last executing test programs:

3m51.619252816s ago: executing program 1 (id=2):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010082000000000000021d00000008000300", @ANYRES32=r3, @ANYBLOB="ff034763"], 0x28}, 0x1, 0x0, 0x0, 0x5396ebcfacd913b0}, 0x90) (fail_nth: 4)

3m51.322317649s ago: executing program 1 (id=6):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="060000000700000000020000ff07000060220000", @ANYRES32=0x1, @ANYBLOB='=\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0500000005000000010000000000000000000000000000000000000042d3689201c442678591c507ad1580377538407ba2d533af2a008c743386fafb4f17cf77e9d6c37b45c7de419f9b6615f8ab8d7bb778024b1dff63e07e034b87e3d79e7b1a447f8aa42780c3ca229430800b73ec154e28b4b26396e55f17044faf8292d3d8c91ecf7188f38eb38bd0a3adcf39e3b226bbb37261a044e95d583cf378923b2bab2784fb28b7ee5637bb1c55ab5b60b75986662f661ee59d0d63d1f538f7a32e5b9473a0b177e22cafd1ded8626fc777d1be5770ad1e37bc23f5788d"], 0x50)
pwrite64(r0, &(0x7f0000000380)="6f0232ef877584c41e0d86f7725ab85e97ae3689303f48bd0a06ff7b242b557b2c5b8a4dc585b18c6d4af408451060ce48e77c289057fe01c26d8b3f3773566eb226458052556b319c07cbac9114ee50e23cdc671479750d49d12449d6fa7e8542e96fbb564aff8b963373519927286d0123dbb46888d75b0f8191b052c595413afe060e7da9af1a818d9bdf14ea", 0x8e, 0xfffffffffffeffff)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000180)=0x3)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="1e0000000fa900f11115f4e42a991a508137d895c6a0e9d6a5cff42ad14421015952e41de134e089f6cd3af5281837808e699e0f42a00be33dee7e239e5094be90ffb67c69eef452d9a677ec544d01c443d1073f3b3b2b7fd497570f4d830c2dab6e6fa24a09dac2b6fbfe2eed38cbfe7faa555351c9c0e9f1cc86c0c706ac96513f7d2cce453574cafa", @ANYRES16=r5, @ANYBLOB="000027bd7000fedbdf251600000005000300000000000500040001000000280001801400020076657468315f766972745f77696669000800030005000000080003000200000005000300010000000500030000000000"], 0x5c}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='nv\x00', 0x3)
sendmmsg$inet(r4, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x2000c000)
timer_create(0xb, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})

3m49.467181538s ago: executing program 1 (id=7):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x58, r1, 0x1, 0x2000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_FRAME={0x22, 0x33, @mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x2}, @device_b, @broadcast, @initial, {0x2, 0x8}}, 0x10, 0x1f, @random, @void, @void}}]}, 0x58}}, 0x0)

3m49.151495911s ago: executing program 1 (id=8):
r0 = openat$smackfs_logging(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000000)="d9", 0x1}], 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = gettid()
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x0)
readv(r3, &(0x7f0000002940)=[{&(0x7f0000000000)=""/93, 0x5d}, {0x0, 0x3c}], 0x2)
tkill(r2, 0x8)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a001fffffffff7f000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b', @ANYRES32=r1], 0x24}}, 0x0)

3m48.759002971s ago: executing program 1 (id=10):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b34, &(0x7f0000000000)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000300)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @null, 0x0, 0x200001, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000440)={'\x00', 0xffff, 0x2aaaaaaa, 0x6, 0x4, 0xffffffffffff9763, 0xffffffffffffffff})
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0x1}, 0x1c)
io_setup(0x8, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0xbe26, 0x0, 0x42474752, 0x2, 0x0, [{0x2}, {0x6}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x5}], 0x0, 0x20, 0x2, 0x1}})
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000080)={0xf0f03c, 0x1})

