270][ T9294]  ? clear_bhb_loop+0x35/0x90
[  340.797943][ T9294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.803826][ T9294] RIP: 0033:0x7f2d0ed7e719
[  340.808230][ T9294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.827830][ T9294] RSP: 002b:00007f2d0fc3a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  340.836249][ T9294] RAX: ffffffffffffffda RBX: 00007f2d0ef35f80 RCX: 00007f2d0ed7e719
[  340.844225][ T9294] RDX: 0000000020000200 RSI: 00000000200000c0 RDI: 0000000020000180
[  340.852192][ T9294] RBP: 00007f2d0fc3a090 R08: 0000000000000000 R09: 0000000000000000
[  340.860154][ T9294] R10: 000000000100c083 R11: 0000000000000246 R12: 0000000000000001
[  340.868148][ T9294] R13: 0000000000000000 R14: 00007f2d0ef35f80 R15: 00007ffe9224bbb8
[  340.876120][ T9294]  </TASK>
[  340.879182][    C1] vkms_vblank_simulate: vblank timer overrun
[  341.154269][   T25] usb 3-1: Using ep0 maxpacket: 32
[  341.217261][   T25] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  341.350661][   T25] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  341.524480][ T6905] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  341.714912][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.753331][   T25] usb 3-1: Product: syz
[  341.758049][   T25] usb 3-1: Manufacturer: syz
[  341.769101][   T25] usb 3-1: SerialNumber: syz
[  341.801840][   T25] usb 3-1: config 0 descriptor??
[  341.850104][ T9289] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  341.962635][ T9312] xt_limit: Overflow, try lower: 4294967295/4294966784
[  341.985157][   T25] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  342.041161][ T6905] usb 6-1: Using ep0 maxpacket: 32
[  342.636573][ T6905] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 175
[  342.648683][ T6905] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  342.682625][ T6905] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.703602][ T6905] usb 6-1: Product: syz
[  342.734129][ T6905] usb 6-1: Manufacturer: syz
[  342.751551][ T6905] usb 6-1: SerialNumber: syz
[  342.957337][ T6905] usb 6-1: config 0 descriptor??
[  342.963019][ T9290] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  343.171829][   T12] usb 3-1: Failed to submit usb control message: -110
[  343.184217][ T6905] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  343.201600][ T1077] usb 6-1: Failed to submit usb control message: -71
[  343.209584][   T12] usb 3-1: unable to send the bmi data to the device: -110
[  343.210957][ T1077] usb 6-1: unable to send the bmi data to the device: -71
[  343.934011][   T12] usb 3-1: unable to get target info from device
[  343.934055][   T12] usb 3-1: could not get target info (-110)
[  343.934088][   T12] usb 3-1: could not probe fw (-110)
[  343.972427][ T1077] usb 6-1: unable to get target info from device
[  343.972450][ T1077] usb 6-1: could not get target info (-71)
[  343.972482][ T1077] usb 6-1: could not probe fw (-71)
[  344.211297][ T5881] usb 3-1: USB disconnect, device number 21
[  344.619777][ T5840] Bluetooth: hci6: Malformed HCI Event: 0x22
[  345.834074][ T6905] usb 6-1: USB disconnect, device number 6
[  346.904032][ T6905] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  347.406321][ T9387] mac80211_hwsim hwsim14 wlan0: entered promiscuous mode
[  347.414100][  T968] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  347.432139][ T9387] macvlan2: entered allmulticast mode
[  347.440437][ T9387] mac80211_hwsim hwsim14 wlan0: entered allmulticast mode
[  347.457939][ T9387] mac80211_hwsim hwsim14 wlan0: left allmulticast mode
[  347.467381][ T9387] mac80211_hwsim hwsim14 wlan0: left promiscuous mode
[  347.563041][ T6905] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  347.595081][  T968] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  347.614431][ T6905] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.618779][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.622664][ T6905] usb 6-1: Product: syz
[  347.675627][  T968] usb 2-1: Product: syz
[  347.679832][  T968] usb 2-1: Manufacturer: syz
[  347.692275][ T6905] usb 6-1: Manufacturer: syz
[  347.705850][  T968] usb 2-1: SerialNumber: syz
[  347.710651][ T6905] usb 6-1: SerialNumber: syz
[  347.754754][  T968] usb 2-1: config 0 descriptor??
[  347.755137][ T6905] usb 6-1: config 0 descriptor??
[  347.795960][  T968] go7007 2-1:0.0: probe with driver go7007 failed with error -12
[  347.797646][ T6905] go7007 6-1:0.0: probe with driver go7007 failed with error -12
[  348.359050][ T9381] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.381544][ T9381] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.646655][ T9403] netlink: 168 bytes leftover after parsing attributes in process `syz.1.803'.
[  349.337812][   T25] usb 6-1: USB disconnect, device number 7
[  351.039806][ T6905] usb 2-1: USB disconnect, device number 27
[  352.560665][ T9437] ./bus: Can't lookup blockdev
[  355.108022][ T9474] netlink: 24 bytes leftover after parsing attributes in process `syz.1.820'.
[  355.629792][ T9487] netlink: 16 bytes leftover after parsing attributes in process `syz.5.826'.
[  355.644705][ T9487] xt_ipcomp: unknown flags 12
[  356.219104][   T25] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  356.664083][   T25] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  356.717510][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  356.727445][   T25] usb 4-1: Product: syz
[  356.735381][   T25] usb 4-1: Manufacturer: syz
[  356.741702][   T25] usb 4-1: SerialNumber: syz
[  356.819166][   T25] usb 4-1: config 0 descriptor??
[  357.069087][   T25] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[  357.282448][ T9481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  357.443791][ T9481] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  357.644437][   T25] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  357.695022][ T9517] netlink: 168 bytes leftover after parsing attributes in process `syz.3.822'.
[  357.814025][   T25] usb 2-1: Using ep0 maxpacket: 16
[  357.827610][   T25] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  358.941781][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  358.953925][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  358.963689][   T25] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  358.973670][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  359.178750][   T25] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  359.211335][   T25] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  359.228860][   T25] usb 2-1: Manufacturer: syz
[  359.261639][   T25] usb 2-1: config 0 descriptor??
[  361.384550][ T6905] usb 4-1: USB disconnect, device number 23
[  361.483945][   T25] rc_core: IR keymap rc-hauppauge not found
[  361.489900][   T25] Registered IR keymap rc-empty
[  361.501973][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  361.539974][ T9550] 9pnet_fd: Insufficient options for proto=fd
[  361.554386][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  361.816649][   T25] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  361.835938][   T25] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7
[  361.861790][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  362.656222][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  362.715040][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  362.749988][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.703537][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.724635][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.744013][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.774006][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.794045][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.814445][   T25] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  363.865525][   T25] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  363.919099][   T25] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  364.242561][   T25] usb 2-1: USB disconnect, device number 28
[  365.289039][ T9598] misc userio: No port type given on /dev/userio
[  366.154313][    T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  367.482147][    T8] usb 6-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  367.498100][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.506388][    T8] usb 6-1: Product: syz
[  367.510580][    T8] usb 6-1: Manufacturer: syz
[  367.524082][    T8] usb 6-1: SerialNumber: syz
[  368.696086][    T8] usb 6-1: config 0 descriptor??
[  368.716539][    T8] go7007 6-1:0.0: probe with driver go7007 failed with error -12
[  368.918941][    T8] usb 6-1: USB disconnect, device number 8
[  369.467096][ T9657] evm: overlay not supported
[  369.473225][ T9653] netlink: 16 bytes leftover after parsing attributes in process `syz.1.854'.
[  369.491366][   T29] audit: type=1804 audit(1730273399.135:37): pid=9649 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.6.856" name="/newroot/41/bus/bus" dev="overlay" ino=248 res=1 errno=0
[  369.493535][ T9653] xt_ipcomp: unknown flags 12
[  370.463802][ T9668] netlink: 28 bytes leftover after parsing attributes in process `syz.3.858'.
[  372.473086][ T9686] netlink: 48 bytes leftover after parsing attributes in process `syz.6.861'.
[  372.910726][ T9703] IPVS: Error connecting to the multicast addr
[  373.938172][ T9721] netlink: 'syz.3.870': attribute type 1 has an invalid length.
[  374.550086][    T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  374.680039][ T9732] FAULT_INJECTION: forcing a failure.
[  374.680039][ T9732] name failslab, interval 1, probability 0, space 0, times 0
[  374.693351][   T25] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  374.810484][ T9732] CPU: 0 UID: 0 PID: 9732 Comm: syz.1.872 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  374.821128][ T9732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  374.831210][ T9732] Call Trace:
[  374.834511][ T9732]  <TASK>
[  374.837463][ T9732]  dump_stack_lvl+0x241/0x360
[  374.842172][ T9732]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.847488][ T9732]  ? __pfx__printk+0x10/0x10
[  374.852114][ T9732]  ? __kmalloc_noprof+0xb0/0x400
[  374.857074][ T9732]  ? __pfx___might_resched+0x10/0x10
[  374.862395][ T9732]  should_fail_ex+0x3b0/0x4e0
[  374.867105][ T9732]  ? sock_kmalloc+0xd7/0x160
[  374.871723][ T9732]  should_failslab+0xac/0x100
[  374.876447][ T9732]  ? sock_kmalloc+0xd7/0x160
[  374.881066][ T9732]  __kmalloc_noprof+0xd8/0x400
[  374.885861][ T9732]  sock_kmalloc+0xd7/0x160
[  374.890301][ T9732]  ____sys_sendmsg+0x216/0x7e0
[  374.895090][ T9732]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.900424][ T9732]  __sys_sendmmsg+0x3ab/0x730
[  374.905133][ T9732]  ? __pfx___sys_sendmmsg+0x10/0x10
[  374.910358][ T9732]  ? __pfx_lock_release+0x10/0x10
[  374.915394][ T9732]  ? kstrtouint_from_user+0x128/0x190
[  374.920781][ T9732]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  374.926674][ T9732]  ? ksys_write+0x229/0x2b0
[  374.931180][ T9732]  ? __pfx_lock_release+0x10/0x10
[  374.936210][ T9732]  ? vfs_write+0x730/0xd30
[  374.940626][ T9732]  ? __mutex_unlock_slowpath+0x21d/0x750
[  374.946260][ T9732]  ? __fget_files+0x3f3/0x470
[  374.950940][ T9732]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  374.956922][ T9732]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  374.963249][ T9732]  ? do_syscall_64+0x100/0x230
[  374.968015][ T9732]  __x64_sys_sendmmsg+0xa0/0xb0
[  374.972868][ T9732]  do_syscall_64+0xf3/0x230
[  374.977368][ T9732]  ? clear_bhb_loop+0x35/0x90
[  374.982047][ T9732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.987939][ T9732] RIP: 0033:0x7f8bbaf7e719
[  374.992354][ T9732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.011959][ T9732] RSP: 002b:00007f8bbbc9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  375.020379][ T9732] RAX: ffffffffffffffda RBX: 00007f8bbb135f80 RCX: 00007f8bbaf7e719
[  375.028347][ T9732] RDX: 0000000000000001 RSI: 000000002000b000 RDI: 0000000000000003
[  375.036314][ T9732] RBP: 00007f8bbbc9f090 R08: 0000000000000000 R09: 0000000000000000
[  375.044278][ T9732] R10: 000000000004c010 R11: 0000000000000246 R12: 0000000000000001
[  375.052253][ T9732] R13: 0000000000000000 R14: 00007f8bbb135f80 R15: 00007ffe0b29b1c8
[  375.060235][ T9732]  </TASK>
[  375.109518][   T25] usb 4-1: Using ep0 maxpacket: 8
[  375.116302][ T9735] netlink: 16 bytes leftover after parsing attributes in process `syz.5.873'.
[  375.150403][   T25] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  375.157416][    T8] usb 7-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  375.167805][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.168797][   T25] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  375.177076][    T8] usb 7-1: Product: syz
[  375.190832][    T8] usb 7-1: Manufacturer: syz
[  375.201137][    T8] usb 7-1: SerialNumber: syz
[  375.208667][ T9735] xt_ipcomp: unknown flags 12
[  375.212029][    T8] usb 7-1: config 0 descriptor??
[  375.227417][    T8] go7007 7-1:0.0: probe with driver go7007 failed with error -12
[  375.413197][   T25] usb 4-1: config 0 has no interface number 0
[  375.419895][   T25] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  375.429079][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.441879][   T25] usb 4-1: config 0 descriptor??
[  375.446499][ T9713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.452689][   T25] iowarrior 4-1:0.1: no interrupt-in endpoint found
[  375.731070][ T9713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.215107][ T9721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.369385][ T9763] netlink: 168 bytes leftover after parsing attributes in process `syz.6.867'.
[  376.376026][ T9721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.601103][ T9771] netlink: 48 bytes leftover after parsing attributes in process `syz.2.877'.
[  376.653452][ T5913] usb 4-1: USB disconnect, device number 24
[  377.434797][ T5913] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  377.575331][ T5913] usb 4-1: device descriptor read/64, error -71
[  377.777010][   T25] usb 7-1: USB disconnect, device number 5
[  377.814011][ T5913] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  377.954051][ T5913] usb 4-1: device descriptor read/64, error -71
[  378.074058][ T5913] usb usb4-port1: attempt power cycle
[  378.796198][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.802513][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  390.625354][ T5880] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  390.947954][ T5880] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  390.997131][ T5880] usb 6-1: config 0 has no interface number 0
[  391.066225][ T5880] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  391.080504][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.094259][ T5880] usb 6-1: Product: syz
[  391.099389][ T5880] usb 6-1: Manufacturer: syz
[  391.122670][ T5880] usb 6-1: SerialNumber: syz
[  391.127504][ T9848] Bluetooth: hci6: command 0x0406 tx timeout
[  391.127590][ T9848] Bluetooth: hci5: command 0x0406 tx timeout
[  391.199163][ T5880] usb 6-1: config 0 descriptor??
[  391.986666][ T9884] ./bus: Can't lookup blockdev
[  392.640523][ T5880] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  393.418336][ T9892] netlink: 48 bytes leftover after parsing attributes in process `syz.2.889'.
[  393.498336][  T968] usb 6-1: USB disconnect, device number 9
[  394.242667][ T9896] devpts: called with bogus options
[  394.664622][   T29] audit: type=1326 audit(1730273424.315:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9914 comm="syz.3.897" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2d0ed7e719 code=0x0
[  396.106399][ T9930] ./bus: Can't lookup blockdev
[  396.734231][  T968] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  396.941002][ T9937] netlink: 16 bytes leftover after parsing attributes in process `syz.3.901'.
[  396.960112][  T968] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  396.972836][  T968] usb 6-1: config 0 has no interface number 0
[  396.995152][  T968] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  397.001973][ T9937] xt_ipcomp: unknown flags 12
[  397.010485][  T968] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.022063][  T968] usb 6-1: Product: syz
[  397.031828][  T968] usb 6-1: Manufacturer: syz
[  397.041913][  T968] usb 6-1: SerialNumber: syz
[  397.058268][  T968] usb 6-1: config 0 descriptor??
