last executing test programs:

5m2.898891047s ago: executing program 2 (id=195):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000240)={0x1a, 0x20, 0x0, 0x9, 0x2, 0x2, @remote}, 0x10)
syz_init_net_socket$llc(0x1a, 0x801, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close(0x4)

5m2.144281948s ago: executing program 2 (id=197):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)

5m1.869530874s ago: executing program 2 (id=200):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r1=>0x0})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002180)=""/4089, 0xfffffffffffffd79)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff1}, {0x3, 0x6}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48080}, 0x0)

4m59.175632412s ago: executing program 2 (id=208):
r0 = shmat(0x0, &(0x7f0000feb000/0x1000)=nil, 0x400c)
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ff7000/0x2000)=nil)
getrlimit(0xf, 0x0)
shmdt(r0)
syz_open_dev$audion(&(0x7f0000000000), 0x9, 0x101000)
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
close(r1)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r3 = dup(r2)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
getpeername(r4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x76, 0x0, 0x0)
read$msr(r5, &(0x7f000001dc00)=""/102392, 0x18ff8)
mount(&(0x7f0000000140)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000680)='btrfs\x00', 0x208000, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}})
write$6lowpan_enable(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4m57.944132247s ago: executing program 2 (id=211):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3, 0x0, 0x2}, 0x18)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000640)=@newtfilter={0x12c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0xc, 0x2}}, [@filter_kind_options=@f_u32={{0x8}, {0x100, 0x2, [@TCA_U32_SEL={0xf4, 0x5, {0xb, 0x8, 0xe, 0x5, 0x8e80, 0x4, 0x4, 0x7fffffff, [{0x4, 0x7, 0x4, 0xfff}, {0x6, 0x1, 0x9, 0x1}, {0x1, 0x6, 0x0, 0x60000000}, {0x8, 0x20, 0x9, 0x1}, {0x0, 0x7ff, 0x1, 0x3}, {0x9, 0x1, 0x3ff, 0x80000000}, {0x3, 0xfa, 0x0, 0xbaa}, {0xc, 0x3, 0x4, 0x9}, {0x1, 0x10000, 0x38000000, 0x7f}, {0x9, 0x4, 0x2, 0x8}, {0x3, 0x1, 0x0, 0x1}, {0xc53c, 0x9, 0x8, 0x4}, {0x0, 0x5, 0x2, 0x8}, {0x2, 0x6, 0x4, 0x7}]}}, @TCA_U32_LINK={0x8, 0x3, 0x60000000}]}}]}, 0x12c}, 0x1, 0x0, 0x0, 0x80}, 0x800)

4m57.113525016s ago: executing program 2 (id=215):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usbip_server_init(0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r8=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r8, 0x1}}, 0x18)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0], 0x162)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x10000000}}, [@ldst={0x3, 0x3, 0x3, 0x8, 0x7, 0x30}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000680)='GPL\x00', 0x6, 0x1013, &(0x7f0000001880)=""/4115, 0x41100, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
socket$inet(0x2, 0x1, 0x0)
dup3(r0, r4, 0x80000)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

4m41.301828414s ago: executing program 32 (id=215):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000006000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc580000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000002c0003800c0000800800034000000002100000800c000180060001"], 0xbc}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r3}, 0x10)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r6}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usbip_server_init(0x1)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r8=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000000)={0x13, 0x10, 0xfa00, {&(0x7f0000000180), r8, 0x1}}, 0x18)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f0000000380)=ANY=[@ANYRESHEX=r0], 0x162)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x10000000}}, [@ldst={0x3, 0x3, 0x3, 0x8, 0x7, 0x30}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x2a}}}, &(0x7f0000000680)='GPL\x00', 0x6, 0x1013, &(0x7f0000001880)=""/4115, 0x41100, 0x28, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
socket$inet(0x2, 0x1, 0x0)
dup3(r0, r4, 0x80000)
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)

2m40.871522319s ago: executing program 0 (id=697):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x7800, 0xa000, 0x0, 0xf, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @rand_addr=0x20007}}}})

2m39.034963362s ago: executing program 0 (id=703):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r4, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e6", 0xa1)
sendmsg$key(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, 0x0}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000036000/0x4000)=nil, 0x4000, 0x1000002, 0x11012, r5, 0x0)
getsockopt$sock_int(r0, 0x1, 0x2, 0x0, &(0x7f00000005c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000018001000000000000000000002000000fc000009000000000600150002009d7d736a1680100008800c000180060001000001000076c9501926e8b897ac7bb396c0b7e70d92dc390e981b600eaf923d9790b82812ed2261484bb787baf65ca261a99d3f52ec30a4e9bfd71ee7d86eb38d1fa34b2eaa75e76d026909c6f26c0d85a6b93abfa5dfd57847e50e406c6f408227ecf214dd1209d6b638fdd02b54ace2d2f9df090c8eb3d86e89a444fa5ba221fa6d63285ecdbbb538fde5afcd8ec3e916fb22d5f2ea2c60d61065d2c545a8a0977b1ca3d93a4370293dbc794ef992c42ef59fe679c9e8a1018e14ae981efe2dcfbb8f5f3d80d7f32cd3de9afdf4afda5e1d2a1a2a92ac00e0cbf73c5979f78586"], 0x38}}, 0x0)

2m35.207152046s ago: executing program 0 (id=712):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340))
r4 = dup(r3)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4})
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1})

2m33.06861777s ago: executing program 0 (id=716):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r3 = socket(0x2, 0x80805, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e20, 0x3, 'lblcr\x00', 0x1, 0xa7e, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224\x00'}, 0x58)
r6 = accept$alg(r5, 0x0, 0x0)
sendmsg$alg(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000080)="682ed500000000a1783569ae0000000000000000", 0xfffffdd2}, {&(0x7f00000001c0)="29235f8b92d8a00700000000000000442aba329c9f1dc1d202c0c12aefdeed8e463a935ef4418b81b79ec3019db723e26db60936b09359c37bbb7c353cf6f339e32000"/76, 0x4c}], 0x2, 0x0, 0x0, 0x40011}, 0x20040000)

2m26.695010577s ago: executing program 0 (id=725):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f00000000c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
read$FUSE(r3, 0x0, 0x500)

2m26.026167147s ago: executing program 0 (id=727):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r3, 0x1)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r7, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

2m10.06843006s ago: executing program 33 (id=727):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r3, 0x1)
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, 0x0)
r7 = dup(r6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r7, 0x2000)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

1m50.864135956s ago: executing program 4 (id=817):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
sendmsg(r0, &(0x7f00000005c0)={&(0x7f0000000000)=@in={0x2, 0x4e21, @rand_addr=0x64010101}, 0x80, 0x0}, 0x20000010)

1m50.49600999s ago: executing program 4 (id=821):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000180))
r1 = eventfd(0xffffffff)
syz_open_pts(0xffffffffffffffff, 0x4000)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
capset(0x0, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000000)={0xd2f0, 0x0, 0x0, 0x80000})
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

1m48.896502479s ago: executing program 4 (id=823):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x34, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m48.433176543s ago: executing program 4 (id=824):
mkdir(0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0x3}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000002940), 0x40000000000017d, 0x811)

1m47.588085661s ago: executing program 5 (id=829):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
getpid()
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000240)=0x1ff, 0x4)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000700)=@buf={0x69, &(0x7f0000000680)="42222e3d8cbec2cca1b61c29aa470a4389f0e0c74d257cf4a56f41a82a4c2986bb3081994aa16243edd288dcc1e6f19380bb3874681285a4f76d3257e22d48bcbead91fd5ac1f92b9fc9b0bbe60c08b7d9ecb969b423c8b17154ab689c9b007926c64dd5b33cdfb096"})

1m44.349597485s ago: executing program 6 (id=770):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e9ffffff0000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(0x0, 0xc7, 0x103900)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xc5)
ioctl$SIOCAX25ADDUID(r3, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xee00})
ioctl$SIOCAX25DELUID(r3, 0x89e2, &(0x7f0000000080)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})

1m44.172031845s ago: executing program 4 (id=833):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, 0x0}, 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x5, 0x3, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1m43.761895089s ago: executing program 4 (id=834):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "081000", 0x40, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0xffff, {0x5, 0x6, "5436ea", 0x400, 0x88, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@dstopts={0x0, 0x0, '\x00', [@pad1, @padn]}]}}}}}}}, 0x0)

1m43.5947497s ago: executing program 5 (id=836):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
sendto$packet(r1, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)

1m43.324178924s ago: executing program 5 (id=839):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0xfffffdb6}, 0x1, 0x0, 0x0, 0x20000040}, 0x200008c1)

1m39.919884139s ago: executing program 5 (id=843):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000000c0)={0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="0000f50000000341e9"], 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

1m37.392429662s ago: executing program 5 (id=845):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x16, 0x0, 0x4, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, 0x0}, 0x20)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x5, 0x3, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1m37.346807897s ago: executing program 6 (id=846):
memfd_create(0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [@printk={@lu, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
gettid()

1m37.266158802s ago: executing program 5 (id=847):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000001c0)={'\x00', 0xa1, 0x1, 0xfffffff7, 0x0, 0xfe})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000240)=0x1ff, 0x4)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000700)=@buf={0x69, &(0x7f0000000680)="42222e3d8cbec2cca1b61c29aa470a4389f0e0c74d257cf4a56f41a82a4c2986bb3081994aa16243edd288dcc1e6f19380bb3874681285a4f76d3257e22d48bcbead91fd5ac1f92b9fc9b0bbe60c08b7d9ecb969b423c8b17154ab689c9b007926c64dd5b33cdfb096"})

1m36.137090562s ago: executing program 6 (id=848):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYRES16, @ANYRES32, @ANYRESHEX, @ANYRESDEC, @ANYRES16, @ANYRESDEC, @ANYRESHEX], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYRES32=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r2 = gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x7, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4)
iopl(0x3)
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x1b, &(0x7f0000000040)={0xfffffffffffffffc, 0x4c000000, 0x0, {[0x8000000000005a]}}, 0x0, 0x8, &(0x7f00000001c0))
tkill(r2, 0x1b)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$inet(r1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x208}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}]}, 0x54}}, 0x0)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r1, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)

1m32.816824282s ago: executing program 6 (id=853):
ioctl$sock_inet6_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000180))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000500)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000001b40)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xc9\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce2\xc2\xbd\xf5\x98\xdf\xdb\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00\x00\x00\x00\x00\x00\x00', 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x6000040}, 0x804)

1m31.545586031s ago: executing program 6 (id=856):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000070000000100010009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x33, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f0000000100)=0x2, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0xbf3, &(0x7f0000000000)=<r4=>0x0)
io_pgetevents(r4, 0x8000023, 0x800000000000087, &(0x7f00000001c0), &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000100)={&(0x7f00000002c0), 0x8})

1m28.324087769s ago: executing program 34 (id=834):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
openat$kvm(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r0, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
syz_emit_ethernet(0x76, &(0x7f0000000080)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "081000", 0x40, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @local}, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0xffff, {0x5, 0x6, "5436ea", 0x400, 0x88, 0x1, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [@dstopts={0x0, 0x0, '\x00', [@pad1, @padn]}]}}}}}}}, 0x0)

1m21.67392236s ago: executing program 35 (id=847):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000001c0)={'\x00', 0xa1, 0x1, 0xfffffff7, 0x0, 0xfe})
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x3, &(0x7f0000000240)=0x1ff, 0x4)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000700)=@buf={0x69, &(0x7f0000000680)="42222e3d8cbec2cca1b61c29aa470a4389f0e0c74d257cf4a56f41a82a4c2986bb3081994aa16243edd288dcc1e6f19380bb3874681285a4f76d3257e22d48bcbead91fd5ac1f92b9fc9b0bbe60c08b7d9ecb969b423c8b17154ab689c9b007926c64dd5b33cdfb096"})

1m16.344241647s ago: executing program 36 (id=856):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000070000000100010009"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
msgctl$IPC_RMID(0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x33, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x42, &(0x7f0000000100)=0x2, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0xbf3, &(0x7f0000000000)=<r4=>0x0)
io_pgetevents(r4, 0x8000023, 0x800000000000087, &(0x7f00000001c0), &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000100)={&(0x7f00000002c0), 0x8})

8.734582811s ago: executing program 1 (id=989):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='kfree\x00', r0, 0x0, 0x7fffffffffffffff}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_SETSEL(r1, 0x541c, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000f40)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}}, 0x14}, 0x1, 0x0, 0x0, 0x4008001}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsetxattr$security_ima(r2, &(0x7f0000000200), &(0x7f0000000700)=@v2={0x5, 0x3, 0x8, 0x4}, 0x9, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r4, 0x0, 0xfffffffffffffffd}, 0x18)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/14], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, 0x0, 0x0)
sendmsg$tipc(r7, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
ioctl$SIOCX25SENDCALLACCPT(r5, 0x89e9)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)

7.583508971s ago: executing program 1 (id=991):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b703000000008600"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x1]}, 0x8)
tkill(r0, 0x7)

7.259240552s ago: executing program 1 (id=994):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000200000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x4000000000001f2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

6.888747972s ago: executing program 3 (id=995):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000080)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}}}}}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)

5.858494809s ago: executing program 3 (id=996):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x2082)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = fcntl$getown(r0, 0x9)
ptrace(0x11, r1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$loop(&(0x7f00000000c0), 0x81, 0x181840)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000007c0)={0xffffffffffffffff, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100009423000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})
syz_open_dev$sndctrl(0x0, 0x1, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)

4.324141512s ago: executing program 1 (id=997):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r1)
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000001080)=""/195, 0xc3}], 0x1, 0x61e, 0x53)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)

3.785256389s ago: executing program 3 (id=998):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000e9ffffff0000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(0x0, 0xc7, 0x103900)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0xc5)
ioctl$SIOCAX25ADDUID(r4, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xee00})
ioctl$SIOCAX25DELUID(r4, 0x89e2, &(0x7f0000000080)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}})

2.966584541s ago: executing program 1 (id=999):
syz_io_uring_setup(0x44ec, &(0x7f0000000080)={0x0, 0x3119, 0x100, 0x3, 0x316}, &(0x7f0000000100), &(0x7f0000000140))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000180100002020702500000000000000000000000080000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffff"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r5, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e6", 0xa1)
sendmsg$key(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0xc000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa4}, [@initr0]}, 0x0}, 0x94)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f0000036000/0x4000)=nil, 0x4000, 0x1000002, 0x11012, r6, 0x0)
getsockopt$sock_int(r0, 0x1, 0x2, 0x0, &(0x7f00000005c0))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000018001000000000000000000002000000fc000009000000000600150002009d7d736a1680100008800c000180060001000001000076c9501926e8b897ac7bb396c0b7e70d92dc390e981b600eaf923d9790b82812ed2261484bb787baf65ca261a99d3f52ec30a4e9bfd71ee7d86eb38d1fa34b2eaa75e76d026909c6f26c0d85a6b93abfa5dfd57847e50e406c6f408227ecf214dd1209d6b638fdd02b54ace2d2f9df090c8eb3d86e89a444fa5ba221fa6d63285ecdbbb538fde5afcd8ec3e916fb22d5f2ea2c60d61065d2c545a8a0977b1ca3d93a4370293dbc794ef992c42ef59fe679c9e8a1018e14ae981efe2dcfbb8f5f3d80d7f32cd3de9afdf4afda5e1d2a1a2a92ac00e0cbf73c5979f78586"], 0x38}}, 0x0)
r7 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r7, 0x0, 0x0)
io_uring_setup(0x38dc, &(0x7f0000000000)={0x0, 0x0, 0x800, 0x0, 0x3ac})

