last executing test programs:

13m14.435705992s ago: executing program 4 (id=162):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x2, &(0x7f0000000140), 0x4)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x8c540)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000640)={0x10, 0x3, 0x1, 'queue1\x00', 0x4})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x68, 0x0, 0x7, 0x401, 0x0, 0x0, {}, [@NFACCT_FILTER={0x1c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x10000}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x9}]}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x7}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x9}]}, 0x68}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x20, 0x0, 0x7, 0x101, 0x0, 0x0, {}, [@NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f0000000500)={&(0x7f0000000100), 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x40, 0x0, 0x7, 0x101, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFACCT_FLAGS={0x8}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x8eaf}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x4}]}, 0x40}}, 0x24000000)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000440)={&(0x7f0000000140), 0xc, &(0x7f0000000340)={&(0x7f00000003c0)={0x58, 0x3, 0x8, 0x507, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_CLOSE={0x8}, @CTA_TIMEOUT_TCP_RETRANS={0x8}, @CTA_TIMEOUT_TCP_CLOSE_WAIT={0x8}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8, 0x2, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_TCP_SYN_RECV={0x8, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_TCP_TIME_WAIT={0x8, 0x7, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x4008000}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="680000000206010300000000fffff000000000000500010006000000050005000a0000000900020073797a32000000000500040000000000140007800800064000000000080013400000004011000300686173683a"], 0x68}}, 0x0)
getresgid(0x0, &(0x7f0000000040), &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae0a, &(0x7f00000000c0)=ANY=[])
pipe(0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000063014000000000009500010000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
io_setup(0x7, &(0x7f0000000280)=<r4=>0x0)
openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x42, 0x0)
io_submit(r4, 0x0, 0x0)

13m13.830338886s ago: executing program 4 (id=166):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r2, 0x5607, 0x4)
ioctl$VT_ACTIVATE(r2, 0x5606, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@fallback, 0xe, 0x1, 0xee7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
close(r1)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)

13m12.712511967s ago: executing program 3 (id=168):
unshare(0x2c060000)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000002100)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_WRITE={0x17, 0xd, 0x2004, @fd, 0x325d, 0x0, 0x0, 0x14, 0x1})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x8, 0x2)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0022050000"], 0x0}, 0x0)

13m11.547079765s ago: executing program 4 (id=171):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f0000001440)=ANY=[@ANYBLOB="0017"], 0xc0)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000180), 0x400008a, 0x0)

13m10.4162553s ago: executing program 4 (id=173):
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='sysfs\x00', 0x0, 0x0)
quotactl$Q_GETFMT(0xffffffff80000402, &(0x7f0000000280)=@nbd={'/dev/nbd', 0x0}, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mmap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xf, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

13m10.197588045s ago: executing program 3 (id=174):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4}, 0x0, &(0x7f0000000580)=r5}, 0x20)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r6, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000001080)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000100)=""/210, 0xd2}, {0x0}, {0x0}, {0x0}, {&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f0000000740)=""/191, 0xbf}], 0x6}}, {{0x0, 0x0, 0x0}}], 0x3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x3, 0xb, 0x4, 0x210, r0, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x3, 0x4, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

13m8.589035798s ago: executing program 3 (id=176):
syz_emit_ethernet(0x6a, &(0x7f0000000200)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500005c0000000000019078ac1e0001ac1414aa05029078e0000002400d02000068000131290007ac1414aa640101020044039007"], 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8946, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xc0}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x2c240, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
r2 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000001000), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})
write$FUSE_NOTIFY_INVAL_ENTRY(r3, 0x0, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000140)={0x0, {}, 0x0, {}, 0x6000, 0x6, 0x4, 0x0, "cd0d05a286a8d9c7b438dd4350274fc803519e3d7d156d943d4034728428556b2b5a97d6203497d63e98ec46bc3116e3930f9b02cdc0f982e0d499db318cb04c", "e39fb4a6d3333aba8405d70d523a5a783847b8bc04869aad25d757c86a08e932", [0xd026, 0x52]})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r5 = eventfd(0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000000))
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000040)={0x1, r5})
read$char_usb(r0, &(0x7f0000000580)=""/236, 0xec)

13m8.315888818s ago: executing program 4 (id=179):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, &(0x7f0000000180))
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)

13m7.543213557s ago: executing program 3 (id=180):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000fa0000000000000000000095000000000000006f61f0c07aa2eccfbaa2cae892263eb917bfefbfeb889135c9c0e8960077d9006d52f6614fc867f5c282f1d6ee014c7c4315200b8c727f3ed7409694cd222c1a8292371305"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x9)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000005c0)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="06000000040000ecff000000b82fbd1bcdc3fa548a78ea5e57e3ad50cf577bacfa76686c234d4842a384446ed3a6ca660f57c8720fe32f91fd1ef39e5087ec1c334c16d6a6bc41b2a3352c6baacda40c2f5245f677f39a150a30fee20ce7beb33cfa5e0ef887a3d93b594d93eba657a811d80654c2dfff59e58328d548b5187128e66643e68e6b9c44e58772f70e", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
syz_emit_ethernet(0x1a, &(0x7f0000000500)={@broadcast, @empty, @val={@void}, {@llc_tr={0x11, {@snap={0x0, 0x0, "f2", "95b02d"}}}}}, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r1, 0x40186f40, 0x20000502)
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x2, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100004366b408c70b0800c84f0102080109022d00010000002009040000032eb47d000905f9ffffff0000000905ee47"], 0x0)

13m7.005724818s ago: executing program 4 (id=182):
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0))
timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2712, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000300)=""/104, 0x68)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0e00009bd028ef8020ab0700400005"], 0xfe33)
socket$inet6_dccp(0xa, 0x6, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
rt_sigtimedwait(&(0x7f0000000100)={[0xfffffffffffffff8]}, 0x0, 0x0, 0x8)

13m5.222903944s ago: executing program 3 (id=187):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000100)={'gretap0\x00', &(0x7f0000000480)={'gretap0\x00', r5, 0x80, 0x17, 0x2, 0xa0, {{0x24, 0x4, 0x1, 0x5, 0x90, 0x65, 0x0, 0x8, 0x2f, 0x0, @local, @private=0xd835, {[@ssrr={0x89, 0xf, 0xad, [@remote, @broadcast, @local]}, @timestamp_prespec={0x44, 0x3c, 0xb1, 0x3, 0x1, [{@multicast2, 0x800000}, {@private=0xa010100, 0x5}, {@remote, 0x7ff}, {@private=0xa010100, 0x7ff}, {@private=0xa010101, 0x3}, {@remote, 0x8}, {@multicast2, 0x7f}]}, @timestamp_prespec={0x44, 0x1c, 0xc9, 0x3, 0x5, [{@loopback, 0x6ed}, {@private=0xa010101, 0x6}, {@broadcast, 0x271}]}, @timestamp_addr={0x44, 0x14, 0xf0, 0x1, 0x1, [{@rand_addr=0x64010101, 0x31b}, {@dev={0xac, 0x14, 0x14, 0x1f}, 0x3}]}]}}}}})
r7 = open(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r3, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87, r7}, './file0\x00'})

13m4.679586461s ago: executing program 3 (id=190):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x82643, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, 0x0)
r4 = io_uring_setup(0x30d7, &(0x7f00000003c0)={0x0, 0x0, 0x800})
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{}], 0x1, 0x7c00, 0x0, 0x3)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x0, [0x1, 0x8000000], [0x8200, 0x1], 0x13a}}})
ioctl$VIDIOC_QBUF(r5, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "00000100"}, 0x4, 0x2, {}, 0x58603})
close_range(r4, 0xffffffffffffffff, 0x0)

12m51.734625356s ago: executing program 32 (id=182):
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffe]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r0}, &(0x7f00000000c0))
timer_settime(0x0, 0x5, &(0x7f00000001c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
r2 = socket(0x15, 0x5, 0x0)
getsockopt(r2, 0x200000000114, 0x2712, &(0x7f0000005ec0)=""/102394, &(0x7f0000000040)=0x18ffa)
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000300)=""/104, 0x68)
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r4, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001900599c6d0e00009bd028ef8020ab0700400005"], 0xfe33)
socket$inet6_dccp(0xa, 0x6, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
rt_sigtimedwait(&(0x7f0000000100)={[0xfffffffffffffff8]}, 0x0, 0x0, 0x8)

12m49.557463532s ago: executing program 33 (id=190):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x82643, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, 0x0)
r4 = io_uring_setup(0x30d7, &(0x7f00000003c0)={0x0, 0x0, 0x800})
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{}], 0x1, 0x7c00, 0x0, 0x3)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x0, [0x1, 0x8000000], [0x8200, 0x1], 0x13a}}})
ioctl$VIDIOC_QBUF(r5, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "00000100"}, 0x4, 0x2, {}, 0x58603})
close_range(r4, 0xffffffffffffffff, 0x0)

11m24.043046909s ago: executing program 0 (id=412):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0)
ioctl$BTRFS_IOC_WAIT_SYNC(0xffffffffffffffff, 0x40089416, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0xfffffffffffffffe}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x300048c1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x3e, &(0x7f0000000100)=r2, 0x4)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

11m23.210489201s ago: executing program 0 (id=415):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r0, 0x2, 0x5004)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
shmat(r3, &(0x7f0000ffe000/0x2000)=nil, 0x4000)
shmat(r3, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x48}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x16}}}}}, 0x0)
unshare(0x2a020400)
r5 = socket$rds(0x15, 0x5, 0x0)
ioctl$sock_ifreq(r5, 0x89b1, &(0x7f0000000100)={'bond0\x00', @ifru_names='bond_slave_1\x00'})

11m21.789906015s ago: executing program 0 (id=417):
socket$kcm(0x11, 0x200000000000002, 0x300)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, 0x0, 0x20040800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket(0x200000100000011, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @loopback, 0xfffffffc}, 0x1c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x3f0e0}, &(0x7f0000000040)=0x8)
listen(r2, 0x20000005)
landlock_restrict_self(0xffffffffffffffff, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

11m20.189783284s ago: executing program 0 (id=422):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x2)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000000)=0x6)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0x21)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x80000000)

11m18.390233005s ago: executing program 0 (id=428):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r6, 0x303, 0x0, 0x25dfdbfd, {0x3d}}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r7, 0x4c80, 0xffffffffffffffb6)

11m15.018560897s ago: executing program 0 (id=437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='7', 0x1, 0xffffffffffffffff)
keyctl$revoke(0x3, r3)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000029c0)={r3}, &(0x7f0000002a00)={'enc=', 'oaep', ' hash=', {'wp256-generic\x00'}}, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
symlink(0x0, &(0x7f0000000000)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x40049366, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
syz_emit_ethernet(0xd0, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000008e25900ee8d386dd601646b085"], 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

11m14.38120085s ago: executing program 34 (id=437):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r3 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='7', 0x1, 0xffffffffffffffff)
keyctl$revoke(0x3, r3)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f00000029c0)={r3}, &(0x7f0000002a00)={'enc=', 'oaep', ' hash=', {'wp256-generic\x00'}}, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
symlink(0x0, &(0x7f0000000000)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x40049366, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
syz_emit_ethernet(0xd0, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000008e25900ee8d386dd601646b085"], 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

1m3.490913563s ago: executing program 2 (id=2104):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fsopen(0x0, 0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400)={0x1f, 0xfffc}, 0xe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000080))
r4 = syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
socket$key(0xf, 0x3, 0x2)
write$binfmt_script(r5, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)
process_vm_readv(r4, &(0x7f0000001840)=[{&(0x7f00000004c0)=""/211, 0xd3}, {0x0}], 0x2, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/173, 0xad}, {&(0x7f00000000c0)=""/226, 0xe2}], 0x3, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x804)
getsockopt$WPAN_WANTACK(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x100)

58.660292591s ago: executing program 2 (id=2107):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fsopen(0x0, 0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400)={0x1f, 0xfffc}, 0xe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000080))
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
socket$key(0xf, 0x3, 0x2)
write$binfmt_script(r4, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)
r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x804)
getsockopt$WPAN_WANTACK(r5, 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x100)

54.51800536s ago: executing program 2 (id=2113):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000100000046e1230f0200000080000000b1000000c4010000000000000000000000000000f500000000000080f000000007000000030000003b0400000600000007000000da0000000000000000000000d4bcfbd7c13281c15401cdb41c6e"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
write$tun(r7, &(0x7f0000000400)=ANY=[], 0xa2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0xa, 0x4002})
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3})

52.582360263s ago: executing program 2 (id=2120):
r0 = gettid()
r1 = socket$igmp(0x2, 0x3, 0x2)
bind(r1, &(0x7f0000000540)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e21, @remote}, 0x2, 0xffff, 0x1, 0x1}}, 0x80)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x4021, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
timer_settime(0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x8000, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
futex_waitv(&(0x7f0000000180)=[{0x3, &(0x7f0000000040)=0x3, 0x2}], 0x1, 0x0, 0x0, 0x0)
gettid()
timer_gettime(0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000000))
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f50501020f0109022c00010000000009040000016f2bae000824030100000000092402020000000000090585"], 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f00000000c0))
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
clock_gettime(0x0, &(0x7f0000000300)={<r5=>0x0, <r6=>0x0})
clock_gettime(0x0, &(0x7f0000000340)={<r7=>0x0, <r8=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000480)={{r5, r6+60000000}, {r7, r8+10000000}}, 0x0)

47.653011477s ago: executing program 2 (id=2125):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e21, @multicast2}, {0x4}, 0x2, {0x2, 0x4e22, @multicast2}, 'veth0_vlan\x00'})
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xfffd, @local}]}, &(0x7f0000000440)=0x51)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x102, 0x48001050, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

44.015044531s ago: executing program 2 (id=2129):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000010000008000", @ANYRES32, @ANYBLOB='@\x00\x00\x00\x00\x00\x00\x00\x00\x00 '], 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88ac5fb5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
preadv2(r3, &(0x7f0000002500)=[{&(0x7f0000001580)=""/193, 0xc1}], 0x1, 0x80ffff, 0x0, 0x1c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a30000000005000"], 0xc4}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r7 = dup(r6)
sendmsg$TIPC_CMD_DISABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x200, 0x3, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'ib', 0x3a, 'pim6reg1\x00'}}}}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20000001)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x3e, &(0x7f0000000440)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4a300", 0x8, 0x3a, 0x0, @private2, @mcast2, {[], @echo_request}}}}}, 0x0)
setsockopt$inet6_opts(r8, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8)
recvmsg(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20)
ioctl$KVM_SET_VAPIC_ADDR(r7, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

28.595022942s ago: executing program 35 (id=2129):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008000000010000008000", @ANYRES32, @ANYBLOB='@\x00\x00\x00\x00\x00\x00\x00\x00\x00 '], 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x409, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88ac5fb5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x16d102, 0x0)
preadv2(r3, &(0x7f0000002500)=[{&(0x7f0000001580)=""/193, 0xc1}], 0x1, 0x80ffff, 0x0, 0x1c)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a30000000005000"], 0xc4}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r7 = dup(r6)
sendmsg$TIPC_CMD_DISABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, 0x0, 0x200, 0x3, 0x25dfdbfe, {{}, {}, {0x10, 0x13, @l2={'ib', 0x3a, 'pim6reg1\x00'}}}}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20000001)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x3e, &(0x7f0000000440)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f4a300", 0x8, 0x3a, 0x0, @private2, @mcast2, {[], @echo_request}}}}}, 0x0)
setsockopt$inet6_opts(r8, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8)
recvmsg(r8, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20)
ioctl$KVM_SET_VAPIC_ADDR(r7, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

28.109891427s ago: executing program 1 (id=2149):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
creat(&(0x7f0000001200)='./file0\x00', 0x41)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000082f177", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB="020000000100"/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r5, 0x0, '\x00', 0x0, r4, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

21.361651527s ago: executing program 7 (id=2157):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0xb, 0x2)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r6, 0xc004562f, &(0x7f00000000c0)=0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100000000000800"], 0x64}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r6, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
connect$inet6(r5, 0x0, 0x0)
write$binfmt_script(r5, 0x0, 0x0)

21.361138992s ago: executing program 6 (id=2158):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000100000046e1230f0200000080000000b1000000c4010000000000000000000000000000f500000000000080f000000007000000030000003b0400000600000007000000da0000000000000000000000d4bcfbd7c13281c15401cdb41c6e"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0x27, &(0x7f00000000c0)=""/39}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0})
write$tun(r7, &(0x7f0000000400)=ANY=[], 0xa2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0xa, 0x4002})
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3})

19.886625383s ago: executing program 5 (id=2159):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f00000000c0)={0x52, 0xa, 0x0, "d9c2955351f9acb1ee54ecc4b00f11f11867b5302c11500e8b8152682b7afe20"})
syz_open_dev$vim2m(&(0x7f0000000000), 0xb, 0x2)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r6, 0xc004562f, &(0x7f00000000c0)=0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100000000000800"], 0x64}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r6, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

19.564419778s ago: executing program 7 (id=2160):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e21, @multicast2}, {0x4}, 0x2, {0x2, 0x4e22, @multicast2}, 'veth0_vlan\x00'})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xfffd, @local}]}, &(0x7f0000000440)=0x51)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x102, 0x48001050, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

17.413851209s ago: executing program 1 (id=2161):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fsopen(0x0, 0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400)={0x1f, 0xfffc}, 0xe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000080))
r4 = syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
write$binfmt_script(r5, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)
process_vm_readv(r4, &(0x7f0000001840)=[{&(0x7f00000004c0)=""/211, 0xd3}, {0x0}], 0x2, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/173, 0xad}, {&(0x7f00000000c0)=""/226, 0xe2}], 0x3, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x804)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x100)

16.906906052s ago: executing program 6 (id=2162):
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
chdir(0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r7, &(0x7f0000000300), 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(r7, 0x1)
close(r2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="170900000000000000000100000005000700000000000800090000000000060002000000000008000a000000000008001800ac1414aa08001900ffffffff14001b00fe"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

15.428053248s ago: executing program 5 (id=2163):
syz_open_dev$vbi(&(0x7f0000000100), 0x0, 0x2)
open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
accept4$bt_l2cap(r3, 0x0, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000002c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x3, 0x3, 0x47314356, [0x0, 0x8000000], [0x9200, 0x1]}}})
ioctl$VIDIOC_QBUF(r4, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x10, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "001500"}, 0x0, 0x2, {}, 0x58603})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r5, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r5, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x24, r6, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r8}]}, 0x24}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r9, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)={0x3c, 0x0, 0x1, 0x70bd22, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x8001}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x400c090}, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x74, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x25c000}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x1}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x8}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0xf}, @ETHTOOL_A_RINGS_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x5}, @ETHTOOL_A_RINGS_TX={0x8, 0x9, 0x1}]}, 0x74}, 0x1, 0x0, 0x0, 0x20004801}, 0x48004)

14.442079711s ago: executing program 7 (id=2164):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0xf, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x1c1, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x7f, 0x1c, &(0x7f00000003c0)=""/28, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000400)={0x3, 0x2}, 0x8, 0x10, &(0x7f0000000440)={0x4, 0xe, 0xc, 0x5}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480), 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='X', 0x5d, 0xfffffffffffffffe)
utime(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r5, r6, r6}, &(0x7f0000000180)=""/82, 0x52, &(0x7f00000000c0)={&(0x7f0000000100)={'md5-generic\x00'}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00'}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @empty}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f7, &(0x7f00000001c0)={'syztnl0\x00', 0x0})
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r7, 0x0, 0x2, 0xfffffffffffffffe, 0xf00)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xe)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x17, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x8, 0x1, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

14.441393057s ago: executing program 1 (id=2165):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892", 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCGPKT(r2, 0x80045438, &(0x7f0000000140))
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "2af01c3d0040fbffffffffffffff00"})
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000080)={0x0, 0x3, 0x6, 0x0, 0x17, "afee3aaaba9a7afcf637553cd6c46c11cef163"})
openat$binderfs(0xffffffffffffff9c, &(0x7f00000002c0)='./binderfs/binder0\x00', 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x38, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xac}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
accept4(r0, 0x0, 0x0, 0x80000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x13, 0x7, 0xc, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r5, &(0x7f0000000000), 0xd)