[  397.155925][ T9941] netlink: 48 bytes leftover after parsing attributes in process `syz.6.902'.
[  398.231287][  T968] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -110
[  399.294996][ T9959] xt_limit: Overflow, try lower: 4294967295/4294966784
[  399.385878][ T5880] usb 6-1: USB disconnect, device number 10
[  399.664117][   T29] audit: type=1326 audit(1730273429.155:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9969 comm="syz.5.911" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9b6597e719 code=0x0
[  401.319816][ T9994] netlink: 16 bytes leftover after parsing attributes in process `syz.2.915'.
[  401.350335][ T9994] xt_ipcomp: unknown flags 12
[  401.737884][ T9998] xt_limit: Overflow, try lower: 4294967295/4294966784
[  402.393302][ T9997] netlink: 48 bytes leftover after parsing attributes in process `syz.5.916'.
[  402.934170][  T968] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  403.504091][ T5880] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  403.674278][ T5880] usb 7-1: Using ep0 maxpacket: 16
[  403.689228][ T5880] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  404.008625][ T5880] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  404.313499][ T5880] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  404.424859][ T5880] usb 7-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  404.667393][ T5880] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  404.730312][ T5880] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.744806][  T968] usb 2-1: device descriptor read/all, error -71
[  404.862349][ T5880] usb 7-1: Product: syz
[  404.867574][ T5880] usb 7-1: Manufacturer: syz
[  404.872316][ T5880] usb 7-1: SerialNumber: syz
[  405.288330][   T29] audit: type=1326 audit(1730273434.935:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10059 comm="syz.2.926" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c02d7e719 code=0x0
[  406.225671][ T5880] usb 7-1: 2:1 : no or invalid class specific endpoint descriptor
[  406.233513][ T5880] usb 7-1: found format II with max.bitrate = 0, frame size=0
[  406.262026][ T5880] usb 7-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  406.342590][ T5880] usb 7-1: USB disconnect, device number 6
[  407.760318][T10080] xt_limit: Overflow, try lower: 4294967295/4294966784
[  407.842652][   T29] audit: type=1326 audit(1730273437.465:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10086 comm="syz.6.933" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86da17e719 code=0x0
[  408.084953][T10082] netlink: 48 bytes leftover after parsing attributes in process `syz.2.932'.
[  409.374092][  T968] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  409.421848][T10113] x_tables: unsorted entry at hook 1
[  409.666839][  T968] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  409.776956][  T968] usb 6-1: config 0 has no interface number 0
[  410.174622][  T968] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  410.211493][  T968] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.247373][  T968] usb 6-1: Product: syz
[  410.251596][  T968] usb 6-1: Manufacturer: syz
[  410.295073][  T968] usb 6-1: SerialNumber: syz
[  410.357955][  T968] usb 6-1: config 0 descriptor??
[  410.472527][   T29] audit: type=1326 audit(1730273440.065:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10129 comm="syz.2.942" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c02d7e719 code=0x0
[  410.493421][    C1] vkms_vblank_simulate: vblank timer overrun
[  410.679231][  T968] dvb_usb_ec168 6-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  410.742131][  T968] usb 6-1: USB disconnect, device number 11
[  411.156869][T10165] 9pnet_virtio: no channels available for device syz
[  411.434345][ T5834] Bluetooth: hci2: Malformed Event: 0x2f
[  411.657626][T10182] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  411.694062][   T29] audit: type=1326 audit(1730273441.325:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz.6.962" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86da17e719 code=0x0
[  411.735012][T10197] kvm: pic: non byte read
[  411.740073][T10197] kvm: pic: level sensitive irq not supported
[  411.740228][T10197] kvm: pic: non byte read
[  411.752619][T10197] kvm: pic: level sensitive irq not supported
[  411.752685][T10197] kvm: pic: non byte read
[  412.538252][ T5840] Bluetooth: hci0: unexpected event for opcode 0x1004
[  412.747177][ T5840] Bluetooth: hci0: unexpected event for opcode 0x040e
[  412.761244][T10237] netlink: 'syz.2.980': attribute type 11 has an invalid length.
[  412.877297][ T5840] Bluetooth: hci0: unexpected event for opcode 0x2028
[  413.022517][T10252] netlink: 40 bytes leftover after parsing attributes in process `syz.2.987'.
[  413.234089][T10264] netlink: 12 bytes leftover after parsing attributes in process `syz.6.994'.
[  413.312823][ T5840] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  413.398220][T10275] overlayfs: failed to get inode (-116)
[  413.413621][T10275] overlayfs: failed to get inode (-116)
[  413.626112][T10279] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer.
[  413.674567][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  413.914261][ T5840] Bluetooth: hci3: command 0xfc11 tx timeout
[  413.919441][ T5834] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  414.824073][ T5880] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  414.980879][ T5880] usb 7-1: config index 0 descriptor too short (expected 23569, got 27)
[  414.992519][ T5880] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  415.019940][ T5880] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  415.032228][ T5880] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  415.054235][ T5880] usb 7-1: Manufacturer: syz
[  415.061489][ T5880] usb 7-1: config 0 descriptor??
[  415.154835][ T5880] rc_core: IR keymap rc-hauppauge not found
[  415.162619][ T5880] Registered IR keymap rc-empty
[  415.180535][ T5880] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[  415.195059][ T5880] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input9
[  415.307096][ T5880] usb 7-1: USB disconnect, device number 7
[  416.989378][T10443] overlayfs: missing 'lowerdir'
[  417.228139][T10453] kvm: pic: non byte write
[  417.243582][T10460] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  418.473628][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  418.923492][T10536] kvm: pic: non byte write
[  419.259492][T10563] mmap: syz.1.1112 (10563) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  421.853563][T10602] block nbd2: shutting down sockets
[  424.434042][   T25] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  424.586515][   T25] usb 2-1: too many endpoints for config 0 interface 0 altsetting 7: 65, using maximum allowed: 30
[  424.598366][   T25] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.611022][   T25] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.621460][   T25] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  424.666805][   T25] usb 2-1: config 0 interface 0 has no altsetting 0
[  424.673495][   T25] usb 2-1: New USB device found, idVendor=056a, idProduct=00b4, bcdDevice= 0.00
[  424.704065][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.721457][   T25] usb 2-1: config 0 descriptor??
[  424.999359][T10664] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1149'.
[  425.041102][T10662] block nbd5: shutting down sockets
[  425.158810][   T25] wacom 0003:056A:00B4.0006: item fetching failed at offset 0/5
[  425.171928][   T25] wacom 0003:056A:00B4.0006: parse failed
[  425.179568][   T25] wacom 0003:056A:00B4.0006: probe with driver wacom failed with error -22
[  425.233587][T10671] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1153'.
[  425.381991][   T25] usb 2-1: USB disconnect, device number 31
[  425.388505][ T5880] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  425.723983][ T5880] usb 6-1: Using ep0 maxpacket: 16
[  425.733473][ T5880] usb 6-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25
[  425.742752][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.755871][ T5880] usb 6-1: Product: syz
[  425.760178][ T5880] usb 6-1: Manufacturer: syz
[  425.765135][ T5880] usb 6-1: SerialNumber: syz
[  425.811362][ T5880] usb 6-1: config 0 descriptor??
[  426.514206][ T5880] usb 6-1: Found UVC 0.00 device syz (045e:0721)
[  426.520623][ T5880] usb 6-1: No valid video chain found.
[  426.631333][T10701] sock: sock_timestamping_bind_phc: sock not bind to device
[  426.688185][ T5880] usb 6-1: USB disconnect, device number 12
[  426.708932][ T5834] Bluetooth: hci6: SCO packet for unknown connection handle 200
[  426.933326][   T29] audit: type=1400 audit(1730273456.555:44): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=10709 comm="syz.3.1167" dest=4096
[  427.711460][T10740] 9pnet_fd: p9_fd_create_tcp (10740): problem connecting socket to 127.0.0.1
[  428.094207][  T971] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  428.495068][  T971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.507041][  T971] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  428.518773][  T971] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  429.081659][  T971] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  429.090892][  T971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.101848][  T971] usb 4-1: config 0 descriptor??
[  429.106939][ T5881] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  429.264283][T10768] netlink: 'syz.5.1191': attribute type 11 has an invalid length.
[  429.317698][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  429.328974][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  429.363457][ T5881] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  429.398907][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.424811][ T5881] usb 2-1: config 0 descriptor??
[  429.553414][  T971] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  429.752052][  T971] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  430.167002][  T971] usb 4-1: USB disconnect, device number 28
[  430.205274][ T5881] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  430.212730][ T5881] plantronics 0003:047F:FFFF.0008: unknown main item tag 0x0
[  430.262572][ T5881] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  430.304558][ T5881] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  430.415264][  T971] usb 2-1: USB disconnect, device number 32
[  431.752535][T10814] netlink: 'syz.5.1204': attribute type 11 has an invalid length.
[  431.974239][ T5834] Bluetooth: hci1: unexpected event for opcode 0x0c57
[  433.623995][ T5880] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  433.874558][ T5880] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  433.894250][ T5880] usb 3-1: config 0 has no interfaces?
[  433.899775][ T5880] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  433.948564][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.013295][ T5880] usb 3-1: config 0 descriptor??
[  434.249678][ T5880] usb 3-1: USB disconnect, device number 22
[  435.704075][ T5881] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  435.885889][ T5881] usb 7-1: Using ep0 maxpacket: 16
[  435.964338][ T5881] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  435.996463][ T5834] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  436.005752][ T5834] Bluetooth: hci1: Injecting HCI hardware error event
[  436.014776][ T5834] Bluetooth: hci1: hardware error 0x00
[  436.032075][ T5881] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  436.101606][ T5881] usb 7-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  436.142193][ T5881] usb 7-1: New USB device strings: Mfr=252, Product=0, SerialNumber=0
[  436.176427][ T5881] usb 7-1: Manufacturer: syz
[  436.225806][ T5881] usb 7-1: config 0 descriptor??
[  436.242206][ T5881] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  436.963839][ T5880] usb 7-1: USB disconnect, device number 8
[  438.181543][ T5834] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  438.922659][T10997] =======================================================
[  438.922659][T10997] WARNING: The mand mount option has been deprecated and
[  438.922659][T10997]          and is ignored by this kernel. Remove the mand
[  438.922659][T10997]          option from the mount to silence this warning.
[  438.922659][T10997] =======================================================
[  439.261217][T11010] usb usb8: usbfs: process 11010 (syz.3.1267) did not claim interface 1 before use
[  439.562452][   T29] audit: type=1400 audit(1730273469.125:45): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=11004 comm="syz.1.1262" dest=2
[  440.274394][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  440.280756][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  442.534732][ T5913] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  442.552527][T11055] binder: 11054:11055 ioctl c0306201 20000300 returned -22
[  442.694826][ T5913] usb 2-1: Using ep0 maxpacket: 8
[  442.702015][ T5913] usb 2-1: config 0 has no interfaces?
[  442.707770][ T5913] usb 2-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  442.714399][ T5880] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  442.732739][ T5913] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.749984][ T5913] usb 2-1: config 0 descriptor??
[  442.885351][ T5880] usb 4-1: Using ep0 maxpacket: 16
[  442.894762][ T5880] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  442.909295][ T5880] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  442.924153][ T5880] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  442.950787][ T5880] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  442.973930][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.975500][ T5913] usb 2-1: USB disconnect, device number 33
[  443.002511][ T5880] usb 4-1: Product: syz
[  443.011218][ T5880] usb 4-1: Manufacturer: syz
[  443.021336][ T5880] usb 4-1: SerialNumber: syz
[  443.113685][T11083] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1296'.
[  443.251878][ T5880] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  443.288680][T11089] netlink: 'syz.6.1299': attribute type 4 has an invalid length.
[  443.289614][ T5880] usb 4-1: USB disconnect, device number 29
[  444.054757][T11128] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  445.191135][ T5834] Bluetooth: hci2: unexpected event for opcode 0x0c7c
[  446.125507][ T5834] Bluetooth: hci0: unexpected event for opcode 0x1004
[  446.468781][ T5834] Bluetooth: hci5: unexpected event for opcode 0x0c23
[  446.619978][T11217] input: syz0 as /devices/virtual/input/input10
[  447.344962][  T968] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  447.527782][  T968] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  447.538067][  T968] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  447.591944][  T968] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  447.603015][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.628487][  T968] usb 2-1: Product: syz
[  447.648374][  T968] usb 2-1: Manufacturer: syz
[  447.656309][  T968] usb 2-1: SerialNumber: syz
[  447.691688][  T968] usb 2-1: config 0 descriptor??
[  447.706229][T11238] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1363'.
[  447.718076][T11213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  447.734774][T11213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  447.957385][ T5834] Bluetooth: hci2: unexpected event for opcode 0x1004
[  447.986312][T11213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  448.000768][T11213] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  448.434165][T11271] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1377'.
[  448.448070][  T968] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  448.475760][   T35] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  448.577265][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  448.607298][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  448.650041][  T968] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  448.678935][ T5834] Bluetooth: hci5: unexpected event for opcode 0x1004
[  448.717552][  T968] usb 2-1: USB disconnect, device number 34
[  448.785606][T11284] syz_tun: entered promiscuous mode
[  448.791507][T11284] macsec1: entered promiscuous mode
[  448.806448][T11284] macsec1: entered allmulticast mode
[  448.812029][T11284] syz_tun: entered allmulticast mode
[  448.860611][T11284] syz_tun: left allmulticast mode
[  448.872741][T11284] syz_tun: left promiscuous mode
[  449.064718][T11289] netlink: 'syz.2.1384': attribute type 2 has an invalid length.
[  449.208860][T11295] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  449.218227][T11295] overlayfs: failed to set xattr on upper
[  449.224579][T11295] overlayfs: ...falling back to redirect_dir=nofollow.
[  449.232081][T11295] overlayfs: ...falling back to index=off.
[  449.239652][T11295] overlayfs: ...falling back to uuid=null.
[  449.354056][  T971] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  449.391677][T11300] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1389'.
[  449.516389][  T971] usb 6-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4
[  449.526282][  T971] usb 6-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0
[  449.535451][  T971] usb 6-1: Manufacturer: syz
[  449.553551][  T971] usb 6-1: config 0 descriptor??
[  449.999924][  T971] gs_usb 6-1:0.0: Configuring for 1 interfaces
[  450.783490][  T971] usb 6-1: USB disconnect, device number 13
[  450.950853][T11325] Illegal XDP return value 4294967274 on prog  (id 228) dev N/A, expect packet loss!
[  452.361717][ T5834] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  452.361777][ T5834] Bluetooth: hci2: Injecting HCI hardware error event
[  452.363174][ T5834] Bluetooth: hci2: hardware error 0x00
[  452.800648][ T5840] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  452.809442][ T5840] Bluetooth: hci5: Injecting HCI hardware error event
[  452.818398][ T5840] Bluetooth: hci5: hardware error 0x00
[  453.288382][T11364] IPVS: set_ctl: invalid protocol: 0 224.0.0.2:0
[  453.299007][T11364] tipc: Started in network mode
[  453.304656][T11364] tipc: Node identity ac1414aa, cluster identity 4711
[  453.318694][T11364] tipc: Enabled bearer <udp:s>, priority 10
[  454.367909][   T25] tipc: Node number set to 2886997162
[  454.394312][ T5834] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  455.614128][ T5840] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  457.229101][T11398] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1417'.