3m33.640270015s ago: executing program 32 (id=10):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b34, &(0x7f0000000000)={'wlan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f0000000300)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x8, 'syz1\x00', @null, 0x0, 0x200001, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r4 = dup2(r3, r3)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000440)={'\x00', 0xffff, 0x2aaaaaaa, 0x6, 0x4, 0xffffffffffff9763, 0xffffffffffffffff})
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @private=0xa010102}, 0x1}, 0x1c)
io_setup(0x8, &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0xb)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a40000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0xbe26, 0x0, 0x42474752, 0x2, 0x0, [{0x2}, {0x6}, {0x0, 0x2}, {}, {}, {}, {0x0, 0x5}], 0x0, 0x20, 0x2, 0x1}})
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000080)={0xf0f03c, 0x1})

3m26.604840355s ago: executing program 2 (id=65):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x185e81, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c00000063bee272c7048f7051bd9ae890480b155f5ca91153f6ba10294a42712781ff22d6ccb44dbd90f7797aae08e34cf90a8da3da8e9e4e5e4dce860332a5b207cc8f0ed4e45ca3bf966bc29ba76c74bc424a80ff33a241655f9b62837a45f4647a791aff0f47d4907b3f4a0b515dd008f416a285bb435263c756c6df018472915d55fe5a3f6a7ab8f63888be0f183d0ffc5bf78ef66561c379830214e7f1f49c31c9a3eb62c46e3cad7150153a1f", @ANYRES16=r0, @ANYBLOB="010000000000000000001c00000018000180140002006e657464657673"], 0x2c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000002400)={'erspan0\x00', &(0x7f0000002340)={'syztnl2\x00', 0x0, 0x8, 0x7800, 0x8, 0x3a, {{0x25, 0x4, 0x1, 0x39, 0x94, 0x65, 0x0, 0xff, 0xb11471bcbb5e4d66, 0x0, @private=0xa010101, @broadcast, {[@rr={0x7, 0x27, 0xe3, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, @multicast1, @private=0xa0100ff, @initdev={0xac, 0x1e, 0x1, 0x0}, @local, @remote, @multicast2, @multicast1]}, @timestamp_addr={0x44, 0x2c, 0x2f, 0x1, 0x2, [{@multicast1, 0x18}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x40}, {@rand_addr=0x64010102, 0x10003}, {@empty, 0x81}, {@multicast2, 0xfffffff9}]}, @rr={0x7, 0x1b, 0x2f, [@multicast2, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty, @broadcast]}, @timestamp={0x44, 0x10, 0x5e, 0x0, 0x1, [0xa, 0x8, 0x3]}]}}}}})
r1 = openat$audio1(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
shmat(r2, &(0x7f0000fea000/0x1000)=nil, 0x7000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$SNDCTL_MIDI_INFO(r3, 0xc074510c, &(0x7f0000000340)={"248c7ed038b05c4999412356e2021cabd911b5efade1ee83e21bf798b03d", 0x5, 0x551222df, 0x3, [0xe, 0x9, 0x9, 0x5c, 0x9, 0xa804, 0x80, 0xf8, 0x8, 0x6, 0x2, 0x0, 0x78, 0x7, 0x68, 0x6, 0xffffffff, 0x3]})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000100)="802dc82e0f01dfdbefba4300b84058efbaf80c66b8f044ec8266efbafc0c66b8fdffffff66efc05ec59f0f07f33ff30fc77000baa100ed", 0x37}], 0x1, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_STD(r7, 0x40085618, &(0x7f0000000000)=0x2000000)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f000000e000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000500)="66ba4000ec64671b7907b805000000b9000000000f01d966baa00066b8a74366ef2e673ef3420f090fc7b3005000000f01dfc42275470fc7442400f9000000c7442402747a0000ff2c24f2410f0119", 0x4f}], 0x1, 0x40, 0x0, 0x0)
mount(&(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000400)='.\x00', &(0x7f0000000300)='msdos\x00', 0x5, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000200)=ANY=[])
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000002f000000180001801400020073797a5f74756e"], 0x2c}, 0x1, 0x0, 0x0, 0x24000005}, 0x0)