1.509961245s ago: executing program 3 (id=1000):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r3, &(0x7f00000001c0), &(0x7f0000000340)=@udp6=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r4, r1, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x37, &(0x7f00000007c0)=ANY=[], 0x0)

558.054387ms ago: executing program 3 (id=1001):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b703000000008600"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x1]}, 0x8)
tkill(r0, 0x7)

110.622561ms ago: executing program 3 (id=1002):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYRES16, @ANYRES32, @ANYRESHEX, @ANYRESDEC, @ANYRES16, @ANYRESDEC, @ANYRESHEX], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x8, &(0x7f0000000400)=ANY=[@ANYRES32=r0], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r2 = gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x7, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4)
iopl(0x3)
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x1b, &(0x7f0000000040)={0xfffffffffffffffc, 0x4c000000, 0x0, {[0x8000000000005a]}}, 0x0, 0x8, &(0x7f00000001c0))
tkill(r2, 0x1b)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x208}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}]}, 0x54}}, 0x0)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r1, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)

0s ago: executing program 1 (id=1003):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000080)={@link_local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0, 0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}}}}}}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x4, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4c}, [@call={0x85, 0x0, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8}, 0x80)

kernel console output (not intermixed with test programs):

x7f6650e4eec9 code=0x7ffc0000
[  124.813670][ T6300] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[  125.069023][ T6304] tipc: Started in network mode
[  125.069051][ T6304] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  125.070477][ T6304] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  125.097103][ T6304] tipc: Enabled bearer <udp:syz0>, priority 10
[  126.070946][ T6313] lo speed is unknown, defaulting to 1000
[  126.476335][   T49] tipc: Node number set to 1
[  129.631981][ T6324] kthread_run failed with err -4
[  129.706940][ T6339] lo speed is unknown, defaulting to 1000
[  130.213668][   T37] audit: type=1326 audit(1758759958.399:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.213750][   T37] audit: type=1326 audit(1758759958.419:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.223400][   T37] audit: type=1326 audit(1758759958.429:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.224949][   T37] audit: type=1326 audit(1758759958.429:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.225887][   T37] audit: type=1326 audit(1758759958.429:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.226525][   T37] audit: type=1326 audit(1758759958.429:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.226921][   T37] audit: type=1326 audit(1758759958.429:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.227364][   T37] audit: type=1326 audit(1758759958.429:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.231826][   T37] audit: type=1326 audit(1758759958.439:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  130.242720][   T37] audit: type=1326 audit(1758759958.439:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6344 comm="syz.0.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  131.053893][ T6351] usb usb8: usbfs: process 6351 (syz.1.135) did not claim interface 0 before use
[  132.450097][ T6363] netlink: 'syz.4.140': attribute type 4 has an invalid length.
[  132.502379][ T6364] netlink: 'syz.4.140': attribute type 4 has an invalid length.
[  132.704807][ T5926] lo speed is unknown, defaulting to 1000
[  132.707630][ T5925] lo speed is unknown, defaulting to 1000
[  132.822366][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  132.822457][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  134.298184][ T6380] serio: Serial port ptm0
[  136.341666][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  136.495862][ T6369] kthread_run failed with err -4
[  136.518905][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  136.518933][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  136.518975][    T9] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  136.518997][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.609231][    T9] usb 2-1: config 0 descriptor??
[  136.908927][ T6393] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  137.558420][ T6403] tipc: Started in network mode
[  137.558448][ T6403] tipc: Node identity 7f000001, cluster identity 4711
[  137.559728][ T6403] tipc: Enabled bearer <udp:syz2>, priority 10
[  137.606675][ T6403] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  137.623857][ T6403] tipc: Enabled bearer <udp:syz0>, priority 10
[  137.903336][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  137.903461][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  138.032332][    T9] usb 2-1: USB disconnect, device number 2
[  139.165196][   T49] tipc: Node number set to 2130706433
[  139.508898][ T6423] block device autoloading is deprecated and will be removed.
[  140.491278][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  141.380857][ T6456] syz.3.167 (6456) used greatest stack depth: 17800 bytes left
[  144.605065][ T6492] netlink: 'syz.1.182': attribute type 21 has an invalid length.
[  144.647123][ T6492] netlink: 156 bytes leftover after parsing attributes in process `syz.1.182'.
[  144.647163][ T6492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.182'.
[  146.068633][ T6506] input: syz0 as /devices/virtual/input/input5
[  146.291349][ T5848] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  146.458618][ T5848] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.458676][ T5848] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  146.458696][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.524034][ T5848] usb 1-1: config 0 descriptor??
[  146.543938][ T5848] pwc: Askey VC010 type 2 USB webcam detected.
[  146.941382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.941590][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.941769][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.941951][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.942133][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.942314][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.942494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.942679][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  146.942861][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  147.053766][ T5848] pwc: recv_control_msg error -32 req 02 val 2b00
[  147.056400][ T5848] pwc: recv_control_msg error -32 req 02 val 2700
[  147.057222][ T5848] pwc: recv_control_msg error -32 req 02 val 2c00
[  147.057928][ T5848] pwc: recv_control_msg error -32 req 04 val 1000
[  147.058549][ T5848] pwc: recv_control_msg error -32 req 04 val 1300
[  147.059248][ T5848] pwc: recv_control_msg error -32 req 04 val 1400
[  147.059867][ T5848] pwc: recv_control_msg error -32 req 02 val 2000
[  147.114520][ T5848] pwc: recv_control_msg error -32 req 02 val 2100
[  147.117904][ T5848] pwc: recv_control_msg error -32 req 04 val 1500
[  147.120980][ T5848] pwc: recv_control_msg error -32 req 02 val 2500
[  147.121799][ T5848] pwc: recv_control_msg error -32 req 02 val 2400
[  147.349134][ T5848] pwc: recv_control_msg error -71 req 02 val 2900
[  147.357934][ T5848] pwc: recv_control_msg error -71 req 02 val 2800
[  147.358400][ T5848] pwc: recv_control_msg error -71 req 04 val 1100
[  147.358810][ T5848] pwc: recv_control_msg error -71 req 04 val 1200
[  147.422507][ T5848] pwc: Registered as video103.
[  147.474875][ T5848] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6
[  147.549299][ T5848] usb 1-1: USB disconnect, device number 2
[  148.276249][ T6526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.192'.
[  148.941121][   T37] kauditd_printk_skb: 6 callbacks suppressed
[  148.941137][   T37] audit: type=1326 audit(1758759977.139:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.941182][   T37] audit: type=1326 audit(1758759977.139:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.945465][   T37] audit: type=1326 audit(1758759977.149:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.945720][   T37] audit: type=1326 audit(1758759977.149:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.947337][   T37] audit: type=1326 audit(1758759977.149:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.947667][   T37] audit: type=1326 audit(1758759977.149:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.948494][   T37] audit: type=1326 audit(1758759977.149:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.949023][   T37] audit: type=1326 audit(1758759977.149:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.949768][   T37] audit: type=1326 audit(1758759977.149:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  148.981084][   T37] audit: type=1326 audit(1758759977.179:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6535 comm="syz.4.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  149.670683][ T6546] netlink: 4 bytes leftover after parsing attributes in process `syz.2.200'.
[  152.887867][    C0] vkms_vblank_simulate: vblank timer overrun
[  152.971115][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.181163][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.301462][ T5926] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  153.463678][ T5926] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[  153.463705][ T5926] usb 4-1: config 0 has no interface number 0
[  153.469051][ T5926] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  153.469076][ T5926] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.469087][ T5926] usb 4-1: Product: syz
[  153.469094][ T5926] usb 4-1: Manufacturer: syz
[  153.469101][ T5926] usb 4-1: SerialNumber: syz
[  153.527933][ T5926] usb 4-1: config 0 descriptor??
[  153.927298][ T6586] tipc: Started in network mode
[  153.927317][ T6586] tipc: Node identity ac141413, cluster identity 4711
[  153.951966][ T6586] tipc: New replicast peer: 10.1.1.2
[  153.952274][ T6586] tipc: Enabled bearer <udp:syz2>, priority 10
[  154.348204][ T5926] usb 4-1: Firmware version (0.0) predates our first public release.
[  154.348229][ T5926] usb 4-1: Please update to version 0.2 or newer
[  155.048035][ T5848] tipc: Node number set to 2886997011
[  155.087347][ T6597] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  155.087373][ T6597] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  155.114662][ T6597] vhci_hcd vhci_hcd.0: Device attached
[  155.134460][ T6597] lo speed is unknown, defaulting to 1000
[  155.138274][ T6597] lo speed is unknown, defaulting to 1000
[  155.139666][ T6597] lo speed is unknown, defaulting to 1000
[  155.632027][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.669549][ T5926] usb 4-1: USB disconnect, device number 2
[  156.697413][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.713208][ T5848] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  156.716698][ T6606] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  156.719492][ T6605] vhci_hcd: connection closed
[  156.739921][ T6048] vhci_hcd: stop threads
[  156.740621][ T6048] vhci_hcd: release socket
[  156.740932][ T6048] vhci_hcd: disconnect device
[  156.986916][    C0] vkms_vblank_simulate: vblank timer overrun
[  157.122049][ T6611] netlink: 12 bytes leftover after parsing attributes in process `syz.3.218'.
[  158.149734][ T6597] infiniband syz2: set active
[  158.152265][ T6597] infiniband syz2: added lo
[  158.154205][ T6597] syz2: rxe_create_cq: returned err = -12
[  158.154268][ T6597] infiniband syz2: Couldn't create ib_mad CQ
[  158.154446][ T6597] infiniband syz2: Couldn't open port 1
[  158.255959][ T5925] lo speed is unknown, defaulting to 1000
[  158.451135][ T6597] RDS/IB: syz2: added
[  158.462136][ T6597] smc: adding ib device syz2 with port count 1
[  158.462332][ T6597] smc:    ib device syz2 port 1 has pnetid 
[  158.466869][ T5925] lo speed is unknown, defaulting to 1000
[  158.469779][ T6597] lo speed is unknown, defaulting to 1000
[  161.619024][ T6637] netlink: 'syz.3.225': attribute type 21 has an invalid length.
[  161.619118][ T6637] netlink: 156 bytes leftover after parsing attributes in process `syz.3.225'.
[  161.619155][ T6637] netlink: 4 bytes leftover after parsing attributes in process `syz.3.225'.
[  161.851973][ T5848] vhci_hcd: vhci_device speed not set
[  162.324860][ T6597] lo speed is unknown, defaulting to 1000
[  164.583335][ T6597] lo speed is unknown, defaulting to 1000
[  166.429391][ T6649] warn_alloc: 1 callbacks suppressed
[  166.429409][ T6649] syz.4.229: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  166.429477][ T6649] CPU: 0 UID: 0 PID: 6649 Comm: syz.4.229 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  166.429500][ T6649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  166.429511][ T6649] Call Trace:
[  166.429519][ T6649]  <TASK>
[  166.429527][ T6649]  dump_stack_lvl+0x189/0x250
[  166.429564][ T6649]  ? __pfx_dump_stack_lvl+0x10/0x10
[  166.429593][ T6649]  ? __pfx__printk+0x10/0x10
[  166.429615][ T6649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  166.429637][ T6649]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  166.429660][ T6649]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  166.429685][ T6649]  warn_alloc+0x22e/0x3b0
[  166.429720][ T6649]  ? __pfx_warn_alloc+0x10/0x10
[  166.429749][ T6649]  ? __get_vm_area_node+0x2bc/0x350
[  166.429777][ T6649]  ? hash_netport4_resize+0x235/0x1b70
[  166.429803][ T6649]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  166.429830][ T6649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.429881][ T6649]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  166.429914][ T6649]  ? rcu_is_watching+0x15/0xb0
[  166.429947][ T6649]  __kvmalloc_node_noprof+0x330/0x550
[  166.429975][ T6649]  ? hash_netport4_resize+0x235/0x1b70
[  166.429993][ T6649]  ? hash_netport4_resize+0x235/0x1b70
[  166.430019][ T6649]  hash_netport4_resize+0x235/0x1b70
[  166.430038][ T6649]  ? hash_netport4_uadt+0xc9a/0xf30
[  166.430064][ T6649]  ? __pfx_hash_netport4_add+0x10/0x10
[  166.430090][ T6649]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  166.430127][ T6649]  ? call_ad+0x102/0x9c0
[  166.430154][ T6649]  call_ad+0x3c8/0x9c0
[  166.430188][ T6649]  ? __pfx_call_ad+0x10/0x10
[  166.430228][ T6649]  ? __nla_parse+0x40/0x60
[  166.430252][ T6649]  ip_set_ad+0x797/0x940
[  166.430286][ T6649]  ? __pfx_ip_set_ad+0x10/0x10
[  166.430308][ T6649]  ? do_raw_spin_lock+0x121/0x290
[  166.430373][ T6649]  nfnetlink_rcv_msg+0xb66/0x1150
[  166.430397][ T6649]  ? __lock_acquire+0xab9/0xd20
[  166.430421][ T6649]  ? nfnetlink_rcv_msg+0x212/0x1150
[  166.430464][ T6649]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  166.430515][ T6649]  ? __pfx_migrate_enable+0x10/0x10
[  166.430540][ T6649]  ? __pfx_migrate_enable+0x10/0x10
[  166.430583][ T6649]  netlink_rcv_skb+0x205/0x470
[  166.430611][ T6649]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  166.430637][ T6649]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  166.430676][ T6649]  ? bpf_lsm_capable+0x9/0x20
[  166.430701][ T6649]  ? security_capable+0x7e/0x2e0
[  166.430741][ T6649]  nfnetlink_rcv+0x26a/0x2530
[  166.430769][ T6649]  ? __dev_queue_xmit+0x1d3d/0x3b70
[  166.430801][ T6649]  ? __dev_queue_xmit+0x26f/0x3b70
[  166.430838][ T6649]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  166.430862][ T6649]  ? __pfx___dev_queue_xmit+0x10/0x10
[  166.430899][ T6649]  ? ref_tracker_free+0x61e/0x7c0
[  166.430929][ T6649]  ? __asan_memcpy+0x40/0x70
[  166.430949][ T6649]  ? __pfx_ref_tracker_free+0x10/0x10
[  166.430975][ T6649]  ? __skb_clone+0x63/0x7a0
[  166.431001][ T6649]  ? __skb_clone+0x483/0x7a0
[  166.431032][ T6649]  ? skb_clone+0x246/0x3a0
[  166.431056][ T6649]  ? __netlink_deliver_tap+0x807/0x850
[  166.431083][ T6649]  ? netlink_deliver_tap+0x2e/0x1b0
[  166.431117][ T6649]  ? netlink_deliver_tap+0x2e/0x1b0
[  166.431153][ T6649]  netlink_unicast+0x843/0xa10
[  166.431186][ T6649]  ? __pfx_netlink_unicast+0x10/0x10
[  166.431213][ T6649]  ? netlink_sendmsg+0x642/0xb30
[  166.431239][ T6649]  ? skb_put+0x11b/0x210
[  166.431268][ T6649]  netlink_sendmsg+0x805/0xb30
[  166.431301][ T6649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.431335][ T6649]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  166.431353][ T6649]  ? __pfx_netlink_sendmsg+0x10/0x10
[  166.431378][ T6649]  __sock_sendmsg+0x21c/0x270
[  166.431405][ T6649]  ____sys_sendmsg+0x508/0x820
[  166.431427][ T6649]  ? __pfx_____sys_sendmsg+0x10/0x10
[  166.431455][ T6649]  ? import_iovec+0x74/0xa0
[  166.431481][ T6649]  ___sys_sendmsg+0x21f/0x2a0
[  166.431503][ T6649]  ? __pfx____sys_sendmsg+0x10/0x10
[  166.431558][ T6649]  ? __fget_files+0x2a/0x420
[  166.431584][ T6649]  ? __fget_files+0x3a6/0x420