9.617370234s ago: executing program 6 (id=2166):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
mount(&(0x7f0000000100)=@nullb, &(0x7f0000000040)='./file1\x00', &(0x7f00000001c0)='gfs2\x00', 0x0, 0x0)
ioctl$int_out(0xffffffffffffffff, 0x5460, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f00000004c0)=[{0x6, 0x2, 0x80, 0xe, @time={0x3, 0x80000001}, {0x5, 0xf}, {0x7, 0x7}, @queue={0xd0, {0x35c, 0x7}}}], 0x1c)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x358, 0x128, 0x5802, 0x294, 0x0, 0x294, 0x288, 0x378, 0x378, 0x288, 0x378, 0x3, 0x0, {[{{@uncond, 0xf202, 0x108, 0x128, 0x52020000, {0x0, 0x600}, [@common=@frag={{0x30}}, @common=@srh={{0x30}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@empty, @private0, [], [], 'team_slave_1\x00', 'erspan0\x00', {}, {}, 0x87}, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@mh={{0x28}, {"123a"}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x20}}, 0x0)
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r6, 0x1, {}, 0xff}, 0x18)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$can_j1939(r4, &(0x7f0000000140)={&(0x7f0000000180)={0x1d, 0x0, 0x0, {0x2, 0xfe, 0x4}, 0xff}, 0x18, &(0x7f0000000080)={0x0}, 0x4, 0x0, 0x0, 0x40805}, 0x8001)

9.526529901s ago: executing program 7 (id=2167):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e21, @multicast2}, {0x4}, 0x2, {0x2, 0x4e22, @multicast2}, 'veth0_vlan\x00'})
shutdown(r1, 0x0)
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x102, 0x48001050, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

9.390286134s ago: executing program 1 (id=2168):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r6 = syz_open_procfs(r3, &(0x7f0000000540)='net/ip_vs\x00')
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r7, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x10006})
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x0)
syz_open_dev$dri(&(0x7f0000000280), 0xf, 0x101000)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0e05403, &(0x7f0000000000)={{0xffffffffffffffff, 0x2, 0xffffffff, 0x3, 0x6}, 0xf3e, 0x3, 'id1\x00', 'timer1\x00', 0x0, 0x10000, 0x1, 0x400, 0x77c1907b})

9.311242623s ago: executing program 5 (id=2169):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0xb, 0x2)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r6, 0xc004562f, &(0x7f00000000c0)=0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100000000000800"], 0x64}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r6, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
connect$inet6(r5, 0x0, 0x0)
write$binfmt_script(r5, 0x0, 0x0)

5.78264067s ago: executing program 7 (id=2170):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
creat(&(0x7f0000001200)='./file0\x00', 0x41)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000082f177", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB="020000000100"/28], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=@base={0xd, 0x4, 0x4, 0x7, 0x0, r5, 0x0, '\x00', 0x0, r4, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

5.781765009s ago: executing program 6 (id=2171):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000100000046e1230f0200000080000000b1000000c4010000000000000000000000000000f500000000000080f000000007000000030000003b0400000600000007000000da0000000000000000000000d4bcfbd7c13281c15401cdb41c6e"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0x27, &(0x7f00000000c0)=""/39}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0})
write$tun(r7, &(0x7f0000000400)=ANY=[], 0xa2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0xa, 0x4002})
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3})

4.242362108s ago: executing program 5 (id=2172):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f00000000c0)={0x52, 0xa, 0x0, "d9c2955351f9acb1ee54ecc4b00f11f11867b5302c11500e8b8152682b7afe20"})
syz_open_dev$vim2m(&(0x7f0000000000), 0xb, 0x2)
r6 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r6, 0xc004562f, &(0x7f00000000c0)=0x1)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c0002800500010000000000240002801400018008000100000000000800"], 0x64}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r6, 0xc0945662, &(0x7f0000000100)={0x70, 0x0, '\x00', {0x0, @reserved}})
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

4.225998437s ago: executing program 1 (id=2173):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000180)={{0x2, 0x4e21, @multicast2}, {0x4}, 0x2, {0x2, 0x4e22, @multicast2}, 'veth0_vlan\x00'})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0xfffd, @local}]}, &(0x7f0000000440)=0x51)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(0xffffffffffffffff, 0x102, 0x48001050, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)

2.857436087s ago: executing program 1 (id=2174):
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='tasks\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
epoll_create(0x1)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r3, &(0x7f00000000c0)={0x1a, 0x0, 0x43, 0x0, 0x4, 0x7, @multicast}, 0x10)
connect$llc(r3, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random="48bd00"}, 0x10)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x0)
poll(&(0x7f0000000040)=[{r4}], 0x1, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000380)={'wg0\x00'})
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000400)={0x3ff, 0xfffffffb, {r0}, {0xee01}, 0x8, 0x8})
sendmsg$nl_xfrm(r4, &(0x7f0000000640)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)=@newae={0x40, 0x1e, 0x20, 0x70bd28, 0x25dfdbfe, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d3, 0x2, 0x3c}, @in6=@mcast2, 0x5, 0x3500}}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x40000)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
writev(r6, &(0x7f0000000140)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)

2.856392s ago: executing program 6 (id=2175):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_SET_CPUID2(r4, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="02000000000000000100000046e1230f0200000080000000b1000000c4010000000000000000000000000000f500000000000080f000000007000000030000003b0400000600000007000000da0000000000000000000000d4bcfbd7c13281c15401cdb41c6e"])
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000880)='./binderfs/binder1\x00', 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x1000000000006005, 0x1)
r6 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffc, 0x6, 0x0, @buffer={0x0, 0x27, &(0x7f00000000c0)=""/39}, &(0x7f0000000200)="672d6a44b036", 0x0, 0x0, 0x0, 0x0, 0x0})
write$tun(r6, &(0x7f0000000400)=ANY=[], 0xa2)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0xa, 0x4002})
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r5, 0xc018620c, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3})

1.131518763s ago: executing program 5 (id=2176):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fsopen(0x0, 0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400)={0x1f, 0xfffc}, 0xe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000080))
r4 = syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$key(0xf, 0x3, 0x2)
write$binfmt_script(r5, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)
process_vm_readv(r4, &(0x7f0000001840)=[{&(0x7f00000004c0)=""/211, 0xd3}, {0x0}], 0x2, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/173, 0xad}, {&(0x7f00000000c0)=""/226, 0xe2}], 0x3, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x804)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x100)

231.956061ms ago: executing program 7 (id=2177):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
fsopen(0x0, 0x1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r3, &(0x7f0000000400)={0x1f, 0xfffc}, 0xe)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
socketpair(0x14, 0x0, 0x0, &(0x7f0000000080))
r4 = syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x7}, 0x1c)
write$binfmt_script(r5, &(0x7f0000000a00)={'#! ', './file0'}, 0xb)
process_vm_readv(r4, &(0x7f0000001840)=[{&(0x7f00000004c0)=""/211, 0xd3}, {0x0}], 0x2, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/173, 0xad}, {&(0x7f00000000c0)=""/226, 0xe2}], 0x3, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x149a82, 0x0)
write$cgroup_int(r6, &(0x7f0000000040)=0x1f00, 0x12)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x804)
getsockopt$WPAN_WANTACK(r6, 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)=0x4)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x100)

231.210263ms ago: executing program 6 (id=2178):
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82000)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x3a, 0x40, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x17, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000080)=@bpf_lsm={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="3400000013000500000000000008000007000040", @ANYRES32=r7], 0x34}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)

0s ago: executing program 5 (id=2179):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'netpci0\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x335)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000800000080000000", @ANYRES32, @ANYBLOB="000000007800000000001f7180975f4472fea4e5", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioperm(0x0, 0x8001, 0x9)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000180)='highspeed\x00', 0xa)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
shutdown(r4, 0x2)
syz_open_dev$video(0x0, 0x9, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})

kernel console output (not intermixed with test programs):

7.0.0.1:0 - no destination available
[  426.055134][T10614] netlink: 12 bytes leftover after parsing attributes in process `syz.6.922'.
[  435.414975][T10724] loop9: detected capacity change from 0 to 6
[  439.543056][T10824] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  441.156422][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  441.162829][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  441.523677][T10812] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  444.229994][T10879] binder: 10865:10879 ioctl 4018620d 0 returned -22
[  444.505112][T10877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  444.514059][T10877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  445.429684][T10895] Invalid source name
[  445.437575][T10895] syz.2.979: attempt to access beyond end of device
[  445.437575][T10895] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[  445.688367][T10900] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  449.480087][T10923] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  454.022815][   T29] audit: type=1804 audit(2000000009.639:155): pid=10934 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.6.990" name="/newroot/153/file1" dev="fuse" ino=1 res=1 errno=0
[  454.234742][   T29] audit: type=1804 audit(2000000009.759:156): pid=10933 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.6.990" name="/newroot/153/file1" dev="fuse" ino=1 res=1 errno=0
[  455.887930][   T25] kernel read not supported for file /newroot/155 (pid: 25 comm: kworker/1:0)
[  458.067991][ T5874] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  458.678008][ T5874] usb 3-1: Using ep0 maxpacket: 8
[  458.690811][ T5874] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  458.690842][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.731610][ T5874] usb 3-1: Product: syz
[  458.735940][ T5874] usb 3-1: Manufacturer: syz
[  458.740828][ T5874] usb 3-1: SerialNumber: syz
[  458.757131][ T5874] usb 3-1: config 0 descriptor??
[  458.775748][T10994] netlink: 'syz.5.1005': attribute type 4 has an invalid length.
[  458.784886][T10994] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1005'.
[  459.437345][ T5874] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  462.151834][ T5874] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  462.308029][ T5874] usb 3-1: USB disconnect, device number 7
[  464.951025][T11057] input: syz0 as /devices/virtual/input/input10
[  466.576898][T11085] openvswitch: netlink: Tunnel attr 54 out of range max 16
[  473.338080][ T5881] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  475.080657][T11164] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1039'.
[  475.247831][ T5881] usb 8-1: Using ep0 maxpacket: 8
[  475.259349][ T5881] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  475.270304][ T5881] usb 8-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  475.279494][ T5881] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  475.287664][ T5881] usb 8-1: SerialNumber: syz
[  475.298609][ T5881] usb 8-1: config 0 descriptor??
[  475.384671][ T5881] usb 8-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  475.412685][ T5881] uvcvideo 8-1:0.0: Entity type for entity Output 255 was not initialized!
[  475.459880][ T5881] usb 8-1: Failed to create links for entity 255
[  475.466241][ T5881] usb 8-1: Failed to register entities (-22).
[  475.684213][ T6893] usb 8-1: USB disconnect, device number 3
[  481.498397][T11210] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1050'.
[  487.462023][T11259] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  488.277998][   T29] audit: type=1800 audit(2000000044.179:157): pid=11267 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1062" name="file1" dev="overlay" ino=1244 res=0 errno=0
[  489.016631][T11274] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1065'.
[  489.817228][T11284] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1066'.
[  491.704607][T11316] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1075'.
[  494.707207][T11331] tty tty31: ldisc open failed (-12), clearing slot 30
[  495.424216][ T5919] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  495.600512][ T5919] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  495.658908][ T5919] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  495.746003][   T25] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  495.753948][ T5919] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  495.763237][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.287985][ T5919] usb 3-1: can't set config #27, error -71
[  496.312452][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 28, changing to 8
[  496.323472][   T25] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  496.336436][   T25] usb 8-1: New USB device found, idVendor=05ac, idProduct=0232, bcdDevice= 0.00
[  496.345750][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.360847][   T25] usb 8-1: config 0 descriptor??
[  496.367315][ T5919] usb 3-1: USB disconnect, device number 8
[  496.390722][   T25] input: bcm5974 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input11
[  497.959675][ T5177] bcm5974 8-1:0.0: could not read from device
[  497.966301][ T5177] bcm5974 8-1:0.0: could not read from device
[  498.005300][T11385] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  498.124067][T11391] binder: 11382:11391 ioctl 9362 0 returned -22
[  498.439262][   T25] usb 8-1: USB disconnect, device number 4
[  498.453901][ T5177] bcm5974 8-1:0.0: could not read from device
[  499.087884][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  499.438752][T11385] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  500.527889][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  501.957955][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  501.970754][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  504.554426][T11468] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  506.711675][T11505] openvswitch: netlink: IP tunnel dst address not specified
[  509.316785][T11546] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[  509.327129][T11546] bond0: (slave sit0): Error -95 calling set_mac_address
[  510.708300][T11574] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  512.127833][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  512.661417][   T29] audit: type=1326 audit(2000000068.759:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11591 comm="syz.1.1146" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd6fab85d29 code=0x0
[  513.167834][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  515.100127][T11621] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  515.106175][T11621] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  515.115502][T11621] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  515.121588][T11621] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  515.129514][T11621] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  515.136193][T11621] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  515.142257][T11621] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  515.534961][T11646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  515.549258][T11646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.558744][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  517.621801][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  517.752651][T11668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1162'.
[  518.215683][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  519.220389][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  520.387903][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  520.387955][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  520.789852][T11702] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1166'.
[  522.578569][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  528.345138][T11761] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  528.352445][T11761] overlayfs: failed to set xattr on upper
[  528.358360][T11761] overlayfs: ...falling back to redirect_dir=nofollow.
[  528.365338][T11761] overlayfs: ...falling back to index=off.
[  528.371293][T11761] overlayfs: ...falling back to uuid=null.
[  528.377361][T11761] overlayfs: maximum fs stacking depth exceeded
[  530.116809][T11776] devpts: called with bogus options
[  533.235172][T11835] veth1_macvtap: left promiscuous mode
[  533.240766][T11835] macsec0: entered promiscuous mode
[  533.246065][T11835] macsec0: entered allmulticast mode
[  535.296995][T11860] binder: 11853:11860 ioctl c0306201 0 returned -14
[  537.022112][T11879] netlink: 'syz.1.1210': attribute type 2 has an invalid length.
[  541.816903][T11937] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  541.911635][T11940] netlink: 'syz.1.1231': attribute type 1 has an invalid length.
[  541.920302][T11940] netlink: 'syz.1.1231': attribute type 2 has an invalid length.
[  541.935205][T11940] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  542.265178][T11940] No source specified
[  542.271950][T11940] input: syz0 as /devices/virtual/input/input12
[  544.607975][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  544.987816][    C1] sched: DL replenish lagged too much
[  552.427163][T12006] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1246'.
[  553.006581][T12015] VFS: could not find a valid V7 on nullb0.
[  557.958564][T12077] tmpfs: Bad value for 'mpol'
[  559.860996][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  559.959793][T12082] [U] é
[  561.234727][T12101] Trying to write to read-only block-device nullb0
[  563.411198][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  563.449510][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  563.794273][T12141] 9pnet_fd: Insufficient options for proto=fd
[  564.227806][    T8] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  565.167946][    T8] usb 3-1: Using ep0 maxpacket: 16
[  565.221770][    T8] usb 3-1: config 0 has an invalid interface number: 206 but max is 0
[  565.239016][    T8] usb 3-1: config 0 has an invalid descriptor of length 252, skipping remainder of the config
[  565.267113][    T8] usb 3-1: config 0 has no interface number 0
[  565.433138][    T8] usb 3-1: New USB device found, idVendor=04e2, idProduct=1402, bcdDevice=71.29
[  565.453769][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.815610][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.850828][    T8] usb 3-1: Product: syz
[  565.874198][    T8] usb 3-1: Manufacturer: syz
[  565.885750][    T8] usb 3-1: SerialNumber: syz
[  565.894276][    T8] usb 3-1: config 0 descriptor??
[  567.079341][    T8] usb 3-1: USB disconnect, device number 9
[  571.775372][T12210] syz.7.1301: vmalloc error: size 4198400, failed to allocated page array size 8200, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  571.794814][T12210] CPU: 1 UID: 0 PID: 12210 Comm: syz.7.1301 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  571.805599][T12210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  571.815665][T12210] Call Trace:
[  571.818950][T12210]  <TASK>
[  571.821889][T12210]  dump_stack_lvl+0x241/0x360
[  571.826592][T12210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  571.831807][T12210]  ? __pfx__printk+0x10/0x10
[  571.836422][T12210]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  571.842868][T12210]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  571.849392][T12210]  warn_alloc+0x278/0x410
[  571.853745][T12210]  ? __pfx_warn_alloc+0x10/0x10
[  571.858614][T12210]  ? hash_mac_create+0x312/0xf00
[  571.863566][T12210]  ? __get_vm_area_node+0x1c8/0x2d0
[  571.868777][T12210]  ? __get_vm_area_node+0x25c/0x2d0
[  571.873987][T12210]  __vmalloc_node_range_noprof+0x62f/0x1380
[  571.879895][T12210]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  571.885646][T12210]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  571.891992][T12210]  ? rcu_is_watching+0x15/0xb0
[  571.896775][T12210]  ? trace_kmalloc+0x1f/0xd0
[  571.901375][T12210]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  571.906863][T12210]  ? __kvmalloc_node_noprof+0x72/0x190
[  571.912325][T12210]  __kvmalloc_node_noprof+0x142/0x190
[  571.917693][T12210]  ? hash_mac_create+0x312/0xf00
[  571.922625][T12210]  hash_mac_create+0x312/0xf00
[  571.927383][T12210]  ? __nla_parse+0x40/0x60
[  571.931799][T12210]  ? __pfx_hash_mac_create+0x10/0x10
[  571.937076][T12210]  ip_set_create+0xa31/0x18b0
[  571.941742][T12210]  ? ip_set_create+0x424/0x18b0
[  571.946584][T12210]  ? __pfx_ip_set_create+0x10/0x10
[  571.951698][T12210]  ? __nla_parse+0x40/0x60
[  571.956109][T12210]  ? nfnetlink_rcv_msg+0x225/0x1180
[  571.961300][T12210]  nfnetlink_rcv_msg+0xbec/0x1180
[  571.966316][T12210]  ? nfnetlink_rcv_msg+0x225/0x1180
[  571.971512][T12210]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  571.976962][T12210]  ? stack_trace_save+0x118/0x1d0
[  571.981990][T12210]  ? dev_hard_start_xmit+0x27a/0x7d0
[  571.987262][T12210]  ? __dev_queue_xmit+0x1b73/0x3f50
[  571.992450][T12210]  ? __netlink_deliver_tap+0x56b/0x7f0
[  571.997900][T12210]  ? netlink_deliver_tap+0x19d/0x1b0
[  572.003173][T12210]  ? netlink_unicast+0x7c4/0x990
[  572.008107][T12210]  ? netlink_sendmsg+0x8e4/0xcb0
[  572.013038][T12210]  ? __sock_sendmsg+0x221/0x270
[  572.017883][T12210]  ? ____sys_sendmsg+0x52a/0x7e0
[  572.022808][T12210]  ? __sys_sendmsg+0x269/0x350
[  572.027565][T12210]  netlink_rcv_skb+0x1e3/0x430
[  572.032320][T12210]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  572.037774][T12210]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  572.043060][T12210]  ? cap_capable+0x1b4/0x250
[  572.047643][T12210]  ? safesetid_security_capable+0xb2/0x1d0
[  572.053443][T12210]  ? bpf_lsm_capable+0x9/0x10
[  572.058111][T12210]  ? security_capable+0x7e/0x2d0
[  572.063039][T12210]  nfnetlink_rcv+0x297/0x2ab0
[  572.067710][T12210]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  572.073432][T12210]  ? __dev_queue_xmit+0x2f4/0x3f50
[  572.078532][T12210]  ? __dev_queue_xmit+0x1775/0x3f50
[  572.083720][T12210]  ? kasan_save_track+0x51/0x80
[  572.088567][T12210]  ? ____sys_sendmsg+0x52a/0x7e0
[  572.093499][T12210]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  572.098602][T12210]  ? __dev_queue_xmit+0x2f4/0x3f50
[  572.103705][T12210]  ? __pfx___dev_queue_xmit+0x10/0x10
[  572.109074][T12210]  ? ref_tracker_free+0x643/0x7e0
[  572.114096][T12210]  ? __asan_memcpy+0x40/0x70
[  572.118682][T12210]  ? __pfx_ref_tracker_free+0x10/0x10
[  572.124045][T12210]  ? rcu_is_watching+0x15/0xb0
[  572.128802][T12210]  ? lock_release+0xbf/0xa30
[  572.133380][T12210]  ? skb_clone+0x240/0x390
[  572.137795][T12210]  ? __pfx_lock_release+0x10/0x10
[  572.142806][T12210]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  572.148270][T12210]  ? netlink_deliver_tap+0x2e/0x1b0
[  572.153459][T12210]  netlink_unicast+0x7f6/0x990
[  572.158221][T12210]  ? __pfx_netlink_unicast+0x10/0x10
[  572.163497][T12210]  ? __phys_addr_symbol+0x2f/0x70
[  572.168513][T12210]  ? __check_object_size+0x47a/0x730
[  572.173793][T12210]  netlink_sendmsg+0x8e4/0xcb0
[  572.178553][T12210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.183828][T12210]  ? lock_release+0xbf/0xa30
[  572.188425][T12210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.193699][T12210]  __sock_sendmsg+0x221/0x270
[  572.198374][T12210]  ____sys_sendmsg+0x52a/0x7e0
[  572.203136][T12210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  572.208448][T12210]  ? __fget_files+0x2a/0x410
[  572.213031][T12210]  ? __fget_files+0x2a/0x410
[  572.217612][T12210]  __sys_sendmsg+0x269/0x350
[  572.222198][T12210]  ? __pfx___sys_sendmsg+0x10/0x10
[  572.227299][T12210]  ? lock_release+0xbf/0xa30
[  572.231892][T12210]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  572.238211][T12210]  ? rcu_is_watching+0x15/0xb0
[  572.242986][T12210]  ? rcu_is_watching+0x15/0xb0
[  572.247753][T12210]  do_syscall_64+0xf3/0x230
[  572.252266][T12210]  ? clear_bhb_loop+0x35/0x90
[  572.256936][T12210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.262836][T12210] RIP: 0033:0x7f38b4785d29
[  572.267250][T12210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  572.286856][T12210] RSP: 002b:00007f38b5684038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  572.295270][T12210] RAX: ffffffffffffffda RBX: 00007f38b4976080 RCX: 00007f38b4785d29
[  572.303239][T12210] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  572.311203][T12210] RBP: 00007f38b4801a20 R08: 0000000000000000 R09: 0000000000000000
[  572.319174][T12210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  572.327140][T12210] R13: 0000000000000000 R14: 00007f38b4976080 R15: 00007fff59370f78
[  572.335114][T12210]  </TASK>
[  573.208382][T12210] Mem-Info:
[  573.219019][T12210] active_anon:386 inactive_anon:12238 isolated_anon:0
[  573.219019][T12210]  active_file:25342 inactive_file:34293 isolated_file:0
[  573.219019][T12210]  unevictable:768 dirty:400 writeback:0
[  573.219019][T12210]  slab_reclaimable:6465 slab_unreclaimable:101842
[  573.219019][T12210]  mapped:35421 shmem:6626 pagetables:1206
[  573.219019][T12210]  sec_pagetables:0 bounce:0
[  573.219019][T12210]  kernel_misc_reclaimable:0
[  573.219019][T12210]  free:1304981 free_pcp:6359 free_cma:0
[  573.661811][T12210] Node 0 active_anon:1540kB inactive_anon:46328kB active_file:101272kB inactive_file:137172kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:135428kB dirty:1204kB writeback:0kB shmem:22812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11620kB pagetables:4736kB sec_pagetables:0kB all_unreclaimable? no
[  573.737891][T12210] Node 1 active_anon:0kB inactive_anon:0kB active_file:96kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  574.499578][T12210] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  574.499853][T12236] netlink: 'syz.6.1307': attribute type 1 has an invalid length.
[  574.527860][T12210] lowmem_reserve[]: 0 2465 2466 0 0
[  574.534814][T12236] netlink: 'syz.6.1307': attribute type 2 has an invalid length.
[  574.547961][T12210] Node 0 DMA32 free:1322372kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:1540kB inactive_anon:51124kB active_file:100496kB inactive_file:137120kB unevictable:1536kB writepending:1252kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:1560kB local_pcp:484kB free_cma:0kB
[  574.548156][T12236] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check.
[  574.579672][T12210] lowmem_reserve[]: 0 0 0 0 0
[  574.600226][T12210] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  574.627462][T12210] lowmem_reserve[]: 0 0 0 0 0
[  574.632339][T12210] Node 1 Normal free:3903904kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:96kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  574.662086][T12210] lowmem_reserve[]: 0 0 0 0 0
[  574.667150][T12210] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  574.683568][T12210] Node 0 DMA32: 772*4kB (UME) 1468*8kB (UME) 765*16kB (UME) 322*32kB (UME) 1267*64kB (UME) 727*128kB (UME) 317*256kB (UME) 135*512kB (UME) 41*1024kB (UME) 9*2048kB (UME) 220*4096kB (M) = 1323328kB
[  574.703801][T12242] No source specified
[  574.709762][T12242] input: syz0 as /devices/virtual/input/input13
[  574.712583][T12210] Node 0 
[  574.717157][T12246] syz.2.1309 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  574.786763][T12248] bad cache= option: none