3m23.519212408s ago: executing program 2 (id=68):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a01010044140503", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e733e1a68", 0xf, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400"/20, @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="d43543d3c688ac5541e353b8dd55840ad1cc6e92a377043110e683928d7a734d7d9d83a7417f139885f17b39658201f46f7d61943706a2dc0f06f3a150b88f00c8c053b4e3d9f322a100b2803711e1504dc7b08bb0276994bee9c83180f6e8158e64f6907173793fc0c85729640ede35b3c0d768491ba26661c1ca45ed7466bfd694b54fb12b5bf371702834870a759fe212f091c07a83ac4ea1ecde5c101d99f9e4fbb0b348154a8fddef", @ANYRES16=0x0, @ANYBLOB="0000000000000000000010000000"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000d80), r2)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r2, &(0x7f0000000d80)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x30, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "2928dff22fcf046cc0fde15aedbb816a"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x9}]}, 0x30}}, 0x8004)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r4, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff0100000000000000000000000000010000000000000000000000000000000000e7ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006ce11bc3008b071000900000000000000000000000000009444000000000000000000000005"], 0x310)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000004c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}}, 0x90)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x8840, 0x0)
fcntl$setownex(r7, 0xf, &(0x7f0000000280)={0x2, 0xffffffffffffffff})
fcntl$lock(r7, 0x11, &(0x7f00000001c0)={0x1, 0x0, 0x380000000000, 0x2})
dup(r6)
r8 = syz_open_dev$vim2m(&(0x7f0000000040), 0x20008008000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r8, 0xc0405602, &(0x7f0000001040)={0x13, 0x2, 0x0, "b427edec06e66b29a65eda7f0f6b00002f00", 0xb5315241})
r9 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r9, &(0x7f0000000040)=""/148, 0xffffff96)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000240)={0x1ff, 0x7, 0xeeee0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})

3m20.62322956s ago: executing program 2 (id=74):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1e, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x8104}], 0x1, 0x0, 0x0, 0x0)
close(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, &(0x7f0000000440)={0x1, 0x0, {0x0, 0x0, 0x4001, 0x6}})
r5 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r5, &(0x7f0000000080)={0x2, 0x0, @local, 0x2}, 0x10)
getsockname$l2tp(r5, 0x0, &(0x7f0000000040))
syz_open_dev$tty20(0xc, 0x4, 0x1)

3m19.102078119s ago: executing program 2 (id=77):
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x3)
connect$caif(r1, &(0x7f0000000140)=@util, 0x12)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xc0)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000680)={{{@in6=@private2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@private}, 0x0, @in=@loopback}}, &(0x7f0000000240)=0xe8)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, r2, &(0x7f0000000180)='./file0\x00')
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r3 = socket(0x15, 0x5, 0x0)
connect$unix(r3, &(0x7f0000000080)=@abs={0xa}, 0x6e)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r5 = fanotify_init(0xff351af51b5cb3a4, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r5, 0xc00c55ca, 0x0)
mount_setattr(r4, &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000001dc0)={0xb, 0x2, 0x80000}, 0x20)
msgget(0x3, 0x710)
msgget(0x2, 0x624)
msgget(0x1, 0x240)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
setgid(0x0)
getegid()
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000023c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-ssse3\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendto$inet6(r7, &(0x7f0000847fff)='\x00', 0xfffffffffffffd9f, 0x0, 0x0, 0x25)
msgctl$IPC_RMID(0x0, 0x0)
msgget(0x3, 0x606)
msgget(0x0, 0x200)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000580)=ANY=[@ANYRESOCT=r0], 0x219)

3m17.967774516s ago: executing program 2 (id=79):
io_setup(0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r0}, 0x9)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x500)