[  166.431619][ T6649]  __x64_sys_sendmsg+0x1a1/0x260
[  166.431642][ T6649]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  166.431670][ T6649]  ? rcu_is_watching+0x15/0xb0
[  166.431710][ T6649]  ? do_syscall_64+0xbe/0x3b0
[  166.431732][ T6649]  do_syscall_64+0xfa/0x3b0
[  166.431748][ T6649]  ? lockdep_hardirqs_on+0x9c/0x150
[  166.431774][ T6649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.431792][ T6649]  ? clear_bhb_loop+0x60/0xb0
[  166.431816][ T6649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.431833][ T6649] RIP: 0033:0x7feeff69eec9
[  166.431851][ T6649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.431867][ T6649] RSP: 002b:00007feefd5c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  166.431887][ T6649] RAX: ffffffffffffffda RBX: 00007feeff8f6180 RCX: 00007feeff69eec9
[  166.431902][ T6649] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000008
[  166.431913][ T6649] RBP: 00007feeff721f91 R08: 0000000000000000 R09: 0000000000000000
[  166.431925][ T6649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  166.431935][ T6649] R13: 00007feeff8f6218 R14: 00007feeff8f6180 R15: 00007ffd310bc828
[  166.431963][ T6649]  </TASK>
[  166.516264][ T6677] netlink: 'syz.0.239': attribute type 21 has an invalid length.
[  166.516358][ T6677] netlink: 156 bytes leftover after parsing attributes in process `syz.0.239'.
[  166.516390][ T6677] netlink: 4 bytes leftover after parsing attributes in process `syz.0.239'.
[  166.526436][ T6649] Mem-Info:
[  166.526449][ T6649] active_anon:257 inactive_anon:7142 isolated_anon:0
[  166.526449][ T6649]  active_file:5312 inactive_file:38027 isolated_file:0
[  166.526449][ T6649]  unevictable:768 dirty:247 writeback:0
[  166.526449][ T6649]  slab_reclaimable:11401 slab_unreclaimable:104963
[  166.526449][ T6649]  mapped:30686 shmem:1357 pagetables:1360
[  166.526449][ T6649]  sec_pagetables:0 bounce:0
[  166.526449][ T6649]  kernel_misc_reclaimable:0
[  166.526449][ T6649]  free:1327724 free_pcp:8955 free_cma:0
[  166.526503][ T6649] Node 0 active_anon:1028kB inactive_anon:28568kB active_file:21048kB inactive_file:152108kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:122744kB dirty:988kB writeback:0kB shmem:3892kB kernel_stack:12696kB pagetables:5324kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  166.526549][ T6649] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  166.526591][ T6649] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  166.526649][ T6649] lowmem_reserve[]: 0 2512 2513 2513 2513
[  166.526682][ T6649] Node 0 DMA32 free:1401032kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1024kB inactive_anon:28528kB active_file:20028kB inactive_file:152040kB unevictable:1536kB writepending:988kB present:3129332kB managed:2572288kB mlocked:0kB bounce:0kB free_pcp:35676kB local_pcp:16096kB free_cma:0kB
[  166.526748][ T6649] lowmem_reserve[]: 0 0 1 1 1
[  166.526778][ T6649] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  166.526833][ T6649] lowmem_reserve[]: 0 0 0 0 0
[  166.526864][ T6649] Node 1 Normal free:3894504kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:144kB local_pcp:0kB free_cma:0kB
[  166.526921][ T6649] lowmem_reserve[]: 0 0 0 0 0
[  166.526952][ T6649] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  166.527064][ T6649] Node 0 DMA32: 1*4kB (U) 214*8kB (UME) 809*16kB (UME) 554*32kB (UME) 426*64kB (UE) 213*128kB (UME) 83*256kB (UME) 27*512kB (UM) 7*1024kB (UE) 1*2048kB (M) 310*4096kB (UM) = 1400964kB
[  166.527215][ T6649] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  166.527310][ T6649] Node 1 Normal: 194*4kB (UE) 44*8kB (UME) 34*16kB (UME) 183*32kB (UME) 88*64kB (UME) 35*128kB (UME) 10*256kB (UME) 5*512kB (UM) 3*1024kB (UME) 1*2048kB (E) 944*4096kB (UM) = 3894504kB
[  166.527460][ T6649] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  166.527476][ T6649] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  166.527492][ T6649] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  166.527508][ T6649] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  166.527523][ T6649] 44692 total pagecache pages
[  166.527531][ T6649] 0 pages in swap cache
[  166.527538][ T6649] Free swap  = 124996kB
[  166.527545][ T6649] Total swap = 124996kB
[  166.527552][ T6649] 2097051 pages RAM
[  166.527558][ T6649] 0 pages HighMem/MovableOnly
[  166.527565][ T6649] 422081 pages reserved
[  166.527572][ T6649] 0 pages cma reserved
[  166.652756][ T6597] lo speed is unknown, defaulting to 1000
[  170.555665][ T6597] lo speed is unknown, defaulting to 1000
[  170.907311][ T5207] udevd[5207]: worker [6596] terminated by signal 33 (Unknown signal 33)
[  170.907370][ T5207] udevd[5207]: worker [6596] failed while handling '/devices/virtual/block/loop1'
[  170.921101][   T37] kauditd_printk_skb: 35 callbacks suppressed
[  170.921124][   T37] audit: type=1326 audit(1758759999.109:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  170.921167][   T37] audit: type=1326 audit(1758759999.109:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  170.944185][   T37] audit: type=1326 audit(1758759999.149:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  170.944235][   T37] audit: type=1326 audit(1758759999.149:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6650e45d67 code=0x7ffc0000
[  170.944273][   T37] audit: type=1326 audit(1758759999.149:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6650deaf79 code=0x7ffc0000
[  170.944311][   T37] audit: type=1326 audit(1758759999.149:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  170.944349][   T37] audit: type=1326 audit(1758759999.149:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6650e45d67 code=0x7ffc0000
[  170.944386][   T37] audit: type=1326 audit(1758759999.149:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6650deaf79 code=0x7ffc0000
[  170.944425][   T37] audit: type=1326 audit(1758759999.149:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6650e4d710 code=0x7ffc0000
[  171.156763][   T37] audit: type=1326 audit(1758759999.359:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6706 comm="syz.3.249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  172.195573][ T5156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  172.221867][ T5156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  172.225194][ T5156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  172.229576][ T5156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  172.230160][ T5156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  172.479720][ T6730] lo speed is unknown, defaulting to 1000
[  172.479830][ T6597] lo speed is unknown, defaulting to 1000
[  172.911404][ T5848] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  173.097289][ T5848] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[  173.097306][ T5848] usb 1-1: config 0 has no interface number 0
[  173.102480][ T5848] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  173.102505][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.102523][ T5848] usb 1-1: Product: syz
[  173.102538][ T5848] usb 1-1: Manufacturer: syz
[  173.102550][ T5848] usb 1-1: SerialNumber: syz
[  173.196630][ T5848] usb 1-1: config 0 descriptor??
[  173.827337][ T5848] usb 1-1: Firmware version (0.0) predates our first public release.
[  173.827353][ T5848] usb 1-1: Please update to version 0.2 or newer
[  173.906817][ T5848] usb 1-1: USB disconnect, device number 3
[  174.331461][ T5156] Bluetooth: hci5: command tx timeout
[  174.606575][ T6754] IPVS: Error connecting to the multicast addr
[  174.671560][ T6758] netlink: 4 bytes leftover after parsing attributes in process `syz.3.266'.
[  175.047077][  T990] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  176.070510][  T990] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.070539][  T990] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.070561][  T990] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  176.070573][  T990] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.112701][  T990] usb 1-1: config 0 descriptor??
[  176.411678][ T5156] Bluetooth: hci5: command tx timeout
[  176.878761][   T37] kauditd_printk_skb: 35 callbacks suppressed
[  176.878777][   T37] audit: type=1326 audit(1758760005.079:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  176.881172][   T37] audit: type=1326 audit(1758760005.079:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeff695d67 code=0x7ffc0000
[  176.884121][   T37] audit: type=1326 audit(1758760005.079:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeff63af79 code=0x7ffc0000
[  176.884166][   T37] audit: type=1326 audit(1758760005.079:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  176.884206][   T37] audit: type=1326 audit(1758760005.079:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  176.884245][   T37] audit: type=1326 audit(1758760005.079:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feeff69d710 code=0x7ffc0000
[  176.962645][   T37] audit: type=1326 audit(1758760005.159:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  176.962694][   T37] audit: type=1326 audit(1758760005.159:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeff695d67 code=0x7ffc0000
[  176.962735][   T37] audit: type=1326 audit(1758760005.159:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7feeff63af79 code=0x7ffc0000
[  176.962774][   T37] audit: type=1326 audit(1758760005.159:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6775 comm="syz.4.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7feeff695d67 code=0x7ffc0000
[  177.128170][  T990] usbhid 1-1:0.0: can't add hid device: -71
[  177.128304][  T990] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  177.149121][  T990] usb 1-1: USB disconnect, device number 4
[  177.283374][ T6730] chnl_net:caif_netlink_parms(): no params data found
[  177.320147][ T6783] 9pnet_fd: Insufficient options for proto=fd
[  178.496144][ T5156] Bluetooth: hci5: command tx timeout
[  178.629797][ T6048] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.918780][ T6817] syz.0.288 uses obsolete (PF_INET,SOCK_PACKET)
[  179.263554][ T6048] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.780860][ T6048] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  179.954887][ T6837] netlink: 4 bytes leftover after parsing attributes in process `syz.4.292'.
[  180.520116][ T6048] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.571467][ T5156] Bluetooth: hci5: command tx timeout
[  180.830880][ T6730] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.831032][ T6730] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.833834][ T6730] bridge_slave_0: entered allmulticast mode
[  180.875657][ T6730] bridge_slave_0: entered promiscuous mode
[  181.310369][ T6730] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.320696][ T6730] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.353456][ T6730] bridge_slave_1: entered allmulticast mode
[  181.373108][   T31] IPVS: starting estimator thread 0...
[  181.465132][ T6861] IPVS: using max 6 ests per chain, 14400 per kthread
[  181.474817][ T6730] bridge_slave_1: entered promiscuous mode
[  182.557417][ T6730] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  182.578882][ T6730] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  182.621485][   T31] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  182.713411][ T6872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.304'.
[  182.784184][   T31] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  182.784213][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.821084][   T31] usb 5-1: config 0 descriptor??
[  182.974974][ T6730] team0: Port device team_slave_0 added
[  183.036635][ T6730] team0: Port device team_slave_1 added
[  183.657390][   T31] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  183.657417][   T31] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9
[  183.671823][   T31] asix 5-1:0.0: probe with driver asix failed with error -71
[  183.688371][   T31] usb 5-1: USB disconnect, device number 2
[  183.994109][ T6890] netlink: 4 bytes leftover after parsing attributes in process `syz.1.311'.
[  184.171027][ T6730] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.171043][ T6730] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.171059][ T6730] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.213464][ T6730] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.213479][ T6730] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.213503][ T6730] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.534785][ T6903] batman_adv: batadv0: Adding interface: dummy0
[  184.534801][ T6903] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  184.534831][ T6903] batman_adv: batadv0: Interface activated: dummy0
[  184.783301][ T6903] batadv0: mtu less than device minimum
[  184.794367][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.803295][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.812206][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.821129][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.829690][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.838777][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.846988][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.855855][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  184.864533][ T6903] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  185.255979][ T6048] bridge_slave_1: left allmulticast mode
[  185.262227][ T6048] bridge_slave_1: left promiscuous mode
[  185.266153][ T6048] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.374578][ T6048] bridge_slave_0: left allmulticast mode
[  185.374613][ T6048] bridge_slave_0: left promiscuous mode
[  185.374914][ T6048] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.502665][ T6048] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.702055][ T6048] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.725868][ T6048] bond0 (unregistering): Released all slaves
[  189.862624][ T6908] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  189.862698][ T6908] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  189.862719][ T6908] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  190.413838][ T6730] hsr_slave_0: entered promiscuous mode
[  190.421169][ T6730] hsr_slave_1: entered promiscuous mode
[  190.448657][ T6730] debugfs: 'hsr0' already exists in 'hsr'
[  190.448682][ T6730] Cannot create hsr debugfs directory
[  190.711483][ T6048] tipc: Disabling bearer <udp:£>
[  190.715196][ T6048] tipc: Left network mode
[  191.596308][ T6952] netlink: 76 bytes leftover after parsing attributes in process `syz.3.329'.
[  193.411582][   T37] kauditd_printk_skb: 253 callbacks suppressed
[  193.411598][   T37] audit: type=1326 audit(1758760021.609:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.411892][   T37] audit: type=1326 audit(1758760021.619:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.420609][   T37] audit: type=1326 audit(1758760021.619:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.420843][   T37] audit: type=1326 audit(1758760021.619:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.421176][   T37] audit: type=1326 audit(1758760021.619:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.421790][   T37] audit: type=1326 audit(1758760021.629:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.422062][   T37] audit: type=1326 audit(1758760021.629:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6978 comm="syz.4.338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  193.424398][ T6963] IPVS: Error connecting to the multicast addr
[  193.819932][ T6989] netlink: 4 bytes leftover after parsing attributes in process `syz.4.341'.
[  194.278178][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  194.278253][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  194.691911][ T7004] 9pnet_fd: Insufficient options for proto=fd
[  195.554793][ T6048] hsr_slave_0: left promiscuous mode
[  196.273001][ T6048] hsr_slave_1: left promiscuous mode
[  196.301856][ T6048] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  196.301932][ T6048] batman_adv: batadv0: Removing interface: batadv_slave_0
[  196.338969][ T6048] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  196.338998][ T6048] batman_adv: batadv0: Removing interface: batadv_slave_1
[  196.737971][ T6048] veth1_macvtap: left promiscuous mode
[  196.738121][ T6048] veth0_macvtap: left promiscuous mode
[  198.721940][ T6048] team0 (unregistering): Port device team_slave_1 removed
[  198.912275][ T6048] team0 (unregistering): Port device team_slave_0 removed
[  200.946503][   T43] smc: removing ib device syz2
[  201.010602][ T7016] IPVS: Error connecting to the multicast addr
[  201.022137][ T5848] lo speed is unknown, defaulting to 1000
[  201.022167][ T5848] syz2: Port: 1 Link DOWN
[  201.192285][ T7033] netlink: 4 bytes leftover after parsing attributes in process `syz.0.353'.
[  201.386277][ T7036] 9pnet: Could not find request transport: fd0x0000000000000004
[  202.038902][ T6730] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  202.137255][ T6730] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  202.254293][ T6730] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  202.364837][ T6730] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  202.752726][ T7042] warn_alloc: 3 callbacks suppressed