[  574.786763][T12248] 
[  574.793639][T12248] CIFS: VFS: bad cache= option: none

[  575.050123][T12210] Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  575.064176][T12210] Node 1 Normal: 224*4kB (UME) 68*8kB (UME) 46*16kB (UME) 219*32kB (UME) 95*64kB (UME) 28*128kB (UME) 18*256kB (UME) 9*512kB (UME) 5*1024kB (UM) 6*2048kB (UME) 942*4096kB (M) = 3903904kB
[  575.084204][T12210] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  575.094013][T12210] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  575.104148][T12210] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  575.114413][T12210] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  575.147638][T12210] 64037 total pagecache pages
[  575.154685][T12210] 0 pages in swap cache
[  575.159509][T12210] Free swap  = 124400kB
[  575.163844][T12210] Total swap = 124996kB
[  575.170386][T12210] 2097051 pages RAM
[  575.174405][T12210] 0 pages HighMem/MovableOnly
[  575.419080][T12210] 427005 pages reserved
[  575.423393][T12210] 0 pages cma reserved
[  576.733029][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[  576.772088][T12266] cgroup: subsys name conflicts with all
[  577.777529][T12287] random: crng reseeded on system resumption
[  577.885838][T12287] Restarting kernel threads ... done.
[  580.942729][T12311] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1328'.
[  582.120524][T12332] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  583.593786][T12350] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  584.687796][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  586.816364][T12388] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1344'.
[  586.825366][T12388] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1344'.
[  589.867943][ T5881] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  590.079920][ T5881] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  590.091862][ T5881] usb 6-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[  590.145627][ T5881] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.210390][ T5881] usb 6-1: config 0 descriptor??
[  590.230996][ T5881] usb 6-1: interface 1 not found
[  592.197819][ T5881] usb 6-1: USB disconnect, device number 2
[  593.461557][T12472] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  593.478199][T12467] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  593.499805][T12467] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  593.505783][T12467] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  594.528304][T12487] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  594.607834][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  595.091889][T12500] program syz.5.1379 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  595.558284][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  595.567927][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  595.574284][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[  599.182394][   T54] Bluetooth: hci3: unexpected event for opcode 0x0000
[  599.893135][T12537] [U] é
[  600.988484][T12562] veth0_to_team: entered promiscuous mode
[  600.994277][T12562] veth0_to_team: entered allmulticast mode
[  601.039585][T12563] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 41042 - 0
[  601.048478][T12563] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 41042 - 0
[  601.057287][T12563] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 41042 - 0
[  601.066164][T12563] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 41042 - 0
[  601.075624][T12563] geneve2: entered promiscuous mode
[  601.081117][T12563] geneve2: entered allmulticast mode
[  601.777097][T12571] netlink: 'syz.7.1396': attribute type 2 has an invalid length.
[  603.407845][   T54] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  603.419755][   T54] Bluetooth: hci3: Injecting HCI hardware error event
[  603.438405][   T54] Bluetooth: hci3: hardware error 0x00
[  605.526207][   T54] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  605.725074][T12623] netlink: 'syz.2.1409': attribute type 1 has an invalid length.
[  607.068757][T12630] ptrace attach of "./syz-executor exec"[6897] was attempted by "./syz-executor exec"[12630]
[  608.198456][T12644] Invalid ELF header magic: != ELF
[  608.213970][T12644] bridge0: port 4(erspan0) entered blocking state
[  608.220713][T12644] bridge0: port 4(erspan0) entered disabled state
[  608.227914][T12644] erspan0: entered allmulticast mode
[  608.237234][T12644] erspan0: entered promiscuous mode
[  608.243687][T12644] bridge0: port 4(erspan0) entered blocking state
[  608.250176][T12644] bridge0: port 4(erspan0) entered forwarding state
[  609.872634][T12652] netlink: 'syz.7.1417': attribute type 1 has an invalid length.
[  610.687688][T12652] 8021q: adding VLAN 0 to HW filter on device bond1
[  610.699467][T12655] 8021q: adding VLAN 0 to HW filter on device batadv1
[  610.712602][T12655] bond1: (slave batadv1): making interface the new active one
[  610.769186][T12655] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  612.083609][T12663] 8021q: adding VLAN 0 to HW filter on device batadv2
[  612.232973][T12663] bond1: (slave batadv2): Enslaving as an active interface with an up link
[  615.943023][T12729] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1436'.
[  615.952243][T12729] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1436'.
[  618.615805][T12761] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1443'.
[  620.593694][T12789] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  620.599888][T12789] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  622.246076][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  622.857028][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[  624.718973][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  624.725369][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  626.321552][T12879] netlink: 'syz.5.1466': attribute type 1 has an invalid length.
[  626.329403][T12879] netlink: 228 bytes leftover after parsing attributes in process `syz.5.1466'.
[  626.503093][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.510712][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.521287][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.532557][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.540689][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.549270][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.559008][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.587372][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.629347][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.660966][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.671687][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.689797][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.699406][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.711112][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.732310][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.751352][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.761926][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.782955][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.794067][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.807881][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.816396][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.823894][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  626.833600][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.103662][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.111381][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.118904][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.126306][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.133737][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.141231][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.157631][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.165067][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.172544][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  627.205703][    T8] hid-generic 0000:0000:0000.0003: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  627.412521][T12895] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  629.517586][T12923] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1475'.
[  629.527040][T12923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1475'.
[  629.957244][T12942] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  632.695251][T12961] 9pnet: Could not find request transport: fd0x0000000000000008
[  633.717498][   T29] audit: type=1326 audit(2000000189.899:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  633.925763][   T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  633.934265][   T54] Bluetooth: hci2: Injecting HCI hardware error event
[  633.941230][   T54] Bluetooth: hci2: hardware error 0x00
[  634.037341][   T29] audit: type=1326 audit(2000000189.899:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  634.066530][   T29] audit: type=1326 audit(2000000190.129:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  634.095172][T13015] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1495'.
[  634.127109][   T29] audit: type=1326 audit(2000000190.129:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  634.161205][   T29] audit: type=1326 audit(2000000190.139:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  634.184492][T13019] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1495'.
[  634.212444][   T29] audit: type=1326 audit(2000000190.139:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06a6585d29 code=0x7ffc0000
[  634.276910][   T29] audit: type=1326 audit(2000000190.139:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f06a6587c47 code=0x7ffc0000
[  634.327481][   T29] audit: type=1326 audit(2000000190.139:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f06a6587bbc code=0x7ffc0000
[  634.558474][   T29] audit: type=1326 audit(2000000190.139:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f06a6587af4 code=0x7ffc0000
[  634.616857][   T29] audit: type=1326 audit(2000000190.139:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13014 comm="syz.5.1495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f06a6587af4 code=0x7ffc0000
[  636.076463][   T54] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  636.299203][T13057] vivid-000: =================  START STATUS  =================
[  636.306921][T13057] vivid-000: Generate PTS: true
[  636.312127][T13057] vivid-000: Generate SCR: true
[  636.317093][T13057] tpg source WxH: 320x180 (R'G'B)
[  636.322358][T13057] tpg field: 1
[  636.325763][T13057] tpg crop: 320x180@0x0
[  636.330113][T13057] tpg compose: 320x180@0x0
[  636.334584][T13057] tpg colorspace: 8
[  636.338660][T13057] tpg transfer function: 0/0
[  636.343306][T13057] tpg quantization: 0/0
[  636.347495][T13057] tpg RGB range: 0/2
[  636.351570][T13057] vivid-000: ==================  END STATUS  ==================
[  639.760525][T13110] syz.1.1514: attempt to access beyond end of device
[  639.760525][T13110] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  640.902765][T13121] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1518'.
[  642.161487][T13142] block device autoloading is deprecated and will be removed.
[  644.925219][T13167] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1531'.
[  645.957387][T13175] [U] é
[  647.674001][T13196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  647.683689][T13196] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1533'.
[  648.343649][T13199] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  649.801929][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  649.801953][   T29] audit: type=1326 audit(2000000205.829:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13208 comm="syz.7.1540" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f38b4785d29 code=0x0
[  651.128046][T13251] veth0_to_team: entered promiscuous mode
[  651.133862][T13251] veth0_to_team: entered allmulticast mode
[  651.223251][T13253] geneve2: entered promiscuous mode
[  651.228596][T13253] geneve2: entered allmulticast mode
[  652.731321][T13274] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1549'.
[  652.740332][T13274] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1549'.
[  654.216446][T13293] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1559'.
[  656.092129][T13307] netlink: 'syz.1.1563': attribute type 13 has an invalid length.
[  657.077509][T13325] No control pipe specified
[  657.083289][T13325] tmpfs: Bad value for 'mpol'
[  657.177327][T13328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1568'.
[  657.186387][T13328] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1568'.
[  658.009792][T13341] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1570'.
[  658.019177][T13341] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1570'.
[  659.934465][T13364] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  660.915858][T13378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1581'.
[  660.924782][T13378] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1581'.
[  661.007762][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  661.712047][T13389] sctp: [Deprecated]: syz.1.1583 (pid 13389) Use of struct sctp_assoc_value in delayed_ack socket option.
[  661.712047][T13389] Use struct sctp_sack_info instead
[  662.415944][T13397] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1584'.
[  662.424949][T13397] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1584'.
[  663.225401][T13407] binder: 13403:13407 ioctl c018620c 20001180 returned -22
[  664.149593][T13418] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  665.296000][T13421] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1590'.
[  669.796481][T13480] PKCS8: Unsupported PKCS#8 version
[  672.347307][T13511] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1609'.
[  672.356848][T13511] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1609'.
[  672.764228][T13520] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  674.176345][T13537] IPVS: set_ctl: invalid protocol: 8 224.0.0.1:20002
[  676.674576][ T5875] IPVS: starting estimator thread 0...
[  677.177847][T13571] IPVS: using max 44 ests per chain, 105600 per kthread
[  678.615148][T13605] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1633'.
[  678.624548][T13605] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1633'.
[  680.421414][T13625] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1638'.
[  680.430414][T13625] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1638'.
[  681.882000][T13646] Invalid ELF header magic: != ELF
[  681.895664][   T29] audit: type=1804 audit(2000000238.049:192): pid=13646 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.1644" name="/newroot/345/bus/bus" dev="overlay" ino=1932 res=1 errno=0
[  682.164717][T13632] sctp: [Deprecated]: syz.5.1642 (pid 13632) Use of struct sctp_assoc_value in delayed_ack socket option.
[  682.164717][T13632] Use struct sctp_sack_info instead
[  682.709150][T13654] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1643'.
[  682.718135][T13654] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1643'.
[  684.741200][   T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  685.488193][T13683] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  685.697656][   T25] usb 3-1: device descriptor read/64, error -71
[  685.956068][T13692] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1653'.
[  685.965105][T13692] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1653'.
[  686.264937][T13695] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1657'.
[  686.267943][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  686.286227][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  687.787271][T13706] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1659'.
[  689.070219][T13718] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1662'.
[  689.116442][T13718] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1662'.
[  689.638965][T13722] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1664'.
[  689.980979][T13736] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1665'.
[  689.990152][T13736] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1665'.
[  691.017102][T13745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1668'.
[  691.028097][T13745] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1668'.
[  694.142582][T13776] binder: 13775:13776 ioctl c018620c 20001180 returned -22
[  694.289607][T13780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1676'.
[  694.299222][T13780] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1676'.
[  695.885423][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1684'.
[  695.894575][T13809] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1684'.
[  695.908218][T13796] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  695.915701][T13796] ALSA: mixer_oss: invalid OSS volume 'OGAINWÁ”1õ›'
[  697.723399][T13824] binder: 13823:13824 ioctl c018620c 20001180 returned -22
[  699.394701][T13853] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1696'.
[  699.409652][T13853] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1696'.
[  699.420476][T13836] syz.1.1689: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  699.760937][T13836] CPU: 0 UID: 0 PID: 13836 Comm: syz.1.1689 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  699.771734][T13836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  699.781803][T13836] Call Trace:
[  699.785092][T13836]  <TASK>
[  699.788042][T13836]  dump_stack_lvl+0x241/0x360
[  699.792743][T13836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  699.797963][T13836]  ? __pfx__printk+0x10/0x10
[  699.802567][T13836]  ? __rcu_read_unlock+0xa1/0x110
[  699.807599][T13836]  warn_alloc+0x278/0x410
[  699.811950][T13836]  ? __pfx_warn_alloc+0x10/0x10
[  699.816822][T13836]  ? hash_mac_create+0x312/0xf00
[  699.821778][T13836]  ? __get_vm_area_node+0x1c8/0x2d0
[  699.826989][T13836]  ? __get_vm_area_node+0x25c/0x2d0
[  699.832209][T13836]  __vmalloc_node_range_noprof+0x62f/0x1380
[  699.838123][T13836]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  699.843873][T13836]  ? rcu_is_watching+0x15/0xb0
[  699.848663][T13836]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  699.855006][T13836]  ? rcu_is_watching+0x15/0xb0
[  699.859790][T13836]  ? trace_kmalloc+0x1f/0xd0
[  699.864385][T13836]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  699.869839][T13836]  ? __kvmalloc_node_noprof+0x72/0x190
[  699.875293][T13836]  __kvmalloc_node_noprof+0x142/0x190
[  699.880663][T13836]  ? hash_mac_create+0x312/0xf00
[  699.885591][T13836]  hash_mac_create+0x312/0xf00
[  699.890349][T13836]  ? __nla_parse+0x40/0x60
[  699.894760][T13836]  ? __pfx_hash_mac_create+0x10/0x10
[  699.900038][T13836]  ip_set_create+0xa31/0x18b0
[  699.904708][T13836]  ? ip_set_create+0x424/0x18b0
[  699.909552][T13836]  ? __pfx_ip_set_create+0x10/0x10
[  699.914667][T13836]  ? __nla_parse+0x40/0x60
[  699.919073][T13836]  ? nfnetlink_rcv_msg+0x225/0x1180
[  699.924263][T13836]  nfnetlink_rcv_msg+0xbec/0x1180
[  699.929283][T13836]  ? nfnetlink_rcv_msg+0x225/0x1180
[  699.934483][T13836]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  699.939933][T13836]  ? stack_trace_save+0x118/0x1d0
[  699.944962][T13836]  ? dev_hard_start_xmit+0x27a/0x7d0
[  699.950239][T13836]  ? __dev_queue_xmit+0x1b73/0x3f50
[  699.955425][T13836]  ? __netlink_deliver_tap+0x56b/0x7f0
[  699.960876][T13836]  ? netlink_deliver_tap+0x19d/0x1b0
[  699.966153][T13836]  ? netlink_unicast+0x7c4/0x990
[  699.971087][T13836]  ? netlink_sendmsg+0x8e4/0xcb0
[  699.976012][T13836]  ? __sock_sendmsg+0x221/0x270
[  699.980856][T13836]  ? ____sys_sendmsg+0x52a/0x7e0
[  699.985782][T13836]  ? __sys_sendmsg+0x269/0x350
[  699.990541][T13836]  netlink_rcv_skb+0x1e3/0x430
[  699.995299][T13836]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  700.000749][T13836]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  700.006030][T13836]  ? cap_capable+0x1b4/0x250
[  700.010613][T13836]  ? safesetid_security_capable+0xb2/0x1d0
[  700.016416][T13836]  ? bpf_lsm_capable+0x9/0x10
[  700.021080][T13836]  ? security_capable+0x7e/0x2d0