3m15.83077841s ago: executing program 2 (id=85):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(0xffffffffffffffff, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c00000048a6540319e0b58500000000020000000900030073797a32000002000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x84, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0xe8}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
modify_ldt$write(0x1, &(0x7f0000000040)={0x600}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/timer\x00', 0x41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0x18, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, [@jmp={0x5, 0x1, 0x0, 0x7, 0x6, 0xc, 0xffffffffffffffff}, @cb_func={0x18, 0x1}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x2, 0x6, 0xa, 0x2, 0xfffffffffffffff8, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ldst={0x0, 0x2, 0x4, 0x3, 0x9, 0x30, 0xfffffffffffffffc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @jmp={0x5, 0x1, 0x6, 0x5, 0xb, 0xfffffffffffffff4, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8d}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)

3m14.131641582s ago: executing program 33 (id=85):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(0xffffffffffffffff, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c00000048a6540319e0b58500000000020000000900030073797a32000002000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x84, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0xe8}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
modify_ldt$write(0x1, &(0x7f0000000040)={0x600}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/timer\x00', 0x41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0x18, &(0x7f0000000340)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, [@jmp={0x5, 0x1, 0x0, 0x7, 0x6, 0xc, 0xffffffffffffffff}, @cb_func={0x18, 0x1}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x5}, @ldst={0x0, 0x2, 0x6, 0xa, 0x2, 0xfffffffffffffff8, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @ldst={0x0, 0x2, 0x4, 0x3, 0x9, 0x30, 0xfffffffffffffffc}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @jmp={0x5, 0x1, 0x6, 0x5, 0xb, 0xfffffffffffffff4, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8d}]}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)

2m36.526654564s ago: executing program 0 (id=149):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000100)='GPL\x00', 0x17, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0x8, 0xfffffffc, 0x4}, 0x10)
write(r1, &(0x7f0000000140)="240000001e005f0214fffffffffffff8070000001d00000000000000050009000d000000", 0x24)
r2 = syz_io_uring_setup(0x231, &(0x7f0000000300)={0x0, 0x1ffffd, 0x800, 0x1}, &(0x7f0000000080)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x9, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x21, 0x1, {0x0, r5}})
io_uring_enter(r2, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r6 = socket(0x28, 0xa, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x4000000, &(0x7f0000000200)={0x2, 0x0, @broadcast}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r8, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
r9 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r9, 0xc1485544, &(0x7f0000000000)=0x5)

2m36.003602244s ago: executing program 0 (id=153):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x8, &(0x7f0000000000)=0x277, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
read(r2, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000002440)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@private2}, @in=@dev, {@in=@broadcast, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {{@in=@multicast2, @in6=@mcast1}}}}, 0x128}}, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_80211_inject_frame(&(0x7f0000000300), &(0x7f0000000080)=ANY=[@ANYRES8=r0], 0x37)
r5 = syz_open_dev$vim2m(&(0x7f0000000280), 0x4, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000040)={0xd, 0x1, 0x0, "f819ebf45608e255b61c5deb3eb574d486d27e0600000000040000000006f100"})
prlimit64(0x0, 0xe, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1fd}, 0xe)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r6}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1f, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d100000095"], &(0x7f0000000940)='syzkaller\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000002740)="1e", 0xfdef}], 0x33)

2m33.54755792s ago: executing program 0 (id=156):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000080)={{0x0, 0x0, 0x8}, 'syz1\x00', 0x4})
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000000)={0x35, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r1, 0x5501)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
r2 = gettid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7a2a533839f894e8705c0548c6e73817f0436decd46852e13f3fe16822bb7825ae6c06b988353a3763d91b1f12df216e07048555fbdb0acbe2e8e463dbad44915816b01fbf2d60aa1321e843beb13621b3fd49050b2a6df61a88e1"], 0x50}}, 0x0)
sendmsg$NFT_MSG_GETSET(r4, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}}, 0x44)