[  457.673964][ T5840] Bluetooth: hci6: command 0x0406 tx timeout
[  457.674631][T11417] xt_cgroup: invalid path, errno=-2
[  459.686861][T11444] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1432'.
[  461.075895][T11458] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1436'.
[  463.357864][T11479] xt_hashlimit: invalid rate
[  464.755262][   T29] audit: type=1400 audit(1730273494.405:46): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="#!" requested=w pid=11488 comm="syz.5.1447"
[  464.824732][   T25] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  465.111572][   T25] usb 2-1: New USB device found, idVendor=0df6, idProduct=061c, bcdDevice=e4.e6
[  465.161462][T11509] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1451'.
[  465.246143][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.359516][   T25] usb 2-1: Product: syz
[  465.446683][   T25] usb 2-1: Manufacturer: syz
[  465.703950][   T25] usb 2-1: SerialNumber: syz
[  465.814317][   T25] usb 2-1: config 0 descriptor??
[  466.762764][   T25] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  466.774973][   T25] asix 2-1:0.0: probe with driver asix failed with error -71
[  466.788293][   T25] usb 2-1: USB disconnect, device number 35
[  467.094184][ T5880] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  467.714484][ T5880] usb 4-1: Using ep0 maxpacket: 16
[  467.731711][ T5880] usb 4-1: config 8 has an invalid interface number: 206 but max is 0
[  467.749354][ T5880] usb 4-1: config 8 has no interface number 0
[  467.756073][ T5880] usb 4-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[  467.768103][ T5880] usb 4-1: config 8 interface 206 altsetting 1 endpoint 0x87 has invalid maxpacket 33058, setting to 1024
[  467.779734][ T5880] usb 4-1: config 8 interface 206 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  467.793125][ T5880] usb 4-1: config 8 interface 206 has no altsetting 0
[  467.968642][T11527] vlan2: entered promiscuous mode
[  467.973823][T11527] vlan2: entered allmulticast mode
[  467.979331][T11527] syz_tun: entered allmulticast mode
[  467.984779][T11527] syz_tun: entered promiscuous mode
[  467.995960][T11527] team0: Port device vlan2 added
[  468.018080][ T5880] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  468.018292][T11527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1460'.
[  468.027459][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.027489][ T5880] usb 4-1: Product: syz
[  468.027505][ T5880] usb 4-1: Manufacturer: syz
[  468.027520][ T5880] usb 4-1: SerialNumber: syz
[  468.188839][T11527] team0 (unregistering): Port device team_slave_0 removed
[  468.224414][T11527] team0 (unregistering): Port device team_slave_1 removed
[  468.244153][T11527] syz_tun: left allmulticast mode
[  468.249260][T11527] syz_tun: left promiscuous mode
[  468.259529][T11527] team0 (unregistering): Port device vlan2 removed
[  468.467307][ T5880] garmin_gps 4-1:8.206: Garmin GPS usb/tty converter detected
[  468.489036][ T5880] garmin_gps ttyUSB0: garmin_write_bulk - usb_submit_urb(write bulk) failed with status = -8
[  468.514581][ T5880] garmin_gps ttyUSB0: probe with driver garmin_gps failed with error -8
[  469.108379][ T5880] usb 4-1: USB disconnect, device number 30
[  469.187973][ T5880] garmin_gps 4-1:8.206: device disconnected
[  469.215669][T11545] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1465'.
[  469.388183][T11551] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  469.408244][T11551] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  469.420145][T11551] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  469.734285][ T5881] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  469.887395][T11561] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1472'.
[  469.934849][ T5881] usb 2-1: Using ep0 maxpacket: 16
[  469.953523][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  469.969128][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  469.991266][ T5881] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  470.005163][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.042786][ T5881] usb 2-1: config 0 descriptor??
[  471.447859][ T5881] hid (null): unknown global tag 0xd
[  471.457575][ T5834] Bluetooth: hci6: command 0x0406 tx timeout
[  471.744625][ T5881] hid (null): unknown global tag 0xc
[  471.772939][ T5881] usb 2-1: string descriptor 0 read error: -71
[  471.821711][ T5881] usb 2-1: Max retries (5) exceeded reading string descriptor 200
[  471.859269][ T5881] letsketch 0003:6161:4D15.0009: probe with driver letsketch failed with error -32
[  471.886980][ T5881] usb 2-1: USB disconnect, device number 36
[  473.022463][T11590] overlayfs: missing 'lowerdir'
[  473.207857][T11601] ipip0: entered promiscuous mode
[  473.264735][ T6773] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  473.340694][ T6773] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.354181][ T6773] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  474.566296][ T5834] Bluetooth: hci6: command 0x0406 tx timeout
[  476.165110][T11631] overlayfs: missing 'lowerdir'
[  476.268663][ T7350] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  476.314500][T11637] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1498'.
[  476.380511][ T7350] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  476.482235][T11643] xt_hashlimit: invalid rate
[  476.628931][T11645] block nbd6: shutting down sockets
[  476.734457][ T5880] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  476.984956][ T5880] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  477.004003][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  477.190759][ T5880] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  477.238525][ T5880] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  477.285501][ T5880] usb 3-1: Manufacturer: syz
[  477.318135][ T5880] usb 3-1: config 0 descriptor??
[  477.564096][ T5880] rc_core: IR keymap rc-hauppauge not found
[  477.598262][ T5880] Registered IR keymap rc-empty
[  477.630234][ T5880] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  477.692237][ T5880] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input13
[  477.783181][ T5880] usb 3-1: USB disconnect, device number 23
[  478.661816][T11675] overlayfs: missing 'lowerdir'
[  478.677153][   T80] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  479.035185][   T80] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  479.416230][T11692] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(11)
[  479.423260][T11692] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  479.489825][T11692] vhci_hcd vhci_hcd.0: Device attached
[  479.624223][  T971] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  479.654854][ T5880] vhci_hcd: vhci_device speed not set
[  479.725544][ T5880] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  479.734814][ T2996] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  479.775585][ T2996] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.783442][ T2996] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.798719][T11717] overlayfs: missing 'lowerdir'
[  479.813996][  T971] usb 7-1: Using ep0 maxpacket: 8
[  479.839031][  T971] usb 7-1: config 0 has no interfaces?
[  479.846322][  T971] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  479.855541][  T971] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.877248][  T971] usb 7-1: config 0 descriptor??
[  480.123320][T11694] usb 45-1: recv xbuf, 0
[  480.140042][   T80] vhci_hcd: stop threads
[  480.222560][ T5880] vhci_hcd: vhci_device speed not set
[  480.304273][ T5880] usb 45-1: device descriptor read/64, error -71
[  480.421378][   T80] vhci_hcd: release socket
[  480.556377][   T80] vhci_hcd: disconnect device
[  480.709548][ T5880] vhci_hcd: vhci_device speed not set
[  480.969736][   T12] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  481.105268][T11753] overlayfs: missing 'lowerdir'
[  481.159392][   T12] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID
[  482.629047][ T6905] usb 7-1: USB disconnect, device number 9
[  483.482089][T11785] tipc: New replicast peer: 0000:0000:0000:0000:0000:0001:0000:0000
[  483.668380][T11785] tipc: Enabled bearer <udp:syz0>, priority 10
[  483.781701][T11779] kvm: kvm [11777]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0x0
[  483.903610][T11783] block nbd6: shutting down sockets
[  483.965878][T11797] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1554'.
[  484.336550][T11803] xt_hashlimit: invalid rate
[  487.079287][T11830] block nbd5: shutting down sockets
[  487.289844][T11840] BUG: Bad page state in process syz.6.1569  pfn:28305
[  487.297083][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000002 pfn:0x28305
[  487.307247][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  487.314455][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  487.323077][T11840] raw: ffff888000000002 0000000000000001 00000000ffffffff 0000000000000000
[  487.331746][T11840] page dumped because: page_pool leak
[  487.337198][T11840] page_owner tracks the page as allocated
[  487.342931][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269610348, free_ts 482615261453
[  487.360185][T11840]  post_alloc_hook+0x1f3/0x230
[  487.365117][T11840]  get_page_from_freelist+0x3033/0x3180
[  487.370722][T11840]  __alloc_pages_noprof+0x292/0x710
[  487.376051][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  487.381510][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  487.387431][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  487.392629][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  487.398028][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  487.403403][T11840]  bpf_prog_test_run+0x2e4/0x360
[  487.408380][T11840]  __sys_bpf+0x48d/0x810
[  487.412621][T11840]  __x64_sys_bpf+0x7c/0x90
[  487.417050][T11840]  do_syscall_64+0xf3/0x230
[  487.421546][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.427455][T11840] page last free pid 6905 tgid 6905 stack trace:
[  487.433775][T11840]  free_unref_page+0xcd0/0xf00
[  487.438559][T11840]  vfree+0x186/0x2e0
[  487.442442][T11840]  delayed_vfree_work+0x56/0x80
[  487.447306][T11840]  process_scheduled_works+0xa63/0x1850
[  487.452841][T11840]  worker_thread+0x870/0xd30
[  487.457443][T11840]  kthread+0x2f0/0x390
[  487.461500][T11840]  ret_from_fork+0x4b/0x80
[  487.465965][T11840]  ret_from_fork_asm+0x1a/0x30
[  487.470733][T11840] Modules linked in:
[  487.474677][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  487.485427][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  487.495491][T11840] Call Trace:
[  487.498759][T11840]  <TASK>
[  487.501677][T11840]  dump_stack_lvl+0x241/0x360
[  487.506360][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  487.511582][T11840]  ? __pfx_print_modules+0x10/0x10
[  487.516692][T11840]  bad_page+0x166/0x1b0
[  487.520836][T11840]  free_unref_page+0xe9c/0xf00
[  487.525596][T11840]  skb_release_data+0x6dc/0x8a0
[  487.530449][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  487.535467][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  487.541352][T11840]  ? mark_lock+0x9a/0x360
[  487.545671][T11840]  ? __lock_acquire+0x1384/0x2050
[  487.550715][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  487.556785][T11840]  ? mark_lock+0x9a/0x360
[  487.561102][T11840]  ? __lock_acquire+0x1384/0x2050
[  487.566126][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  487.572105][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  487.578685][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  487.585177][T11840]  ? read_tsc+0x9/0x20
[  487.589241][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  487.594437][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  487.600756][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  487.606911][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  487.613241][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  487.619994][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  487.625226][T11840]  ? __phys_addr+0xba/0x170
[  487.629718][T11840]  ? build_skb_around+0x111/0x260
[  487.634730][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  487.640609][T11840]  netif_receive_skb_list+0x55/0x4b0
[  487.645889][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  487.651339][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  487.657229][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  487.662787][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  487.668578][T11840]  ? synchronize_rcu+0x11b/0x360
[  487.673507][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  487.678796][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  487.685038][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  487.690926][T11840]  ? _copy_from_user+0xab/0xe0
[  487.695681][T11840]  ? bpf_test_init+0x15a/0x180
[  487.700433][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  487.705879][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  487.711278][T11840]  ? __pfx_lock_release+0x10/0x10
[  487.716302][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  487.722111][T11840]  ? __fget_files+0x29/0x470
[  487.726704][T11840]  ? fput+0x1a8/0x230
[  487.730673][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  487.736466][T11840]  bpf_prog_test_run+0x2e4/0x360
[  487.741394][T11840]  __sys_bpf+0x48d/0x810
[  487.745629][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  487.750389][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  487.756365][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  487.762685][T11840]  ? do_syscall_64+0x100/0x230
[  487.767440][T11840]  __x64_sys_bpf+0x7c/0x90
[  487.771850][T11840]  do_syscall_64+0xf3/0x230
[  487.776349][T11840]  ? clear_bhb_loop+0x35/0x90
[  487.781012][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.786896][T11840] RIP: 0033:0x7f86da17e719
[  487.791300][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.810926][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  487.819334][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  487.827294][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  487.835253][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  487.843206][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  487.851163][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  487.859140][T11840]  </TASK>
[  487.862209][T11840] Disabling lock debugging due to kernel taint
[  487.868389][T11840] BUG: Bad page state in process syz.6.1569  pfn:33e1d
[  487.875230][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888033e1ddc0 pfn:0x33e1d
[  487.885293][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  487.892417][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  487.901000][T11840] raw: ffff888033e1ddc0 0000000000000001 00000000ffffffff 0000000000000000
[  487.909581][T11840] page dumped because: page_pool leak
[  487.914959][T11840] page_owner tracks the page as allocated
[  487.920657][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269599641, free_ts 482615299866
[  487.937849][T11840]  post_alloc_hook+0x1f3/0x230
[  487.942599][T11840]  get_page_from_freelist+0x3033/0x3180
[  487.948147][T11840]  __alloc_pages_noprof+0x292/0x710
[  487.953358][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  487.958817][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  487.964714][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  487.969906][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  487.975281][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  487.980635][T11840]  bpf_prog_test_run+0x2e4/0x360
[  487.985576][T11840]  __sys_bpf+0x48d/0x810
[  487.989804][T11840]  __x64_sys_bpf+0x7c/0x90
[  487.994216][T11840]  do_syscall_64+0xf3/0x230
[  487.998722][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.004610][T11840] page last free pid 6905 tgid 6905 stack trace:
[  488.010917][T11840]  free_unref_page+0xcd0/0xf00
[  488.015684][T11840]  vfree+0x186/0x2e0
[  488.019563][T11840]  delayed_vfree_work+0x56/0x80
[  488.024419][T11840]  process_scheduled_works+0xa63/0x1850
[  488.029952][T11840]  worker_thread+0x870/0xd30
[  488.034564][T11840]  kthread+0x2f0/0x390
[  488.038614][T11840]  ret_from_fork+0x4b/0x80
[  488.043010][T11840]  ret_from_fork_asm+0x1a/0x30
[  488.047777][T11840] Modules linked in:
[  488.051662][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  488.063889][T11840] Tainted: [B]=BAD_PAGE
[  488.068030][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  488.078071][T11840] Call Trace:
[  488.081333][T11840]  <TASK>
[  488.084249][T11840]  dump_stack_lvl+0x241/0x360
[  488.088936][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.094121][T11840]  ? __pfx_print_modules+0x10/0x10
[  488.099223][T11840]  bad_page+0x166/0x1b0
[  488.103360][T11840]  free_unref_page+0xe9c/0xf00
[  488.108110][T11840]  skb_release_data+0x6dc/0x8a0
[  488.112954][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  488.117966][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  488.123672][T11840]  ? mark_lock+0x9a/0x360
[  488.127984][T11840]  ? __lock_acquire+0x1384/0x2050
[  488.133017][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  488.139073][T11840]  ? mark_lock+0x9a/0x360
[  488.143382][T11840]  ? __lock_acquire+0x1384/0x2050
[  488.148398][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  488.154367][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  488.160934][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  488.167421][T11840]  ? read_tsc+0x9/0x20
[  488.171474][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  488.176659][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  488.182971][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  488.189108][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  488.195423][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  488.202081][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  488.207268][T11840]  ? __phys_addr+0xba/0x170
[  488.211750][T11840]  ? build_skb_around+0x111/0x260
[  488.216758][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  488.222638][T11840]  netif_receive_skb_list+0x55/0x4b0
[  488.227914][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  488.233356][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  488.239237][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  488.244768][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  488.250574][T11840]  ? synchronize_rcu+0x11b/0x360