[  202.752744][ T7042] syz.4.356: vmalloc error: size 268439552, failed to allocated page array size 524296, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  202.752880][ T7042] CPU: 1 UID: 0 PID: 7042 Comm: syz.4.356 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  202.752903][ T7042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  202.752915][ T7042] Call Trace:
[  202.752922][ T7042]  <TASK>
[  202.752930][ T7042]  dump_stack_lvl+0x189/0x250
[  202.752965][ T7042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.752992][ T7042]  ? __pfx__printk+0x10/0x10
[  202.753013][ T7042]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  202.753035][ T7042]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  202.753058][ T7042]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  202.753082][ T7042]  warn_alloc+0x22e/0x3b0
[  202.753111][ T7042]  ? __pfx_warn_alloc+0x10/0x10
[  202.753139][ T7042]  ? __get_vm_area_node+0x2bc/0x350
[  202.753168][ T7042]  ? xskq_create+0xbf/0x170
[  202.753198][ T7042]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  202.753255][ T7042]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  202.753292][ T7042]  ? __kasan_kmalloc+0x93/0xb0
[  202.753319][ T7042]  vmalloc_user_noprof+0xad/0xf0
[  202.753347][ T7042]  ? xskq_create+0xbf/0x170
[  202.753376][ T7042]  xskq_create+0xbf/0x170
[  202.753406][ T7042]  xsk_init_queue+0xb0/0x110
[  202.753436][ T7042]  xsk_setsockopt+0x57b/0x8d0
[  202.753465][ T7042]  ? __pfx_xsk_setsockopt+0x10/0x10
[  202.753498][ T7042]  ? __fget_files+0x2a/0x420
[  202.753527][ T7042]  ? __fget_files+0x2a/0x420
[  202.753552][ T7042]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  202.753571][ T7042]  ? __pfx_xsk_setsockopt+0x10/0x10
[  202.753597][ T7042]  do_sock_setsockopt+0x179/0x1b0
[  202.753632][ T7042]  __x64_sys_setsockopt+0x145/0x1b0
[  202.753656][ T7042]  do_syscall_64+0xfa/0x3b0
[  202.753674][ T7042]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.753701][ T7042]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.753721][ T7042]  ? clear_bhb_loop+0x60/0xb0
[  202.753745][ T7042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.753763][ T7042] RIP: 0033:0x7feeff69eec9
[  202.753780][ T7042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.753796][ T7042] RSP: 002b:00007feefd906038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  202.753822][ T7042] RAX: ffffffffffffffda RBX: 00007feeff8f5fa0 RCX: 00007feeff69eec9
[  202.753837][ T7042] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000006
[  202.753848][ T7042] RBP: 00007feeff721f91 R08: 0000000000000004 R09: 0000000000000000
[  202.753861][ T7042] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000000
[  202.753872][ T7042] R13: 00007feeff8f6038 R14: 00007feeff8f5fa0 R15: 00007ffd310bc828
[  202.753903][ T7042]  </TASK>
[  202.753910][ T7042] Mem-Info:
[  202.753918][ T7042] active_anon:255 inactive_anon:4510 isolated_anon:0
[  202.753918][ T7042]  active_file:5539 inactive_file:37815 isolated_file:0
[  202.753918][ T7042]  unevictable:768 dirty:162 writeback:0
[  202.753918][ T7042]  slab_reclaimable:11612 slab_unreclaimable:103974
[  202.753918][ T7042]  mapped:29464 shmem:1355 pagetables:1223
[  202.753918][ T7042]  sec_pagetables:0 bounce:0
[  202.753918][ T7042]  kernel_misc_reclaimable:0
[  202.753918][ T7042]  free:1327202 free_pcp:6465 free_cma:0
[  202.753970][ T7042] Node 0 active_anon:1020kB inactive_anon:18040kB active_file:21956kB inactive_file:151260kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:117856kB dirty:648kB writeback:0kB shmem:3884kB kernel_stack:12680kB pagetables:4776kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.754015][ T7042] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  202.754057][ T7042] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.754110][ T7042] lowmem_reserve[]: 0 2512 2513 2513 2513
[  202.754143][ T7042] Node 0 DMA32 free:1398608kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1016kB inactive_anon:18000kB active_file:20936kB inactive_file:151192kB unevictable:1536kB writepending:648kB present:3129332kB managed:2572288kB mlocked:0kB bounce:0kB free_pcp:25860kB local_pcp:18356kB free_cma:0kB
[  202.754200][ T7042] lowmem_reserve[]: 0 0 1 1 1
[  202.754228][ T7042] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.754279][ T7042] lowmem_reserve[]: 0 0 0 0 0
[  202.754311][ T7042] Node 1 Normal free:3894840kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  202.754365][ T7042] lowmem_reserve[]: 0 0 0 0 0
[  202.754397][ T7042] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  202.754655][ T7042] Node 0 DMA32: 732*4kB (UME) 393*8kB (UME) 215*16kB (UME) 163*32kB (ME) 85*64kB (ME) 213*128kB (UME) 138*256kB (UME) 50*512kB (UM) 20*1024kB (UME) 4*2048kB (UM) 308*4096kB (UM) = 1398600kB
[  202.754816][ T7042] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  202.754907][ T7042] Node 1 Normal: 194*4kB (UE) 44*8kB (UME) 35*16kB (UME) 189*32kB (UME) 90*64kB (UME) 35*128kB (UME) 10*256kB (UME) 5*512kB (UM) 3*1024kB (UME) 1*2048kB (E) 944*4096kB (UM) = 3894840kB
[  202.755068][ T7042] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  202.755084][ T7042] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  202.755100][ T7042] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  202.755124][ T7042] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  202.755140][ T7042] 44705 total pagecache pages
[  202.811503][ T7042] 0 pages in swap cache
[  202.811514][ T7042] Free swap  = 124996kB
[  202.811522][ T7042] Total swap = 124996kB
[  202.811530][ T7042] 2097051 pages RAM
[  202.811536][ T7042] 0 pages HighMem/MovableOnly
[  202.811543][ T7042] 422081 pages reserved
[  202.811550][ T7042] 0 pages cma reserved
[  203.393868][ T6730] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.514619][ T7063] IPVS: Error connecting to the multicast addr
[  203.625938][ T6730] 8021q: adding VLAN 0 to HW filter on device team0
[  203.687031][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[  203.687187][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[  203.764839][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  203.765386][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.059621][ T7069] netlink: 4 bytes leftover after parsing attributes in process `syz.1.364'.
[  205.761477][ T7071] 9pnet: Could not find request transport: fd0x0000000000000004
[  206.753103][ T7078] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  206.753147][ T7078] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  206.753166][ T7078] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  209.276876][ T7099] netlink: 'syz.0.372': attribute type 3 has an invalid length.
[  209.276937][ T7099] netlink: 'syz.0.372': attribute type 1 has an invalid length.
[  209.276991][ T7099] netlink: 220 bytes leftover after parsing attributes in process `syz.0.372'.
[  209.849076][ T6730] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.037863][ T7125] netlink: 8 bytes leftover after parsing attributes in process `syz.3.378'.
[  210.048687][ T7117] 9pnet: Could not find request transport: fd0x0000000000000004
[  210.304954][ T7140] syzkaller1: entered promiscuous mode
[  210.304985][ T7140] syzkaller1: entered allmulticast mode
[  211.646266][ T7153] IPVS: Error connecting to the multicast addr
[  211.715238][ T6730] veth0_vlan: entered promiscuous mode
[  211.733281][ T6730] veth1_vlan: entered promiscuous mode
[  211.784364][ T6730] veth0_macvtap: entered promiscuous mode
[  211.798096][ T6730] veth1_macvtap: entered promiscuous mode
[  211.827254][ T6730] batman_adv: batadv0: Interface activated: batadv_slave_0
[  211.845117][ T6730] batman_adv: batadv0: Interface activated: batadv_slave_1
[  211.860754][ T7108] Bluetooth: hci0: command 0x0406 tx timeout
[  211.860788][ T7108] Bluetooth: hci1: command 0x0406 tx timeout
[  211.860812][ T7108] Bluetooth: hci2: command 0x0406 tx timeout
[  211.860833][ T7108] Bluetooth: hci4: command 0x0406 tx timeout
[  212.527668][ T7162] 9pnet_fd: Insufficient options for proto=fd
[  212.607399][ T7158] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  212.607780][ T6044] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.608990][ T6044] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.609032][ T6044] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.609066][ T6044] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.672733][ T7158] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  212.842766][ T7172] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'.
[  213.230451][ T6044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.230469][ T6044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.388319][ T7192] IPVS: Error connecting to the multicast addr
[  213.400714][   T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.400732][   T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.543419][ T7194] 9pnet_fd: Insufficient options for proto=fd
[  214.250160][ T7209] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  214.266343][ T7209] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  214.547375][ T7224] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  214.566132][ T7222] IPVS: Error connecting to the multicast addr
[  214.696681][ T7228] 9pnet_fd: Insufficient options for proto=fd
[  214.871370][   T10] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  215.087853][   T10] usb 6-1: Using ep0 maxpacket: 32
[  215.602640][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  215.604595][   T10] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  215.604610][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.604621][   T10] usb 6-1: Product: syz
[  215.604692][   T10] usb 6-1: Manufacturer: syz
[  215.604701][   T10] usb 6-1: SerialNumber: syz
[  215.609468][   T10] usb 6-1: config 0 descriptor??
[  216.136241][   T10] gs_usb 6-1:0.0: Configuring for 1 interfaces
[  216.696301][ T7249] tipc: Started in network mode
[  216.696320][ T7249] tipc: Node identity 7f000001, cluster identity 4711
[  216.705410][ T7249] tipc: Enabled bearer <udp:syz2>, priority 10
[  216.736119][ T7249] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  216.737189][ T7249] tipc: Enabled bearer <udp:syz0>, priority 10
[  216.881641][   T10] gs_usb 6-1:0.0: Disabling termination support for channel 0 (-EPIPE)
[  217.194627][    T9] usb 6-1: USB disconnect, device number 2
[  217.312511][ T7260] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  217.436006][ T7265] netlink: 64 bytes leftover after parsing attributes in process `syz.3.425'.
[  217.445888][ T7267] 9pnet_fd: Insufficient options for proto=fd
[  217.687600][ T7277] Failed to get privilege flags for destination (handle=0x2:0x0)
[  217.811425][    T9] tipc: Node number set to 2130706433
[  219.318259][ T7295] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  219.401440][ T7297] 9pnet_fd: Insufficient options for proto=fd
[  219.541606][ T7299] netlink: 'syz.0.438': attribute type 3 has an invalid length.
[  219.541627][ T7299] netlink: 'syz.0.438': attribute type 1 has an invalid length.
[  219.541647][ T7299] netlink: 220 bytes leftover after parsing attributes in process `syz.0.438'.
[  219.681201][ T7305] netlink: 64 bytes leftover after parsing attributes in process `syz.5.441'.
[  220.205157][ T7315] netlink: 4 bytes leftover after parsing attributes in process `syz.3.446'.
[  220.859724][ T7324] 9pnet_fd: Insufficient options for proto=fd
[  221.664608][ T7346] netlink: 20 bytes leftover after parsing attributes in process `syz.5.458'.
[  221.723619][ T7347] netlink: 28 bytes leftover after parsing attributes in process `syz.0.457'.
[  222.303955][ T7354] IPVS: Error connecting to the multicast addr
[  223.313279][ T7378] netlink: 20 bytes leftover after parsing attributes in process `syz.0.469'.
[  223.735312][ T7385] netlink: 28 bytes leftover after parsing attributes in process `syz.0.472'.
[  226.689463][ T7420] netlink: 12 bytes leftover after parsing attributes in process `syz.5.485'.
[  228.545919][ T7452] netlink: 12 bytes leftover after parsing attributes in process `syz.1.498'.
[  229.479520][ T7464] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  230.710466][    T9] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  230.722665][    T9] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  232.077310][ T7487] netlink: 12 bytes leftover after parsing attributes in process `syz.1.509'.
[  233.346859][ T7507] IPVS: Error connecting to the multicast addr
[  239.528557][ T7535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[  242.719663][   T37] audit: type=1326 audit(1758760070.919:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297ac0eec9 code=0x7ffc0000
[  242.719720][   T37] audit: type=1326 audit(1758760070.919:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f297ac0eec9 code=0x7ffc0000
[  242.719760][   T37] audit: type=1326 audit(1758760070.919:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297ac0eec9 code=0x7ffc0000
[  242.719801][   T37] audit: type=1326 audit(1758760070.919:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f297ac0eec9 code=0x7ffc0000
[  242.719840][   T37] audit: type=1326 audit(1758760070.919:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7560 comm="syz.1.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f297ac0eec9 code=0x7ffc0000
[  243.431363][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.735920][    C0] vkms_vblank_simulate: vblank timer overrun
[  243.783363][ T7578] netlink: 'syz.1.539': attribute type 2 has an invalid length.
[  244.283273][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.395114][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.535041][ T7585] ip6erspan0: entered allmulticast mode
[  244.794307][   T37] audit: type=1326 audit(1758760072.999:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  244.794668][   T37] audit: type=1326 audit(1758760072.999:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  244.795261][   T37] audit: type=1326 audit(1758760072.999:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  244.796393][   T37] audit: type=1326 audit(1758760072.999:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  244.796657][   T37] audit: type=1326 audit(1758760072.999:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7597 comm="syz.4.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  247.129639][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.207899][ T7623] IPVS: Error connecting to the multicast addr
[  247.208113][ T7627] netlink: 'syz.1.555': attribute type 2 has an invalid length.
[  248.811476][   T37] kauditd_printk_skb: 5 callbacks suppressed
[  248.811492][   T37] audit: type=1326 audit(1758760077.009:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  248.861446][   T37] audit: type=1326 audit(1758760077.019:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  248.861493][   T37] audit: type=1326 audit(1758760077.059:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  248.918440][   T37] audit: type=1326 audit(1758760077.119:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  248.920323][   T37] audit: type=1326 audit(1758760077.119:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  248.920372][   T37] audit: type=1326 audit(1758760077.119:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7666 comm="syz.0.571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  251.334496][ T7682] netlink: 'syz.4.577': attribute type 2 has an invalid length.
[  252.210798][ T7693] 9pnet_fd: Insufficient options for proto=fd
[  252.593649][   T37] audit: type=1326 audit(1758760080.799:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.5.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  252.594192][   T37] audit: type=1326 audit(1758760080.799:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.5.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  252.594484][   T37] audit: type=1326 audit(1758760080.799:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.5.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  252.594992][   T37] audit: type=1326 audit(1758760080.799:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7699 comm="syz.5.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  253.832397][ T7727] 9pnet_fd: Insufficient options for proto=fd
[  253.850832][   T37] kauditd_printk_skb: 2 callbacks suppressed
[  253.850843][   T37] audit: type=1326 audit(1758760082.049:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7728 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  253.850909][   T37] audit: type=1326 audit(1758760082.049:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7728 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  253.850933][   T37] audit: type=1326 audit(1758760082.049:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7728 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  253.850954][   T37] audit: type=1326 audit(1758760082.049:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7728 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  253.850975][   T37] audit: type=1326 audit(1758760082.049:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7728 comm="syz.3.594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6650e4eec9 code=0x7ffc0000