2m31.778763213s ago: executing program 0 (id=159):
r0 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
getcwd(&(0x7f0000000040)=""/21, 0x15)
getcwd(&(0x7f0000000080)=""/70, 0x46)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x8, 0x110, r0, 0x94573000)
r1 = socket$netlink(0x10, 0x3, 0x4)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_BSS(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r2, 0x201, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x800}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x40}, @NL80211_ATTR_P2P_CTWINDOW={0x5}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x7}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20004880}, 0x40)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000240), 0x10080, 0x0)
getsockopt$netrom_NETROM_T4(r3, 0x103, 0x6, &(0x7f0000000280)=0x80000000, &(0x7f00000002c0)=0x4)
syz_open_dev$ptys(0xc, 0x3, 0x0)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x4e22, 0x6, @mcast2, 0x6}, 0x1c)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r3, &(0x7f0000000800)={&(0x7f0000000340), 0xc, &(0x7f00000007c0)={&(0x7f0000000400)={0x38c, r4, 0x0, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x3, 0x19}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x20, 0x33, @ctrl_frame=@ba={{}, {0x8}, @broadcast, @broadcast, @compressed={{0x0, 0x0, 0x1, 0x0, 0x1}, {0x4, 0x7}, "2c697f301aa2666b"}}}, @NL80211_ATTR_FRAME={0x30b, 0x33, @mgmt_frame=@probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7ff7}, @device_b, @device_a, @random="566d4b7a27f4", {0x9, 0xf8}}, @void, @void, @val={0x3, 0x1, 0x68}, @val={0x2d, 0x1a, {0x8, 0x2, 0x3, 0x0, {0xfffffffffffffffd, 0x1, 0x0, 0x1, 0x0, 0x1}, 0x6, 0x0, 0x1c}}, @void, [{0xdd, 0xfd, "c5d7cb41622d6c9e750578244b7440c7816a19342385f2cd6531a68f1224ff8814b16866e7d72b7d98088eac51e06e9e1faba1e9afe0ebc9871f7626723df71bc2081507753fa6000d5a40db11d99972d2db0d2da8d847f8db221387d24c4366aceb95ea5097f2c72ad8f5de9ff728ad889075bde7528777afa97c4a369628f23d801ed29651b6e59cdf5a01ae05132c85ca8e8f1edbefb6d407a2f8784a752397d6ca0f11eae0869134cbb2744c27206e6ed6b12fe3d8ec1079bbe870e4552cfc7d5f04fe01f183c1877c748c3ae3a020238ac451f7f137c3d8c01b3a56c81b710389d895101d92f89d1e28c7d6bd73cf5dbcc8d35eeda522efe331ef"}, {0xdd, 0x4a, "547f10a2f6ad2997cf7223112d2a81c4d799b32004b6d0411ec1f6053402957008b3549d28e68a62e2348f81c836bbf0d70e05c2027e55c483b99e8b0e9a9693c2cc95f92ad0472e0e41"}, {0xdd, 