[  700.026016][T13836]  nfnetlink_rcv+0x297/0x2ab0
[  700.030692][T13836]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  700.036419][T13836]  ? __dev_queue_xmit+0x2f4/0x3f50
[  700.041528][T13836]  ? __dev_queue_xmit+0x1775/0x3f50
[  700.046719][T13836]  ? kasan_save_track+0x51/0x80
[  700.051564][T13836]  ? ____sys_sendmsg+0x52a/0x7e0
[  700.056493][T13836]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  700.061596][T13836]  ? __dev_queue_xmit+0x2f4/0x3f50
[  700.066702][T13836]  ? __pfx___dev_queue_xmit+0x10/0x10
[  700.072068][T13836]  ? ref_tracker_free+0x643/0x7e0
[  700.077081][T13836]  ? __asan_memcpy+0x40/0x70
[  700.081665][T13836]  ? __pfx_ref_tracker_free+0x10/0x10
[  700.087025][T13836]  ? rcu_is_watching+0x15/0xb0
[  700.091784][T13836]  ? lock_release+0xbf/0xa30
[  700.096365][T13836]  ? skb_clone+0x240/0x390
[  700.100771][T13836]  ? __pfx_lock_release+0x10/0x10
[  700.105787][T13836]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  700.111240][T13836]  ? netlink_deliver_tap+0x2e/0x1b0
[  700.116429][T13836]  netlink_unicast+0x7f6/0x990
[  700.121189][T13836]  ? __pfx_netlink_unicast+0x10/0x10
[  700.126467][T13836]  ? __virt_addr_valid+0x45f/0x530
[  700.131568][T13836]  ? __phys_addr_symbol+0x2f/0x70
[  700.136583][T13836]  ? __check_object_size+0x47a/0x730
[  700.141872][T13836]  netlink_sendmsg+0x8e4/0xcb0
[  700.146635][T13836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.151914][T13836]  ? lock_release+0xbf/0xa30
[  700.156493][T13836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.161766][T13836]  __sock_sendmsg+0x221/0x270
[  700.166438][T13836]  ____sys_sendmsg+0x52a/0x7e0
[  700.171193][T13836]  ? __pfx_____sys_sendmsg+0x10/0x10
[  700.176469][T13836]  ? __fget_files+0x2a/0x410
[  700.181049][T13836]  ? __fget_files+0x2a/0x410
[  700.185633][T13836]  __sys_sendmsg+0x269/0x350
[  700.190214][T13836]  ? __pfx_futex_wake+0x10/0x10
[  700.195053][T13836]  ? __pfx___sys_sendmsg+0x10/0x10
[  700.200151][T13836]  ? lock_release+0xbf/0xa30
[  700.204744][T13836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  700.211062][T13836]  ? rcu_is_watching+0x15/0xb0
[  700.215821][T13836]  ? rcu_is_watching+0x15/0xb0
[  700.220581][T13836]  do_syscall_64+0xf3/0x230
[  700.225082][T13836]  ? clear_bhb_loop+0x35/0x90
[  700.229765][T13836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.235670][T13836] RIP: 0033:0x7fd6fab85d29
[  700.240082][T13836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.259688][T13836] RSP: 002b:00007fd6fb8de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  700.268099][T13836] RAX: ffffffffffffffda RBX: 00007fd6fad76160 RCX: 00007fd6fab85d29
[  700.276060][T13836] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  700.284037][T13836] RBP: 00007fd6fac01a20 R08: 0000000000000000 R09: 0000000000000000
[  700.292008][T13836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.299985][T13836] R13: 0000000000000000 R14: 00007fd6fad76160 R15: 00007ffe379dcfa8
[  700.307962][T13836]  </TASK>
[  700.328766][T13836] Mem-Info:
[  700.332000][T13836] active_anon:6076 inactive_anon:26660 isolated_anon:0
[  700.332000][T13836]  active_file:25391 inactive_file:34293 isolated_file:0
[  700.332000][T13836]  unevictable:768 dirty:110 writeback:0
[  700.332000][T13836]  slab_reclaimable:6604 slab_unreclaimable:102847
[  700.332000][T13836]  mapped:36442 shmem:26740 pagetables:1309
[  700.332000][T13836]  sec_pagetables:0 bounce:0
[  700.332000][T13836]  kernel_misc_reclaimable:0
[  700.332000][T13836]  free:1285032 free_pcp:4698 free_cma:0
[  700.474909][T13836] Node 0 active_anon:12904kB inactive_anon:122476kB active_file:101424kB inactive_file:137172kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156212kB dirty:440kB writeback:0kB shmem:109768kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11976kB pagetables:5180kB sec_pagetables:0kB all_unreclaimable? no
[  700.662504][T13866] input: syz1 as /devices/virtual/input/input18
[  702.064301][T13836] Node 1 active_anon:0kB inactive_anon:3400kB active_file:140kB inactive_file:0kB unevictable:9636kB isolated(anon):0kB isolated(file):0kB mapped:11568kB dirty:0kB writeback:0kB shmem:12936kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  702.097202][T13836] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  702.248223][T13836] lowmem_reserve[]: 0 2465 2466 0 0
[  702.253727][T13836] Node 0 DMA32 free:1213964kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12904kB inactive_anon:133936kB active_file:100620kB inactive_file:137120kB unevictable:1536kB writepending:688kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:12156kB local_pcp:6292kB free_cma:0kB
[  702.292691][T13836] lowmem_reserve[]: 0 0 0 0 0
[  702.297644][T13836] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  702.346230][T13877] binder: 13874:13877 ioctl c018620c 20001180 returned -22
[  702.431439][T13836] lowmem_reserve[]: 0 0 0 0 0
[  702.436295][T13836] Node 1 Normal free:3891932kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:56kB active_file:168kB inactive_file:0kB unevictable:1628kB writepending:0kB present:4194300kB managed:4111168kB mlocked:92kB bounce:0kB free_pcp:12028kB local_pcp:380kB free_cma:0kB
[  702.718592][T13836] lowmem_reserve[]: 0 0 0 0 0
[  702.753154][T13836] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  702.837774][T13836] Node 0 DMA32: 271*4kB (UM) 365*8kB (UE) 176*16kB (UE) 272*32kB (UME) 1246*64kB (UME) 663*128kB (UME) 319*256kB (UME) 129*512kB (UE) 58*1024kB (UME) 11*2048kB (UME) 192*4096kB (M) = 1196196kB
[  702.948076][T13836] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  702.968667][T13836] Node 1 Normal: 227*4kB (UE) 64*8kB (UE) 47*16kB (UE) 221*32kB (UME) 93*64kB (UME) 27*128kB (UME) 16*256kB (UME) 7*512kB (UME) 3*1024kB (U) 6*2048kB (UME) 940*4096kB (M) = 3891932kB
[  703.351542][T13836] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  703.524320][T13836] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  703.668304][T13836] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  703.797190][T13836] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  703.929295][T13836] 99120 total pagecache pages
[  703.981382][T13836] 0 pages in swap cache
[  704.027915][T13836] Free swap  = 124400kB
[  704.032100][T13836] Total swap = 124996kB
[  704.036262][T13836] 2097051 pages RAM
[  704.046963][T13836] 0 pages HighMem/MovableOnly
[  704.067840][T13836] 427005 pages reserved
[  704.072014][T13836] 0 pages cma reserved
[  704.572312][T13909] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1711'.
[  704.581381][T13909] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1711'.
[  706.944528][T13928] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1717'.
[  706.953600][T13928] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1717'.
[  709.121026][T13968] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1727'.
[  709.121056][T13968] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1727'.
[  710.088309][T13975] veth1: entered promiscuous mode
[  712.590421][T14002] [U] é
[  712.728948][T14016] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1740'.
[  712.737879][T14016] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1740'.
[  713.394862][T14027] binder: 14024:14027 ioctl c018620c 0 returned -14
[  715.511468][T14062] binder: 14061:14062 ioctl c018620c 0 returned -14
[  715.884453][T14053] [U] é
[  716.717530][T14072] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1757'.
[  716.717560][T14072] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1757'.
[  718.377327][T14097] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1761'.
[  718.386402][T14097] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1761'.
[  721.445283][T14134] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1769'.
[  721.454438][T14134] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1769'.
[  722.321763][T14144] bridge_slave_1: left allmulticast mode
[  722.327536][T14144] bridge_slave_1: left promiscuous mode
[  722.333954][T14144] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.490712][T14144] netlink: 'syz.5.1775': attribute type 11 has an invalid length.
[  723.647876][T14161] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1778'.
[  723.656991][T14161] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1778'.
[  724.416945][T14173] syz.2.1783 (14173) used greatest stack depth: 18320 bytes left
[  725.995973][T14190] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1785'.
[  726.005021][T14190] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1785'.
[  726.055514][T14177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  726.064111][T14177] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  727.391398][T14204] xt_TPROXY: Can be used only with -p tcp or -p udp
[  728.638002][T14225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1795'.
[  728.647377][T14225] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1795'.
[  728.671402][T14214] [U] é
[  730.020519][T14235] Device name cannot be null; rc = [-22]
[  730.046834][T14220] warn_alloc: 3 callbacks suppressed
[  730.046851][T14220] syz.7.1793: vmalloc error: size 4198400, failed to allocated page array size 8200, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  730.079341][T14220] CPU: 0 UID: 0 PID: 14220 Comm: syz.7.1793 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  730.090134][T14220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  730.100196][T14220] Call Trace:
[  730.103483][T14220]  <TASK>
[  730.106423][T14220]  dump_stack_lvl+0x241/0x360
[  730.111124][T14220]  ? __pfx_dump_stack_lvl+0x10/0x10
[  730.116337][T14220]  ? __pfx__printk+0x10/0x10
[  730.120948][T14220]  ? __rcu_read_unlock+0xa1/0x110
[  730.125984][T14220]  warn_alloc+0x278/0x410
[  730.130328][T14220]  ? __pfx_warn_alloc+0x10/0x10
[  730.135195][T14220]  ? hash_mac_create+0x312/0xf00
[  730.140147][T14220]  ? __get_vm_area_node+0x1c8/0x2d0
[  730.145355][T14220]  ? __get_vm_area_node+0x25c/0x2d0
[  730.150571][T14220]  __vmalloc_node_range_noprof+0x62f/0x1380
[  730.156481][T14220]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  730.162222][T14220]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  730.168552][T14220]  ? rcu_is_watching+0x15/0xb0
[  730.173311][T14220]  ? trace_kmalloc+0x1f/0xd0
[  730.177904][T14220]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  730.183369][T14220]  ? __kvmalloc_node_noprof+0x72/0x190
[  730.188827][T14220]  __kvmalloc_node_noprof+0x142/0x190
[  730.194201][T14220]  ? hash_mac_create+0x312/0xf00
[  730.199141][T14220]  hash_mac_create+0x312/0xf00
[  730.203907][T14220]  ? __nla_parse+0x40/0x60
[  730.208320][T14220]  ? __pfx_hash_mac_create+0x10/0x10
[  730.213604][T14220]  ip_set_create+0xa31/0x18b0
[  730.218279][T14220]  ? ip_set_create+0x424/0x18b0
[  730.223124][T14220]  ? __pfx_ip_set_create+0x10/0x10
[  730.228243][T14220]  ? lock_release+0xb0/0xa30
[  730.232826][T14220]  ? __rcu_read_unlock+0x62/0x110
[  730.237863][T14220]  ? nfnetlink_rcv_msg+0x225/0x1180
[  730.243080][T14220]  nfnetlink_rcv_msg+0xbec/0x1180
[  730.248115][T14220]  ? nfnetlink_rcv_msg+0x225/0x1180
[  730.253316][T14220]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  730.258776][T14220]  ? dev_hard_start_xmit+0x27a/0x7d0
[  730.264051][T14220]  ? __netlink_deliver_tap+0x56b/0x7f0
[  730.269499][T14220]  ? netlink_deliver_tap+0x19d/0x1b0
[  730.274774][T14220]  ? netlink_unicast+0x7c4/0x990
[  730.279709][T14220]  ? ____sys_sendmsg+0x52a/0x7e0
[  730.284640][T14220]  ? __pfx___schedule+0x10/0x10
[  730.289488][T14220]  netlink_rcv_skb+0x1e3/0x430
[  730.294246][T14220]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  730.299713][T14220]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  730.304999][T14220]  ? cap_capable+0x1b4/0x250
[  730.309587][T14220]  ? safesetid_security_capable+0xb2/0x1d0
[  730.315387][T14220]  ? bpf_lsm_capable+0x9/0x10
[  730.320056][T14220]  ? security_capable+0x7e/0x2d0
[  730.324993][T14220]  nfnetlink_rcv+0x297/0x2ab0
[  730.329666][T14220]  ? rcu_is_watching+0x15/0xb0
[  730.334422][T14220]  ? lock_acquire+0xe3/0x550
[  730.339002][T14220]  ? __pfx_lock_release+0x10/0x10
[  730.344019][T14220]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  730.350337][T14220]  ? rcu_is_watching+0x15/0xb0
[  730.355095][T14220]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  730.360197][T14220]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  730.366100][T14220]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  730.372439][T14220]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  730.379043][T14220]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  730.385974][T14220]  ? rcu_is_watching+0x15/0xb0
[  730.390735][T14220]  ? rcu_read_unlock_special+0x497/0x570
[  730.396365][T14220]  ? skb_clone+0x240/0x390
[  730.400776][T14220]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  730.406755][T14220]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  730.412212][T14220]  ? __rcu_read_unlock+0xa1/0x110
[  730.417235][T14220]  netlink_unicast+0x7f6/0x990
[  730.422006][T14220]  ? __pfx_netlink_unicast+0x10/0x10
[  730.427289][T14220]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  730.432742][T14220]  ? __phys_addr_symbol+0x2f/0x70
[  730.437763][T14220]  ? __check_object_size+0x47a/0x730
[  730.443044][T14220]  netlink_sendmsg+0x8e4/0xcb0
[  730.447804][T14220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.453090][T14220]  ? tomoyo_socket_sendmsg_permission+0x12e/0x420
[  730.459504][T14220]  ? __sock_sendmsg+0x54/0x270
[  730.464268][T14220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  730.469542][T14220]  __sock_sendmsg+0x221/0x270
[  730.474215][T14220]  ____sys_sendmsg+0x52a/0x7e0
[  730.478972][T14220]  ? __pfx_____sys_sendmsg+0x10/0x10
[  730.484251][T14220]  ? __fget_files+0x2a/0x410
[  730.488834][T14220]  ? __fget_files+0x2a/0x410
[  730.493421][T14220]  __sys_sendmsg+0x269/0x350
[  730.498009][T14220]  ? __pfx___sys_sendmsg+0x10/0x10
[  730.503126][T14220]  ? trace_irq_enable+0x2c/0x120
[  730.508056][T14220]  do_syscall_64+0xf3/0x230
[  730.512556][T14220]  ? clear_bhb_loop+0x35/0x90
[  730.517226][T14220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.523118][T14220] RIP: 0033:0x7f38b4785d29
[  730.527526][T14220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.547132][T14220] RSP: 002b:00007f38b5684038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.555542][T14220] RAX: ffffffffffffffda RBX: 00007f38b4976080 RCX: 00007f38b4785d29
[  730.563506][T14220] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[  730.571470][T14220] RBP: 00007f38b4801a20 R08: 0000000000000000 R09: 0000000000000000
[  730.579430][T14220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.587391][T14220] R13: 0000000000000000 R14: 00007f38b4976080 R15: 00007fff59370f78
[  730.595361][T14220]  </TASK>
[  731.560256][T14220] Mem-Info:
[  731.563411][T14220] active_anon:3227 inactive_anon:18667 isolated_anon:0
[  731.563411][T14220]  active_file:25404 inactive_file:34293 isolated_file:0
[  731.563411][T14220]  unevictable:768 dirty:110 writeback:0
[  731.563411][T14220]  slab_reclaimable:6538 slab_unreclaimable:102919
[  731.563411][T14220]  mapped:44924 shmem:15806 pagetables:1266
[  731.563411][T14220]  sec_pagetables:0 bounce:0
[  731.563411][T14220]  kernel_misc_reclaimable:0
[  731.563411][T14220]  free:1297392 free_pcp:3580 free_cma:0
[  731.987939][T14241] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1799'.
[  731.996976][T14241] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1799'.
[  732.559660][T14220] Node 0 active_anon:12908kB inactive_anon:63168kB active_file:101448kB inactive_file:137172kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:168100kB dirty:440kB writeback:0kB shmem:50288kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12192kB pagetables:4964kB sec_pagetables:0kB all_unreclaimable? no
[  732.608072][T14220] Node 1 active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  732.836979][T14220] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  732.882537][T14220] lowmem_reserve[]: 0 2465 2466 0 0
[  732.890067][T14220] Node 0 DMA32 free:1291644kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12920kB inactive_anon:50056kB active_file:100772kB inactive_file:137020kB unevictable:1536kB writepending:440kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:20536kB local_pcp:20020kB free_cma:0kB
[  732.930514][T14220] lowmem_reserve[]: 0 0 0 0 0
[  732.935321][T14220] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  732.970919][T14253] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  732.998347][T14220] lowmem_reserve[]: 0 0 0 0 0
[  733.003144][T14220] Node 1 Normal free:3893824kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:10140kB local_pcp:10136kB free_cma:0kB
[  733.077430][T14220] lowmem_reserve[]: 0 0 0 0 0
[  733.082601][T14220] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  733.095715][T14220] Node 0 DMA32: 1469*4kB (UM) 1104*8kB (UME) 709*16kB (UME) 237*32kB (UME) 1258*64kB (UME) 812*128kB (UME) 383*256kB (UME) 177*512kB (UME) 83*1024kB (UME) 18*2048kB (UME) 187*4096kB (UM) = 1294564kB
[  733.115486][T14220] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  733.127752][T14220] Node 1 Normal: 230*4kB (UME) 67*8kB (UME) 49*16kB (UME) 222*32kB (UME) 93*64kB (UME) 29*128kB (UME) 18*256kB (UME) 7*512kB (UME) 4*1024kB (UM) 6*2048kB (UME) 940*4096kB (M) = 3893824kB
[  733.551691][T14220] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  733.601959][T14220] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  733.627899][T14220] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  733.637556][T14220] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  733.647751][T14220] 72616 total pagecache pages
[  733.652496][T14220] 0 pages in swap cache
[  733.656693][T14220] Free swap  = 124664kB
[  733.660917][T14220] Total swap = 124996kB
[  733.665113][T14220] 2097051 pages RAM
[  733.669046][T14220] 0 pages HighMem/MovableOnly
[  733.673770][T14220] 427005 pages reserved
[  733.678003][T14220] 0 pages cma reserved
[  735.379393][T14282] binder: 14270:14282 ioctl c018620c 20001180 returned -22
[  736.187261][T14276] [U] é
[  737.639202][T14303] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  737.647797][T14303] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  739.942430][T14342] binder: 14333:14342 ioctl c018620c 20001180 returned -22
[  742.502856][T14332] [U] é
[  745.644866][T14384] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  745.685759][T14384] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  747.052240][T14404] hub 9-0:1.0: USB hub found
[  747.057313][T14404] hub 9-0:1.0: 1 port detected
[  747.101700][T14402] binder: 14399:14402 ioctl c018620c 20001180 returned -22
[  747.832308][T14413] binder: 14408:14413 ioctl c018620c 20001180 returned -22
[  747.857986][T14418] binder: 14411:14418 ioctl c018620c 20001180 returned -22
[  747.885107][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  747.891519][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  749.201509][T14437] binder: 14425:14437 ioctl c018620c 20001180 returned -22
[  749.969451][T14450] binder: 14447:14450 ioctl c018620c 20001180 returned -22
[  751.137815][T14469] binder: 14464:14469 ioctl c018620c 20001180 returned -22
[  751.270213][T14470] binder: 14467:14470 ioctl c018620c 20001180 returned -22
[  752.427885][T14478] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1851'.
[  752.438509][T14478] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1851'.
[  752.916614][T14479] syz.6.1849: vmalloc error: size 4198400, failed to allocated page array size 8200, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  753.687779][T14479] CPU: 1 UID: 0 PID: 14479 Comm: syz.6.1849 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  753.687815][T14479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  753.687829][T14479] Call Trace:
[  753.687837][T14479]  <TASK>
[  753.687846][T14479]  dump_stack_lvl+0x241/0x360
[  753.687883][T14479]  ? __pfx_dump_stack_lvl+0x10/0x10
[  753.687907][T14479]  ? __pfx__printk+0x10/0x10
[  753.687932][T14479]  ? __rcu_read_unlock+0xa1/0x110
[  753.687954][T14479]  warn_alloc+0x278/0x410