[  254.316440][ T7711] syz.1.586: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  254.316520][ T7711] CPU: 0 UID: 0 PID: 7711 Comm: syz.1.586 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  254.316544][ T7711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  254.316556][ T7711] Call Trace:
[  254.316564][ T7711]  <TASK>
[  254.316573][ T7711]  dump_stack_lvl+0x189/0x250
[  254.316610][ T7711]  ? __pfx_dump_stack_lvl+0x10/0x10
[  254.316640][ T7711]  ? __pfx__printk+0x10/0x10
[  254.316668][ T7711]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  254.316691][ T7711]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  254.316714][ T7711]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  254.316738][ T7711]  warn_alloc+0x22e/0x3b0
[  254.316775][ T7711]  ? __pfx_warn_alloc+0x10/0x10
[  254.316805][ T7711]  ? __get_vm_area_node+0x2bc/0x350
[  254.316833][ T7711]  ? hash_netport4_resize+0x235/0x1b70
[  254.316858][ T7711]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  254.316886][ T7711]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.316936][ T7711]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  254.316969][ T7711]  ? rcu_is_watching+0x15/0xb0
[  254.317007][ T7711]  __kvmalloc_node_noprof+0x330/0x550
[  254.317036][ T7711]  ? hash_netport4_resize+0x235/0x1b70
[  254.317053][ T7711]  ? hash_netport4_resize+0x235/0x1b70
[  254.317085][ T7711]  hash_netport4_resize+0x235/0x1b70
[  254.317104][ T7711]  ? hash_netport4_uadt+0xc9a/0xf30
[  254.317129][ T7711]  ? __pfx_hash_netport4_add+0x10/0x10
[  254.317177][ T7711]  call_ad+0x3c8/0x9c0
[  254.317211][ T7711]  ? __pfx_call_ad+0x10/0x10
[  254.317251][ T7711]  ? __nla_parse+0x40/0x60
[  254.317274][ T7711]  ip_set_ad+0x797/0x940
[  254.317308][ T7711]  ? __pfx_ip_set_ad+0x10/0x10
[  254.317329][ T7711]  ? do_raw_spin_lock+0x121/0x290
[  254.317393][ T7711]  nfnetlink_rcv_msg+0xb66/0x1150
[  254.317417][ T7711]  ? __lock_acquire+0xab9/0xd20
[  254.317441][ T7711]  ? nfnetlink_rcv_msg+0x212/0x1150
[  254.317485][ T7711]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  254.317536][ T7711]  ? __pfx_migrate_enable+0x10/0x10
[  254.317560][ T7711]  ? __pfx_migrate_enable+0x10/0x10
[  254.317602][ T7711]  netlink_rcv_skb+0x205/0x470
[  254.317630][ T7711]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  254.317655][ T7711]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  254.317694][ T7711]  ? bpf_lsm_capable+0x9/0x20
[  254.317718][ T7711]  ? security_capable+0x7e/0x2e0
[  254.317753][ T7711]  nfnetlink_rcv+0x26a/0x2530
[  254.317780][ T7711]  ? __dev_queue_xmit+0x1d3d/0x3b70
[  254.317811][ T7711]  ? __dev_queue_xmit+0x26f/0x3b70
[  254.317848][ T7711]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  254.317871][ T7711]  ? __pfx___dev_queue_xmit+0x10/0x10
[  254.317907][ T7711]  ? ref_tracker_free+0x61e/0x7c0
[  254.317937][ T7711]  ? __asan_memcpy+0x40/0x70
[  254.317958][ T7711]  ? __pfx_ref_tracker_free+0x10/0x10
[  254.317983][ T7711]  ? __skb_clone+0x63/0x7a0
[  254.318008][ T7711]  ? __skb_clone+0x483/0x7a0
[  254.318035][ T7711]  ? skb_clone+0x246/0x3a0
[  254.318064][ T7711]  ? __netlink_deliver_tap+0x807/0x850
[  254.318091][ T7711]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.318125][ T7711]  ? netlink_deliver_tap+0x2e/0x1b0
[  254.318160][ T7711]  netlink_unicast+0x843/0xa10
[  254.318194][ T7711]  ? __pfx_netlink_unicast+0x10/0x10
[  254.318222][ T7711]  ? netlink_sendmsg+0x642/0xb30
[  254.318248][ T7711]  ? skb_put+0x11b/0x210
[  254.318290][ T7711]  netlink_sendmsg+0x805/0xb30
[  254.318327][ T7711]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.318364][ T7711]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  254.318383][ T7711]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.318413][ T7711]  __sock_sendmsg+0x21c/0x270
[  254.318442][ T7711]  ____sys_sendmsg+0x508/0x820
[  254.318467][ T7711]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.318497][ T7711]  ? import_iovec+0x74/0xa0
[  254.318526][ T7711]  ___sys_sendmsg+0x21f/0x2a0
[  254.318549][ T7711]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.318607][ T7711]  ? __fget_files+0x2a/0x420
[  254.318633][ T7711]  ? __fget_files+0x3a6/0x420
[  254.318671][ T7711]  __x64_sys_sendmsg+0x1a1/0x260
[  254.318694][ T7711]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  254.318726][ T7711]  ? do_user_addr_fault+0xc8a/0x1390
[  254.318756][ T7711]  ? do_syscall_64+0xbe/0x3b0
[  254.318788][ T7711]  do_syscall_64+0xfa/0x3b0
[  254.318805][ T7711]  ? lockdep_hardirqs_on+0x9c/0x150
[  254.318834][ T7711]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.318853][ T7711]  ? clear_bhb_loop+0x60/0xb0
[  254.318877][ T7711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.318897][ T7711] RIP: 0033:0x7f297ac0eec9
[  254.318916][ T7711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.318931][ T7711] RSP: 002b:00007f2978e55038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.318951][ T7711] RAX: ffffffffffffffda RBX: 00007f297ae66090 RCX: 00007f297ac0eec9
[  254.318966][ T7711] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000004
[  254.318979][ T7711] RBP: 00007f297ac91f91 R08: 0000000000000000 R09: 0000000000000000
[  254.318991][ T7711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.319004][ T7711] R13: 00007f297ae66128 R14: 00007f297ae66090 R15: 00007ffd203acb78
[  254.319037][ T7711]  </TASK>
[  254.319045][ T7711] Mem-Info:
[  254.319054][ T7711] active_anon:255 inactive_anon:6284 isolated_anon:0
[  254.319054][ T7711]  active_file:5580 inactive_file:37794 isolated_file:0
[  254.319054][ T7711]  unevictable:3087 dirty:119 writeback:0
[  254.319054][ T7711]  slab_reclaimable:11871 slab_unreclaimable:104094
[  254.319054][ T7711]  mapped:32820 shmem:4870 pagetables:1289
[  254.319054][ T7711]  sec_pagetables:0 bounce:0
[  254.319054][ T7711]  kernel_misc_reclaimable:0
[  254.319054][ T7711]  free:1332326 free_pcp:5007 free_cma:0
[  254.319115][ T7711] Node 0 active_anon:1020kB inactive_anon:25136kB active_file:22120kB inactive_file:151176kB unevictable:10812kB isolated(anon):0kB isolated(file):0kB mapped:131280kB dirty:476kB writeback:0kB shmem:17944kB kernel_stack:12856kB pagetables:5040kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  254.319162][ T7711] Node 1 active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:116kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  254.319206][ T7711] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  254.319264][ T7711] lowmem_reserve[]: 0 2512 2513 2513 2513
[  254.319300][ T7711] Node 0 DMA32 free:1419104kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1016kB inactive_anon:25096kB active_file:21100kB inactive_file:151108kB unevictable:10812kB writepending:476kB present:3129332kB managed:2572288kB mlocked:9260kB bounce:0kB free_pcp:20016kB local_pcp:13044kB free_cma:0kB
[  254.319367][ T7711] lowmem_reserve[]: 0 0 1 1 1
[  254.319400][ T7711] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:40kB active_file:1020kB inactive_file:68kB unevictable:0kB writepending:0kB present:1048580kB managed:1132kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  254.319457][ T7711] lowmem_reserve[]: 0 0 0 0 0
[  254.319489][ T7711] Node 1 Normal free:3894840kB boost:0kB min:6364kB low:10472kB high:14580kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:200kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  254.319547][ T7711] lowmem_reserve[]: 0 0 0 0 0
[  254.319578][ T7711] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  254.319694][ T7711] Node 0 DMA32: 177*4kB (UE) 1252*8kB (U) 259*16kB (UE) 131*32kB (UME) 212*64kB (UME) 247*128kB (UM) 144*256kB (UM) 54*512kB (UM) 20*1024kB (UM) 4*2048kB (UM) 308*4096kB (UM) = 1418996kB
[  254.319849][ T7711] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  254.319948][ T7711] Node 1 Normal: 194*4kB (UE) 44*8kB (UME) 35*16kB (UME) 189*32kB (UME) 90*64kB (UME) 35*128kB (UME) 10*256kB (UME) 5*512kB (UM) 3*1024kB (UME) 1*2048kB (E) 944*4096kB (UM) = 3894840kB
[  254.320125][ T7711] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  254.320142][ T7711] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  254.320159][ T7711] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  254.320175][ T7711] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  254.320191][ T7711] 48240 total pagecache pages
[  254.320199][ T7711] 0 pages in swap cache
[  254.320206][ T7711] Free swap  = 124996kB
[  254.320213][ T7711] Total swap = 124996kB
[  254.320221][ T7711] 2097051 pages RAM
[  254.320228][ T7711] 0 pages HighMem/MovableOnly
[  254.320235][ T7711] 422081 pages reserved
[  254.320242][ T7711] 0 pages cma reserved
[  255.799784][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  255.799856][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  257.762436][ T7755] netlink: 24 bytes leftover after parsing attributes in process `syz.0.602'.
[  258.084630][   T37] audit: type=1326 audit(1758760086.289:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.5.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  258.084677][   T37] audit: type=1326 audit(1758760086.289:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.5.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  258.084714][   T37] audit: type=1326 audit(1758760086.289:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.5.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  258.084750][   T37] audit: type=1326 audit(1758760086.289:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.5.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  258.084787][   T37] audit: type=1326 audit(1758760086.289:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7762 comm="syz.5.605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f030c9feec9 code=0x7ffc0000
[  258.346634][ T7768] 9pnet_fd: Insufficient options for proto=fd
[  258.756667][ T7773] netlink: 72 bytes leftover after parsing attributes in process `syz.0.609'.
[  261.237346][ T7794] netlink: 24 bytes leftover after parsing attributes in process `syz.5.616'.
[  262.518497][   T37] kauditd_printk_skb: 3 callbacks suppressed
[  262.518514][   T37] audit: type=1326 audit(1758760090.719:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.518557][   T37] audit: type=1326 audit(1758760090.719:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.519212][   T37] audit: type=1326 audit(1758760090.719:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.519255][   T37] audit: type=1326 audit(1758760090.719:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.519294][   T37] audit: type=1326 audit(1758760090.719:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.519643][   T37] audit: type=1326 audit(1758760090.719:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.520055][   T37] audit: type=1326 audit(1758760090.719:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.520095][   T37] audit: type=1326 audit(1758760090.719:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7795 comm="syz.4.618" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  262.840974][ T7805] netlink: 72 bytes leftover after parsing attributes in process `syz.4.622'.
[  263.722457][ T7822] netlink: 24 bytes leftover after parsing attributes in process `syz.4.629'.
[  263.736330][ T7826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.631'.
[  264.336252][   T37] audit: type=1326 audit(1758760092.539:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7832 comm="syz.4.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  264.336780][   T37] audit: type=1326 audit(1758760092.539:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7832 comm="syz.4.632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  264.430637][ T7827] pim6reg1: entered promiscuous mode
[  264.430666][ T7827] pim6reg1: entered allmulticast mode
[  265.810510][ T7843] netlink: 72 bytes leftover after parsing attributes in process `syz.4.636'.
[  265.962977][ T7849] netlink: 4 bytes leftover after parsing attributes in process `syz.3.637'.
[  267.700176][ T7862] netlink: 8 bytes leftover after parsing attributes in process `syz.3.643'.
[  267.812359][ T7865] netlink: 24 bytes leftover after parsing attributes in process `syz.4.642'.
[  269.193519][ T7876] netlink: 72 bytes leftover after parsing attributes in process `syz.4.649'.
[  270.898512][   T37] kauditd_printk_skb: 3 callbacks suppressed
[  270.898528][   T37] audit: type=1326 audit(1758760099.079:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7894 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  270.898573][   T37] audit: type=1326 audit(1758760099.099:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7894 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  270.898612][   T37] audit: type=1326 audit(1758760099.099:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7894 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  270.898650][   T37] audit: type=1326 audit(1758760099.099:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7894 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  270.898689][   T37] audit: type=1326 audit(1758760099.099:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7894 comm="syz.0.653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11afd8eec9 code=0x7ffc0000
[  271.767433][ T7912] netlink: 24 bytes leftover after parsing attributes in process `syz.1.659'.
[  273.128224][ T7919] netlink: 72 bytes leftover after parsing attributes in process `syz.1.661'.
[  273.975422][ T7933] pim6reg1: entered promiscuous mode
[  273.975450][ T7933] pim6reg1: entered allmulticast mode
[  274.199202][ T7937] netlink: 'syz.4.668': attribute type 3 has an invalid length.
[  274.199276][ T7937] netlink: 'syz.4.668': attribute type 1 has an invalid length.
[  274.199341][ T7937] netlink: 220 bytes leftover after parsing attributes in process `syz.4.668'.
[  281.869537][ T7978] mmap: syz.1.680 (7978) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  281.985257][ T7987] netlink: 'syz.4.681': attribute type 3 has an invalid length.
[  281.985271][ T7987] netlink: 'syz.4.681': attribute type 1 has an invalid length.
[  281.985277][ T7987] netlink: 220 bytes leftover after parsing attributes in process `syz.4.681'.
[  282.738664][ T7978] 9pnet_fd: Insufficient options for proto=fd
[  283.123157][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.325531][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.764236][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.786990][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.893538][    T9] IPVS: starting estimator thread 0...
[  285.274505][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.426665][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.613412][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.637662][ T8005] IPVS: using max 6 ests per chain, 14400 per kthread
[  286.005065][    C1] vkms_vblank_simulate: vblank timer overrun
[  286.222085][    C1] vkms_vblank_simulate: vblank timer overrun
[  286.884192][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.269892][ T8018] netlink: 4 bytes leftover after parsing attributes in process `syz.5.691'.
[  290.654756][ T8035] netlink: 'syz.4.696': attribute type 3 has an invalid length.
[  290.654830][ T8035] netlink: 'syz.4.696': attribute type 1 has an invalid length.
[  290.654895][ T8035] netlink: 220 bytes leftover after parsing attributes in process `syz.4.696'.
[  292.230255][ T8022] ip6erspan0: entered allmulticast mode
[  293.510461][ T7419] IPVS: starting estimator thread 0...
[  293.611505][ T8058] IPVS: using max 8 ests per chain, 19200 per kthread
[  294.139587][ T8070] netlink: 'syz.4.708': attribute type 3 has an invalid length.
[  294.139652][ T8070] netlink: 'syz.4.708': attribute type 1 has an invalid length.
[  294.139830][ T8070] netlink: 220 bytes leftover after parsing attributes in process `syz.4.708'.
[  300.111764][   T60] Bluetooth: hci5: command 0x0406 tx timeout
[  300.123272][ T5848] IPVS: starting estimator thread 0...
[  300.211373][ T8101] IPVS: using max 13 ests per chain, 31200 per kthread
[  304.432648][ T8122] netlink: 'syz.1.723': attribute type 3 has an invalid length.
[  304.432744][ T8122] netlink: 'syz.1.723': attribute type 1 has an invalid length.
[  304.432798][ T8122] netlink: 220 bytes leftover after parsing attributes in process `syz.1.723'.
[  305.115245][ T8125] netfs: Couldn't get user pages (rc=-14)
[  305.115264][ T8125] netfs: Zero-sized read [R=1]
[  308.221470][ T8120] IPVS: starting estimator thread 0...
[  308.325395][ T8153] IPVS: using max 7 ests per chain, 16800 per kthread
[  308.771080][ T8164] netlink: 'syz.5.738': attribute type 3 has an invalid length.
[  308.771143][ T8164] netlink: 'syz.5.738': attribute type 1 has an invalid length.
[  308.771258][ T8164] netlink: 220 bytes leftover after parsing attributes in process `syz.5.738'.
[  309.125558][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.285359][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.309844][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.343672][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.441601][    C0] vkms_vblank_simulate: vblank timer overrun