[  488.255493][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  488.260766][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  488.267020][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  488.272899][T11840]  ? _copy_from_user+0xab/0xe0
[  488.277658][T11840]  ? bpf_test_init+0x15a/0x180
[  488.282402][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  488.287848][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  488.293203][T11840]  ? __pfx_lock_release+0x10/0x10
[  488.298215][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  488.304007][T11840]  ? __fget_files+0x29/0x470
[  488.308585][T11840]  ? fput+0x1a8/0x230
[  488.312545][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  488.318352][T11840]  bpf_prog_test_run+0x2e4/0x360
[  488.323280][T11840]  __sys_bpf+0x48d/0x810
[  488.327510][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  488.332265][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  488.338252][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  488.344568][T11840]  ? do_syscall_64+0x100/0x230
[  488.349319][T11840]  __x64_sys_bpf+0x7c/0x90
[  488.353719][T11840]  do_syscall_64+0xf3/0x230
[  488.358207][T11840]  ? clear_bhb_loop+0x35/0x90
[  488.362867][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.368943][T11840] RIP: 0033:0x7f86da17e719
[  488.373347][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.392969][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  488.401391][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  488.409353][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  488.417338][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  488.425316][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  488.433287][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  488.441254][T11840]  </TASK>
[  488.444333][T11840] BUG: Bad page state in process syz.6.1569  pfn:57224
[  488.451169][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x6b pfn:0x57224
[  488.460048][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  488.467208][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  488.475793][T11840] raw: 000000000000006b 0000000000000001 00000000ffffffff 0000000000000000
[  488.484377][T11840] page dumped because: page_pool leak
[  488.489730][T11840] page_owner tracks the page as allocated
[  488.495451][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269589618, free_ts 482615308518
[  488.512763][T11840]  post_alloc_hook+0x1f3/0x230
[  488.517540][T11840]  get_page_from_freelist+0x3033/0x3180
[  488.523102][T11840]  __alloc_pages_noprof+0x292/0x710
[  488.528311][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  488.533758][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  488.539650][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  488.544847][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  488.550203][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  488.555577][T11840]  bpf_prog_test_run+0x2e4/0x360
[  488.560500][T11840]  __sys_bpf+0x48d/0x810
[  488.564740][T11840]  __x64_sys_bpf+0x7c/0x90
[  488.569139][T11840]  do_syscall_64+0xf3/0x230
[  488.573624][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.579513][T11840] page last free pid 6905 tgid 6905 stack trace:
[  488.585835][T11840]  free_unref_page+0xcd0/0xf00
[  488.590623][T11840]  vfree+0x186/0x2e0
[  488.594516][T11840]  delayed_vfree_work+0x56/0x80
[  488.599361][T11840]  process_scheduled_works+0xa63/0x1850
[  488.604908][T11840]  worker_thread+0x870/0xd30
[  488.609489][T11840]  kthread+0x2f0/0x390
[  488.613539][T11840]  ret_from_fork+0x4b/0x80
[  488.617969][T11840]  ret_from_fork_asm+0x1a/0x30
[  488.622726][T11840] Modules linked in:
[  488.626632][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  488.638859][T11840] Tainted: [B]=BAD_PAGE
[  488.643009][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  488.653048][T11840] Call Trace:
[  488.656322][T11840]  <TASK>
[  488.659238][T11840]  dump_stack_lvl+0x241/0x360
[  488.663911][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.669105][T11840]  ? __pfx_print_modules+0x10/0x10
[  488.674206][T11840]  bad_page+0x166/0x1b0
[  488.678356][T11840]  free_unref_page+0xe9c/0xf00
[  488.683104][T11840]  skb_release_data+0x6dc/0x8a0
[  488.687946][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  488.692966][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  488.698692][T11840]  ? mark_lock+0x9a/0x360
[  488.703008][T11840]  ? __lock_acquire+0x1384/0x2050
[  488.708025][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  488.714092][T11840]  ? mark_lock+0x9a/0x360
[  488.718481][T11840]  ? __lock_acquire+0x1384/0x2050
[  488.723533][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  488.729531][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  488.736119][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  488.742611][T11840]  ? read_tsc+0x9/0x20
[  488.746668][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  488.751852][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  488.758170][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  488.764337][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  488.770654][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  488.777331][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  488.782517][T11840]  ? __phys_addr+0xba/0x170
[  488.787022][T11840]  ? build_skb_around+0x111/0x260
[  488.792029][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  488.797905][T11840]  netif_receive_skb_list+0x55/0x4b0
[  488.803179][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  488.808624][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  488.814504][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  488.820041][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  488.825916][T11840]  ? synchronize_rcu+0x11b/0x360
[  488.830839][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  488.836114][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  488.842340][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  488.848217][T11840]  ? _copy_from_user+0xab/0xe0
[  488.852963][T11840]  ? bpf_test_init+0x15a/0x180
[  488.857705][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  488.863145][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  488.868514][T11840]  ? __pfx_lock_release+0x10/0x10
[  488.873532][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  488.879323][T11840]  ? __fget_files+0x29/0x470
[  488.883910][T11840]  ? fput+0x1a8/0x230
[  488.887888][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  488.894376][T11840]  bpf_prog_test_run+0x2e4/0x360
[  488.899298][T11840]  __sys_bpf+0x48d/0x810
[  488.903578][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  488.908331][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  488.914304][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  488.920634][T11840]  ? do_syscall_64+0x100/0x230
[  488.925382][T11840]  __x64_sys_bpf+0x7c/0x90
[  488.929782][T11840]  do_syscall_64+0xf3/0x230
[  488.934266][T11840]  ? clear_bhb_loop+0x35/0x90
[  488.938932][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.944809][T11840] RIP: 0033:0x7f86da17e719
[  488.949209][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.968799][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  488.977197][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  488.985153][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  488.993105][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  489.001083][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  489.009080][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  489.017044][T11840]  </TASK>
[  489.020121][T11840] BUG: Bad page state in process syz.6.1569  pfn:27322
[  489.026967][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888027322d90 pfn:0x27322
[  489.037025][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  489.044143][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  489.052707][T11840] raw: ffff888027322d90 0000000000000001 00000000ffffffff 0000000000000000
[  489.061374][T11840] page dumped because: page_pool leak
[  489.066740][T11840] page_owner tracks the page as allocated
[  489.072431][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269578352, free_ts 482615317053
[  489.089635][T11840]  post_alloc_hook+0x1f3/0x230
[  489.094402][T11840]  get_page_from_freelist+0x3033/0x3180
[  489.099929][T11840]  __alloc_pages_noprof+0x292/0x710
[  489.105122][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  489.110563][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  489.116455][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  489.121632][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  489.127003][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  489.132360][T11840]  bpf_prog_test_run+0x2e4/0x360
[  489.137298][T11840]  __sys_bpf+0x48d/0x810
[  489.141528][T11840]  __x64_sys_bpf+0x7c/0x90
[  489.145966][T11840]  do_syscall_64+0xf3/0x230
[  489.150539][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.156426][T11840] page last free pid 6905 tgid 6905 stack trace:
[  489.162730][T11840]  free_unref_page+0xcd0/0xf00
[  489.167497][T11840]  vfree+0x186/0x2e0
[  489.171374][T11840]  delayed_vfree_work+0x56/0x80
[  489.176220][T11840]  process_scheduled_works+0xa63/0x1850
[  489.181747][T11840]  worker_thread+0x870/0xd30
[  489.186345][T11840]  kthread+0x2f0/0x390
[  489.190409][T11840]  ret_from_fork+0x4b/0x80
[  489.194832][T11840]  ret_from_fork_asm+0x1a/0x30
[  489.199581][T11840] Modules linked in:
[  489.203457][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  489.215685][T11840] Tainted: [B]=BAD_PAGE
[  489.219820][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  489.229863][T11840] Call Trace:
[  489.233130][T11840]  <TASK>
[  489.236085][T11840]  dump_stack_lvl+0x241/0x360
[  489.240755][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  489.245945][T11840]  ? __pfx_print_modules+0x10/0x10
[  489.251075][T11840]  bad_page+0x166/0x1b0
[  489.255217][T11840]  free_unref_page+0xe9c/0xf00
[  489.259974][T11840]  skb_release_data+0x6dc/0x8a0
[  489.264822][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  489.269836][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  489.275554][T11840]  ? mark_lock+0x9a/0x360
[  489.279899][T11840]  ? __lock_acquire+0x1384/0x2050
[  489.284930][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  489.291163][T11840]  ? mark_lock+0x9a/0x360
[  489.295474][T11840]  ? __lock_acquire+0x1384/0x2050
[  489.300488][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  489.306484][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  489.313056][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  489.319540][T11840]  ? read_tsc+0x9/0x20
[  489.323591][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  489.328786][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  489.335097][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  489.341234][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  489.347545][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  489.354223][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  489.359408][T11840]  ? __phys_addr+0xba/0x170
[  489.363936][T11840]  ? build_skb_around+0x111/0x260
[  489.368968][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  489.374855][T11840]  netif_receive_skb_list+0x55/0x4b0
[  489.380133][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  489.385582][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  489.391616][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  489.397170][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  489.402965][T11840]  ? synchronize_rcu+0x11b/0x360
[  489.407899][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  489.413192][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  489.419437][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  489.425342][T11840]  ? _copy_from_user+0xab/0xe0
[  489.430101][T11840]  ? bpf_test_init+0x15a/0x180
[  489.434847][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  489.440288][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  489.445646][T11840]  ? __pfx_lock_release+0x10/0x10
[  489.450660][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  489.456452][T11840]  ? __fget_files+0x29/0x470
[  489.461402][T11840]  ? fput+0x1a8/0x230
[  489.465383][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  489.471185][T11840]  bpf_prog_test_run+0x2e4/0x360
[  489.476142][T11840]  __sys_bpf+0x48d/0x810
[  489.480378][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  489.485148][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  489.491139][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  489.497464][T11840]  ? do_syscall_64+0x100/0x230
[  489.502220][T11840]  __x64_sys_bpf+0x7c/0x90
[  489.506628][T11840]  do_syscall_64+0xf3/0x230
[  489.511121][T11840]  ? clear_bhb_loop+0x35/0x90
[  489.515784][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.521656][T11840] RIP: 0033:0x7f86da17e719
[  489.526054][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.545648][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  489.554076][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  489.562032][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  489.569987][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  489.577953][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  489.585906][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  489.593862][T11840]  </TASK>
[  489.596925][T11840] BUG: Bad page state in process syz.6.1569  pfn:1e756
[  489.603747][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88801e756780 pfn:0x1e756
[  489.613814][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  489.620970][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  489.629572][T11840] raw: ffff88801e756780 0000000000000001 00000000ffffffff 0000000000000000
[  489.638164][T11840] page dumped because: page_pool leak
[  489.643514][T11840] page_owner tracks the page as allocated
[  489.649231][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269566920, free_ts 482615325759
[  489.666436][T11840]  post_alloc_hook+0x1f3/0x230
[  489.671195][T11840]  get_page_from_freelist+0x3033/0x3180
[  489.676741][T11840]  __alloc_pages_noprof+0x292/0x710
[  489.681925][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  489.687383][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  489.693277][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  489.698492][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  489.703895][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  489.709267][T11840]  bpf_prog_test_run+0x2e4/0x360
[  489.714210][T11840]  __sys_bpf+0x48d/0x810
[  489.718458][T11840]  __x64_sys_bpf+0x7c/0x90
[  489.722854][T11840]  do_syscall_64+0xf3/0x230
[  489.727363][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  489.733246][T11840] page last free pid 6905 tgid 6905 stack trace:
[  489.739590][T11840]  free_unref_page+0xcd0/0xf00
[  489.744360][T11840]  vfree+0x186/0x2e0
[  489.748243][T11840]  delayed_vfree_work+0x56/0x80
[  489.753079][T11840]  process_scheduled_works+0xa63/0x1850
[  489.758636][T11840]  worker_thread+0x870/0xd30
[  489.763212][T11840]  kthread+0x2f0/0x390
[  489.767301][T11840]  ret_from_fork+0x4b/0x80
[  489.771705][T11840]  ret_from_fork_asm+0x1a/0x30
[  489.776470][T11840] Modules linked in:
[  489.780347][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  489.792564][T11840] Tainted: [B]=BAD_PAGE
[  489.796693][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  489.806728][T11840] Call Trace:
[  489.810100][T11840]  <TASK>
[  489.813014][T11840]  dump_stack_lvl+0x241/0x360
[  489.817697][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  489.822881][T11840]  ? __pfx_print_modules+0x10/0x10
[  489.828002][T11840]  bad_page+0x166/0x1b0
[  489.832144][T11840]  free_unref_page+0xe9c/0xf00
[  489.836898][T11840]  skb_release_data+0x6dc/0x8a0
[  489.841765][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  489.846798][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  489.852515][T11840]  ? mark_lock+0x9a/0x360
[  489.856827][T11840]  ? __lock_acquire+0x1384/0x2050
[  489.861846][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  489.867909][T11840]  ? mark_lock+0x9a/0x360
[  489.872221][T11840]  ? __lock_acquire+0x1384/0x2050
[  489.877243][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  489.883213][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  489.889790][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  489.896277][T11840]  ? read_tsc+0x9/0x20
[  489.900329][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  489.905514][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  489.911829][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  489.917970][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  489.924282][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  489.930939][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  489.936120][T11840]  ? __phys_addr+0xba/0x170
[  489.940623][T11840]  ? build_skb_around+0x111/0x260
[  489.945635][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  489.951508][T11840]  netif_receive_skb_list+0x55/0x4b0
[  489.956777][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  489.962232][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  489.968116][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  489.973644][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  489.979433][T11840]  ? synchronize_rcu+0x11b/0x360
[  489.984356][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  489.989628][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  489.995855][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  490.001734][T11840]  ? _copy_from_user+0xab/0xe0
[  490.006487][T11840]  ? bpf_test_init+0x15a/0x180
[  490.011240][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  490.016684][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  490.022039][T11840]  ? __pfx_lock_release+0x10/0x10
[  490.027053][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  490.032842][T11840]  ? __fget_files+0x29/0x470
[  490.037425][T11840]  ? fput+0x1a8/0x230
[  490.041390][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  490.047191][T11840]  bpf_prog_test_run+0x2e4/0x360
[  490.052123][T11840]  __sys_bpf+0x48d/0x810
[  490.056357][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  490.061112][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  490.067099][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  490.073431][T11840]  ? do_syscall_64+0x100/0x230