[  753.687979][T14479]  ? __pfx_warn_alloc+0x10/0x10
[  753.688004][T14479]  ? hash_mac_create+0x312/0xf00
[  753.688026][T14479]  ? __get_vm_area_node+0x1c8/0x2d0
[  753.688047][T14479]  ? __get_vm_area_node+0x25c/0x2d0
[  753.688070][T14479]  __vmalloc_node_range_noprof+0x62f/0x1380
[  753.688094][T14479]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  753.688128][T14479]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  753.688151][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.688175][T14479]  ? trace_kmalloc+0x1f/0xd0
[  753.688192][T14479]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  753.688211][T14479]  ? __kvmalloc_node_noprof+0x72/0x190
[  753.688233][T14479]  __kvmalloc_node_noprof+0x142/0x190
[  753.688255][T14479]  ? hash_mac_create+0x312/0xf00
[  753.688278][T14479]  hash_mac_create+0x312/0xf00
[  753.688302][T14479]  ? __nla_parse+0x40/0x60
[  753.688325][T14479]  ? __pfx_hash_mac_create+0x10/0x10
[  753.688347][T14479]  ip_set_create+0xa31/0x18b0
[  753.688367][T14479]  ? ip_set_create+0x424/0x18b0
[  753.688390][T14479]  ? __pfx_ip_set_create+0x10/0x10
[  753.688421][T14479]  ? __rcu_read_unlock+0xa1/0x110
[  753.688440][T14479]  ? nfnetlink_rcv_msg+0x225/0x1180
[  753.688463][T14479]  nfnetlink_rcv_msg+0xbec/0x1180
[  753.688492][T14479]  ? nfnetlink_rcv_msg+0x225/0x1180
[  753.688523][T14479]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  753.688555][T14479]  ? dev_hard_start_xmit+0x27a/0x7d0
[  753.688577][T14479]  ? __netlink_deliver_tap+0x56b/0x7f0
[  753.688598][T14479]  ? netlink_deliver_tap+0x19d/0x1b0
[  753.688618][T14479]  ? netlink_unicast+0x7c4/0x990
[  753.688644][T14479]  ? ____sys_sendmsg+0x52a/0x7e0
[  753.688666][T14479]  ? __pfx___schedule+0x10/0x10
[  753.688692][T14479]  netlink_rcv_skb+0x1e3/0x430
[  753.688712][T14479]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  753.688735][T14479]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  753.688759][T14479]  ? cap_capable+0x1b4/0x250
[  753.688779][T14479]  ? safesetid_security_capable+0xb2/0x1d0
[  753.688801][T14479]  ? bpf_lsm_capable+0x9/0x10
[  753.688819][T14479]  ? security_capable+0x7e/0x2d0
[  753.688844][T14479]  nfnetlink_rcv+0x297/0x2ab0
[  753.688870][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.688893][T14479]  ? lock_acquire+0xe3/0x550
[  753.688913][T14479]  ? __pfx_lock_release+0x10/0x10
[  753.688933][T14479]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  753.688955][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.688979][T14479]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  753.689000][T14479]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  753.689023][T14479]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  753.689050][T14479]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[  753.689077][T14479]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  753.689102][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.689125][T14479]  ? rcu_read_unlock_special+0x497/0x570
[  753.689145][T14479]  ? skb_clone+0x240/0x390
[  753.689167][T14479]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  753.689188][T14479]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  753.689212][T14479]  ? __rcu_read_unlock+0xa1/0x110
[  753.689232][T14479]  netlink_unicast+0x7f6/0x990
[  753.689260][T14479]  ? __pfx_netlink_unicast+0x10/0x10
[  753.689285][T14479]  ? __virt_addr_valid+0x45f/0x530
[  753.689306][T14479]  ? __phys_addr_symbol+0x2f/0x70
[  753.689327][T14479]  ? __check_object_size+0x47a/0x730
[  753.689354][T14479]  netlink_sendmsg+0x8e4/0xcb0
[  753.689379][T14479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.689401][T14479]  ? lock_release+0xbf/0xa30
[  753.689423][T14479]  ? __pfx_netlink_sendmsg+0x10/0x10
[  753.689442][T14479]  __sock_sendmsg+0x221/0x270
[  753.689468][T14479]  ____sys_sendmsg+0x52a/0x7e0
[  753.689498][T14479]  ? __pfx_____sys_sendmsg+0x10/0x10
[  753.689519][T14479]  ? __fget_files+0x2a/0x410
[  753.689540][T14479]  ? __fget_files+0x2a/0x410
[  753.689562][T14479]  __sys_sendmsg+0x269/0x350
[  753.689584][T14479]  ? __pfx_futex_wake+0x10/0x10
[  753.689607][T14479]  ? __pfx___sys_sendmsg+0x10/0x10
[  753.689627][T14479]  ? lock_release+0xbf/0xa30
[  753.689664][T14479]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  753.689684][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.689708][T14479]  ? rcu_is_watching+0x15/0xb0
[  753.689732][T14479]  do_syscall_64+0xf3/0x230
[  753.689758][T14479]  ? clear_bhb_loop+0x35/0x90
[  753.689777][T14479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.689803][T14479] RIP: 0033:0x7fc395385d29
[  753.689820][T14479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.689837][T14479] RSP: 002b:00007fc39626b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  753.689861][T14479] RAX: ffffffffffffffda RBX: 00007fc395576080 RCX: 00007fc395385d29
[  753.689876][T14479] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  753.689890][T14479] RBP: 00007fc395401a20 R08: 0000000000000000 R09: 0000000000000000
[  753.689904][T14479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.689917][T14479] R13: 0000000000000000 R14: 00007fc395576080 R15: 00007fff6e5b3318
[  753.689937][T14479]  </TASK>
[  753.690051][T14479] Mem-Info:
[  753.690062][T14479] active_anon:5451 inactive_anon:12588 isolated_anon:0
[  753.690062][T14479]  active_file:25444 inactive_file:34261 isolated_file:0
[  753.690062][T14479]  unevictable:768 dirty:322 writeback:0
[  753.690062][T14479]  slab_reclaimable:6520 slab_unreclaimable:102594
[  753.690062][T14479]  mapped:36912 shmem:12289 pagetables:1182
[  753.690062][T14479]  sec_pagetables:0 bounce:0
[  753.690062][T14479]  kernel_misc_reclaimable:0
[  753.690062][T14479]  free:1302244 free_pcp:2953 free_cma:0
[  753.690132][T14479] Node 0 active_anon:21804kB inactive_anon:50352kB active_file:101608kB inactive_file:137044kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:147552kB dirty:1288kB writeback:0kB shmem:47620kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11796kB pagetables:4728kB sec_pagetables:0kB all_unreclaimable? no
[  753.690187][T14479] Node 1 active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  753.690238][T14479] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  753.690295][T14479] lowmem_reserve[]: 0 2465 2466 0 0
[  753.690334][T14479] Node 0 DMA32 free:1298524kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:21800kB inactive_anon:50316kB active_file:100832kB inactive_file:136992kB unevictable:1536kB writepending:1288kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:2928kB local_pcp:2156kB free_cma:0kB
[  753.690391][T14479] lowmem_reserve[]: 0 0 0 0 0
[  753.690429][T14479] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  753.690483][T14479] lowmem_reserve[]: 0 0 0 0 0
[  753.690527][T14479] Node 1 Normal free:3895088kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:8876kB local_pcp:0kB free_cma:0kB
[  753.690584][T14479] lowmem_reserve[]: 0 0 0 0 0
[  753.690621][T14479] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  753.690752][T14479] Node 0 DMA32: 843*4kB (UM) 488*8kB (UME) 411*16kB (UME) 181*32kB (UME) 1508*64kB (UME) 819*128kB (UME) 415*256kB (UME) 187*512kB (UME) 89*1024kB (UME) 15*2048kB (ME) 184*4096kB (UM) = 1298492kB
[  753.690945][T14479] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  753.691058][T14479] Node 1 Normal: 230*4kB (UME) 67*8kB (UME) 50*16kB (UME) 223*32kB (UME) 94*64kB (UME) 28*128kB (UME) 17*256kB (UME) 6*512kB (UE) 4*1024kB (UM) 7*2048kB (UME) 940*4096kB (M) = 3895088kB
[  753.691233][T14479] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  753.691250][T14479] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  753.691267][T14479] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  753.691283][T14479] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  753.691299][T14479] 71994 total pagecache pages
[  753.691308][T14479] 0 pages in swap cache
[  753.691316][T14479] Free swap  = 124664kB
[  753.691324][T14479] Total swap = 124996kB
[  753.691332][T14479] 2097051 pages RAM
[  753.691340][T14479] 0 pages HighMem/MovableOnly
[  753.691347][T14479] 427005 pages reserved
[  753.691355][T14479] 0 pages cma reserved
[  754.371479][T14494] netlink: 516 bytes leftover after parsing attributes in process `syz.2.1855'.
[  754.445650][T14495] tmpfs: Bad value for 'mpol'
[  755.123855][T14486] tty tty34: ldisc open failed (-12), clearing slot 33
[  755.192487][T14494] ttynull ttynull: ldisc open failed (-12), clearing slot 0
[  755.504244][T14500] binder: 14498:14500 ioctl c018620c 20001180 returned -22
[  758.037988][T14520] binder: 14510:14520 ioctl c018620c 20001180 returned -22
[  759.128609][T14531] binder: 14527:14531 ioctl c018620c 20001180 returned -22
[  759.639151][T14545] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1868'.
[  759.648204][T14545] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1868'.
[  762.923286][T14583] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1877'.
[  766.092283][T14603] binder: 14596:14603 ioctl c018620c 20001180 returned -22
[  766.530614][T14606] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1882'.
[  766.548166][T14606] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1882'.
[  767.512225][T14620] overlay: Unknown parameter '/'
[  776.387796][T14663] binder: 14655:14663 ioctl c018620c 20001180 returned -22
[  778.325212][T14697] binder: 14689:14697 ioctl c018620c 20001180 returned -22
[  780.064734][T14715] binder: 14709:14715 ioctl c018620c 20001180 returned -22
[  781.468174][T14746] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  782.848521][T14758] binder: 14754:14758 ioctl c018620c 20001180 returned -22
[  783.386272][T14760] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1920'.
[  783.395951][T14760] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1920'.
[  783.647929][T14761] syz.6.1922: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  783.676656][T14761] CPU: 0 UID: 0 PID: 14761 Comm: syz.6.1922 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  783.687441][T14761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  783.697507][T14761] Call Trace:
[  783.700795][T14761]  <TASK>
[  783.703733][T14761]  dump_stack_lvl+0x241/0x360
[  783.708436][T14761]  ? __pfx_dump_stack_lvl+0x10/0x10
[  783.713655][T14761]  ? __pfx__printk+0x10/0x10
[  783.718251][T14761]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  783.724663][T14761]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  783.731162][T14761]  warn_alloc+0x278/0x410
[  783.735488][T14761]  ? __pfx_warn_alloc+0x10/0x10
[  783.740335][T14761]  ? hash_mac_create+0x312/0xf00
[  783.745268][T14761]  ? __get_vm_area_node+0x1c8/0x2d0
[  783.750460][T14761]  ? __get_vm_area_node+0x25c/0x2d0
[  783.755651][T14761]  __vmalloc_node_range_noprof+0x62f/0x1380
[  783.761540][T14761]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  783.767269][T14761]  ? rcu_is_watching+0x15/0xb0
[  783.772033][T14761]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  783.778354][T14761]  ? rcu_is_watching+0x15/0xb0
[  783.783109][T14761]  ? trace_kmalloc+0x1f/0xd0
[  783.787689][T14761]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  783.793135][T14761]  ? __kvmalloc_node_noprof+0x72/0x190
[  783.798591][T14761]  __kvmalloc_node_noprof+0x142/0x190
[  783.803957][T14761]  ? hash_mac_create+0x312/0xf00
[  783.808890][T14761]  hash_mac_create+0x312/0xf00
[  783.813650][T14761]  ? __nla_parse+0x40/0x60
[  783.818060][T14761]  ? __pfx_hash_mac_create+0x10/0x10
[  783.823337][T14761]  ip_set_create+0xa31/0x18b0
[  783.828004][T14761]  ? ip_set_create+0x424/0x18b0
[  783.832849][T14761]  ? __pfx_ip_set_create+0x10/0x10
[  783.837963][T14761]  ? __nla_parse+0x40/0x60
[  783.842373][T14761]  ? nfnetlink_rcv_msg+0x225/0x1180
[  783.847565][T14761]  nfnetlink_rcv_msg+0xbec/0x1180
[  783.852586][T14761]  ? nfnetlink_rcv_msg+0x225/0x1180
[  783.857783][T14761]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  783.863242][T14761]  ? stack_trace_save+0x118/0x1d0
[  783.868275][T14761]  ? dev_hard_start_xmit+0x27a/0x7d0
[  783.873553][T14761]  ? __dev_queue_xmit+0x1b73/0x3f50
[  783.878742][T14761]  ? __netlink_deliver_tap+0x56b/0x7f0
[  783.884194][T14761]  ? netlink_deliver_tap+0x19d/0x1b0
[  783.889475][T14761]  ? netlink_unicast+0x7c4/0x990
[  783.894413][T14761]  ? netlink_sendmsg+0x8e4/0xcb0
[  783.899341][T14761]  ? __sock_sendmsg+0x221/0x270
[  783.904186][T14761]  ? ____sys_sendmsg+0x52a/0x7e0
[  783.909120][T14761]  ? __sys_sendmsg+0x269/0x350
[  783.913884][T14761]  netlink_rcv_skb+0x1e3/0x430
[  783.918641][T14761]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  783.924093][T14761]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  783.929378][T14761]  ? cap_capable+0x1b4/0x250
[  783.933957][T14761]  ? safesetid_security_capable+0xb2/0x1d0
[  783.939754][T14761]  ? bpf_lsm_capable+0x9/0x10
[  783.944422][T14761]  ? security_capable+0x7e/0x2d0
[  783.949356][T14761]  nfnetlink_rcv+0x297/0x2ab0
[  783.954030][T14761]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  783.959753][T14761]  ? __dev_queue_xmit+0x2f4/0x3f50
[  783.964865][T14761]  ? __dev_queue_xmit+0x1775/0x3f50
[  783.970060][T14761]  ? kasan_save_track+0x51/0x80
[  783.974910][T14761]  ? ____sys_sendmsg+0x52a/0x7e0
[  783.979842][T14761]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  783.984948][T14761]  ? __dev_queue_xmit+0x2f4/0x3f50
[  783.990052][T14761]  ? __pfx___dev_queue_xmit+0x10/0x10
[  783.995421][T14761]  ? ref_tracker_free+0x643/0x7e0
[  784.000439][T14761]  ? __asan_memcpy+0x40/0x70
[  784.005033][T14761]  ? __pfx_ref_tracker_free+0x10/0x10
[  784.010395][T14761]  ? rcu_is_watching+0x15/0xb0
[  784.015153][T14761]  ? lock_release+0xbf/0xa30
[  784.019750][T14761]  ? skb_clone+0x240/0x390
[  784.024165][T14761]  ? __pfx_lock_release+0x10/0x10
[  784.029184][T14761]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  784.034638][T14761]  ? netlink_deliver_tap+0x2e/0x1b0
[  784.039825][T14761]  netlink_unicast+0x7f6/0x990
[  784.044589][T14761]  ? __pfx_netlink_unicast+0x10/0x10
[  784.049876][T14761]  ? __virt_addr_valid+0x45f/0x530
[  784.054984][T14761]  ? __phys_addr_symbol+0x2f/0x70
[  784.060010][T14761]  ? __check_object_size+0x47a/0x730
[  784.065302][T14761]  netlink_sendmsg+0x8e4/0xcb0
[  784.070069][T14761]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.075350][T14761]  ? lock_release+0xbf/0xa30
[  784.079938][T14761]  ? __pfx_netlink_sendmsg+0x10/0x10
[  784.085219][T14761]  __sock_sendmsg+0x221/0x270
[  784.089895][T14761]  ____sys_sendmsg+0x52a/0x7e0
[  784.094658][T14761]  ? __pfx_____sys_sendmsg+0x10/0x10
[  784.099937][T14761]  ? __fget_files+0x2a/0x410
[  784.104522][T14761]  ? __fget_files+0x2a/0x410
[  784.109112][T14761]  __sys_sendmsg+0x269/0x350
[  784.113695][T14761]  ? __pfx_futex_wake+0x10/0x10
[  784.118556][T14761]  ? __pfx___sys_sendmsg+0x10/0x10
[  784.123670][T14761]  ? lock_release+0xbf/0xa30
[  784.128279][T14761]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  784.134607][T14761]  ? rcu_is_watching+0x15/0xb0
[  784.139365][T14761]  ? rcu_is_watching+0x15/0xb0
[  784.144124][T14761]  do_syscall_64+0xf3/0x230
[  784.148623][T14761]  ? clear_bhb_loop+0x35/0x90
[  784.153291][T14761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.159181][T14761] RIP: 0033:0x7fc395385d29
[  784.163594][T14761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.183202][T14761] RSP: 002b:00007fc39626b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  784.191625][T14761] RAX: ffffffffffffffda RBX: 00007fc395576080 RCX: 00007fc395385d29
[  784.199605][T14761] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  784.207577][T14761] RBP: 00007fc395401a20 R08: 0000000000000000 R09: 0000000000000000
[  784.215541][T14761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  784.223505][T14761] R13: 0000000000000000 R14: 00007fc395576080 R15: 00007fff6e5b3318
[  784.231477][T14761]  </TASK>
[  784.271753][T14761] Mem-Info:
[  784.281148][T14761] active_anon:3237 inactive_anon:9802 isolated_anon:0
[  784.281148][T14761]  active_file:25457 inactive_file:34261 isolated_file:0
[  784.281148][T14761]  unevictable:768 dirty:261 writeback:0
[  784.281148][T14761]  slab_reclaimable:6503 slab_unreclaimable:101552
[  784.281148][T14761]  mapped:31849 shmem:7224 pagetables:1163
[  784.281148][T14761]  sec_pagetables:0 bounce:0
[  784.281148][T14761]  kernel_misc_reclaimable:0
[  784.281148][T14761]  free:1304748 free_pcp:6468 free_cma:0
[  784.660744][T14767] binder: 14762:14767 ioctl c018620c 20001180 returned -22
[  784.714160][T14761] Node 0 active_anon:12948kB inactive_anon:42908kB active_file:101660kB inactive_file:137044kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:131300kB dirty:1044kB writeback:0kB shmem:27360kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11864kB pagetables:4652kB sec_pagetables:0kB all_unreclaimable? no
[  784.910218][T14761] Node 1 active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:76kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  784.956986][T14770] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  785.104450][T14761] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  785.337916][T14761] lowmem_reserve[]: 0 2465 2466 0 0
[  785.343247][T14761] Node 0 DMA32 free:1320016kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:12944kB inactive_anon:38584kB active_file:100884kB inactive_file:136992kB unevictable:1536kB writepending:1120kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:5916kB local_pcp:5144kB free_cma:0kB
[  785.381470][T14761] lowmem_reserve[]: 0 0 0 0 0
[  785.445706][T14786] netlink: 'syz.5.1927': attribute type 1 has an invalid length.
[  785.453096][T14761] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  785.453988][T14786] NCSI netlink: No device for ifindex 0
[  785.728053][T14761] lowmem_reserve[]: 0 0 0 0 0
[  785.733172][T14761] Node 1 Normal free:3896852kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:7116kB local_pcp:0kB free_cma:0kB
[  786.225405][T14761] lowmem_reserve[]: 0 0 0 0 0
[  786.230955][T14761] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  786.334501][T14761] Node 0 DMA32: 1713*4kB (UME) 607*8kB (UME) 755*16kB (UME) 645*32kB (UME) 1525*64kB (UME) 818*128kB (UME) 414*256kB (UME) 191*512kB (UME) 95*1024kB (UME) 18*2048kB (UME) 181*4096kB (M) = 1326028kB
[  786.366320][T14761] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  786.378365][T14761] Node 1 Normal: 231*4kB (UME) 67*8kB (UME) 50*16kB (UME) 222*32kB (UME) 94*64kB (UME) 28*128kB (UME) 18*256kB (UME) 7*512kB (UME) 5*1024kB (UM) 7*2048kB (UME) 940*4096kB (M) = 3896852kB
[  786.397025][T14761] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  786.406689][T14761] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  786.416102][T14761] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  786.426520][T14761] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  786.436349][T14761] 66926 total pagecache pages
[  786.441543][T14761] 0 pages in swap cache
[  786.445967][T14761] Free swap  = 124652kB
[  786.450502][T14761] Total swap = 124996kB
[  786.465445][T14761] 2097051 pages RAM
[  786.469350][T14761] 0 pages HighMem/MovableOnly
[  786.476936][T14761] 427005 pages reserved
[  786.487872][T14761] 0 pages cma reserved
[  787.327801][T14813] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1933'.
[  787.336883][T14813] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1933'.
[  788.391645][T14818] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1935'.
[  788.400626][T14818] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1935'.
[  789.232326][T14831] binder: 14825:14831 ioctl c018620c 20001180 returned -22
[  789.406663][T14820] [U] é
[  792.286330][T14864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1947'.
[  792.295399][T14864] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1947'.
[  793.519243][T14879] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1948'.
[  793.528186][T14879] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1948'.
[  793.988351][T14885] binder: 14881:14885 ioctl c018620c 20001180 returned -22
[  796.850508][T14914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1959'.