[  309.648664][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.026138][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.182002][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.596414][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.905432][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.053263][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.073707][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.140939][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.686975][    C0] vkms_vblank_simulate: vblank timer overrun
[  312.425527][    C0] vkms_vblank_simulate: vblank timer overrun
[  312.633067][    C0] vkms_vblank_simulate: vblank timer overrun
[  313.041052][    C0] vkms_vblank_simulate: vblank timer overrun
[  313.456224][    C0] vkms_vblank_simulate: vblank timer overrun
[  313.607247][ T8205] IPVS: Error connecting to the multicast addr
[  313.943002][ T8212] netlink: 'syz.5.751': attribute type 3 has an invalid length.
[  313.943110][ T8212] netlink: 'syz.5.751': attribute type 1 has an invalid length.
[  313.943170][ T8212] netlink: 220 bytes leftover after parsing attributes in process `syz.5.751'.
[  317.138023][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  317.139817][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  317.428587][ T8258] netlink: 'syz.4.763': attribute type 3 has an invalid length.
[  317.428665][ T8258] netlink: 'syz.4.763': attribute type 1 has an invalid length.
[  317.428796][ T8258] netlink: 220 bytes leftover after parsing attributes in process `syz.4.763'.
[  318.569307][ T8269] 9pnet_fd: Insufficient options for proto=fd
[  318.877999][ T8269] netlink: 88 bytes leftover after parsing attributes in process `syz.4.767'.
[  322.971190][ T8282] syz.5.772 (8282) used greatest stack depth: 17304 bytes left
[  324.252991][   T60] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  324.286272][   T60] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  324.290686][   T60] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  324.306678][   T60] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  324.308042][   T60] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  324.481800][ T8298] net_ratelimit: 10 callbacks suppressed
[  324.483210][ T8298] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  324.484290][ T8298] tipc: Enabled bearer <udp:syz2>, priority 10
[  324.611566][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  324.881853][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  325.398726][ T8292] lo speed is unknown, defaulting to 1000
[  325.411400][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  325.411732][ T8301] netlink: 'syz.1.777': attribute type 3 has an invalid length.
[  325.411743][ T8301] netlink: 'syz.1.777': attribute type 1 has an invalid length.
[  325.411751][ T8301] netlink: 220 bytes leftover after parsing attributes in process `syz.1.777'.
[  325.423798][ T8298] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  326.491387][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  326.491550][   T60] Bluetooth: hci3: command tx timeout
[  327.471336][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  327.531403][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  327.622118][   T10] usb 4-1: Using ep0 maxpacket: 8
[  327.628756][ T8292] chnl_net:caif_netlink_parms(): no params data found
[  327.656552][   T10] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  327.656569][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.656580][   T10] usb 4-1: Product: syz
[  327.656587][   T10] usb 4-1: Manufacturer: syz
[  327.656600][   T10] usb 4-1: SerialNumber: syz
[  327.694285][   T10] usb 4-1: config 0 descriptor??
[  327.733060][   T10] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244)
[  328.211898][   T10] radio-usb-si4713 4-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  328.212454][   T10] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  328.267438][   T10] usb 4-1: USB disconnect, device number 3
[  328.572209][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  328.572352][   T60] Bluetooth: hci3: command tx timeout
[  328.603558][ T8335] netlink: 16 bytes leftover after parsing attributes in process `syz.4.787'.
[  328.647362][  T992] libceph: connect (1)[c::]:6789 error -101
[  328.842299][  T992] libceph: mon0 (1)[c::]:6789 connect error
[  329.884141][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  330.089415][ T8336] ceph: No mds server is up or the cluster is laggy
[  330.259039][ T8292] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.260788][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.261002][ T8292] bridge_slave_0: entered allmulticast mode
[  330.286823][ T8292] bridge_slave_0: entered promiscuous mode
[  330.544180][ T8292] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.544344][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.544584][ T8292] bridge_slave_1: entered allmulticast mode
[  330.548487][ T8292] bridge_slave_1: entered promiscuous mode
[  330.651462][   T60] Bluetooth: hci3: command tx timeout
[  330.901775][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  331.039107][ T8292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.039999][ T8349] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  331.060116][ T8292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.445408][ T8292] team0: Port device team_slave_0 added
[  331.471396][ T8292] team0: Port device team_slave_1 added
[  331.931985][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  332.181603][ T8292] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.181620][ T8292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.181646][ T8292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.559794][ T8292] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.559812][ T8292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.559838][ T8292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.999541][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  333.001150][   T60] Bluetooth: hci3: command tx timeout
[  333.460693][ T8374] IPVS: Error connecting to the multicast addr
[  333.626198][ T8292] hsr_slave_0: entered promiscuous mode
[  333.641822][ T8292] hsr_slave_1: entered promiscuous mode
[  333.642756][ T8292] debugfs: 'hsr0' already exists in 'hsr'
[  333.642779][ T8292] Cannot create hsr debugfs directory
[  334.052810][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  334.127518][   T60] Bluetooth: hci5: unexpected event for opcode 0x2006
[  335.921732][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  336.972139][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  338.021594][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  338.380077][ T8292] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  338.914760][ T8292] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  339.051829][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  339.118211][ T8292] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  339.399970][ T8292] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  339.563823][   T37] audit: type=1326 audit(1758760167.769:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.563853][   T37] audit: type=1326 audit(1758760167.769:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.564095][   T37] audit: type=1326 audit(1758760167.769:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.564243][   T37] audit: type=1326 audit(1758760167.769:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.564402][   T37] audit: type=1326 audit(1758760167.769:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.564762][   T37] audit: type=1326 audit(1758760167.769:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.565094][   T37] audit: type=1326 audit(1758760167.769:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.565449][   T37] audit: type=1326 audit(1758760167.769:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.571779][   T37] audit: type=1326 audit(1758760167.779:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  339.577708][   T37] audit: type=1326 audit(1758760167.779:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8422 comm="syz.4.813" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feeff69eec9 code=0x7ffc0000
[  340.101464][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  340.425507][ T8292] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.520109][ T8292] 8021q: adding VLAN 0 to HW filter on device team0
[  340.549915][ T1495] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.550039][ T1495] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.643350][ T6045] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.643502][ T6045] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.651537][   T10] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  340.828881][   T10] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  340.828912][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.828931][   T10] usb 6-1: Product: syz
[  340.828945][   T10] usb 6-1: Manufacturer: syz
[  340.828959][   T10] usb 6-1: SerialNumber: syz
[  340.884114][   T10] usb 6-1: config 0 descriptor??
[  341.061485][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  341.132091][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  341.244800][ T8446] usb usb8: usbfs: process 8446 (syz.3.820) did not claim interface 0 before use
[  342.061430][    T9] usb 2-1: Using ep0 maxpacket: 8
[  342.066577][    T9] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  342.066601][    T9] usb 2-1: config 0 has no interface number 0
[  342.070543][    T9] usb 2-1: New USB device found, idVendor=0572, idProduct=1328, bcdDevice=db.7b
[  342.070572][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.070592][    T9] usb 2-1: Product: syz
[  342.070607][    T9] usb 2-1: Manufacturer: syz
[  342.070620][    T9] usb 2-1: SerialNumber: syz
[  342.153762][    T9] usb 2-1: config 0 descriptor??
[  342.171502][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  342.435403][ T5848] usb 2-1: USB disconnect, device number 3
[  343.212351][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  343.253599][ T8292] 8021q: adding VLAN 0 to HW filter on device batadv0
[  343.482674][   T10] usb 6-1: USB disconnect, device number 3
[  343.623906][ T8470] capability: warning: `syz.3.828' uses 32-bit capabilities (legacy support in use)
[  344.251413][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  344.391383][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  344.646257][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.646315][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.646337][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  344.646378][   T10] usb 4-1: New USB device found, idVendor=0c70, idProduct=f012, bcdDevice= 0.00
[  344.646399][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.762259][ T8292] veth0_vlan: entered promiscuous mode
[  344.769994][   T10] usb 4-1: config 0 descriptor??
[  344.880392][ T8292] veth1_vlan: entered promiscuous mode
[  345.119885][ T8292] veth0_macvtap: entered promiscuous mode
[  345.182522][ T8292] veth1_macvtap: entered promiscuous mode
[  345.294507][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  345.394007][ T8292] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.499786][ T8292] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.533539][   T10] usbhid 4-1:0.0: can't add hid device: -71
[  345.533660][   T10] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  345.573122][ T1495] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.581719][   T10] usb 4-1: USB disconnect, device number 4
[  345.606976][   T43] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.689801][   T43] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.713632][   T43] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.331422][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  346.376696][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.376708][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  346.493794][ T6045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.493816][ T6045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.371952][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  347.837458][ T8501] syzkaller0: create flow: hash 2411583160 index 1
[  349.047492][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  350.105379][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  350.920269][ T8520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.840'.
[  351.133278][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  351.461044][ T6045] syzkaller0: tun_net_xmit 76
[  351.468734][ T6045] syzkaller0: tun_net_xmit 48
[  351.481674][ T7419] syzkaller0: tun_net_xmit 76
[  351.732033][ T8495] syzkaller0: delete flow: hash 2411583160 index 1
[  352.001365][  T990] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  352.170811][  T990] usb 6-1: Using ep0 maxpacket: 8
[  352.181972][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  352.186244][  T990] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  352.186260][  T990] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.186271][  T990] usb 6-1: Product: syz
[  352.186278][  T990] usb 6-1: Manufacturer: syz
[  352.186285][  T990] usb 6-1: SerialNumber: syz
[  352.208190][  T990] usb 6-1: config 0 descriptor??
[  352.263280][  T990] gspca_main: se401-2.14.0 probing 047d:5003
[  352.918735][  T990] gspca_se401: ExtraFeatures: 255
[  352.918752][  T990] gspca_se401: Too many frame sizes
[  353.150496][    T9] usb 6-1: USB disconnect, device number 4
[  353.211402][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  354.252395][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  355.291406][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  356.423074][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  357.454417][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  358.496507][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  359.531436][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  360.572039][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  362.049728][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  363.051949][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  364.074600][ T5847] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  364.097396][ T5847] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  364.101412][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  364.127448][ T5847] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  364.161564][ T5847] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  364.162475][ T5847] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  365.416948][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  365.971403][ T1230] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  366.170854][ T1230] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[  366.170882][ T1230] usb 4-1: config 0 has no interface number 0
[  366.190730][ T1230] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  366.190755][ T1230] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.190766][ T1230] usb 4-1: Product: syz
[  366.190773][ T1230] usb 4-1: Manufacturer: syz
[  366.190780][ T1230] usb 4-1: SerialNumber: syz
[  366.246710][ T1230] usb 4-1: config 0 descriptor??
[  366.252364][   T60] Bluetooth: hci6: command tx timeout
[  366.501485][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  366.880864][ T8632] netlink: 12 bytes leftover after parsing attributes in process `syz.1.870'.
[  366.932935][ T8633] netlink: 108 bytes leftover after parsing attributes in process `syz.1.870'.
[  367.531595][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  368.352264][   T60] Bluetooth: hci6: command tx timeout
[  368.574842][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  368.763659][    T9] usb 4-1: USB disconnect, device number 5
[  369.611968][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  370.421429][   T60] Bluetooth: hci6: command tx timeout
[  370.449509][ T5847] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  370.470077][ T5847] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  370.509155][ T5847] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  370.581950][ T5847] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  370.601361][ T5847] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  370.651509][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  371.691615][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  372.492114][ T5847] Bluetooth: hci6: command tx timeout
[  372.651703][ T5847] Bluetooth: hci7: command tx timeout
[  372.731485][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  373.771793][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  374.737233][ T5847] Bluetooth: hci7: command tx timeout
[  374.817794][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  375.468002][   T60] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  375.484932][   T60] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  375.486190][   T60] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  375.487417][   T60] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  375.488192][   T60] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  375.852930][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  376.726897][ T8578] kthread_run failed with err -4