[  490.078194][T11840]  __x64_sys_bpf+0x7c/0x90
[  490.082596][T11840]  do_syscall_64+0xf3/0x230
[  490.087090][T11840]  ? clear_bhb_loop+0x35/0x90
[  490.091776][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.097660][T11840] RIP: 0033:0x7f86da17e719
[  490.102062][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.121656][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  490.130060][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  490.138039][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  490.145996][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  490.153967][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  490.161933][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  490.169921][T11840]  </TASK>
[  490.172998][T11840] BUG: Bad page state in process syz.6.1569  pfn:25116
[  490.179875][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888025116000 pfn:0x25116
[  490.189952][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  490.197076][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  490.205668][T11840] raw: ffff888025116000 0000000000000001 00000000ffffffff 0000000000000000
[  490.214258][T11840] page dumped because: page_pool leak
[  490.219614][T11840] page_owner tracks the page as allocated
[  490.225333][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269518942, free_ts 482615334384
[  490.242627][T11840]  post_alloc_hook+0x1f3/0x230
[  490.247401][T11840]  get_page_from_freelist+0x3033/0x3180
[  490.252934][T11840]  __alloc_pages_noprof+0x292/0x710
[  490.258135][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  490.263581][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  490.269502][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  490.274708][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  490.280071][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  490.285454][T11840]  bpf_prog_test_run+0x2e4/0x360
[  490.290396][T11840]  __sys_bpf+0x48d/0x810
[  490.294703][T11840]  __x64_sys_bpf+0x7c/0x90
[  490.299107][T11840]  do_syscall_64+0xf3/0x230
[  490.303594][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.309503][T11840] page last free pid 6905 tgid 6905 stack trace:
[  490.315829][T11840]  free_unref_page+0xcd0/0xf00
[  490.320582][T11840]  vfree+0x186/0x2e0
[  490.324484][T11840]  delayed_vfree_work+0x56/0x80
[  490.329328][T11840]  process_scheduled_works+0xa63/0x1850
[  490.334873][T11840]  worker_thread+0x870/0xd30
[  490.339446][T11840]  kthread+0x2f0/0x390
[  490.343490][T11840]  ret_from_fork+0x4b/0x80
[  490.347955][T11840]  ret_from_fork_asm+0x1a/0x30
[  490.352744][T11840] Modules linked in:
[  490.356689][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  490.368956][T11840] Tainted: [B]=BAD_PAGE
[  490.373174][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  490.383226][T11840] Call Trace:
[  490.386493][T11840]  <TASK>
[  490.389411][T11840]  dump_stack_lvl+0x241/0x360
[  490.394098][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  490.399285][T11840]  ? __pfx_print_modules+0x10/0x10
[  490.404471][T11840]  bad_page+0x166/0x1b0
[  490.408612][T11840]  free_unref_page+0xe9c/0xf00
[  490.413361][T11840]  skb_release_data+0x6dc/0x8a0
[  490.418202][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  490.423212][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  490.428919][T11840]  ? mark_lock+0x9a/0x360
[  490.433234][T11840]  ? __lock_acquire+0x1384/0x2050
[  490.438268][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  490.444321][T11840]  ? mark_lock+0x9a/0x360
[  490.448633][T11840]  ? __lock_acquire+0x1384/0x2050
[  490.453657][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  490.459628][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  490.466201][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  490.472690][T11840]  ? read_tsc+0x9/0x20
[  490.476747][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  490.481956][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  490.488269][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  490.494410][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  490.500724][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  490.507379][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  490.512560][T11840]  ? __phys_addr+0xba/0x170
[  490.517045][T11840]  ? build_skb_around+0x111/0x260
[  490.522051][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  490.527947][T11840]  netif_receive_skb_list+0x55/0x4b0
[  490.533217][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  490.538660][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  490.544624][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  490.550151][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  490.555946][T11840]  ? synchronize_rcu+0x11b/0x360
[  490.560871][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  490.566143][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  490.572368][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  490.578249][T11840]  ? _copy_from_user+0xab/0xe0
[  490.583004][T11840]  ? bpf_test_init+0x15a/0x180
[  490.587749][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  490.593192][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  490.598547][T11840]  ? __pfx_lock_release+0x10/0x10
[  490.603558][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  490.609345][T11840]  ? __fget_files+0x29/0x470
[  490.613939][T11840]  ? fput+0x1a8/0x230
[  490.617944][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  490.623729][T11840]  bpf_prog_test_run+0x2e4/0x360
[  490.628653][T11840]  __sys_bpf+0x48d/0x810
[  490.632876][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  490.637641][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  490.643606][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  490.649925][T11840]  ? do_syscall_64+0x100/0x230
[  490.654676][T11840]  __x64_sys_bpf+0x7c/0x90
[  490.659075][T11840]  do_syscall_64+0xf3/0x230
[  490.663568][T11840]  ? clear_bhb_loop+0x35/0x90
[  490.668231][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.674105][T11840] RIP: 0033:0x7f86da17e719
[  490.678764][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.698355][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  490.706754][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  490.714708][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  490.722657][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  490.730611][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  490.738564][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  490.746526][T11840]  </TASK>
[  490.749587][T11840] BUG: Bad page state in process syz.6.1569  pfn:7060f
[  490.756430][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807060fc98 pfn:0x7060f
[  490.766485][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  490.773576][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  490.782164][T11840] raw: ffff88807060fc98 0000000000000001 00000000ffffffff 0000000000000000
[  490.790739][T11840] page dumped because: page_pool leak
[  490.796108][T11840] page_owner tracks the page as allocated
[  490.801927][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269506992, free_ts 482615343002
[  490.819122][T11840]  post_alloc_hook+0x1f3/0x230
[  490.823901][T11840]  get_page_from_freelist+0x3033/0x3180
[  490.829448][T11840]  __alloc_pages_noprof+0x292/0x710
[  490.834643][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  490.840082][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  490.845973][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  490.851148][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  490.856510][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  490.861862][T11840]  bpf_prog_test_run+0x2e4/0x360
[  490.866808][T11840]  __sys_bpf+0x48d/0x810
[  490.871031][T11840]  __x64_sys_bpf+0x7c/0x90
[  490.875457][T11840]  do_syscall_64+0xf3/0x230
[  490.879943][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.885838][T11840] page last free pid 6905 tgid 6905 stack trace:
[  490.892141][T11840]  free_unref_page+0xcd0/0xf00
[  490.896907][T11840]  vfree+0x186/0x2e0
[  490.900780][T11840]  delayed_vfree_work+0x56/0x80
[  490.905624][T11840]  process_scheduled_works+0xa63/0x1850
[  490.911152][T11840]  worker_thread+0x870/0xd30
[  490.915740][T11840]  kthread+0x2f0/0x390
[  490.919789][T11840]  ret_from_fork+0x4b/0x80
[  490.924212][T11840]  ret_from_fork_asm+0x1a/0x30
[  490.928963][T11840] Modules linked in:
[  490.932836][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  490.945047][T11840] Tainted: [B]=BAD_PAGE
[  490.949172][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  490.959203][T11840] Call Trace:
[  490.962462][T11840]  <TASK>
[  490.965467][T11840]  dump_stack_lvl+0x241/0x360
[  490.970128][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  490.975399][T11840]  ? __pfx_print_modules+0x10/0x10
[  490.980506][T11840]  bad_page+0x166/0x1b0
[  490.984645][T11840]  free_unref_page+0xe9c/0xf00
[  490.989394][T11840]  skb_release_data+0x6dc/0x8a0
[  490.994229][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  490.999235][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  491.004940][T11840]  ? mark_lock+0x9a/0x360
[  491.009252][T11840]  ? __lock_acquire+0x1384/0x2050
[  491.014264][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  491.020315][T11840]  ? mark_lock+0x9a/0x360
[  491.024622][T11840]  ? __lock_acquire+0x1384/0x2050
[  491.029634][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  491.035598][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  491.042169][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  491.048657][T11840]  ? read_tsc+0x9/0x20
[  491.052710][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  491.057896][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  491.064208][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  491.070432][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  491.076755][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  491.083411][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  491.088622][T11840]  ? __phys_addr+0xba/0x170
[  491.093107][T11840]  ? build_skb_around+0x111/0x260
[  491.098112][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  491.103987][T11840]  netif_receive_skb_list+0x55/0x4b0
[  491.109258][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  491.114697][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  491.120574][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  491.126118][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  491.131909][T11840]  ? synchronize_rcu+0x11b/0x360
[  491.136829][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  491.142102][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  491.148329][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  491.154206][T11840]  ? _copy_from_user+0xab/0xe0
[  491.158953][T11840]  ? bpf_test_init+0x15a/0x180
[  491.163694][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  491.169148][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  491.174502][T11840]  ? __pfx_lock_release+0x10/0x10
[  491.179509][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  491.185293][T11840]  ? __fget_files+0x29/0x470
[  491.189888][T11840]  ? fput+0x1a8/0x230
[  491.193866][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  491.199671][T11840]  bpf_prog_test_run+0x2e4/0x360
[  491.204598][T11840]  __sys_bpf+0x48d/0x810
[  491.208841][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  491.213617][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  491.219595][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  491.225918][T11840]  ? do_syscall_64+0x100/0x230
[  491.230671][T11840]  __x64_sys_bpf+0x7c/0x90
[  491.235076][T11840]  do_syscall_64+0xf3/0x230
[  491.239583][T11840]  ? clear_bhb_loop+0x35/0x90
[  491.244244][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.250119][T11840] RIP: 0033:0x7f86da17e719
[  491.254517][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.274108][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  491.282532][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  491.290495][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  491.298459][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  491.306418][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.314377][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  491.322339][T11840]  </TASK>
[  491.325426][T11840] BUG: Bad page state in process syz.6.1569  pfn:6157f
[  491.332270][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806157ffc0 pfn:0x6157f
[  491.342360][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  491.349482][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  491.358088][T11840] raw: ffff88806157ffc0 0000000000000001 00000000ffffffff 0000000000000000
[  491.366772][T11840] page dumped because: page_pool leak
[  491.372127][T11840] page_owner tracks the page as allocated
[  491.377863][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269495223, free_ts 482615351610
[  491.395063][T11840]  post_alloc_hook+0x1f3/0x230
[  491.399842][T11840]  get_page_from_freelist+0x3033/0x3180
[  491.405391][T11840]  __alloc_pages_noprof+0x292/0x710
[  491.410581][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  491.416102][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  491.421980][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  491.427173][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  491.432526][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  491.437898][T11840]  bpf_prog_test_run+0x2e4/0x360
[  491.442818][T11840]  __sys_bpf+0x48d/0x810
[  491.447079][T11840]  __x64_sys_bpf+0x7c/0x90
[  491.451475][T11840]  do_syscall_64+0xf3/0x230
[  491.455979][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.461856][T11840] page last free pid 6905 tgid 6905 stack trace:
[  491.468172][T11840]  free_unref_page+0xcd0/0xf00
[  491.472919][T11840]  vfree+0x186/0x2e0
[  491.476809][T11840]  delayed_vfree_work+0x56/0x80
[  491.481642][T11840]  process_scheduled_works+0xa63/0x1850
[  491.487182][T11840]  worker_thread+0x870/0xd30
[  491.491756][T11840]  kthread+0x2f0/0x390
[  491.495833][T11840]  ret_from_fork+0x4b/0x80
[  491.500251][T11840]  ret_from_fork_asm+0x1a/0x30
[  491.505042][T11840] Modules linked in:
[  491.508930][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  491.521162][T11840] Tainted: [B]=BAD_PAGE
[  491.525293][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  491.535335][T11840] Call Trace:
[  491.538598][T11840]  <TASK>
[  491.541514][T11840]  dump_stack_lvl+0x241/0x360
[  491.546182][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.551455][T11840]  ? __pfx_print_modules+0x10/0x10
[  491.556558][T11840]  bad_page+0x166/0x1b0
[  491.560700][T11840]  free_unref_page+0xe9c/0xf00
[  491.565448][T11840]  skb_release_data+0x6dc/0x8a0
[  491.570289][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  491.575297][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  491.581020][T11840]  ? mark_lock+0x9a/0x360
[  491.585349][T11840]  ? __lock_acquire+0x1384/0x2050
[  491.590387][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  491.596446][T11840]  ? mark_lock+0x9a/0x360
[  491.600767][T11840]  ? __lock_acquire+0x1384/0x2050
[  491.605796][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  491.611770][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  491.618446][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  491.624942][T11840]  ? read_tsc+0x9/0x20
[  491.629001][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  491.634186][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  491.640507][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  491.646663][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  491.652974][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  491.659635][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  491.664847][T11840]  ? __phys_addr+0xba/0x170
[  491.669382][T11840]  ? build_skb_around+0x111/0x260
[  491.674394][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  491.680291][T11840]  netif_receive_skb_list+0x55/0x4b0
[  491.685570][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  491.691162][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  491.697045][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  491.702582][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  491.708377][T11840]  ? synchronize_rcu+0x11b/0x360
[  491.713295][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  491.718579][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  491.724822][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  491.730708][T11840]  ? _copy_from_user+0xab/0xe0
[  491.735465][T11840]  ? bpf_test_init+0x15a/0x180
[  491.740204][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  491.745646][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  491.751001][T11840]  ? __pfx_lock_release+0x10/0x10
[  491.756012][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  491.761821][T11840]  ? __fget_files+0x29/0x470
[  491.766397][T11840]  ? fput+0x1a8/0x230
[  491.770358][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  491.776146][T11840]  bpf_prog_test_run+0x2e4/0x360
[  491.781073][T11840]  __sys_bpf+0x48d/0x810
[  491.785297][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  491.790044][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  491.796011][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  491.802326][T11840]  ? do_syscall_64+0x100/0x230
[  491.807085][T11840]  __x64_sys_bpf+0x7c/0x90
[  491.811490][T11840]  do_syscall_64+0xf3/0x230
[  491.815976][T11840]  ? clear_bhb_loop+0x35/0x90
[  491.820634][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.826506][T11840] RIP: 0033:0x7f86da17e719
[  491.830919][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.850508][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  491.858904][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  491.866857][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  491.874806][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  491.882763][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.890717][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  491.898674][T11840]  </TASK>
[  491.901751][T11840] BUG: Bad page state in process syz.6.1569  pfn:68314
[  491.908606][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888068314c80 pfn:0x68314