[  796.859793][T14914] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1959'.
[  798.096856][T14929] binder: 14921:14929 ioctl c018620c 20001180 returned -22
[  798.211628][T14930] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1962'.
[  798.220766][T14930] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1962'.
[  798.898824][T14932] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1964'.
[  798.908016][T14932] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1964'.
[  801.995623][T14976] binder: 14965:14976 ioctl c018620c 20001180 returned -22
[  802.172742][   T29] audit: type=1800 audit(2000000358.359:193): pid=14982 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.1976" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  802.207934][T14982] syz.7.1976: attempt to access beyond end of device
[  802.207934][T14982] loop7: rw=0, sector=2, nr_sectors = 2 limit=0
[  802.221505][T14982] syz.7.1976: attempt to access beyond end of device
[  802.221505][T14982] loop7: rw=0, sector=0, nr_sectors = 2 limit=0
[  802.234907][T14982] syz.7.1976: attempt to access beyond end of device
[  802.234907][T14982] loop7: rw=0, sector=0, nr_sectors = 2 limit=0
[  802.248871][T14982] syz.7.1976: attempt to access beyond end of device
[  802.248871][T14982] loop7: rw=0, sector=18, nr_sectors = 2 limit=0
[  802.262897][T14982] syz.7.1976: attempt to access beyond end of device
[  802.262897][T14982] loop7: rw=0, sector=30, nr_sectors = 2 limit=0
[  802.277261][T14982] syz.7.1976: attempt to access beyond end of device
[  802.277261][T14982] loop7: rw=0, sector=36, nr_sectors = 2 limit=0
[  802.290364][T14982] VFS: unable to find oldfs superblock on device loop7
[  803.146498][T14986] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1974'.
[  803.155526][T14986] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1974'.
[  804.081419][T15003] syz.5.1982: attempt to access beyond end of device
[  804.081419][T15003] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[  804.163599][T15004] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1979'.
[  804.173260][T15004] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1979'.
[  804.750524][T15003] hpfs: hpfs_map_sector(): read error
[  805.982241][ T5874] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  806.919728][ T5874] usb 6-1: Using ep0 maxpacket: 16
[  806.927875][ T5874] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  806.938767][ T5874] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  806.958370][ T5874] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  806.969364][ T5874] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  806.987890][ T5874] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  807.602079][T15038] binder: 15036:15038 ioctl c018620c 20001180 returned -22
[  807.607128][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  807.617752][ T5874] usb 6-1: Product: syz
[  807.625265][ T5874] usb 6-1: Manufacturer: syz
[  807.631658][ T5874] usb 6-1: SerialNumber: syz
[  808.041611][ T5874] usb 6-1: can't set config #1, error -71
[  808.049797][ T5874] usb 6-1: USB disconnect, device number 3
[  809.296345][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  809.303788][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  810.115956][T15071] binder: 15063:15071 ioctl c018620c 20001180 returned -22
[  810.188867][T15066] block nbd6: Unsupported socket: shutdown callout must be supported.
[  811.226111][T15066] block nbd6: shutting down sockets
[  813.107893][T15107] binder: 15097:15107 ioctl c018620c 20001180 returned -22
[  815.166464][T15135] binder: 15131:15135 ioctl c018620c 20001180 returned -22
[  815.957147][T15149] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2015'.
[  815.966370][T15149] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2015'.
[  817.627817][T15166] binder: 15159:15166 ioctl c018620c 20001180 returned -22
[  825.182479][T15190] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2023'.
[  825.192184][T15190] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2023'.
[  827.942651][T15232] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2029'.
[  827.951783][T15232] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2029'.
[  828.804972][   T25] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  829.034065][ T5919] libceph: connect (1)[c::]:6789 error -101
[  829.041266][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  829.048013][   T25] usb 8-1: Using ep0 maxpacket: 32
[  829.983243][ T5919] libceph: connect (1)[c::]:6789 error -101
[  829.990363][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  830.137998][   T25] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  830.146429][   T25] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  830.155770][   T25] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  830.205538][T15253] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  830.215233][T15253] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  830.268542][T15242] ceph: No mds server is up or the cluster is laggy
[  830.403597][   T25] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  830.466985][   T25] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  830.639888][   T25] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  830.818239][T15259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2039'.
[  830.827140][T15259] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2039'.
[  831.109305][   T25] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  831.292555][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.809868][   T25] usb 8-1: config 0 descriptor??
[  831.819164][   T25] usb 8-1: can't set config #0, error -71
[  832.562213][   T25] usb 8-1: USB disconnect, device number 5
[  833.944408][T15292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2047'.
[  833.954765][T15292] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2047'.
[  834.492065][T15297] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2049'.
[  834.501050][T15297] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2049'.
[  834.867160][T15299] program syz.1.2051 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  836.777857][T15314] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2052'.
[  836.786835][T15314] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2052'.
[  836.827773][T15315] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2053'.
[  836.836808][T15315] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2053'.
[  842.308451][T15354] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2062'.
[  842.317498][T15354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2062'.
[  843.467720][T15356] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2061'.
[  843.477512][T15356] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2061'.
[  844.303819][T15370] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2067'.
[  844.312848][T15370] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2067'.
[  845.308055][T15378] bridge0: port 2(erspan0) entered blocking state
[  845.314605][T15378] bridge0: port 2(erspan0) entered disabled state
[  845.321279][T15378] erspan0: entered allmulticast mode
[  845.327410][T15378] erspan0: entered promiscuous mode
[  845.418260][T15378] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2069'.
[  846.060084][T15389] binder: 15382:15389 ioctl c018620c 20001180 returned -22
[  847.384048][T15392] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2075'.
[  847.393730][T15392] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2075'.
[  848.077894][T15407] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2078'.
[  848.087064][T15407] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2078'.
[  848.908646][T15406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2079'.
[  848.917630][T15406] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2079'.
[  849.318635][T15421] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  851.303973][T15441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2081'.
[  851.313043][T15441] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2081'.
[  853.934046][T15448] binder: 15446:15448 ioctl c018620c 20001180 returned -22
[  855.617953][T15466] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2091'.
[  855.626940][T15466] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2091'.
[  856.197277][T15470] warn_alloc: 3 callbacks suppressed
[  856.197298][T15470] syz.1.2094: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  856.303583][T15472] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  856.360378][T15470] CPU: 1 UID: 0 PID: 15470 Comm: syz.1.2094 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  856.371182][T15470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  856.381249][T15470] Call Trace:
[  856.384534][T15470]  <TASK>
[  856.387470][T15470]  dump_stack_lvl+0x241/0x360
[  856.392168][T15470]  ? __pfx_dump_stack_lvl+0x10/0x10
[  856.397387][T15470]  ? __pfx__printk+0x10/0x10
[  856.401994][T15470]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  856.408428][T15470]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  856.414950][T15470]  warn_alloc+0x278/0x410
[  856.419295][T15470]  ? __pfx_warn_alloc+0x10/0x10
[  856.424166][T15470]  ? hash_mac_create+0x312/0xf00
[  856.429122][T15470]  ? __get_vm_area_node+0x1c8/0x2d0
[  856.434342][T15470]  ? __get_vm_area_node+0x25c/0x2d0
[  856.439555][T15470]  __vmalloc_node_range_noprof+0x62f/0x1380
[  856.445462][T15470]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  856.451207][T15470]  ? rcu_is_watching+0x15/0xb0
[  856.455988][T15470]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  856.462328][T15470]  ? rcu_is_watching+0x15/0xb0
[  856.467109][T15470]  ? trace_kmalloc+0x1f/0xd0
[  856.471706][T15470]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  856.477172][T15470]  ? __kvmalloc_node_noprof+0x72/0x190
[  856.482645][T15470]  __kvmalloc_node_noprof+0x142/0x190
[  856.488029][T15470]  ? hash_mac_create+0x312/0xf00
[  856.492987][T15470]  hash_mac_create+0x312/0xf00
[  856.497766][T15470]  ? __nla_parse+0x40/0x60
[  856.502195][T15470]  ? __pfx_hash_mac_create+0x10/0x10
[  856.507494][T15470]  ip_set_create+0xa31/0x18b0
[  856.512184][T15470]  ? ip_set_create+0x424/0x18b0
[  856.517049][T15470]  ? __pfx_ip_set_create+0x10/0x10
[  856.522186][T15470]  ? __nla_parse+0x40/0x60
[  856.526617][T15470]  ? nfnetlink_rcv_msg+0x225/0x1180
[  856.531833][T15470]  nfnetlink_rcv_msg+0xbec/0x1180
[  856.536869][T15470]  ? nfnetlink_rcv_msg+0x225/0x1180
[  856.542094][T15470]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  856.547564][T15470]  ? stack_trace_save+0x118/0x1d0
[  856.552609][T15470]  ? dev_hard_start_xmit+0x27a/0x7d0
[  856.557906][T15470]  ? __dev_queue_xmit+0x1b73/0x3f50
[  856.563114][T15470]  ? __netlink_deliver_tap+0x56b/0x7f0
[  856.568582][T15470]  ? netlink_deliver_tap+0x19d/0x1b0
[  856.573872][T15470]  ? netlink_unicast+0x7c4/0x990
[  856.578825][T15470]  ? netlink_sendmsg+0x8e4/0xcb0
[  856.583770][T15470]  ? __sock_sendmsg+0x221/0x270
[  856.588640][T15470]  ? ____sys_sendmsg+0x52a/0x7e0
[  856.593586][T15470]  ? __sys_sendmsg+0x269/0x350
[  856.598367][T15470]  netlink_rcv_skb+0x1e3/0x430
[  856.603140][T15470]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  856.608613][T15470]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  856.613910][T15470]  ? cap_capable+0x1b4/0x250
[  856.618511][T15470]  ? safesetid_security_capable+0xb2/0x1d0
[  856.624327][T15470]  ? bpf_lsm_capable+0x9/0x10
[  856.629012][T15470]  ? security_capable+0x7e/0x2d0
[  856.633968][T15470]  nfnetlink_rcv+0x297/0x2ab0
[  856.638657][T15470]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  856.644396][T15470]  ? __dev_queue_xmit+0x2f4/0x3f50
[  856.649519][T15470]  ? __dev_queue_xmit+0x1775/0x3f50
[  856.654726][T15470]  ? kasan_save_track+0x51/0x80
[  856.659594][T15470]  ? ____sys_sendmsg+0x52a/0x7e0
[  856.664543][T15470]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  856.669667][T15470]  ? __dev_queue_xmit+0x2f4/0x3f50
[  856.674791][T15470]  ? __pfx___dev_queue_xmit+0x10/0x10
[  856.680180][T15470]  ? ref_tracker_free+0x643/0x7e0
[  856.685211][T15470]  ? __asan_memcpy+0x40/0x70
[  856.689820][T15470]  ? __pfx_ref_tracker_free+0x10/0x10
[  856.695210][T15470]  ? rcu_is_watching+0x15/0xb0
[  856.699993][T15470]  ? lock_release+0xbf/0xa30
[  856.704602][T15470]  ? skb_clone+0x240/0x390
[  856.709029][T15470]  ? __pfx_lock_release+0x10/0x10
[  856.714069][T15470]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  856.719543][T15470]  ? netlink_deliver_tap+0x2e/0x1b0
[  856.724751][T15470]  netlink_unicast+0x7f6/0x990
[  856.729536][T15470]  ? __pfx_netlink_unicast+0x10/0x10
[  856.734834][T15470]  ? __virt_addr_valid+0x45f/0x530
[  856.739960][T15470]  ? __phys_addr_symbol+0x2f/0x70
[  856.744992][T15470]  ? __check_object_size+0x47a/0x730
[  856.750297][T15470]  netlink_sendmsg+0x8e4/0xcb0
[  856.755077][T15470]  ? __pfx_netlink_sendmsg+0x10/0x10
[  856.760371][T15470]  ? lock_release+0xbf/0xa30
[  856.764974][T15470]  ? __pfx_netlink_sendmsg+0x10/0x10
[  856.770271][T15470]  __sock_sendmsg+0x221/0x270
[  856.774964][T15470]  ____sys_sendmsg+0x52a/0x7e0
[  856.779742][T15470]  ? __pfx_____sys_sendmsg+0x10/0x10
[  856.785044][T15470]  ? __fget_files+0x2a/0x410
[  856.789650][T15470]  ? __fget_files+0x2a/0x410
[  856.794248][T15470]  __sys_sendmsg+0x269/0x350
[  856.798853][T15470]  ? __pfx___sys_sendmsg+0x10/0x10
[  856.803974][T15470]  ? lock_release+0xbf/0xa30
[  856.808597][T15470]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  856.814934][T15470]  ? rcu_is_watching+0x15/0xb0
[  856.819711][T15470]  ? rcu_is_watching+0x15/0xb0
[  856.824489][T15470]  do_syscall_64+0xf3/0x230
[  856.829007][T15470]  ? clear_bhb_loop+0x35/0x90
[  856.833696][T15470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.839605][T15470] RIP: 0033:0x7fd6fab85d29
[  856.844041][T15470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.863656][T15470] RSP: 002b:00007fd6fb8ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  856.872086][T15470] RAX: ffffffffffffffda RBX: 00007fd6fad76080 RCX: 00007fd6fab85d29
[  856.880066][T15470] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  856.888051][T15470] RBP: 00007fd6fac01a20 R08: 0000000000000000 R09: 0000000000000000
[  856.896035][T15470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.904019][T15470] R13: 0000000000000000 R14: 00007fd6fad76080 R15: 00007ffe379dcfa8
[  856.912007][T15470]  </TASK>
[  857.955734][T15470] Mem-Info:
[  857.958957][T15470] active_anon:8163 inactive_anon:6832 isolated_anon:0
[  857.958957][T15470]  active_file:24847 inactive_file:34288 isolated_file:0
[  857.958957][T15470]  unevictable:2451 dirty:248 writeback:0
[  857.958957][T15470]  slab_reclaimable:6560 slab_unreclaimable:108015
[  857.958957][T15470]  mapped:31020 shmem:10179 pagetables:1234
[  857.958957][T15470]  sec_pagetables:0 bounce:0
[  857.958957][T15470]  kernel_misc_reclaimable:0
[  857.958957][T15470]  free:1294913 free_pcp:4104 free_cma:0
[  858.005303][T15470] Node 0 active_anon:32652kB inactive_anon:28628kB active_file:99272kB inactive_file:137152kB unevictable:8216kB isolated(anon):0kB isolated(file):0kB mapped:124132kB dirty:992kB writeback:0kB shmem:40380kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11928kB pagetables:4936kB sec_pagetables:0kB all_unreclaimable? no
[  858.038561][T15470] Node 1 active_anon:0kB inactive_anon:0kB active_file:116kB inactive_file:0kB unevictable:1588kB isolated(anon):0kB isolated(file):0kB mapped:148kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  858.069308][T15470] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  858.096683][T15470] lowmem_reserve[]: 0 2465 2466 0 0
[  858.102120][T15470] Node 0 DMA32 free:1261320kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:32648kB inactive_anon:30492kB active_file:98496kB inactive_file:137100kB unevictable:8216kB writepending:992kB present:3129332kB managed:2552776kB mlocked:6680kB bounce:0kB free_pcp:9760kB local_pcp:1100kB free_cma:0kB
[  858.133608][T15470] lowmem_reserve[]: 0 0 0 0 0
[  858.138673][T15470] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  858.165853][T15470] lowmem_reserve[]: 0 0 0 0 0
[  858.170765][T15470] Node 1 Normal free:3900128kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:116kB inactive_file:0kB unevictable:1588kB writepending:0kB present:4194300kB managed:4111168kB mlocked:52kB bounce:0kB free_pcp:3872kB local_pcp:0kB free_cma:0kB
[  858.200264][T15470] lowmem_reserve[]: 0 0 0 0 0
[  858.205151][T15470] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  858.218480][T15470] Node 0 DMA32: 645*4kB (UM) 742*8kB (ME) 316*16kB (UME) 80*32kB (UME) 1001*64kB (UME) 802*128kB (UME) 425*256kB (UME) 197*512kB (UME) 96*1024kB (UME) 15*2048kB (ME) 180*4096kB (UM) = 1258820kB
[  858.238051][T15470] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  858.250247][T15470] Node 1 Normal: 232*4kB (UME) 66*8kB (UME) 49*16kB (UME) 223*32kB (UME) 93*64kB (UME) 28*128kB (UME) 17*256kB (UME) 6*512kB (UE) 5*1024kB (UM) 7*2048kB (UME) 941*4096kB (M) = 3900128kB
[  858.269051][T15470] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  858.278886][T15470] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  858.288462][T15470] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  858.298295][T15470] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  858.307880][T15470] 71423 total pagecache pages
[  858.312983][T15470] 0 pages in swap cache
[  858.317332][T15470] Free swap  = 124652kB
[  858.321753][T15470] Total swap = 124996kB
[  858.326129][T15470] 2097051 pages RAM
[  858.330280][T15470] 0 pages HighMem/MovableOnly
[  858.335178][T15470] 427005 pages reserved
[  858.339640][T15470] 0 pages cma reserved
[  859.674080][T15482] binder: 15473:15482 ioctl c018620c 20001180 returned -22
[  861.743926][T15496] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2101'.
[  861.752933][T15496] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2101'.
[  865.937708][T15510] netlink: 256 bytes leftover after parsing attributes in process `syz.6.2103'.
[  868.397712][T15522] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2106'.
[  868.406682][T15522] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2106'.
[  871.877922][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  871.884302][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  872.674075][T15553] binder: 15549:15553 ioctl c018620c 20001180 returned -22
[  872.975704][T15562] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2115'.
[  872.999317][T15562] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2115'.
[  873.315897][T15547] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  877.320730][ T5919] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  877.986187][ T5919] usb 3-1: Using ep0 maxpacket: 32
[  877.991501][ T5840] Bluetooth: hci5: command 0x0406 tx timeout
[  877.999621][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  878.093059][ T5919] usb 3-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  878.106068][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=15
[  878.366688][ T5919] usb 3-1: Product: syz
[  878.371021][ T5919] usb 3-1: Manufacturer: syz
[  878.436112][ T5919] usb 3-1: SerialNumber: syz
[  878.469730][ T5919] usb 3-1: config 0 descriptor??
[  878.593964][ T5919] usb 3-1: can't set config #0, error -71
[  878.854569][ T5919] usb 3-1: USB disconnect, device number 12
[  878.878971][T15604] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  878.895808][T15599] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  878.975343][T15592] warn_alloc: 1 callbacks suppressed
[  878.975362][T15592] syz.7.2122: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  879.484229][T15592] CPU: 1 UID: 0 PID: 15592 Comm: syz.7.2122 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[  879.495034][T15592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  879.505101][T15592] Call Trace:
[  879.508384][T15592]  <TASK>
[  879.511322][T15592]  dump_stack_lvl+0x241/0x360
[  879.516023][T15592]  ? __pfx_dump_stack_lvl+0x10/0x10
[  879.521236][T15592]  ? __pfx__printk+0x10/0x10