[  376.811900][ T5847] Bluetooth: hci7: command tx timeout
[  376.901681][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  377.976507][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  377.980033][ T5847] Bluetooth: hci8: command tx timeout
[  378.592976][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  378.593052][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  378.891467][ T5847] Bluetooth: hci7: command tx timeout
[  379.061666][    C0] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  379.231456][ T7419] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  379.385192][ T7419] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.385224][ T7419] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.385246][ T7419] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  379.385287][ T7419] usb 4-1: New USB device found, idVendor=0c70, idProduct=f012, bcdDevice= 0.00
[  379.385308][ T7419] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.388992][ T7419] usb 4-1: config 0 descriptor??
[  379.501825][ T8606] lo speed is unknown, defaulting to 1000
[  379.791982][ T8658] lo speed is unknown, defaulting to 1000
[  380.009786][ T7419] usbhid 4-1:0.0: can't add hid device: -71
[  380.009920][ T7419] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  380.011370][ T5847] Bluetooth: hci8: command tx timeout
[  380.017924][ T7419] usb 4-1: USB disconnect, device number 6
[  380.115935][   T58] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.287202][ T8642] lo speed is unknown, defaulting to 1000
[  380.666913][   T58] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.780715][ T8688] netlink: 12 bytes leftover after parsing attributes in process `syz.3.883'.
[  380.841849][ T8687] netlink: 108 bytes leftover after parsing attributes in process `syz.3.883'.
[  381.585623][  T990] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  381.956624][  T990] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  381.956654][  T990] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  381.956675][  T990] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  381.956695][  T990] usb 4-1: config 1 has no interface number 0
[  381.956743][  T990] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  381.956770][  T990] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  381.956811][  T990] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  381.956833][  T990] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.066115][   T58] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  382.122472][  T990] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  382.153299][ T5847] Bluetooth: hci8: command tx timeout
[  382.673065][  T990] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  384.014872][ T7419] snd_usb_pod 4-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  386.215912][ T5847] Bluetooth: hci8: command tx timeout
[  386.267100][   T58] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.275830][ T7419] usb 4-1: USB disconnect, device number 7
[  386.281076][ T7419] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  387.089898][ T8606] chnl_net:caif_netlink_parms(): no params data found
[  387.098534][ T8658] chnl_net:caif_netlink_parms(): no params data found
[  387.184476][   T10] kernel read not supported for file /dsp1 (pid: 10 comm: kworker/0:1)
[  387.452676][   T58] bridge_slave_1: left allmulticast mode
[  387.452707][   T58] bridge_slave_1: left promiscuous mode
[  387.452947][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  388.476032][   T58] bridge_slave_0: left allmulticast mode
[  388.476067][   T58] bridge_slave_0: left promiscuous mode
[  388.476339][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.391413][  T990] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  389.545737][  T990] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  389.545764][  T990] usb 2-1: config 179 has no interface number 0
[  389.545813][  T990] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  389.545841][  T990] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  389.545868][  T990] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  389.545894][  T990] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  389.545917][  T990] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  389.545960][  T990] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  389.545983][  T990] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.646801][ T8739] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  389.658760][  T990] xpad 2-1:179.65: probe with driver xpad failed with error -5
[  389.915451][   T10] usb 2-1: USB disconnect, device number 4
[  394.250109][ T8771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.908'.
[  396.034372][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  396.222245][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  396.222518][ T8791] netlink: 8 bytes leftover after parsing attributes in process `syz.3.917'.
[  396.319330][   T58] bond0 (unregistering): Released all slaves
[  396.544563][ T8642] chnl_net:caif_netlink_parms(): no params data found
[  397.710478][ T8606] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.710619][ T8606] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.710873][ T8606] bridge_slave_0: entered allmulticast mode
[  397.728472][ T8606] bridge_slave_0: entered promiscuous mode
[  397.765381][ T8658] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.765519][ T8658] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.765740][ T8658] bridge_slave_0: entered allmulticast mode
[  397.814398][ T8658] bridge_slave_0: entered promiscuous mode
[  397.829608][ T8606] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.829751][ T8606] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.829957][ T8606] bridge_slave_1: entered allmulticast mode
[  397.841307][ T8606] bridge_slave_1: entered promiscuous mode
[  397.849355][ T8658] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.849491][ T8658] bridge0: port 2(bridge_slave_1) entered disabled state
[  397.849769][ T8658] bridge_slave_1: entered allmulticast mode
[  397.852861][ T8658] bridge_slave_1: entered promiscuous mode
[  398.591395][ T5925] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  398.766897][ T5925] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  398.766927][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.766947][ T5925] usb 2-1: Product: syz
[  398.766961][ T5925] usb 2-1: Manufacturer: syz
[  398.766975][ T5925] usb 2-1: SerialNumber: syz
[  398.802768][ T5925] usb 2-1: config 0 descriptor??
[  399.043232][ T5925] usb 2-1: ignoring: probably an ADSL modem
[  399.140249][ T8606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.166437][ T8658] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  399.249517][ T5925] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  399.254753][ T5925] usb 2-1: USB disconnect, device number 5
[  399.309431][ T8658] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.323118][ T8606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  399.323801][ T8642] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.324002][ T8642] bridge0: port 1(bridge_slave_0) entered disabled state
[  399.324215][ T8642] bridge_slave_0: entered allmulticast mode
[  399.327054][ T8642] bridge_slave_0: entered promiscuous mode
[  399.585327][   T58] hsr_slave_0: left promiscuous mode
[  399.601555][   T58] hsr_slave_1: left promiscuous mode
[  399.602548][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  399.602573][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  399.654426][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  399.654456][   T58] batman_adv: batadv0: Removing interface: batadv_slave_1
[  399.748476][   T58] veth1_macvtap: left promiscuous mode
[  399.748610][   T58] veth0_macvtap: left promiscuous mode
[  401.479294][ T8844] netlink: 16 bytes leftover after parsing attributes in process `syz.1.934'.
[  402.912461][   T58] team0 (unregistering): Port device team_slave_1 removed
[  403.122533][   T58] team0 (unregistering): Port device team_slave_0 removed
[  405.613913][ T8642] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.614104][ T8642] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.614308][ T8642] bridge_slave_1: entered allmulticast mode
[  405.617087][ T8642] bridge_slave_1: entered promiscuous mode
[  405.939839][ T8606] team0: Port device team_slave_0 added
[  405.946435][ T8658] team0: Port device team_slave_0 added
[  406.165425][ T8606] team0: Port device team_slave_1 added
[  406.169649][ T8658] team0: Port device team_slave_1 added
[  406.197179][ T8642] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.632512][ T8642] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.140705][ T8875] netlink: 16 bytes leftover after parsing attributes in process `syz.3.942'.
[  411.156969][ T8606] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.156985][ T8606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.157010][ T8606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.158418][ T8658] batman_adv: batadv0: Adding interface: batadv_slave_0
[  411.158429][ T8658] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.158454][ T8658] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  411.394066][ T8658] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.394078][ T8658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.394092][ T8658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.405681][ T8606] batman_adv: batadv0: Adding interface: batadv_slave_1
[  411.405697][ T8606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  411.405720][ T8606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  411.408226][ T8642] team0: Port device team_slave_0 added
[  411.545499][ T8642] team0: Port device team_slave_1 added
[  412.226193][ T8882] delete_channel: no stack
[  414.021703][ T8120] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  414.176003][ T8120] usb 2-1: config 0 has an invalid interface number: 128 but max is 0
[  414.176030][ T8120] usb 2-1: config 0 has no interface number 0
[  414.184232][ T8120] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  414.184260][ T8120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.184278][ T8120] usb 2-1: Product: syz
[  414.184292][ T8120] usb 2-1: Manufacturer: syz
[  414.184305][ T8120] usb 2-1: SerialNumber: syz
[  414.226246][ T8120] usb 2-1: config 0 descriptor??
[  414.253661][   T58] IPVS: stop unused estimator thread 0...
[  414.694956][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_0
[  414.694972][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  414.694997][ T8642] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  414.746479][ T8120] usb 2-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0)
[  414.746506][ T8120] usb 2-1: Firmware version (0.0) predates our first public release.
[  414.746523][ T8120] usb 2-1: Please update to version 0.2 or newer
[  414.894286][ T8642] batman_adv: batadv0: Adding interface: batadv_slave_1
[  414.894303][ T8642] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  414.894328][ T8642] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  414.957145][ T8658] hsr_slave_0: entered promiscuous mode
[  414.959564][ T8658] hsr_slave_1: entered promiscuous mode
[  414.960456][ T8658] debugfs: 'hsr0' already exists in 'hsr'
[  414.960482][ T8658] Cannot create hsr debugfs directory
[  415.018241][ T8606] hsr_slave_0: entered promiscuous mode
[  415.019676][ T8606] hsr_slave_1: entered promiscuous mode
[  415.020670][ T8606] debugfs: 'hsr0' already exists in 'hsr'
[  415.020694][ T8606] Cannot create hsr debugfs directory
[  415.486420][ T8120] usb 2-1: USB disconnect, device number 6
[  415.883342][ T8906] netlink: 72 bytes leftover after parsing attributes in process `syz.3.950'.
[  416.852078][   T58] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.288466][ T8642] hsr_slave_0: entered promiscuous mode
[  417.289794][ T8642] hsr_slave_1: entered promiscuous mode
[  417.298531][ T8642] debugfs: 'hsr0' already exists in 'hsr'
[  417.298555][ T8642] Cannot create hsr debugfs directory
[  417.452536][ T8120] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  417.456733][   T58] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.623739][ T8120] usb 2-1: Using ep0 maxpacket: 8
[  417.630416][ T8120] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  417.630444][ T8120] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  417.630464][ T8120] usb 2-1: Product: syz
[  417.630477][ T8120] usb 2-1: Manufacturer: syz
[  417.630491][ T8120] usb 2-1: SerialNumber: syz
[  417.636543][ T8120] usb 2-1: config 0 descriptor??
[  417.642349][ T8120] gspca_main: se401-2.14.0 probing 047d:5003
[  417.901625][   T58] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.276899][ T8120] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8
[  418.305391][   T58] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.375016][ T8120] usb 2-1: USB disconnect, device number 7
[  420.262255][   T10] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  420.664581][   T10] usb 2-1: config 0 has an invalid interface number: 128 but max is 0
[  420.664607][   T10] usb 2-1: config 0 has no interface number 0
[  420.885728][   T10] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  420.885758][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.885778][   T10] usb 2-1: Product: syz
[  420.885791][   T10] usb 2-1: Manufacturer: syz
[  420.885804][   T10] usb 2-1: SerialNumber: syz
[  420.941429][   T10] usb 2-1: config 0 descriptor??
[  421.032146][  T992] libceph: connect (1)[c::]:6789 error -101
[  421.032533][  T992] libceph: mon0 (1)[c::]:6789 connect error
[  421.042151][  T992] libceph: connect (1)[c::]:6789 error -101
[  421.042355][  T992] libceph: mon0 (1)[c::]:6789 connect error
[  421.270787][ T8934] ceph: No mds server is up or the cluster is laggy
[  421.305451][ T8120] libceph: connect (1)[c::]:6789 error -101
[  421.305667][ T8120] libceph: mon0 (1)[c::]:6789 connect error
[  421.373752][   T10] usb 2-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (0)
[  421.373779][   T10] usb 2-1: Firmware version (0.0) predates our first public release.
[  421.373796][   T10] usb 2-1: Please update to version 0.2 or newer
[  421.478439][ T8658] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  421.595411][ T8658] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  421.674450][ T8658] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  421.730844][ T8941] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  421.755046][   T10] usb 2-1: USB disconnect, device number 8
[  421.794028][ T8658] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  421.920011][ T8941] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  424.796361][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  424.800411][ T5847] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  424.815583][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  424.821580][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  424.831739][ T5847] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  424.843928][   T58] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.486748][   T58] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.721875][ T8979] netlink: 76 bytes leftover after parsing attributes in process `syz.3.966'.
[  426.891377][   T60] Bluetooth: hci0: command tx timeout
[  427.121414][ T8981] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  428.395767][   T58] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  428.521360][ T8957] lo speed is unknown, defaulting to 1000
[  429.036834][   T60] Bluetooth: hci0: command tx timeout
[  429.868037][   T58] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  430.859820][ T8991] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  431.051595][   T60] Bluetooth: hci0: command tx timeout
[  431.140934][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  431.157150][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  431.158430][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  431.160414][ T5847] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  431.182471][ T5847] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  433.157672][ T5847] Bluetooth: hci0: command tx timeout
[  433.211540][ T5847] Bluetooth: hci3: command tx timeout
[  433.739124][ T9001] lo speed is unknown, defaulting to 1000
[  434.685839][   T58] bridge_slave_1: left allmulticast mode
[  434.685871][   T58] bridge_slave_1: left promiscuous mode
[  434.686107][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.755484][   T58] bridge_slave_0: left allmulticast mode
[  434.755513][   T58] bridge_slave_0: left promiscuous mode
[  434.755846][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.825711][   T58] bridge_slave_1: left allmulticast mode
[  434.825742][   T58] bridge_slave_1: left promiscuous mode