[  491.918676][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  491.925801][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  491.934391][T11840] raw: ffff888068314c80 0000000000000001 00000000ffffffff 0000000000000000
[  491.943040][T11840] page dumped because: page_pool leak
[  491.948403][T11840] page_owner tracks the page as allocated
[  491.954122][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269483660, free_ts 482615360250
[  491.971395][T11840]  post_alloc_hook+0x1f3/0x230
[  491.976159][T11840]  get_page_from_freelist+0x3033/0x3180
[  491.981689][T11840]  __alloc_pages_noprof+0x292/0x710
[  491.986880][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  491.992321][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  491.998219][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  492.003398][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  492.008802][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  492.014175][T11840]  bpf_prog_test_run+0x2e4/0x360
[  492.019099][T11840]  __sys_bpf+0x48d/0x810
[  492.023323][T11840]  __x64_sys_bpf+0x7c/0x90
[  492.027735][T11840]  do_syscall_64+0xf3/0x230
[  492.032220][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.038109][T11840] page last free pid 6905 tgid 6905 stack trace:
[  492.044436][T11840]  free_unref_page+0xcd0/0xf00
[  492.049183][T11840]  vfree+0x186/0x2e0
[  492.053071][T11840]  delayed_vfree_work+0x56/0x80
[  492.057923][T11840]  process_scheduled_works+0xa63/0x1850
[  492.063450][T11840]  worker_thread+0x870/0xd30
[  492.068047][T11840]  kthread+0x2f0/0x390
[  492.072099][T11840]  ret_from_fork+0x4b/0x80
[  492.076522][T11840]  ret_from_fork_asm+0x1a/0x30
[  492.081272][T11840] Modules linked in:
[  492.085163][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  492.097480][T11840] Tainted: [B]=BAD_PAGE
[  492.101609][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  492.111647][T11840] Call Trace:
[  492.114928][T11840]  <TASK>
[  492.117842][T11840]  dump_stack_lvl+0x241/0x360
[  492.122503][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.127699][T11840]  ? __pfx_print_modules+0x10/0x10
[  492.132835][T11840]  bad_page+0x166/0x1b0
[  492.137007][T11840]  free_unref_page+0xe9c/0xf00
[  492.141802][T11840]  skb_release_data+0x6dc/0x8a0
[  492.146667][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  492.151698][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  492.157403][T11840]  ? mark_lock+0x9a/0x360
[  492.161713][T11840]  ? __lock_acquire+0x1384/0x2050
[  492.166722][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  492.172789][T11840]  ? mark_lock+0x9a/0x360
[  492.177101][T11840]  ? __lock_acquire+0x1384/0x2050
[  492.182110][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  492.188076][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  492.194644][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  492.201167][T11840]  ? read_tsc+0x9/0x20
[  492.205219][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  492.210415][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  492.216750][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  492.222901][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  492.229220][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  492.235900][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  492.241097][T11840]  ? __phys_addr+0xba/0x170
[  492.245602][T11840]  ? build_skb_around+0x111/0x260
[  492.250628][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  492.256530][T11840]  netif_receive_skb_list+0x55/0x4b0
[  492.261836][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  492.267301][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  492.273188][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  492.278717][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  492.284507][T11840]  ? synchronize_rcu+0x11b/0x360
[  492.289426][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  492.294698][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  492.300924][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  492.306806][T11840]  ? _copy_from_user+0xab/0xe0
[  492.311556][T11840]  ? bpf_test_init+0x15a/0x180
[  492.316322][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  492.321763][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  492.327153][T11840]  ? __pfx_lock_release+0x10/0x10
[  492.332166][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  492.337966][T11840]  ? __fget_files+0x29/0x470
[  492.342556][T11840]  ? fput+0x1a8/0x230
[  492.346528][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  492.352333][T11840]  bpf_prog_test_run+0x2e4/0x360
[  492.357263][T11840]  __sys_bpf+0x48d/0x810
[  492.361488][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  492.366244][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  492.372218][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  492.378561][T11840]  ? do_syscall_64+0x100/0x230
[  492.383315][T11840]  __x64_sys_bpf+0x7c/0x90
[  492.387722][T11840]  do_syscall_64+0xf3/0x230
[  492.392211][T11840]  ? clear_bhb_loop+0x35/0x90
[  492.396873][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.402766][T11840] RIP: 0033:0x7f86da17e719
[  492.407174][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  492.426770][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  492.435171][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  492.443123][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  492.451077][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  492.459046][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  492.467015][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  492.474981][T11840]  </TASK>
[  492.478055][T11840] BUG: Bad page state in process syz.6.1569  pfn:55cff
[  492.484930][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888055cffc80 pfn:0x55cff
[  492.495011][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  492.502111][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  492.510704][T11840] raw: ffff888055cffc80 0000000000000001 00000000ffffffff 0000000000000000
[  492.519300][T11840] page dumped because: page_pool leak
[  492.524698][T11840] page_owner tracks the page as allocated
[  492.530394][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269474497, free_ts 482615625861
[  492.547593][T11840]  post_alloc_hook+0x1f3/0x230
[  492.552346][T11840]  get_page_from_freelist+0x3033/0x3180
[  492.557890][T11840]  __alloc_pages_noprof+0x292/0x710
[  492.563070][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  492.568530][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  492.574438][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  492.579618][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  492.584998][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  492.590371][T11840]  bpf_prog_test_run+0x2e4/0x360
[  492.595307][T11840]  __sys_bpf+0x48d/0x810
[  492.599530][T11840]  __x64_sys_bpf+0x7c/0x90
[  492.603946][T11840]  do_syscall_64+0xf3/0x230
[  492.608433][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.614319][T11840] page last free pid 11692 tgid 11682 stack trace:
[  492.620812][T11840]  free_unref_folios+0xee2/0x18a0
[  492.625841][T11840]  folios_put_refs+0x76c/0x860
[  492.630589][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  492.636219][T11840]  tlb_flush_mmu+0x3a3/0x680
[  492.640795][T11840]  tlb_finish_mmu+0xd4/0x200
[  492.645384][T11840]  exit_mmap+0x496/0xc40
[  492.649611][T11840]  __mmput+0x115/0x380
[  492.653660][T11840]  exit_mm+0x220/0x310
[  492.657731][T11840]  do_exit+0x9b2/0x28e0
[  492.661868][T11840]  do_group_exit+0x207/0x2c0
[  492.666451][T11840]  get_signal+0x16a3/0x1740
[  492.670941][T11840]  arch_do_signal_or_restart+0x96/0x860
[  492.676482][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  492.682012][T11840]  do_syscall_64+0x100/0x230
[  492.686598][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.692476][T11840] Modules linked in:
[  492.696368][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  492.708584][T11840] Tainted: [B]=BAD_PAGE
[  492.712715][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  492.722762][T11840] Call Trace:
[  492.726031][T11840]  <TASK>
[  492.728979][T11840]  dump_stack_lvl+0x241/0x360
[  492.733647][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  492.738843][T11840]  ? __pfx_print_modules+0x10/0x10
[  492.743959][T11840]  bad_page+0x166/0x1b0
[  492.748102][T11840]  free_unref_page+0xe9c/0xf00
[  492.752850][T11840]  skb_release_data+0x6dc/0x8a0
[  492.757718][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  492.762734][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  492.768444][T11840]  ? mark_lock+0x9a/0x360
[  492.772753][T11840]  ? __lock_acquire+0x1384/0x2050
[  492.777764][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  492.783814][T11840]  ? mark_lock+0x9a/0x360
[  492.788139][T11840]  ? __lock_acquire+0x1384/0x2050
[  492.793163][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  492.799131][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  492.805701][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  492.812183][T11840]  ? read_tsc+0x9/0x20
[  492.816238][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  492.821419][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  492.827741][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  492.833927][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  492.840252][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  492.846909][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  492.852096][T11840]  ? __phys_addr+0xba/0x170
[  492.856578][T11840]  ? build_skb_around+0x111/0x260
[  492.861598][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  492.867471][T11840]  netif_receive_skb_list+0x55/0x4b0
[  492.872756][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  492.878197][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  492.884073][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  492.889601][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  492.895385][T11840]  ? synchronize_rcu+0x11b/0x360
[  492.900306][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  492.905575][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  492.911800][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  492.918125][T11840]  ? _copy_from_user+0xab/0xe0
[  492.922870][T11840]  ? bpf_test_init+0x15a/0x180
[  492.927614][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  492.933060][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  492.938415][T11840]  ? __pfx_lock_release+0x10/0x10
[  492.943425][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  492.949224][T11840]  ? __fget_files+0x29/0x470
[  492.953798][T11840]  ? fput+0x1a8/0x230
[  492.957762][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  492.963550][T11840]  bpf_prog_test_run+0x2e4/0x360
[  492.968472][T11840]  __sys_bpf+0x48d/0x810
[  492.972696][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  492.977444][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  492.983408][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  492.989721][T11840]  ? do_syscall_64+0x100/0x230
[  492.994466][T11840]  __x64_sys_bpf+0x7c/0x90
[  492.998865][T11840]  do_syscall_64+0xf3/0x230
[  493.003358][T11840]  ? clear_bhb_loop+0x35/0x90
[  493.008016][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.013898][T11840] RIP: 0033:0x7f86da17e719
[  493.018306][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.037897][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  493.046298][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  493.054279][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  493.062230][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  493.070181][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  493.078131][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  493.086089][T11840]  </TASK>
[  493.089149][T11840] BUG: Bad page state in process syz.6.1569  pfn:28002
[  493.096091][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888028002dc0 pfn:0x28002
[  493.106146][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  493.113236][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  493.121813][T11840] raw: ffff888028002dc0 0000000000000001 00000000ffffffff 0000000000000000
[  493.130385][T11840] page dumped because: page_pool leak
[  493.135758][T11840] page_owner tracks the page as allocated
[  493.141458][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269465705, free_ts 482615635638
[  493.158648][T11840]  post_alloc_hook+0x1f3/0x230
[  493.163394][T11840]  get_page_from_freelist+0x3033/0x3180
[  493.168942][T11840]  __alloc_pages_noprof+0x292/0x710
[  493.174145][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  493.179582][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  493.185467][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  493.190653][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  493.196018][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  493.201369][T11840]  bpf_prog_test_run+0x2e4/0x360
[  493.206300][T11840]  __sys_bpf+0x48d/0x810
[  493.210539][T11840]  __x64_sys_bpf+0x7c/0x90
[  493.214955][T11840]  do_syscall_64+0xf3/0x230
[  493.219439][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.225323][T11840] page last free pid 11692 tgid 11682 stack trace:
[  493.231801][T11840]  free_unref_folios+0xee2/0x18a0
[  493.236842][T11840]  folios_put_refs+0x76c/0x860
[  493.241606][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  493.247258][T11840]  tlb_flush_mmu+0x3a3/0x680
[  493.251845][T11840]  tlb_finish_mmu+0xd4/0x200
[  493.256432][T11840]  exit_mmap+0x496/0xc40
[  493.260656][T11840]  __mmput+0x115/0x380
[  493.264736][T11840]  exit_mm+0x220/0x310
[  493.268784][T11840]  do_exit+0x9b2/0x28e0
[  493.272922][T11840]  do_group_exit+0x207/0x2c0
[  493.277518][T11840]  get_signal+0x16a3/0x1740
[  493.282006][T11840]  arch_do_signal_or_restart+0x96/0x860
[  493.287548][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  493.293073][T11840]  do_syscall_64+0x100/0x230
[  493.297656][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.303528][T11840] Modules linked in:
[  493.307419][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  493.319637][T11840] Tainted: [B]=BAD_PAGE
[  493.323763][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  493.333795][T11840] Call Trace:
[  493.337057][T11840]  <TASK>
[  493.339985][T11840]  dump_stack_lvl+0x241/0x360
[  493.344672][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.349852][T11840]  ? __pfx_print_modules+0x10/0x10
[  493.354954][T11840]  bad_page+0x166/0x1b0
[  493.359108][T11840]  free_unref_page+0xe9c/0xf00
[  493.363899][T11840]  skb_release_data+0x6dc/0x8a0
[  493.368768][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  493.373826][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  493.379545][T11840]  ? mark_lock+0x9a/0x360
[  493.383884][T11840]  ? __lock_acquire+0x1384/0x2050
[  493.388929][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  493.394997][T11840]  ? mark_lock+0x9a/0x360
[  493.399367][T11840]  ? __lock_acquire+0x1384/0x2050
[  493.404382][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  493.410352][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  493.416925][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  493.423417][T11840]  ? read_tsc+0x9/0x20
[  493.427470][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  493.432651][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  493.438970][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  493.445114][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  493.451428][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  493.458084][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  493.463267][T11840]  ? __phys_addr+0xba/0x170
[  493.467763][T11840]  ? build_skb_around+0x111/0x260
[  493.472786][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  493.478679][T11840]  netif_receive_skb_list+0x55/0x4b0
[  493.483957][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  493.489484][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  493.495364][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  493.500889][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  493.506764][T11840]  ? synchronize_rcu+0x11b/0x360
[  493.511681][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  493.516954][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  493.523180][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  493.529056][T11840]  ? _copy_from_user+0xab/0xe0
[  493.533811][T11840]  ? bpf_test_init+0x15a/0x180
[  493.538553][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  493.544007][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  493.549399][T11840]  ? __pfx_lock_release+0x10/0x10
[  493.554415][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  493.560200][T11840]  ? __fget_files+0x29/0x470
[  493.564799][T11840]  ? fput+0x1a8/0x230
[  493.568761][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  493.574556][T11840]  bpf_prog_test_run+0x2e4/0x360
[  493.579475][T11840]  __sys_bpf+0x48d/0x810
[  493.583699][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  493.588452][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  493.594680][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  493.600991][T11840]  ? do_syscall_64+0x100/0x230
[  493.605753][T11840]  __x64_sys_bpf+0x7c/0x90
[  493.610166][T11840]  do_syscall_64+0xf3/0x230
[  493.614652][T11840]  ? clear_bhb_loop+0x35/0x90
[  493.619309][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.625180][T11840] RIP: 0033:0x7f86da17e719
[  493.629574][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  493.649191][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  493.657654][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  493.665641][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  493.673600][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  493.681554][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  493.689509][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  493.697488][T11840]  </TASK>
[  493.700550][T11840] BUG: Bad page state in process syz.6.1569  pfn:2eca9
[  493.707408][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802eca9230 pfn:0x2eca9
[  493.717472][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  493.724595][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  493.733160][T11840] raw: ffff88802eca9230 0000000000000001 00000000ffffffff 0000000000000000