[  879.525842][T15592]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  879.532276][T15592]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  879.538805][T15592]  warn_alloc+0x278/0x410
[  879.543156][T15592]  ? __pfx_warn_alloc+0x10/0x10
[  879.548022][T15592]  ? hash_mac_create+0x312/0xf00
[  879.552974][T15592]  ? __get_vm_area_node+0x1c8/0x2d0
[  879.558183][T15592]  ? __get_vm_area_node+0x25c/0x2d0
[  879.563394][T15592]  __vmalloc_node_range_noprof+0x62f/0x1380
[  879.569300][T15592]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  879.575042][T15592]  ? rcu_is_watching+0x15/0xb0
[  879.579821][T15592]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  879.586160][T15592]  ? rcu_is_watching+0x15/0xb0
[  879.590939][T15592]  ? trace_kmalloc+0x1f/0xd0
[  879.595536][T15592]  ? __kmalloc_node_noprof+0x2ad/0x4d0
[  879.601005][T15592]  ? __kvmalloc_node_noprof+0x72/0x190
[  879.606477][T15592]  __kvmalloc_node_noprof+0x142/0x190
[  879.611863][T15592]  ? hash_mac_create+0x312/0xf00
[  879.616812][T15592]  hash_mac_create+0x312/0xf00
[  879.621588][T15592]  ? __nla_parse+0x40/0x60
[  879.626017][T15592]  ? __pfx_hash_mac_create+0x10/0x10
[  879.631314][T15592]  ip_set_create+0xa31/0x18b0
[  879.636000][T15592]  ? ip_set_create+0x424/0x18b0
[  879.640866][T15592]  ? __pfx_ip_set_create+0x10/0x10
[  879.646000][T15592]  ? __nla_parse+0x40/0x60
[  879.650429][T15592]  ? nfnetlink_rcv_msg+0x225/0x1180
[  879.655639][T15592]  nfnetlink_rcv_msg+0xbec/0x1180
[  879.660674][T15592]  ? nfnetlink_rcv_msg+0x225/0x1180
[  879.665891][T15592]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  879.671359][T15592]  ? stack_trace_save+0x118/0x1d0
[  879.676407][T15592]  ? dev_hard_start_xmit+0x27a/0x7d0
[  879.681703][T15592]  ? __dev_queue_xmit+0x1b73/0x3f50
[  879.686914][T15592]  ? __netlink_deliver_tap+0x56b/0x7f0
[  879.692382][T15592]  ? netlink_deliver_tap+0x19d/0x1b0
[  879.697676][T15592]  ? netlink_unicast+0x7c4/0x990
[  879.702633][T15592]  ? netlink_sendmsg+0x8e4/0xcb0
[  879.707577][T15592]  ? __sock_sendmsg+0x221/0x270
[  879.712445][T15592]  ? ____sys_sendmsg+0x52a/0x7e0
[  879.717390][T15592]  ? __sys_sendmsg+0x269/0x350
[  879.722174][T15592]  netlink_rcv_skb+0x1e3/0x430
[  879.726950][T15592]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  879.732421][T15592]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  879.737722][T15592]  ? cap_capable+0x1b4/0x250
[  879.742331][T15592]  ? safesetid_security_capable+0xb2/0x1d0
[  879.748154][T15592]  ? bpf_lsm_capable+0x9/0x10
[  879.752835][T15592]  ? security_capable+0x7e/0x2d0
[  879.757789][T15592]  nfnetlink_rcv+0x297/0x2ab0
[  879.762482][T15592]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  879.768222][T15592]  ? __dev_queue_xmit+0x2f4/0x3f50
[  879.773345][T15592]  ? __dev_queue_xmit+0x1775/0x3f50
[  879.778554][T15592]  ? kasan_save_track+0x51/0x80
[  879.783416][T15592]  ? ____sys_sendmsg+0x52a/0x7e0
[  879.788364][T15592]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  879.793486][T15592]  ? __dev_queue_xmit+0x2f4/0x3f50
[  879.798610][T15592]  ? __pfx___dev_queue_xmit+0x10/0x10
[  879.804002][T15592]  ? ref_tracker_free+0x643/0x7e0
[  879.809033][T15592]  ? __asan_memcpy+0x40/0x70
[  879.813637][T15592]  ? __pfx_ref_tracker_free+0x10/0x10
[  879.819018][T15592]  ? rcu_is_watching+0x15/0xb0
[  879.823796][T15592]  ? lock_release+0xbf/0xa30
[  879.828394][T15592]  ? skb_clone+0x240/0x390
[  879.832820][T15592]  ? __pfx_lock_release+0x10/0x10
[  879.837855][T15592]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  879.843328][T15592]  ? netlink_deliver_tap+0x2e/0x1b0
[  879.848537][T15592]  netlink_unicast+0x7f6/0x990
[  879.853322][T15592]  ? __pfx_netlink_unicast+0x10/0x10
[  879.858619][T15592]  ? __virt_addr_valid+0x45f/0x530
[  879.863744][T15592]  ? __phys_addr_symbol+0x2f/0x70
[  879.868778][T15592]  ? __check_object_size+0x47a/0x730
[  879.874079][T15592]  netlink_sendmsg+0x8e4/0xcb0
[  879.878859][T15592]  ? __pfx_netlink_sendmsg+0x10/0x10
[  879.884156][T15592]  ? lock_release+0xbf/0xa30
[  879.888764][T15592]  ? __pfx_netlink_sendmsg+0x10/0x10
[  879.894055][T15592]  __sock_sendmsg+0x221/0x270
[  879.898752][T15592]  ____sys_sendmsg+0x52a/0x7e0
[  879.903533][T15592]  ? __pfx_____sys_sendmsg+0x10/0x10
[  879.908825][T15592]  ? __fget_files+0x2a/0x410
[  879.913422][T15592]  ? __fget_files+0x2a/0x410
[  879.918022][T15592]  __sys_sendmsg+0x269/0x350
[  879.922624][T15592]  ? __pfx___sys_sendmsg+0x10/0x10
[  879.927752][T15592]  ? lock_release+0xbf/0xa30
[  879.932366][T15592]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  879.938713][T15592]  ? rcu_is_watching+0x15/0xb0
[  879.943496][T15592]  ? rcu_is_watching+0x15/0xb0
[  879.948274][T15592]  do_syscall_64+0xf3/0x230
[  879.952791][T15592]  ? clear_bhb_loop+0x35/0x90
[  879.957476][T15592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  879.963396][T15592] RIP: 0033:0x7f38b4785d29
[  879.967822][T15592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  879.987437][T15592] RSP: 002b:00007f38b5684038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  879.995864][T15592] RAX: ffffffffffffffda RBX: 00007f38b4976080 RCX: 00007f38b4785d29
[  880.003846][T15592] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  880.011827][T15592] RBP: 00007f38b4801a20 R08: 0000000000000000 R09: 0000000000000000
[  880.019804][T15592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  880.027781][T15592] R13: 0000000000000000 R14: 00007f38b4976080 R15: 00007fff59370f78
[  880.035766][T15592]  </TASK>
[  881.148027][T15592] Mem-Info:
[  881.151206][T15592] active_anon:6520 inactive_anon:13855 isolated_anon:0
[  881.151206][T15592]  active_file:25474 inactive_file:34278 isolated_file:0
[  881.151206][T15592]  unevictable:768 dirty:228 writeback:0
[  881.151206][T15592]  slab_reclaimable:6328 slab_unreclaimable:107121
[  881.151206][T15592]  mapped:36017 shmem:13354 pagetables:1249
[  881.151206][T15592]  sec_pagetables:0 bounce:0
[  881.151206][T15592]  kernel_misc_reclaimable:0
[  881.151206][T15592]  free:1295053 free_pcp:1323 free_cma:0
[  881.660550][T15618] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2127'.
[  882.292005][T15618] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2127'.
[  882.761220][T15592] Node 0 active_anon:24480kB inactive_anon:43916kB active_file:101728kB inactive_file:137112kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:136392kB dirty:940kB writeback:0kB shmem:38908kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12064kB pagetables:4948kB sec_pagetables:0kB all_unreclaimable? no
[  882.907300][T15592] Node 1 active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  882.985586][T15592] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  883.083440][T15592] lowmem_reserve[]: 0 2465 2466 0 0
[  883.235351][T15592] Node 0 DMA32 free:1256440kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:24568kB inactive_anon:55588kB active_file:100960kB inactive_file:137060kB unevictable:1536kB writepending:940kB present:3129332kB managed:2552776kB mlocked:0kB bounce:0kB free_pcp:11328kB local_pcp:10924kB free_cma:0kB
[  883.275265][T15592] lowmem_reserve[]: 0 0 0 0 0
[  883.285426][T15592] Node 0 Normal free:4kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:4kB inactive_anon:36kB active_file:776kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  883.474059][T15592] lowmem_reserve[]: 0 0 0 0 0
[  883.506029][T15592] Node 1 Normal free:3900128kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:168kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:3872kB local_pcp:0kB free_cma:0kB
[  883.608651][T15592] lowmem_reserve[]: 0 0 0 0 0
[  885.447757][T15592] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  885.505853][T15592] Node 0 DMA32: 596*4kB (UM) 695*8kB (UME) 374*16kB (UME) 444*32kB (UME) 998*64kB (UME) 795*128kB (UME) 419*256kB (UME) 203*512kB (UME) 100*1024kB (UME) 17*2048kB (UME) 178*4096kB (M) = 1271272kB
[  885.603844][T15592] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  885.631307][T15592] Node 1 Normal: 232*4kB (UME) 66*8kB (UME) 49*16kB (UME) 223*32kB (UME) 93*64kB (UME) 28*128kB (UME) 17*256kB (UME) 6*512kB (UE) 5*1024kB (UM) 7*2048kB (UME) 941*4096kB (M) = 3900128kB
[  885.663256][T15592] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  886.189568][T15592] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  886.207321][T15592] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  886.217273][T15592] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  886.236701][T15592] 69860 total pagecache pages
[  886.241583][T15592] 0 pages in swap cache
[  886.245872][T15592] Free swap  = 124652kB
[  886.516942][T15592] Total swap = 124996kB
[  886.525396][T15592] 2097051 pages RAM
[  886.529578][T15592] 0 pages HighMem/MovableOnly
[  886.534731][T15592] 427005 pages reserved
[  886.541405][T15592] 0 pages cma reserved
[  886.957446][T15659] virtio-fs: tag <(null)> not found
[  893.829466][T15690] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2142'.
[  893.838504][T15690] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2142'.
[  895.090737][T15695] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2141'.
[  895.099718][T15695] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2141'.
[  896.369847][   T25] libceph: connect (1)[c::]:6789 error -101
[  896.376053][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  896.719147][T15705] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2145'.
[  896.728154][T15705] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2145'.
[  897.482277][   T25] libceph: connect (1)[c::]:6789 error -101
[  897.488569][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  897.529632][T15706] ceph: No mds server is up or the cluster is laggy
[  897.998310][ T5919] libceph: connect (1)[c::]:6789 error -101
[  898.005373][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  902.291446][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  902.331749][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  902.353750][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  902.696233][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  903.039103][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  905.116176][ T5840] Bluetooth: hci4: Opcode 0x0c38 failed: -110
[  905.176671][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  905.189419][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  905.207068][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  905.220757][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  905.230124][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  905.237720][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  905.245102][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  905.933634][T15763] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2157'.
[  906.204851][T15763] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2157'.
[  906.953307][T15771] binder: 15764:15771 ioctl c018620c 20001180 returned -22
[  907.694086][T15775] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2159'.
[  908.150428][   T54] Bluetooth: hci4: command tx timeout
[  908.240734][T15775] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2159'.
[  910.164976][T15741] chnl_net:caif_netlink_parms(): no params data found
[  912.167636][   T54] Bluetooth: hci4: command tx timeout
[  914.215588][   T54] Bluetooth: hci4: command tx timeout
[  916.707688][   T54] Bluetooth: hci4: command tx timeout
[  920.320993][T15741] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.328640][T15741] bridge0: port 1(bridge_slave_0) entered disabled state
[  920.714325][T15821] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2169'.
[  920.723296][T15821] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2169'.
[  920.777824][T15741] bridge_slave_0: entered allmulticast mode
[  920.786545][T15741] bridge_slave_0: entered promiscuous mode
[  920.804813][T15741] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.852096][T15741] bridge0: port 2(bridge_slave_1) entered disabled state
[  922.213910][T15741] bridge_slave_1: entered allmulticast mode
[  922.377694][T15741] bridge_slave_1: entered promiscuous mode
[  922.559870][T15834] binder: 15826:15834 ioctl c018620c 20001180 returned -22
[  923.738188][T15741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  923.742369][T15839] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2172'.
[  924.153874][T15839] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2172'.
[  925.097435][T15741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  925.519814][T15741] team0: Port device team_slave_0 added
[  925.863297][T15845] binder: 15841:15845 ioctl c018620c 20001180 returned -22
[  926.123752][T15741] team0: Port device team_slave_1 added
[ 1030.084951][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1030.099921][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1031.508011][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1031.522856][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1032.477524][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1032.484492][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=34653, q=1654564 ncpus=2)
[ 1032.492562][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10501 (4295040332-4295029831), jiffies_till_next_fqs=1, root ->qsmask 0x0
[ 1032.505944][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g34653 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1032.517145][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1032.527119][    C0] rcu: RCU grace-period kthread stack dump:
[ 1032.533009][    C0] task:rcu_preempt     state:R  running task     stack:25880 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1032.544770][    C0] Call Trace:
[ 1032.548052][    C0]  <TASK>
[ 1032.550988][    C0]  __schedule+0x17fb/0x4be0
[ 1032.555514][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1032.561425][    C0]  ? schedule+0x90/0x320
[ 1032.565689][    C0]  ? lock_release+0xbf/0xa30
[ 1032.570293][    C0]  ? __pfx___schedule+0x10/0x10
[ 1032.575164][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1032.580208][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1032.586547][    C0]  ? schedule+0x90/0x320
[ 1032.590801][    C0]  schedule+0x14b/0x320
[ 1032.594974][    C0]  schedule_timeout+0x15a/0x290
[ 1032.599834][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1032.605217][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1032.610522][    C0]  ? prepare_to_swait_event+0x330/0x350
[ 1032.616080][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1032.620953][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[ 1032.626860][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1032.632161][    C0]  ? rcu_gp_fqs_loop+0x131d/0x1330
[ 1032.637283][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1032.641884][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1032.647094][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1032.653006][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1032.658042][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1032.663254][    C0]  kthread+0x2f0/0x390
[ 1032.667335][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1032.672545][    C0]  ? __pfx_kthread+0x10/0x10
[ 1032.677149][    C0]  ret_from_fork+0x4b/0x80
[ 1032.681572][    C0]  ? __pfx_kthread+0x10/0x10
[ 1032.686175][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1032.690982][    C0]  </TASK>
[ 1032.694006][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1032.700342][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1032.705559][    C1] NMI backtrace for cpu 1
[ 1032.705573][    C1] CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[ 1032.705592][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1032.705602][    C1] RIP: 0010:stack_trace_consume_entry+0x0/0x280
[ 1032.705631][    C1] Code: 17 78 00 e9 6a ff ff ff e8 1d 60 35 0a 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 fb 48
[ 1032.705645][    C1] RSP: 0018:ffffc90000a17a78 EFLAGS: 00000286
[ 1032.705661][    C1] RAX: ffffffff810a47aa RBX: ffffc90000a17a80 RCX: ffffffff91773000
[ 1032.705674][    C1] RDX: ffffffff91922001 RSI: ffffffff810a47aa RDI: ffffc90000a17b60
[ 1032.705687][    C1] RBP: ffffc90000a17b10 R08: ffffc900001e7de0 R09: 0000000000000000
[ 1032.705699][    C1] R10: ffffc90000a17ad0 R11: ffffffff818b3990 R12: ffff88801d6f0000
[ 1032.705712][    C1] R13: ffffffff818b3990 R14: ffffc90000a17b60 R15: 0000000000000000
[ 1032.705723][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1032.705741][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1032.705753][    C1] CR2: 000000110c35c7bd CR3: 0000000064648000 CR4: 00000000003526f0
[ 1032.705768][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1032.705778][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1032.705788][    C1] Call Trace:
[ 1032.705794][    C1]  <NMI>
[ 1032.705800][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1032.705820][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1032.705838][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1032.705863][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1032.705886][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1032.705903][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1032.705920][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.705944][    C1]  ? default_do_nmi+0x63/0x160
[ 1032.705961][    C1]  ? exc_nmi+0x123/0x1f0
[ 1032.705978][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1032.705993][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.706017][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.706040][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[ 1032.706057][    C1]  ? __init_begin+0x41000/0x41000
[ 1032.706074][    C1]  ? use_tpause_delay+0x1/0x1f
[ 1032.706089][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[ 1032.706105][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.706129][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.706153][    C1]  ? use_tpause_delay+0x1/0x1f
[ 1032.706167][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1032.706191][    C1]  </NMI>
[ 1032.706196][    C1]  <IRQ>
[ 1032.706201][    C1]  arch_stack_walk+0x10e/0x150
[ 1032.706221][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[ 1032.706239][    C1]  stack_trace_save+0x118/0x1d0
[ 1032.706261][    C1]  ? stack_trace_save+0x118/0x1d0
[ 1032.706283][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1032.706306][    C1]  ? __asan_memset+0x23/0x50
[ 1032.706326][    C1]  ? unwind_next_frame+0x193b/0x22d0
[ 1032.706344][    C1]  kasan_save_track+0x3f/0x80
[ 1032.706364][    C1]  ? kasan_save_track+0x3f/0x80
[ 1032.706382][    C1]  ? __kasan_slab_alloc+0x66/0x80
[ 1032.706408][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1032.706424][    C1]  ? __alloc_skb+0x1c3/0x440
[ 1032.706439][    C1]  ? synproxy_send_client_synack+0x1b9/0xe20
[ 1032.706463][    C1]  ? nft_synproxy_eval_v4+0x3ca/0x610
[ 1032.706480][    C1]  ? nft_synproxy_do_eval+0x362/0xa60
[ 1032.706495][    C1]  ? nft_do_chain+0x4ad/0x1da0
[ 1032.706512][    C1]  ? nft_do_chain_inet+0x418/0x6b0
[ 1032.706527][    C1]  ? nf_hook_slow+0xc3/0x220
[ 1032.706548][    C1]  ? NF_HOOK+0x29e/0x450
[ 1032.706567][    C1]  ? NF_HOOK+0x3a4/0x450
[ 1032.706585][    C1]  ? __netif_receive_skb+0x2bf/0x650
[ 1032.706605][    C1]  ? process_backlog+0x662/0x15b0
[ 1032.706626][    C1]  ? __napi_poll+0xcb/0x490
[ 1032.706645][    C1]  ? net_rx_action+0x89b/0x1240
[ 1032.706666][    C1]  ? handle_softirqs+0x2d4/0x9b0
[ 1032.706687][    C1]  ? __irq_exit_rcu+0xf7/0x220
[ 1032.706708][    C1]  ? irq_exit_rcu+0x9/0x30
[ 1032.706727][    C1]  ? sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1032.706747][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1032.706771][    C1]  ? raw_spin_rq_unlock_irq+0x19/0x90
[ 1032.706790][    C1]  ? __schedule+0x19b4/0x4be0
[ 1032.706809][    C1]  ? preempt_schedule_common+0x84/0xd0
[ 1032.706828][    C1]  ? preempt_schedule+0xe1/0xf0
[ 1032.706858][    C1]  __kasan_slab_alloc+0x66/0x80
[ 1032.706880][    C1]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1032.706896][    C1]  ? __alloc_skb+0x1c3/0x440
[ 1032.706913][    C1]  __alloc_skb+0x1c3/0x440
[ 1032.706927][    C1]  ? preempt_schedule_thunk+0x1a/0x30