0xae, "7c5951e5d8df33879f91a6493f775e455c37f2e832b5f87298e165667b8e267e2a3277f6f7654fdaf8651579a954e6ec2eb3bda92229d7ae1cf5fda756de90a861194b6b1e0903fe7e1c1bb90fb51de83611e84e12c627d35666e427a48018aa1b59be0c961516774f6e6b721df21b117f7890a09e8979189b47ae89c837e3e29d6629b02954b82094c955f52dd2bd7cc24e55fec5faa62acab0e2426be68dc76b76df8fc770d553bc04d40faea8"}, {0xdd, 0xd3, "5b8c6465328778d511f7e3349086ce3e2545fa5eed30050c45105d4fc9d5af307d76cadb24bc13e1e1a9bac695a48f5bb4daf17e81f01d43b5f01257916bb766aef9fa1febbe48e08312447f8a755c9b2ee4864719e68862a8af79b2c5a4bf815e1e29b11a4261f33e06acc163c3d38624b85c0167d87d646646960d0ba14b7db346285e5e4c260575fd1d0755a5c65bcdd3694a0bd8b899e57c1c1e7d51cea07ddb5480267f43a47f2976f9eac6f782a8e3c35b406fff1a4f41073a2c5365ed8106a9a28066ae6917984367fc91123a2d0120"}]}}, @NL80211_ATTR_FRAME={0x14, 0x33, @ctrl_frame=@pspoll={{}, @random=0x7, @random="aacffbea09d7"}}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x38c}, 0x1, 0x0, 0x0, 0x10}, 0x1)
getcwd(&(0x7f0000000840)=""/29, 0x1d)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x40010, 0xffffffffffffffff, 0xf36e6000)
r6 = syz_open_dev$vbi(&(0x7f0000000880), 0x3, 0x2)
ioctl$KVM_SET_TSC_KHZ(r3, 0xaea2, 0x401)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x1000001, 0x10, r3, 0x3cf14000)
getcwd(&(0x7f00000008c0)=""/148, 0x94)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3800008, 0x80010, r0, 0x20a09000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={<r7=>0xffffffffffffffff})
r8 = accept4$inet(r3, &(0x7f00000009c0)={0x2, 0x0, @initdev}, &(0x7f0000000a00)=0x10, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r8, 0x0, 0x484, &(0x7f0000000a40)=""/75, &(0x7f0000000ac0)=0x4b)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r3, 0x4068aea3, &(0x7f0000000b00)={0xdb, 0x0, 0x3})
r9 = socket$unix(0x1, 0x2, 0x0)
r10 = getpid()
sendmsg$unix(r9, &(0x7f0000005100)={0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000b80)="9cba4e3695bccf9455fbc2b4d3fa6925f23275ea6d17b7d4783de6e6b4286fe8fea82a6afd0e7a31fa9ba4ca6f4ed12da0b5b3faf6729d11b47f6984b52ffdb2ff4beaa983ff9ed14e1c4b17118380fb4d85346a9640195de8cf6394fbca4064e75c106808a93b713606ed4d51aad3050ee45d367c7d189e013ee3893e60942e2d69da93ae7fb8ce6972e151c7ee1bd9c256c8eb7272234cb71011dc99e500dadbee225e4756f47a42e8abeda2bcd375f8d9a10d92463a860168aa40ec69414f8e0f", 0xc2}], 0x1, &(0x7f0000005000)=[@cred={{0x1c, 0x1, 0x2, {r10, 0xee00}}}, @rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [r7, 0xffffffffffffffff, r0, r9, r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, r3, r9, r6]}}, @cred={{0x1c}}], 0xf8, 0x40}, 0x8005)