[  493.742013][T11840] page dumped because: page_pool leak
[  493.747381][T11840] page_owner tracks the page as allocated
[  493.753079][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269456900, free_ts 482615645197
[  493.770279][T11840]  post_alloc_hook+0x1f3/0x230
[  493.775047][T11840]  get_page_from_freelist+0x3033/0x3180
[  493.780573][T11840]  __alloc_pages_noprof+0x292/0x710
[  493.785770][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  493.791212][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  493.797114][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  493.802298][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  493.807668][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  493.813018][T11840]  bpf_prog_test_run+0x2e4/0x360
[  493.817955][T11840]  __sys_bpf+0x48d/0x810
[  493.822180][T11840]  __x64_sys_bpf+0x7c/0x90
[  493.826601][T11840]  do_syscall_64+0xf3/0x230
[  493.831086][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.836974][T11840] page last free pid 11692 tgid 11682 stack trace:
[  493.843453][T11840]  free_unref_folios+0xee2/0x18a0
[  493.848477][T11840]  folios_put_refs+0x76c/0x860
[  493.853227][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  493.858861][T11840]  tlb_flush_mmu+0x3a3/0x680
[  493.863434][T11840]  tlb_finish_mmu+0xd4/0x200
[  493.868023][T11840]  exit_mmap+0x496/0xc40
[  493.872251][T11840]  __mmput+0x115/0x380
[  493.876315][T11840]  exit_mm+0x220/0x310
[  493.880361][T11840]  do_exit+0x9b2/0x28e0
[  493.884512][T11840]  do_group_exit+0x207/0x2c0
[  493.889081][T11840]  get_signal+0x16a3/0x1740
[  493.893561][T11840]  arch_do_signal_or_restart+0x96/0x860
[  493.899115][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  493.904658][T11840]  do_syscall_64+0x100/0x230
[  493.909228][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.915114][T11840] Modules linked in:
[  493.918990][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  493.931639][T11840] Tainted: [B]=BAD_PAGE
[  493.935772][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  493.945811][T11840] Call Trace:
[  493.949161][T11840]  <TASK>
[  493.952074][T11840]  dump_stack_lvl+0x241/0x360
[  493.956744][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  493.961932][T11840]  ? __pfx_print_modules+0x10/0x10
[  493.967044][T11840]  bad_page+0x166/0x1b0
[  493.971184][T11840]  free_unref_page+0xe9c/0xf00
[  493.975931][T11840]  skb_release_data+0x6dc/0x8a0
[  493.980767][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  493.985786][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  493.991514][T11840]  ? mark_lock+0x9a/0x360
[  493.995837][T11840]  ? __lock_acquire+0x1384/0x2050
[  494.000855][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  494.006927][T11840]  ? mark_lock+0x9a/0x360
[  494.011242][T11840]  ? __lock_acquire+0x1384/0x2050
[  494.016274][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  494.022245][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  494.028822][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  494.035310][T11840]  ? read_tsc+0x9/0x20
[  494.039361][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  494.044725][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  494.051036][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  494.057180][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  494.063494][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  494.070174][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  494.075361][T11840]  ? __phys_addr+0xba/0x170
[  494.079863][T11840]  ? build_skb_around+0x111/0x260
[  494.084869][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  494.090749][T11840]  netif_receive_skb_list+0x55/0x4b0
[  494.096021][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  494.101486][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  494.107364][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  494.112894][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  494.118685][T11840]  ? synchronize_rcu+0x11b/0x360
[  494.123609][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  494.128879][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  494.135124][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  494.141000][T11840]  ? _copy_from_user+0xab/0xe0
[  494.145761][T11840]  ? bpf_test_init+0x15a/0x180
[  494.150590][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  494.156037][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  494.161396][T11840]  ? __pfx_lock_release+0x10/0x10
[  494.166414][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  494.172201][T11840]  ? __fget_files+0x29/0x470
[  494.176778][T11840]  ? fput+0x1a8/0x230
[  494.180740][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  494.186524][T11840]  bpf_prog_test_run+0x2e4/0x360
[  494.191457][T11840]  __sys_bpf+0x48d/0x810
[  494.195684][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  494.200430][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  494.206415][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  494.212743][T11840]  ? do_syscall_64+0x100/0x230
[  494.217500][T11840]  __x64_sys_bpf+0x7c/0x90
[  494.221911][T11840]  do_syscall_64+0xf3/0x230
[  494.226410][T11840]  ? clear_bhb_loop+0x35/0x90
[  494.231070][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.236945][T11840] RIP: 0033:0x7f86da17e719
[  494.241340][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.260937][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  494.269355][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  494.277312][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  494.285265][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  494.293222][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  494.301173][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  494.309132][T11840]  </TASK>
[  494.312199][T11840] BUG: Bad page state in process syz.6.1569  pfn:6c4ca
[  494.319132][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88806c4cadc0 pfn:0x6c4ca
[  494.329202][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  494.336311][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  494.344893][T11840] raw: ffff88806c4cadc0 0000000000000001 00000000ffffffff 0000000000000000
[  494.353459][T11840] page dumped because: page_pool leak
[  494.358821][T11840] page_owner tracks the page as allocated
[  494.364552][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269446390, free_ts 482615654507
[  494.381765][T11840]  post_alloc_hook+0x1f3/0x230
[  494.386582][T11840]  get_page_from_freelist+0x3033/0x3180
[  494.392212][T11840]  __alloc_pages_noprof+0x292/0x710
[  494.397428][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  494.402877][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  494.409029][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  494.414223][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  494.419577][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  494.424951][T11840]  bpf_prog_test_run+0x2e4/0x360
[  494.429871][T11840]  __sys_bpf+0x48d/0x810
[  494.434114][T11840]  __x64_sys_bpf+0x7c/0x90
[  494.438541][T11840]  do_syscall_64+0xf3/0x230
[  494.443024][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.448919][T11840] page last free pid 11692 tgid 11682 stack trace:
[  494.455429][T11840]  free_unref_folios+0xee2/0x18a0
[  494.460440][T11840]  folios_put_refs+0x76c/0x860
[  494.465210][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  494.470842][T11840]  tlb_flush_mmu+0x3a3/0x680
[  494.475445][T11840]  tlb_finish_mmu+0xd4/0x200
[  494.480026][T11840]  exit_mmap+0x496/0xc40
[  494.484264][T11840]  __mmput+0x115/0x380
[  494.488313][T11840]  exit_mm+0x220/0x310
[  494.492357][T11840]  do_exit+0x9b2/0x28e0
[  494.496503][T11840]  do_group_exit+0x207/0x2c0
[  494.501080][T11840]  get_signal+0x16a3/0x1740
[  494.505583][T11840]  arch_do_signal_or_restart+0x96/0x860
[  494.511110][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  494.516737][T11840]  do_syscall_64+0x100/0x230
[  494.521313][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.527206][T11840] Modules linked in:
[  494.531094][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  494.543309][T11840] Tainted: [B]=BAD_PAGE
[  494.547435][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  494.557468][T11840] Call Trace:
[  494.560727][T11840]  <TASK>
[  494.563750][T11840]  dump_stack_lvl+0x241/0x360
[  494.568423][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  494.573623][T11840]  ? __pfx_print_modules+0x10/0x10
[  494.578721][T11840]  bad_page+0x166/0x1b0
[  494.582867][T11840]  free_unref_page+0xe9c/0xf00
[  494.587617][T11840]  skb_release_data+0x6dc/0x8a0
[  494.592452][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  494.597465][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  494.603168][T11840]  ? mark_lock+0x9a/0x360
[  494.607479][T11840]  ? __lock_acquire+0x1384/0x2050
[  494.612493][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  494.618557][T11840]  ? mark_lock+0x9a/0x360
[  494.622867][T11840]  ? __lock_acquire+0x1384/0x2050
[  494.627881][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  494.633848][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  494.640434][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  494.646935][T11840]  ? read_tsc+0x9/0x20
[  494.650988][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  494.656184][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  494.662518][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  494.668657][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  494.674975][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  494.681634][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  494.686818][T11840]  ? __phys_addr+0xba/0x170
[  494.691303][T11840]  ? build_skb_around+0x111/0x260
[  494.696310][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  494.702200][T11840]  netif_receive_skb_list+0x55/0x4b0
[  494.707485][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  494.712934][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  494.718826][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  494.724360][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  494.730145][T11840]  ? synchronize_rcu+0x11b/0x360
[  494.735065][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  494.740332][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  494.746559][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  494.752432][T11840]  ? _copy_from_user+0xab/0xe0
[  494.757186][T11840]  ? bpf_test_init+0x15a/0x180
[  494.761934][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  494.767373][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  494.772745][T11840]  ? __pfx_lock_release+0x10/0x10
[  494.777781][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  494.783570][T11840]  ? __fget_files+0x29/0x470
[  494.788145][T11840]  ? fput+0x1a8/0x230
[  494.792109][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  494.797903][T11840]  bpf_prog_test_run+0x2e4/0x360
[  494.802825][T11840]  __sys_bpf+0x48d/0x810
[  494.807051][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  494.811796][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  494.817758][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  494.824070][T11840]  ? do_syscall_64+0x100/0x230
[  494.828816][T11840]  __x64_sys_bpf+0x7c/0x90
[  494.833210][T11840]  do_syscall_64+0xf3/0x230
[  494.837712][T11840]  ? clear_bhb_loop+0x35/0x90
[  494.842373][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.848245][T11840] RIP: 0033:0x7f86da17e719
[  494.852652][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.872241][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  494.880747][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  494.888703][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  494.896656][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  494.904609][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  494.912558][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  494.920516][T11840]  </TASK>
[  494.923570][T11840] BUG: Bad page state in process syz.6.1569  pfn:7f2f4
[  494.930414][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807f2f4640 pfn:0x7f2f4
[  494.940498][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  494.947612][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  494.956191][T11840] raw: ffff88807f2f4640 0000000000000001 00000000ffffffff 0000000000000000
[  494.964789][T11840] page dumped because: page_pool leak
[  494.970137][T11840] page_owner tracks the page as allocated
[  494.975847][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269434392, free_ts 482615663885
[  494.993047][T11840]  post_alloc_hook+0x1f3/0x230
[  494.997821][T11840]  get_page_from_freelist+0x3033/0x3180
[  495.003352][T11840]  __alloc_pages_noprof+0x292/0x710
[  495.008551][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  495.014011][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  495.019889][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  495.025088][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  495.030440][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  495.035820][T11840]  bpf_prog_test_run+0x2e4/0x360
[  495.040745][T11840]  __sys_bpf+0x48d/0x810
[  495.044983][T11840]  __x64_sys_bpf+0x7c/0x90
[  495.049380][T11840]  do_syscall_64+0xf3/0x230
[  495.053924][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.059828][T11840] page last free pid 11692 tgid 11682 stack trace:
[  495.066369][T11840]  free_unref_folios+0xee2/0x18a0
[  495.071394][T11840]  folios_put_refs+0x76c/0x860
[  495.076177][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  495.081802][T11840]  tlb_flush_mmu+0x3a3/0x680
[  495.086407][T11840]  tlb_finish_mmu+0xd4/0x200
[  495.090988][T11840]  exit_mmap+0x496/0xc40
[  495.095247][T11840]  __mmput+0x115/0x380
[  495.099314][T11840]  exit_mm+0x220/0x310
[  495.103381][T11840]  do_exit+0x9b2/0x28e0
[  495.107536][T11840]  do_group_exit+0x207/0x2c0
[  495.112109][T11840]  get_signal+0x16a3/0x1740
[  495.116640][T11840]  arch_do_signal_or_restart+0x96/0x860
[  495.122187][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  495.127743][T11840]  do_syscall_64+0x100/0x230
[  495.132318][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.138227][T11840] Modules linked in:
[  495.142105][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  495.154324][T11840] Tainted: [B]=BAD_PAGE
[  495.158450][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  495.168488][T11840] Call Trace:
[  495.171751][T11840]  <TASK>
[  495.174689][T11840]  dump_stack_lvl+0x241/0x360
[  495.179367][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  495.184559][T11840]  ? __pfx_print_modules+0x10/0x10
[  495.189662][T11840]  bad_page+0x166/0x1b0
[  495.193801][T11840]  free_unref_page+0xe9c/0xf00
[  495.198554][T11840]  skb_release_data+0x6dc/0x8a0
[  495.203395][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  495.208407][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  495.214118][T11840]  ? mark_lock+0x9a/0x360
[  495.218433][T11840]  ? __lock_acquire+0x1384/0x2050
[  495.223445][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  495.229505][T11840]  ? mark_lock+0x9a/0x360
[  495.233815][T11840]  ? __lock_acquire+0x1384/0x2050
[  495.238826][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  495.244793][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  495.251361][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  495.257956][T11840]  ? read_tsc+0x9/0x20
[  495.262007][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  495.267190][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  495.273509][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  495.279657][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  495.285973][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  495.292636][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  495.297921][T11840]  ? __phys_addr+0xba/0x170
[  495.302407][T11840]  ? build_skb_around+0x111/0x260
[  495.307415][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  495.313291][T11840]  netif_receive_skb_list+0x55/0x4b0
[  495.318561][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  495.324003][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  495.329880][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  495.335405][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  495.341187][T11840]  ? synchronize_rcu+0x11b/0x360
[  495.346116][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  495.351394][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  495.357628][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  495.363511][T11840]  ? _copy_from_user+0xab/0xe0
[  495.368269][T11840]  ? bpf_test_init+0x15a/0x180
[  495.373020][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  495.378471][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  495.383844][T11840]  ? __pfx_lock_release+0x10/0x10
[  495.388878][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  495.394671][T11840]  ? __fget_files+0x29/0x470
[  495.399335][T11840]  ? fput+0x1a8/0x230
[  495.403384][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  495.409215][T11840]  bpf_prog_test_run+0x2e4/0x360
[  495.414142][T11840]  __sys_bpf+0x48d/0x810
[  495.418371][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  495.423121][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  495.429097][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  495.435423][T11840]  ? do_syscall_64+0x100/0x230
[  495.440176][T11840]  __x64_sys_bpf+0x7c/0x90
[  495.444577][T11840]  do_syscall_64+0xf3/0x230
[  495.449063][T11840]  ? clear_bhb_loop+0x35/0x90
[  495.453730][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.459608][T11840] RIP: 0033:0x7f86da17e719
[  495.464007][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.483624][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  495.492028][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  495.499984][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  495.507966][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  495.515935][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.523898][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  495.531869][T11840]  </TASK>
[  495.534928][T11840] BUG: Bad page state in process syz.6.1569  pfn:323ff
[  495.541753][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880323ffdc0 pfn:0x323ff