[ 1032.706943][    C1]  ? smpboot_thread_fn+0x65b/0xa30
[ 1032.706968][    C1]  ? __pfx___alloc_skb+0x10/0x10
[ 1032.706983][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1032.707003][    C1]  ? synproxy_pernet+0x45/0x270
[ 1032.707018][    C1]  ? lock_release+0xbf/0xa30
[ 1032.707037][    C1]  synproxy_send_client_synack+0x1b9/0xe20
[ 1032.707064][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 1032.707089][    C1]  ? synproxy_pernet+0x45/0x270
[ 1032.707106][    C1]  nft_synproxy_eval_v4+0x3ca/0x610
[ 1032.707125][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1032.707140][    C1]  ? lock_release+0xbf/0xa30
[ 1032.707157][    C1]  ? nf_ip_checksum+0x13a/0x500
[ 1032.707175][    C1]  nft_synproxy_do_eval+0x362/0xa60
[ 1032.707193][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1032.707209][    C1]  ? ip_vs_conn_hashkey_param+0x3ad/0x6b0
[ 1032.707229][    C1]  ? ip_vs_conn_out_get+0xba6/0xc00
[ 1032.707248][    C1]  nft_do_chain+0x4ad/0x1da0
[ 1032.707267][    C1]  ? tcp_conn_schedule+0x45e/0x880
[ 1032.707283][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 1032.707309][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[ 1032.707327][    C1]  ? __pfx_ip_vs_in_hook+0x10/0x10
[ 1032.707347][    C1]  nft_do_chain_inet+0x418/0x6b0
[ 1032.707364][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1032.707386][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1032.707408][    C1]  nf_hook_slow+0xc3/0x220
[ 1032.707430][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1032.707451][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1032.707472][    C1]  NF_HOOK+0x29e/0x450
[ 1032.707492][    C1]  ? NF_HOOK+0x9a/0x450
[ 1032.707511][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1032.707531][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1032.707554][    C1]  ? ip_rcv_finish+0x406/0x560
[ 1032.707574][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1032.707594][    C1]  NF_HOOK+0x3a4/0x450
[ 1032.707615][    C1]  ? NF_HOOK+0x9a/0x450
[ 1032.707634][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1032.707652][    C1]  ? ip_rcv_core+0x801/0xd10
[ 1032.707673][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1032.707695][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 1032.707715][    C1]  __netif_receive_skb+0x2bf/0x650
[ 1032.707737][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1032.707753][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[ 1032.707774][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1032.707790][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1032.707807][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1032.707828][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1032.707848][    C1]  ? process_backlog+0x33b/0x15b0
[ 1032.707870][    C1]  process_backlog+0x662/0x15b0
[ 1032.707893][    C1]  ? process_backlog+0x33b/0x15b0
[ 1032.707918][    C1]  ? __pfx_process_backlog+0x10/0x10
[ 1032.707940][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1032.707963][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1032.707981][    C1]  __napi_poll+0xcb/0x490
[ 1032.708002][    C1]  net_rx_action+0x89b/0x1240
[ 1032.708031][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1032.708055][    C1]  ? sched_clock+0x4a/0x70
[ 1032.708079][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1032.708100][    C1]  ? seqcount_lockdep_reader_access+0x1c1/0x220
[ 1032.708125][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1032.708141][    C1]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1032.708167][    C1]  handle_softirqs+0x2d4/0x9b0
[ 1032.708191][    C1]  ? __irq_exit_rcu+0xf7/0x220
[ 1032.708213][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1032.708236][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1032.708255][    C1]  __irq_exit_rcu+0xf7/0x220
[ 1032.708276][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1032.708300][    C1]  irq_exit_rcu+0x9/0x30
[ 1032.708320][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1032.708341][    C1]  </IRQ>
[ 1032.708346][    C1]  <TASK>
[ 1032.708352][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1032.708375][    C1] RIP: 0010:raw_spin_rq_unlock_irq+0x19/0x90
[ 1032.708400][    C1] Code: 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 53 48 89 fb 66 90 48 89 df e8 5e a2 53 0a e8 e9 85 37 00 fb 5b <41> 5e 41 5f c3 cc cc cc cc f3 0f 1e fa 49 bf 00 00 00 00 00 fc ff
[ 1032.708414][    C1] RSP: 0018:ffffc900001e7b08 EFLAGS: 00000286
[ 1032.708428][    C1] RAX: 705f362794445b00 RBX: ffff8880b873e740 RCX: ffffffff81a73c8c
[ 1032.708440][    C1] RDX: dffffc0000000000 RSI: ffffffff8c5ed880 RDI: ffffffff816fb7a7
[ 1032.708452][    C1] RBP: ffffc900001e7d30 R08: ffffffff90184fb7 R09: 1ffffffff20309f6
[ 1032.708465][    C1] R10: dffffc0000000000 R11: fffffbfff20309f7 R12: ffffc900001e7cb0
[ 1032.708477][    C1] R13: 1ffff110170e7ea9 R14: ffff88801d6f0000 R15: ffff88801d6f0770
[ 1032.708493][    C1]  ? trace_irq_enable+0x2c/0x120
[ 1032.708508][    C1]  ? raw_spin_rq_unlock_irq+0x17/0x90
[ 1032.708529][    C1]  __schedule+0x19b4/0x4be0
[ 1032.708553][    C1]  ? rcu_softirq_qs+0xf3/0x370
[ 1032.708575][    C1]  ? __pfx___schedule+0x10/0x10
[ 1032.708595][    C1]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[ 1032.708619][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1032.708643][    C1]  ? preempt_schedule+0xe1/0xf0
[ 1032.708663][    C1]  preempt_schedule_common+0x84/0xd0
[ 1032.708684][    C1]  preempt_schedule+0xe1/0xf0
[ 1032.708703][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[ 1032.708724][    C1]  ? run_ksoftirqd+0xe3/0x130
[ 1032.708738][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[ 1032.708753][    C1]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[ 1032.708769][    C1]  preempt_schedule_thunk+0x1a/0x30
[ 1032.708785][    C1]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[ 1032.708800][    C1]  ? smpboot_thread_fn+0x2d3/0xa30
[ 1032.708823][    C1]  ? smpboot_thread_fn+0x4fb/0xa30
[ 1032.708845][    C1]  ? smpboot_thread_fn+0x656/0xa30
[ 1032.708868][    C1]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[ 1032.708883][    C1]  smpboot_thread_fn+0x65b/0xa30
[ 1032.708907][    C1]  ? smpboot_thread_fn+0x4e/0xa30
[ 1032.708932][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1032.708955][    C1]  kthread+0x2f0/0x390
[ 1032.708972][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1032.708995][    C1]  ? __pfx_kthread+0x10/0x10
[ 1032.709012][    C1]  ret_from_fork+0x4b/0x80
[ 1032.709026][    C1]  ? __pfx_kthread+0x10/0x10
[ 1032.709044][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1032.709070][    C1]  </TASK>
[ 1035.391736][   T30] INFO: task syz.2.2129:15623 blocked for more than 149 seconds.
[ 1035.497554][   T30]       Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[ 1035.505226][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1036.167760][   T30] task:syz.2.2129      state:D stack:26320 pid:15623 tgid:15619 ppid:5828   flags:0x00000004
[ 1036.242381][   T30] Call Trace:
[ 1036.283886][   T30]  <TASK>
[ 1036.317994][   T30]  __schedule+0x17fb/0x4be0
[ 1036.467591][   T30]  ? rcu_is_watching+0x15/0xb0
[ 1036.472408][   T30]  ? schedule+0x90/0x320
[ 1036.476671][   T30]  ? lock_release+0xbf/0xa30
[ 1036.777924][   T30]  ? __pfx___schedule+0x10/0x10
[ 1036.782830][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1037.038297][   T30]  ? rcu_is_watching+0x15/0xb0
[ 1037.043121][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1037.212858][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1037.277781][   T30]  ? unwind_get_return_address+0x4d/0x90
[ 1037.283467][   T30]  ? schedule+0x90/0x320
[ 1037.390004][   T30]  schedule+0x14b/0x320
[ 1037.394221][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1037.510720][   T30]  __mutex_lock+0x7e7/0xee0
[ 1037.515293][   T30]  ? __mutex_lock+0x5ef/0xee0
[ 1037.587708][   T30]  ? kvm_vm_ioctl_create_vcpu+0x5a/0xa00
[ 1037.593392][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1037.664366][   T30]  ? kasan_save_track+0x51/0x80
[ 1037.697604][   T30]  ? kasan_save_track+0x3f/0x80
[ 1037.702504][   T30]  ? kasan_save_free_info+0x40/0x50
[ 1037.802741][   T30]  ? __kasan_slab_free+0x59/0x70
[ 1037.825238][   T30]  ? kfree+0x196/0x430
[ 1037.870126][   T30]  ? security_file_ioctl+0xc6/0x2a0
[ 1037.875372][   T30]  ? __se_sys_ioctl+0x46/0x170
[ 1037.950209][   T30]  ? do_syscall_64+0xf3/0x230
[ 1037.954943][   T30]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.010125][   T30]  kvm_vm_ioctl_create_vcpu+0x5a/0xa00
[ 1038.015633][   T30]  kvm_vm_ioctl+0x7e2/0xd30
[ 1038.097618][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1038.102697][   T30]  ? rcu_is_watching+0x15/0xb0
[ 1038.107485][   T30]  ? lock_release+0xbf/0xa30
[ 1038.197550][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1038.203921][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1038.297847][   T30]  ? tomoyo_path_number_perm+0x679/0x860
[ 1038.303529][   T30]  ? tomoyo_path_number_perm+0x679/0x860
[ 1038.365050][   T30]  ? tomoyo_path_number_perm+0x6f9/0x860
[ 1038.400391][   T30]  ? tomoyo_path_number_perm+0x206/0x860
[ 1038.406077][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1038.507742][   T30]  ? smack_file_ioctl+0x353/0x3a0
[ 1038.512830][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1038.575674][   T30]  ? __fget_files+0x2a/0x410
[ 1038.608020][   T30]  ? __fget_files+0x2a/0x410
[ 1038.612655][   T30]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1038.677617][   T30]  __se_sys_ioctl+0xf5/0x170
[ 1038.682259][   T30]  do_syscall_64+0xf3/0x230
[ 1038.686790][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1038.754319][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.802614][   T30] RIP: 0033:0x7f7b94185d29
[ 1038.807073][   T30] RSP: 002b:00007f7b94f8a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1038.890065][   T30] RAX: 0000000000000004 RBX: 00007f7b94376080 RCX: 00007f7b94185d29
[ 1038.934161][   T30] RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 0000000000000004
[ 1038.967572][   T30] RBP: 00007f7b94201a20 R08: 0000000000000000 R09: 0000000000000000
[ 1038.975591][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1039.022508][T15867] Bluetooth: hci4: command 0x0406 tx timeout
[ 1039.060411][   T30] R13: 0000000000000001 R14: 00007f7b94376080 R15: 00007ffd036fb7c8
[ 1039.100176][   T30]  </TASK>
[ 1041.031654][   T30] INFO: lockdep is turned off.
[ 1041.036458][   T30] NMI backtrace for cpu 0
[ 1041.040798][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[ 1041.051313][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1041.061374][   T30] Call Trace:
[ 1041.064670][   T30]  <TASK>
[ 1041.067616][   T30]  dump_stack_lvl+0x241/0x360
[ 1041.072313][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1041.077528][   T30]  ? __pfx__printk+0x10/0x10
[ 1041.082130][   T30]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[ 1041.089082][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1041.094040][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1041.099509][   T30]  ? _printk+0xd5/0x120
[ 1041.103678][   T30]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1041.109669][   T30]  ? __pfx__printk+0x10/0x10
[ 1041.114277][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1041.120270][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1041.126264][   T30]  watchdog+0xff6/0x1040
[ 1041.130520][   T30]  ? watchdog+0x1ea/0x1040
[ 1041.134951][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1041.139635][   T30]  kthread+0x2f0/0x390
[ 1041.143717][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1041.148401][   T30]  ? __pfx_kthread+0x10/0x10
[ 1041.153002][   T30]  ret_from_fork+0x4b/0x80
[ 1041.157430][   T30]  ? __pfx_kthread+0x10/0x10
[ 1041.162030][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1041.166820][   T30]  </TASK>
[ 1041.173604][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1041.182551][    C1] NMI backtrace for cpu 1
[ 1041.182564][    C1] CPU: 1 UID: 0 PID: 24 Comm: ksoftirqd/1 Not tainted 6.13.0-rc3-syzkaller-00044-gaef25be35d23 #0
[ 1041.182585][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1041.182596][    C1] RIP: 0010:enqueue_to_backlog+0x860/0xc80
[ 1041.182622][    C1] Code: f8 48 8b 44 24 08 49 89 45 00 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 48 8b 6c 24 28 74 08 4c 89 f7 e8 e5 4e 76 f8 48 8b 44 24 08 <49> 89 06 48 8b 44 24 60 42 0f b6 04 38 84 c0 0f 85 58 01 00 00 ff
[ 1041.182636][    C1] RSP: 0018:ffffc900001e66b0 EFLAGS: 00000046
[ 1041.182652][    C1] RAX: ffff8880ab076500 RBX: ffff8880ab076508 RCX: ffff88801d6f0000
[ 1041.182665][    C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 0000000000000000
[ 1041.182676][    C1] RBP: ffff8880b873fe40 R08: ffffffff898d0290 R09: 1ffff110170e800b
[ 1041.182689][    C1] R10: dffffc0000000000 R11: ffffed10170e800c R12: ffff8880ab076500
[ 1041.182701][    C1] R13: ffff8880b873fff8 R14: ffff8880b873fff0 R15: dffffc0000000000
[ 1041.182714][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1041.182729][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1041.182744][    C1] CR2: 000000110c35c7bd CR3: 0000000064648000 CR4: 00000000003526f0
[ 1041.182758][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1041.182769][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1041.182779][    C1] Call Trace:
[ 1041.182785][    C1]  <NMI>
[ 1041.182792][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1041.182811][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1041.182830][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1041.182848][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1041.182870][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1041.182893][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1041.182911][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1041.182929][    C1]  ? enqueue_to_backlog+0x860/0xc80
[ 1041.182948][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1041.182971][    C1]  ? default_do_nmi+0x63/0x160
[ 1041.182989][    C1]  ? exc_nmi+0x123/0x1f0
[ 1041.183006][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1041.183022][    C1]  ? enqueue_to_backlog+0x7a0/0xc80
[ 1041.183043][    C1]  ? enqueue_to_backlog+0x860/0xc80
[ 1041.183063][    C1]  ? enqueue_to_backlog+0x860/0xc80
[ 1041.183084][    C1]  ? enqueue_to_backlog+0x860/0xc80
[ 1041.183104][    C1]  </NMI>
[ 1041.183109][    C1]  <TASK>
[ 1041.183120][    C1]  netif_rx_internal+0x17a/0x630
[ 1041.183136][    C1]  ? eth_type_trans+0x3ce/0x7b0
[ 1041.183156][    C1]  ? __pfx_netif_rx_internal+0x10/0x10
[ 1041.183175][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1041.183195][    C1]  __netif_rx+0x78/0xc0
[ 1041.183214][    C1]  loopback_xmit+0x454/0x6b0
[ 1041.183239][    C1]  dev_hard_start_xmit+0x27a/0x7d0
[ 1041.183262][    C1]  __dev_queue_xmit+0x1b73/0x3f50
[ 1041.183285][    C1]  ? __dev_queue_xmit+0x2f4/0x3f50
[ 1041.183305][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1041.183325][    C1]  ? __asan_memset+0x23/0x50
[ 1041.183347][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1041.183366][    C1]  ? lock_release+0xbf/0xa30
[ 1041.183383][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1041.183400][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1041.183416][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1041.183432][    C1]  ? ip_neigh_gw4+0x310/0x3e0
[ 1041.183453][    C1]  ? ip_finish_output2+0xa14/0x1390
[ 1041.183470][    C1]  ? ip_finish_output2+0x45f/0x1390
[ 1041.183487][    C1]  ip_finish_output2+0xd41/0x1390
[ 1041.183504][    C1]  ? ip_finish_output2+0x45f/0x1390
[ 1041.183524][    C1]  ? __pfx_ip_finish_output2+0x10/0x10
[ 1041.183548][    C1]  ? ip_skb_dst_mtu+0x6ba/0x9b0
[ 1041.183564][    C1]  ? __ip_finish_output+0x349/0x400
[ 1041.183583][    C1]  synproxy_send_client_synack+0x8a4/0xe20
[ 1041.183612][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 1041.183637][    C1]  ? synproxy_pernet+0x45/0x270
[ 1041.183655][    C1]  nft_synproxy_eval_v4+0x3ca/0x610
[ 1041.183673][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1041.183689][    C1]  ? lock_release+0xbf/0xa30
[ 1041.183706][    C1]  ? nf_ip_checksum+0x13a/0x500
[ 1041.183725][    C1]  nft_synproxy_do_eval+0x362/0xa60
[ 1041.183743][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1041.183759][    C1]  ? ip_vs_conn_hashkey_param+0x3ad/0x6b0
[ 1041.183779][    C1]  ? ip_vs_conn_out_get+0xba6/0xc00
[ 1041.183799][    C1]  nft_do_chain+0x4ad/0x1da0
[ 1041.183817][    C1]  ? tcp_conn_schedule+0x45e/0x880
[ 1041.183835][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 1041.183861][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[ 1041.183878][    C1]  ? __pfx_ip_vs_in_hook+0x10/0x10
[ 1041.183898][    C1]  nft_do_chain_inet+0x418/0x6b0
[ 1041.183916][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1041.183938][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1041.183953][    C1]  nf_hook_slow+0xc3/0x220
[ 1041.183976][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1041.183997][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1041.184018][    C1]  NF_HOOK+0x29e/0x450
[ 1041.184038][    C1]  ? NF_HOOK+0x9a/0x450
[ 1041.184057][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1041.184078][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1041.184100][    C1]  ? ip_rcv_finish+0x406/0x560
[ 1041.184121][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1041.184142][    C1]  NF_HOOK+0x3a4/0x450
[ 1041.184162][    C1]  ? NF_HOOK+0x9a/0x450
[ 1041.184180][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1041.184199][    C1]  ? ip_rcv_core+0x801/0xd10
[ 1041.184219][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1041.184242][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 1041.184262][    C1]  __netif_receive_skb+0x2bf/0x650
[ 1041.184284][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1041.184300][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[ 1041.184321][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1041.184337][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1041.184354][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1041.184375][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1041.184395][    C1]  ? process_backlog+0x33b/0x15b0
[ 1041.184418][    C1]  process_backlog+0x662/0x15b0
[ 1041.184441][    C1]  ? process_backlog+0x33b/0x15b0
[ 1041.184465][    C1]  ? __pfx_process_backlog+0x10/0x10
[ 1041.184489][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1041.184507][    C1]  __napi_poll+0xcb/0x490
[ 1041.184533][    C1]  net_rx_action+0x89b/0x1240
[ 1041.184562][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1041.184585][    C1]  ? sched_clock+0x4a/0x70
[ 1041.184610][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1041.184632][    C1]  ? rcu_softirq_qs+0xf3/0x370
[ 1041.184651][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1041.184672][    C1]  handle_softirqs+0x2d4/0x9b0
[ 1041.184693][    C1]  ? __pfx_preempt_schedule_notrace+0x10/0x10
[ 1041.184716][    C1]  ? run_ksoftirqd+0xca/0x130
[ 1041.184732][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1041.184753][    C1]  ? preempt_schedule+0xe1/0xf0
[ 1041.184775][    C1]  run_ksoftirqd+0xca/0x130
[ 1041.184790][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[ 1041.184804][    C1]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[ 1041.184820][    C1]  ? __pfx_ksoftirqd_should_run+0x10/0x10
[ 1041.184836][    C1]  ? smpboot_thread_fn+0x2d3/0xa30
[ 1041.184858][    C1]  ? smpboot_thread_fn+0x4fb/0xa30
[ 1041.184881][    C1]  ? smpboot_thread_fn+0x656/0xa30
[ 1041.184904][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[ 1041.184918][    C1]  smpboot_thread_fn+0x544/0xa30
[ 1041.184941][    C1]  ? smpboot_thread_fn+0x4e/0xa30
[ 1041.184966][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1041.184989][    C1]  kthread+0x2f0/0x390
[ 1041.185006][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1041.185029][    C1]  ? __pfx_kthread+0x10/0x10
[ 1041.185047][    C1]  ret_from_fork+0x4b/0x80
[ 1041.185062][    C1]  ? __pfx_kthread+0x10/0x10
[ 1041.185079][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1041.185106][    C1]  </TASK>