[  434.825979][   T58] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.927592][   T58] bridge_slave_0: left allmulticast mode
[  434.927624][   T58] bridge_slave_0: left promiscuous mode
[  434.927871][   T58] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.931415][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  435.121482][    T9] usb 2-1: Using ep0 maxpacket: 8
[  435.127166][    T9] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  435.127194][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.127213][    T9] usb 2-1: Product: syz
[  435.127227][    T9] usb 2-1: Manufacturer: syz
[  435.127241][    T9] usb 2-1: SerialNumber: syz
[  435.136404][    T9] usb 2-1: config 0 descriptor??
[  435.155300][    T9] gspca_main: sq930x-2.14.0 probing 2770:930c
[  435.291783][ T5847] Bluetooth: hci3: command tx timeout
[  435.566189][   T60] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  435.590902][   T60] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  435.593403][   T60] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  435.594517][   T60] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  435.595703][   T60] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  435.969952][    T9] gspca_sq930x: ucbus_write failed -71
[  435.970048][    T9] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  435.977644][    T9] usb 2-1: USB disconnect, device number 9
[  437.371323][   T60] Bluetooth: hci3: command tx timeout
[  437.541885][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  437.610851][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  437.626239][   T58] bond0 (unregistering): Released all slaves
[  437.701579][   T60] Bluetooth: hci5: command tx timeout
[  439.343363][   T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.422270][   T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.446371][   T58] bond0 (unregistering): Released all slaves
[  439.451437][   T60] Bluetooth: hci3: command tx timeout
[  439.797383][   T60] Bluetooth: hci5: command tx timeout
[  439.962692][ T9032] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  440.019335][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  440.019440][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  440.040239][   T58] tipc: Disabling bearer <udp:syz0>
[  440.040427][   T58] tipc: Disabling bearer <udp:syz2>
[  440.048601][   T58] tipc: Left network mode
[  440.159576][ T8957] chnl_net:caif_netlink_parms(): no params data found
[  440.802894][ T9057] siw: device registration error -23
[  441.851656][   T60] Bluetooth: hci5: command tx timeout
[  441.903120][ T9025] lo speed is unknown, defaulting to 1000
[  442.406308][ T9073] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  443.931397][   T60] Bluetooth: hci5: command tx timeout
[  444.151576][ T9095] netlink: 12 bytes leftover after parsing attributes in process `syz.3.993'.
[  444.193990][ T9096] netlink: 12 bytes leftover after parsing attributes in process `syz.3.993'.
[  444.239483][ T8957] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.239632][ T8957] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.239858][ T8957] bridge_slave_0: entered allmulticast mode
[  444.262987][ T8957] bridge_slave_0: entered promiscuous mode
[  444.730742][ T8957] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.730925][ T8957] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.731193][ T8957] bridge_slave_1: entered allmulticast mode
[  444.772744][ T8957] bridge_slave_1: entered promiscuous mode
[  448.023137][ T8957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  448.044943][ T8957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  448.045507][ T9001] chnl_net:caif_netlink_parms(): no params data found
[  448.410117][ T8957] team0: Port device team_slave_0 added
[  451.780983][   T58] hsr_slave_0: left promiscuous mode
[  451.970006][   T58] hsr_slave_1: left promiscuous mode
[  452.119297][   T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  452.122786][   T58] batman_adv: batadv0: Removing interface: batadv_slave_0
[  452.348495][   T38] INFO: task syz-executor:5845 blocked for more than 144 seconds.
[  452.348570][   T38]       Not tainted syzkaller #0
[  452.348612][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  452.348652][   T38] task:syz-executor    state:D stack:20280 pid:5845  tgid:5845  ppid:1      task_flags:0x400140 flags:0x00004004
[  452.348888][   T38] Call Trace:
[  452.348920][   T38]  <TASK>
[  452.348958][   T38]  __schedule+0x16f3/0x4c20
[  452.349264][   T38]  ? __pfx___schedule+0x10/0x10
[  452.349482][   T38]  ? schedule+0x91/0x360
[  452.349587][   T38]  schedule+0x165/0x360
[  452.349692][   T38]  v9fs_evict_inode+0x170/0x320
[  452.349818][   T38]  ? __pfx_v9fs_evict_inode+0x10/0x10
[  452.350505][   T38]  ? reacquire_held_locks+0x127/0x1d0
[  452.350602][   T38]  ? __pfx_var_wake_function+0x10/0x10
[  452.350796][   T38]  ? __pfx_v9fs_evict_inode+0x10/0x10
[  452.350852][   T38]  evict+0x501/0x9c0
[  452.350963][   T38]  ? __pfx_evict+0x10/0x10
[  452.351067][   T38]  ? iput+0x6d8/0x9d0
[  452.469475][   T38]  __dentry_kill+0x209/0x660
[  452.469502][   T38]  ? dput+0x37/0x2b0
[  452.469516][   T38]  dput+0x19f/0x2b0
[  452.469530][   T38]  shrink_dcache_for_umount+0xa0/0x170
[  452.469542][   T38]  generic_shutdown_super+0x67/0x2c0
[  452.469556][   T38]  kill_anon_super+0x3b/0x7[  452.469556][   T38]  kill_anon_super+0x3b/0x70
[  452.469568][   T38]  v9fs_kill_super+0x4c/0x90
[  452.469583][   T38]  deactivate_locked_super+0xb9/0x130
[  452.469596][   T38]  cleanup_mnt+0x425/0x4c0
[  452.469607][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  452.469623][   T38]  task_work_run+0x1d4/0x260
[  452.469636][   T38]  ? __pfx_task_work_run+0x10/0x10
[  452.469644][   T38]  ? __x64_sys_umount+0x122/0x160
[  452.469659][   T38]  ? exit_to_user_mode_loop+0x40/0x110
[  452.469675][   T38]  exit_to_user_mode_loop+0xec/0x110
[  452.469688][   T38]  do_syscall_64+0x2bd/0x3b0
[  452.469703][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  452.469717][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.469727][   T38]  ? clear_bhb_loop+0x60/0xb0
[  452.469739][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.469758][   T38] RIP: 0033:0x7f11afd901f7
[  452.469767][   T38] RSP: 002b:00007ffdc5269f18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  452.469779][   T38] RAX: 0000000000000000 RBX: 00007f11afe11d7d RCX: 00007f11afd901f7
[  452.469787][   T38] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc5269fd0
[  452.469793][   T38] RBP: 00007ffdc5269fd0 R08: 0000000000000000 R09: 0000000000000000
[  452.469800][   T38] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdc526b060
[  452.469807][   T38] R13: 00007f11afe11d7d R14: 000000000004a715 R15: 00007ffdc526b0a0
[  452.469823][   T38]  </TASK>
[  452.469859][   T38] 
[  452.469859][   T38] Showing all locks held in the system:
[  452.469866][   T38] 2 locks held by rcuc/1/28:
[  452.469872][   T38]  #0: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  452.469899][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  452.469924][   T38] 1 lock held by khungtaskd/38:
[  452.469930][   T38]  #0: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  452.469957][   T38] 4 locks held by kworker/u8:4/58:
[  452.469963][   T38]  #0: ffff88801a6f4138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.469988][   T38]  #1: ffffc9000124fbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.470011][   T38]  #2: ffffffff8ecc6a20 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  452.470037][   T38]  #3: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xdc/0x890
[  452.470064][   T38] 4 locks held by kworker/u8:5/68:
[  452.470070][   T38]  #0: ffff88814dd3e138 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.470093][   T38]  #1: ffffc9000154fbc0 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.470117][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  452.470140][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  452.470175][   T38] 7 locks held by kworker/u8:9/1450:
[  452.470184][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.493928][   T38]  #1: ffffc90005667bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.493985][   T38]  #2: ffff888036194300 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  452.494038][   T38]  #3: ffff88805928f920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  452.494084][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  452.494128][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  452.494171][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  452.494230][   T38] 2 locks held by getty/5601:
[  452.494241][   T38]  #0: ffff88823bf2c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  452.494289][   T38]  #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  452.494333][   T38] 1 lock held by syz-executor/5845:
[  452.494343][   T38]  #0: ffff8880581800d0 (&type->s_umount_key#56){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  452.494390][   T38] 3 locks held by syz-executor/5859:
[  452.494405][   T38] 4 locks held by kworker/1:4/5911:
[  452.494415][   T38]  #0: ffff888019899138 ((wq_completion)events_long){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.494459][   T38]  #1: ffffc90005087bc0 ((work_completion)(&(&ipvs->defense_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.494503][   T38]  #2: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  452.494545][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  452.494589][   T38] 3 locks held by kworker/u8:18/6047:
[  452.494599][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.494643][   T38]  #1: ffffc90003fdfbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.494696][   T38]  #2: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  452.494737][   T38] 7 locks held by kworker/u8:20/6049:
[  452.494747][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  452.494790][   T38]  #1: ffffc90003f4fbc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  452.494835][   T38]  #2: ffff888026dce300 (&devlink->lock_key#8){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  452.494886][   T38]  #3: ffff8881473b6520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  452.495044][   T38]  #4: ffffffff8d9a8d80 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  452.495088][   T38]  #5: ffffffff8d84a960 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  452.495130][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  452.495174][   T38] 4 locks held by kworker/1:7/7419:
[  452.495189][   T38] 1 lock held by syz-executor/8957:
[  452.495199][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  452.495244][   T38] 2 locks held by syz-executor/9001:
[  452.495254][   T38]  #0: ffffffff8f1d7ce8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  452.495302][   T38]  #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  452.495345][   T38] 1 lock held by syz-executor/9025:
[  452.495356][   T38]  #0: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  452.495401][   T38] 2 locks held by syz.3.1002/9136:
[  452.495411][   T38]  #0: ffffffff8f1f12f8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  452.495459][   T38]  #1: ffffffff8ecd3938 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  452.495505][   T38] 
[  452.495511][   T38] =============================================
[  452.495511][   T38] 
[  452.495532][   T38] NMI backtrace for cpu 0
[  452.495553][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  452.495573][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  452.495583][   T38] Call Trace:
[  452.495590][   T38]  <TASK>
[  452.495598][   T38]  dump_stack_lvl+0x189/0x250
[  452.495626][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.495649][   T38]  ? __pfx__printk+0x10/0x10
[  452.495679][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  452.495703][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  452.495726][   T38]  ? __pfx__printk+0x10/0x10
[  452.495748][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  452.495772][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  452.495796][   T38]  watchdog+0xf93/0xfe0
[  452.495822][   T38]  ? watchdog+0x1de/0xfe0
[  452.495848][   T38]  kthread+0x70e/0x8a0
[  452.495875][   T38]  ? __pfx_watchdog+0x10/0x10
[  452.495895][   T38]  ? __pfx_kthread+0x10/0x10
[  452.495922][   T38]  ? __pfx_kthread+0x10/0x10
[  452.495952][   T38]  ret_from_fork+0x436/0x7d0
[  452.495976][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  452.496002][   T38]  ? __switch_to_asm+0x39/0x70
[  452.496018][   T38]  ? __switch_to_asm+0x33/0x70
[  452.496032][   T38]  ? __pfx_kthread+0x10/0x10
[  452.496057][   T38]  ret_from_fork_asm+0x1a/0x30
[  452.496091][   T38]  </TASK>
[  452.496111][   T38] Sending NMI from CPU 0 to CPUs 1:
[  452.496133][    C1] NMI backtrace for cpu 1
[  452.496146][    C1] CPU: 1 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  452.496164][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  452.496172][    C1] RIP: 0010:io_serial_in+0x77/0xc0
[  452.496191][    C1] Code: e8 ee 39 7f fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 5f 80 de fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f e9 1a 8c bb 05 cc 44 89 f9 80 e1 07
[  452.496204][    C1] RSP: 0018:ffffc90000167890 EFLAGS: 00000202
[  452.496218][    C1] RAX: 1ffffffff3275c00 RBX: 00000000000003fd RCX: 0000000000000000
[  452.496229][    C1] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[  452.496238][    C1] RBP: ffffffff993ae890 R08: 0000000000000000 R09: 0000000000000000
[  452.496248][    C1] R10: dffffc0000000000 R11: ffffffff853f3400 R12: dffffc0000000000
[  452.496260][    C1] R13: 0000000000000000 R14: ffffffff993ae600 R15: 0000000000000000
[  452.496271][    C1] FS:  0000000000000000(0000) GS:ffff8881269bc000(0000) knlGS:0000000000000000
[  452.496284][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  452.496295][    C1] CR2: 0000200000032000 CR3: 0000000033c74000 CR4: 00000000003526f0
[  452.496309][    C1] Call Trace:
[  452.496315][    C1]  <TASK>
[  452.496322][    C1]  wait_for_lsr+0x1a7/0x2f0
[  452.496343][    C1]  serial8250_console_write+0x1341/0x1b40
[  452.496367][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[  452.496383][    C1]  ? console_flush_all+0x13a/0xcd0
[  452.496402][    C1]  ? console_flush_all+0x476/0xcd0
[  452.496419][    C1]  console_flush_all+0x695/0xcd0
[  452.496436][    C1]  ? console_flush_all+0x13a/0xcd0
[  452.496454][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  452.496470][    C1]  ? __lock_acquire+0xab9/0xd20
[  452.496493][    C1]  __console_flush_and_unlock+0xa4/0x240
[  452.496510][    C1]  ? __pfx___console_flush_and_unlock+0x10/0x10
[  452.496531][    C1]  legacy_kthread_func+0x13b/0x1a0
[  452.496548][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[  452.496565][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  452.496583][    C1]  ? __kthread_parkme+0x7b/0x200
[  452.496600][    C1]  ? __kthread_parkme+0x1a1/0x200
[  452.496620][    C1]  kthread+0x70e/0x8a0
[  452.496640][    C1]  ? __pfx_legacy_kthread_func+0x10/0x10
[  452.496657][    C1]  ? __pfx_kthread+0x10/0x10
[  452.496677][    C1]  ? __pfx_kthread+0x10/0x10
[  452.496702][    C1]  ret_from_fork+0x436/0x7d0
[  452.496720][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  452.496739][    C1]  ? __switch_to_asm+0x39/0x70
[  452.496752][    C1]  ? __switch_to_asm+0x33/0x70
[  452.496765][    C1]  ? __pfx_kthread+0x10/0x10
[  452.496784][    C1]  ret_from_fork_asm+0x1a/0x30
[  452.496805][    C1]  </TASK>
[  452.499610][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  452.499627][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  452.499647][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  452.499658][   T38] Call Trace:
[  452.499665][   T38]  <TASK>
[  452.499672][   T38]  dump_stack_lvl+0x99/0x250
[  452.499699][   T38]  ? __asan_memcpy+0x40/0x70
[  452.499719][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.499741][   T38]  ? __pfx__printk+0x10/0x10
[  452.499772][   T38]  vpanic+0x281/0x750
[  452.499797][   T38]  ? __pfx_vpanic+0x10/0x10
[  452.499817][   T38]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  452.499835][   T38]  ? preempt_schedule+0xae/0xc0
[  452.499860][   T38]  ? preempt_schedule_common+0x83/0xd0
[  452.499889][   T38]  panic+0xb9/0xc0
[  452.499911][   T38]  ? __pfx_panic+0x10/0x10
[  452.499935][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  452.499966][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  452.499990][   T38]  watchdog+0xfd2/0xfe0
[  452.500016][   T38]  ? watchdog+0x1de/0xfe0
[  452.500042][   T38]  kthread+0x70e/0x8a0
[  452.500069][   T38]  ? __pfx_watchdog+0x10/0x10
[  452.500089][   T38]  ? __pfx_kthread+0x10/0x10
[  452.500116][   T38]  ? __pfx_kthread+0x10/0x10
[  452.500140][   T38]  ret_from_fork+0x436/0x7d0
[  452.500164][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  452.500190][   T38]  ? __switch_to_asm+0x39/0x70
[  452.500206][   T38]  ? __switch_to_asm+0x33/0x70
[  452.500220][   T38]  ? __pfx_kthread+0x10/0x10
[  452.500245][   T38]  ret_from_fork_asm+0x1a/0x30
[  452.500276][   T38]  </TASK>
[  452.500533][   T38] Kernel Offset: disabled