[  495.551834][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  495.558949][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  495.567541][T11840] raw: ffff8880323ffdc0 0000000000000001 00000000ffffffff 0000000000000000
[  495.576114][T11840] page dumped because: page_pool leak
[  495.581460][T11840] page_owner tracks the page as allocated
[  495.587173][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269422911, free_ts 482615685293
[  495.604368][T11840]  post_alloc_hook+0x1f3/0x230
[  495.609124][T11840]  get_page_from_freelist+0x3033/0x3180
[  495.614695][T11840]  __alloc_pages_noprof+0x292/0x710
[  495.619874][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  495.625329][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  495.631208][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  495.636421][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  495.641777][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  495.647153][T11840]  bpf_prog_test_run+0x2e4/0x360
[  495.652071][T11840]  __sys_bpf+0x48d/0x810
[  495.656407][T11840]  __x64_sys_bpf+0x7c/0x90
[  495.660803][T11840]  do_syscall_64+0xf3/0x230
[  495.665301][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.671173][T11840] page last free pid 11692 tgid 11682 stack trace:
[  495.677663][T11840]  free_unref_folios+0xee2/0x18a0
[  495.682670][T11840]  folios_put_refs+0x76c/0x860
[  495.687428][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  495.693058][T11840]  tlb_flush_mmu+0x3a3/0x680
[  495.697663][T11840]  tlb_finish_mmu+0xd4/0x200
[  495.702305][T11840]  exit_mmap+0x496/0xc40
[  495.706572][T11840]  __mmput+0x115/0x380
[  495.710632][T11840]  exit_mm+0x220/0x310
[  495.714719][T11840]  do_exit+0x9b2/0x28e0
[  495.718860][T11840]  do_group_exit+0x207/0x2c0
[  495.723432][T11840]  get_signal+0x16a3/0x1740
[  495.727945][T11840]  arch_do_signal_or_restart+0x96/0x860
[  495.733488][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  495.739127][T11840]  do_syscall_64+0x100/0x230
[  495.743701][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.749599][T11840] Modules linked in:
[  495.753478][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  495.765692][T11840] Tainted: [B]=BAD_PAGE
[  495.769821][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  495.779855][T11840] Call Trace:
[  495.783117][T11840]  <TASK>
[  495.786032][T11840]  dump_stack_lvl+0x241/0x360
[  495.790707][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  495.795894][T11840]  ? __pfx_print_modules+0x10/0x10
[  495.801001][T11840]  bad_page+0x166/0x1b0
[  495.805139][T11840]  free_unref_page+0xe9c/0xf00
[  495.809891][T11840]  skb_release_data+0x6dc/0x8a0
[  495.814743][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  495.819754][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  495.825462][T11840]  ? mark_lock+0x9a/0x360
[  495.829773][T11840]  ? __lock_acquire+0x1384/0x2050
[  495.834783][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  495.840835][T11840]  ? mark_lock+0x9a/0x360
[  495.845158][T11840]  ? __lock_acquire+0x1384/0x2050
[  495.850181][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  495.856146][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  495.862714][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  495.869285][T11840]  ? read_tsc+0x9/0x20
[  495.873334][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  495.878515][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  495.884827][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  495.890969][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  495.897277][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  495.903943][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  495.909126][T11840]  ? __phys_addr+0xba/0x170
[  495.913611][T11840]  ? build_skb_around+0x111/0x260
[  495.918622][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  495.924499][T11840]  netif_receive_skb_list+0x55/0x4b0
[  495.929770][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  495.935213][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  495.941091][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  495.946628][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  495.952413][T11840]  ? synchronize_rcu+0x11b/0x360
[  495.957335][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  495.962605][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  495.969091][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  495.974971][T11840]  ? _copy_from_user+0xab/0xe0
[  495.979722][T11840]  ? bpf_test_init+0x15a/0x180
[  495.984549][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  495.989984][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  495.995336][T11840]  ? __pfx_lock_release+0x10/0x10
[  496.000347][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  496.006136][T11840]  ? __fget_files+0x29/0x470
[  496.010736][T11840]  ? fput+0x1a8/0x230
[  496.014699][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  496.020488][T11840]  bpf_prog_test_run+0x2e4/0x360
[  496.025411][T11840]  __sys_bpf+0x48d/0x810
[  496.029644][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  496.034394][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  496.040381][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  496.046693][T11840]  ? do_syscall_64+0x100/0x230
[  496.051441][T11840]  __x64_sys_bpf+0x7c/0x90
[  496.055841][T11840]  do_syscall_64+0xf3/0x230
[  496.060334][T11840]  ? clear_bhb_loop+0x35/0x90
[  496.064994][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.070865][T11840] RIP: 0033:0x7f86da17e719
[  496.075265][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.094860][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  496.103252][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  496.111209][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  496.119164][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  496.127119][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  496.135426][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  496.143397][T11840]  </TASK>
[  496.146468][T11840] BUG: Bad page state in process syz.6.1569  pfn:2edcb
[  496.153292][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802edcbfc0 pfn:0x2edcb
[  496.163390][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  496.170517][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  496.179094][T11840] raw: ffff88802edcbfc0 0000000000000001 00000000ffffffff 0000000000000000
[  496.187669][T11840] page dumped because: page_pool leak
[  496.193018][T11840] page_owner tracks the page as allocated
[  496.198730][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269411154, free_ts 482615694826
[  496.215937][T11840]  post_alloc_hook+0x1f3/0x230
[  496.220694][T11840]  get_page_from_freelist+0x3033/0x3180
[  496.226261][T11840]  __alloc_pages_noprof+0x292/0x710
[  496.231450][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  496.236915][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  496.242790][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  496.247987][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  496.253342][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  496.258713][T11840]  bpf_prog_test_run+0x2e4/0x360
[  496.263635][T11840]  __sys_bpf+0x48d/0x810
[  496.267900][T11840]  __x64_sys_bpf+0x7c/0x90
[  496.272299][T11840]  do_syscall_64+0xf3/0x230
[  496.276799][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.282676][T11840] page last free pid 11692 tgid 11682 stack trace:
[  496.289170][T11840]  free_unref_folios+0xee2/0x18a0
[  496.294197][T11840]  folios_put_refs+0x76c/0x860
[  496.298939][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  496.304576][T11840]  tlb_flush_mmu+0x3a3/0x680
[  496.309163][T11840]  tlb_finish_mmu+0xd4/0x200
[  496.313757][T11840]  exit_mmap+0x496/0xc40
[  496.318011][T11840]  __mmput+0x115/0x380
[  496.322234][T11840]  exit_mm+0x220/0x310
[  496.326300][T11840]  do_exit+0x9b2/0x28e0
[  496.330437][T11840]  do_group_exit+0x207/0x2c0
[  496.335019][T11840]  get_signal+0x16a3/0x1740
[  496.339511][T11840]  arch_do_signal_or_restart+0x96/0x860
[  496.345059][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  496.350590][T11840]  do_syscall_64+0x100/0x230
[  496.355183][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.361064][T11840] Modules linked in:
[  496.364975][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  496.377206][T11840] Tainted: [B]=BAD_PAGE
[  496.381357][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  496.391434][T11840] Call Trace:
[  496.394711][T11840]  <TASK>
[  496.397629][T11840]  dump_stack_lvl+0x241/0x360
[  496.402298][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  496.407488][T11840]  ? __pfx_print_modules+0x10/0x10
[  496.412681][T11840]  bad_page+0x166/0x1b0
[  496.416924][T11840]  free_unref_page+0xe9c/0xf00
[  496.421686][T11840]  skb_release_data+0x6dc/0x8a0
[  496.426534][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  496.431552][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  496.437260][T11840]  ? mark_lock+0x9a/0x360
[  496.441570][T11840]  ? __lock_acquire+0x1384/0x2050
[  496.446597][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  496.452652][T11840]  ? mark_lock+0x9a/0x360
[  496.456962][T11840]  ? __lock_acquire+0x1384/0x2050
[  496.461987][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  496.467955][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  496.474525][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  496.481011][T11840]  ? read_tsc+0x9/0x20
[  496.485432][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  496.490637][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  496.496972][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  496.503121][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  496.509460][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  496.516132][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  496.521341][T11840]  ? __phys_addr+0xba/0x170
[  496.525840][T11840]  ? build_skb_around+0x111/0x260
[  496.530875][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  496.536765][T11840]  netif_receive_skb_list+0x55/0x4b0
[  496.542043][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  496.547504][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  496.553391][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  496.558930][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  496.564727][T11840]  ? synchronize_rcu+0x11b/0x360
[  496.569655][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  496.574928][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  496.581156][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  496.587040][T11840]  ? _copy_from_user+0xab/0xe0
[  496.591791][T11840]  ? bpf_test_init+0x15a/0x180
[  496.596549][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  496.602003][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  496.607364][T11840]  ? __pfx_lock_release+0x10/0x10
[  496.612379][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  496.618177][T11840]  ? __fget_files+0x29/0x470
[  496.622758][T11840]  ? fput+0x1a8/0x230
[  496.626727][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  496.632605][T11840]  bpf_prog_test_run+0x2e4/0x360
[  496.637530][T11840]  __sys_bpf+0x48d/0x810
[  496.641758][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  496.646513][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  496.652479][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  496.658876][T11840]  ? do_syscall_64+0x100/0x230
[  496.663625][T11840]  __x64_sys_bpf+0x7c/0x90
[  496.668021][T11840]  do_syscall_64+0xf3/0x230
[  496.672513][T11840]  ? clear_bhb_loop+0x35/0x90
[  496.677171][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.683157][T11840] RIP: 0033:0x7f86da17e719
[  496.687552][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.707139][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  496.715544][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719
[  496.723515][T11840] RDX: 0000000000000048 RSI: 0000000020000600 RDI: 000000000000000a
[  496.731470][T11840] RBP: 00007f86da1f132e R08: 0000000000000000 R09: 0000000000000000
[  496.739421][T11840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  496.747373][T11840] R13: 0000000000000000 R14: 00007f86da336058 R15: 00007ffe3a652f28
[  496.755328][T11840]  </TASK>
[  496.758383][T11840] BUG: Bad page state in process syz.6.1569  pfn:311a0
[  496.765223][T11840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880311a0990 pfn:0x311a0
[  496.775278][T11840] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  496.782369][T11840] raw: 00fff00000000000 dead000000000040 ffff88806718a000 0000000000000000
[  496.790954][T11840] raw: ffff8880311a0990 0000000000000001 00000000ffffffff 0000000000000000
[  496.799531][T11840] page dumped because: page_pool leak
[  496.804889][T11840] page_owner tracks the page as allocated
[  496.810583][T11840] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2820(GFP_ATOMIC|__GFP_NOWARN), pid 11840, tgid 11835 (syz.6.1569), ts 487269399263, free_ts 482615703888
[  496.827784][T11840]  post_alloc_hook+0x1f3/0x230
[  496.832579][T11840]  get_page_from_freelist+0x3033/0x3180
[  496.838223][T11840]  __alloc_pages_noprof+0x292/0x710
[  496.843404][T11840]  alloc_pages_bulk_noprof+0x729/0xd40
[  496.848875][T11840]  __page_pool_alloc_pages_slow+0x122/0x690
[  496.854766][T11840]  page_pool_alloc_pages+0xd0/0x1c0
[  496.859945][T11840]  bpf_test_run_xdp_live+0x950/0x2160
[  496.865350][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  496.870702][T11840]  bpf_prog_test_run+0x2e4/0x360
[  496.875640][T11840]  __sys_bpf+0x48d/0x810
[  496.879869][T11840]  __x64_sys_bpf+0x7c/0x90
[  496.884285][T11840]  do_syscall_64+0xf3/0x230
[  496.888771][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.894675][T11840] page last free pid 11692 tgid 11682 stack trace:
[  496.901152][T11840]  free_unref_folios+0xee2/0x18a0
[  496.906191][T11840]  folios_put_refs+0x76c/0x860
[  496.910934][T11840]  free_pages_and_swap_cache+0x2ea/0x690
[  496.916570][T11840]  tlb_flush_mmu+0x3a3/0x680
[  496.921143][T11840]  tlb_finish_mmu+0xd4/0x200
[  496.925757][T11840]  exit_mmap+0x496/0xc40
[  496.929988][T11840]  __mmput+0x115/0x380
[  496.934051][T11840]  exit_mm+0x220/0x310
[  496.938097][T11840]  do_exit+0x9b2/0x28e0
[  496.942248][T11840]  do_group_exit+0x207/0x2c0
[  496.946838][T11840]  get_signal+0x16a3/0x1740
[  496.951340][T11840]  arch_do_signal_or_restart+0x96/0x860
[  496.956883][T11840]  syscall_exit_to_user_mode+0xc9/0x370
[  496.962408][T11840]  do_syscall_64+0x100/0x230
[  496.966991][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.972866][T11840] Modules linked in:
[  496.976756][T11840] CPU: 1 UID: 0 PID: 11840 Comm: syz.6.1569 Tainted: G    B              6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0
[  496.988971][T11840] Tainted: [B]=BAD_PAGE
[  496.993102][T11840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  497.003150][T11840] Call Trace:
[  497.006412][T11840]  <TASK>
[  497.009758][T11840]  dump_stack_lvl+0x241/0x360
[  497.014430][T11840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  497.019621][T11840]  ? __pfx_print_modules+0x10/0x10
[  497.024732][T11840]  bad_page+0x166/0x1b0
[  497.028885][T11840]  free_unref_page+0xe9c/0xf00
[  497.033646][T11840]  skb_release_data+0x6dc/0x8a0
[  497.038488][T11840]  sk_skb_reason_drop+0x1c9/0x380
[  497.043512][T11840]  __netif_receive_skb_core+0x3edd/0x4570
[  497.049224][T11840]  ? mark_lock+0x9a/0x360
[  497.053544][T11840]  ? __lock_acquire+0x1384/0x2050
[  497.058560][T11840]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  497.064614][T11840]  ? mark_lock+0x9a/0x360
[  497.068922][T11840]  ? __lock_acquire+0x1384/0x2050
[  497.073945][T11840]  __netif_receive_skb_list_core+0x2b1/0x980
[  497.079919][T11840]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  497.086498][T11840]  ? __pfx___netif_receive_skb_list_core+0x10/0x10
[  497.092983][T11840]  ? read_tsc+0x9/0x20
[  497.097036][T11840]  ? timekeeping_get_ns+0x2c0/0x420
[  497.102217][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  497.108534][T11840]  netif_receive_skb_list_internal+0xa51/0xe30
[  497.114687][T11840]  ? netif_receive_skb_list_internal+0x4e8/0xe30
[  497.121010][T11840]  ? __pfx_netif_receive_skb_list_internal+0x10/0x10
[  497.127688][T11840]  ? __pfx_eth_type_trans+0x10/0x10
[  497.132890][T11840]  ? __phys_addr+0xba/0x170
[  497.137378][T11840]  ? build_skb_around+0x111/0x260
[  497.142387][T11840]  ? __xdp_build_skb_from_frame+0x338/0x650
[  497.148262][T11840]  netif_receive_skb_list+0x55/0x4b0
[  497.153531][T11840]  bpf_test_run_xdp_live+0x1b0d/0x2160
[  497.158973][T11840]  ? bpf_dispatcher_change_prog+0xd8b/0xf10
[  497.164852][T11840]  ? bpf_test_run_xdp_live+0x5d6/0x2160
[  497.170377][T11840]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  497.176165][T11840]  ? synchronize_rcu+0x11b/0x360
[  497.181096][T11840]  ? __pfx_synchronize_rcu+0x10/0x10
[  497.186364][T11840]  ? __pfx_bpf_dispatcher_change_prog+0x10/0x10
[  497.192589][T11840]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  497.198468][T11840]  ? _copy_from_user+0xab/0xe0
[  497.203253][T11840]  ? bpf_test_init+0x15a/0x180
[  497.208000][T11840]  ? xdp_convert_md_to_buff+0x5b/0x330
[  497.213460][T11840]  bpf_prog_test_run_xdp+0x805/0x11e0
[  497.218822][T11840]  ? __pfx_lock_release+0x10/0x10
[  497.223833][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  497.229624][T11840]  ? __fget_files+0x29/0x470
[  497.234219][T11840]  ? fput+0x1a8/0x230
[  497.238193][T11840]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  497.243992][T11840]  bpf_prog_test_run+0x2e4/0x360
[  497.248918][T11840]  __sys_bpf+0x48d/0x810
[  497.253147][T11840]  ? __pfx___sys_bpf+0x10/0x10
[  497.257920][T11840]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  497.263900][T11840]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  497.270232][T11840]  ? do_syscall_64+0x100/0x230
[  497.274989][T11840]  __x64_sys_bpf+0x7c/0x90
[  497.279390][T11840]  do_syscall_64+0xf3/0x230
[  497.283887][T11840]  ? clear_bhb_loop+0x35/0x90
[  497.288563][T11840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  497.294439][T11840] RIP: 0033:0x7f86da17e719
[  497.298837][T11840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  497.318428][T11840] RSP: 002b:00007f86db03e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  497.326826][T11840] RAX: ffffffffffffffda RBX: 00007f86da336058 RCX: 00007f86da17e719