2m31.364689754s ago: executing program 0 (id=160):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x2, 0x0}, @generic={0x66, 0x0, 0x8, 0x0, 0xffffff7f}, @initr0, @exit, @printk={@li, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)

2m30.371182444s ago: executing program 0 (id=163):
socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
close(0xffffffffffffffff)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000000c0)=0x5)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000000)=0xffffffff)
ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x104)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x7, 0x200006, 0x4, 0x6, 0x9, r1})
connect$inet6(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000e80)={<r6=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r6, 0x1}}, 0x18)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000002c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9c7}, {0xa, 0x4e20, 0x80, @loopback, 0x1}, r6, 0x1}}, 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_80211_inject_frame(&(0x7f0000000240), &(0x7f0000000280)=@data_frame={@msdu=@type11={{0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1}, {0xb}, @broadcast, @device_a, @device_b, {0x6, 0x1}, @broadcast}, @a_msdu}, 0x1e)

2m13.387906476s ago: executing program 34 (id=163):
socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
close(0xffffffffffffffff)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000000c0)=0x5)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000000)=0xffffffff)
ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x104)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x7, 0x200006, 0x4, 0x6, 0x9, r1})
connect$inet6(r0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000e80)={<r6=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, &(0x7f00000000c0)={0x13, 0x10, 0x8, {0x0, r6, 0x1}}, 0x18)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000002c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x9c7}, {0xa, 0x4e20, 0x80, @loopback, 0x1}, r6, 0x1}}, 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_80211_inject_frame(&(0x7f0000000240), &(0x7f0000000280)=@data_frame={@msdu=@type11={{0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1}, {0xb}, @broadcast, @device_a, @device_b, {0x6, 0x1}, @broadcast}, @a_msdu}, 0x1e)

1m12.721342615s ago: executing program 5 (id=258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d0000000400000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
socket$unix(0x1, 0x5, 0x0)
socket$unix(0x1, 0x1, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000080)={0x1f, 0xffff, 0x4}, 0x6)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r5, &(0x7f0000000000)={0x2a, 0x4, 0x0, {0x1, 0xefff, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)

1m11.426999323s ago: executing program 5 (id=260):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000080)={{0x0, 0x0, 0x8}, 'syz1\x00', 0x4})
ioctl$UI_ABS_SETUP(r1, 0x401c5504, &(0x7f0000000000)={0x35, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}})
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x3)
ioctl$UI_DEV_CREATE(r1, 0x5501)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
sendfile(r0, r0, 0x0, 0x40008)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7a2a533839f894e8705c0548c6e73817f0436decd46852e13f3fe16822bb7825ae6c06b988353a3763d91b1f12df216e07048555fbdb0acbe2e8e463dbad44915816b01fbf2d60aa1321e843beb13621b3fd49050b2a6df61a88e1"], 0x50}}, 0x0)
sendmsg$NFT_MSG_GETSET(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x4}}, 0x14}}, 0x44)

1m4.893465575s ago: executing program 5 (id=267):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000340)='gre0\x00')
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', <r4=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r4}, 0x10)
write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000380)='yeah\x00', 0x5)
writev(r5, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)

1m3.040902469s ago: executing program 5 (id=270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r4 = fanotify_init(0x200, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f0000000480)=@filter={'filter\x00', 0x42, 0x4, 0x2c0, 0xffffffff, 0xf8, 0xf8, 0xf8, 0xffffffff, 0xffffffff, 0x228, 0x228, 0x228, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xd0, 0xf8, 0x0, {0x100000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x0, 0x17}}, @common=@unspec=@connmark={{0x30}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@empty, @loopback, 0x0, 0x0, 'batadv_slave_0\x00', 'dvmrp0\x00', {}, {}, 0x84, 0x0, 0x4}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x320)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0) (async)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
r6 = dup2(r4, r3)
readv(r6, &(0x7f0000001400)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1) (async)
readv(r6, &(0x7f0000001400)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @void, @value}, 0x28)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

59.934921078s ago: executing program 5 (id=273):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000"], 0x48)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0xfffffffffbfffffe)
r1 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000000), 0xffffff6a)
sendfile(r1, r2, 0x0, 0xffffffff000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(0xffffffffffffffff, 0x15)
chdir(&(0x7f0000000300)='./file0\x00')
socket$xdp(0x2c, 0x3, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c00000048a6540319e0b58500000000020000000900030073797a32000002000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

53.51184224s ago: executing program 5 (id=282):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xf}, 0x8)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002b0009ef"], 0x14}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
dup(0xffffffffffffffff)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r8, 0x8, 0x1, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000380)}, 0x40)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x406, r2)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r9 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r9, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})

37.829998491s ago: executing program 35 (id=282):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xf}, 0x8)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002b0009ef"], 0x14}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
dup(0xffffffffffffffff)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r8, 0x8, 0x1, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000380)}, 0x40)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x406, r2)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r9 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r9, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})

17.299221563s ago: executing program 3 (id=329):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ptrace$poke(0x4, 0x0, 0x0, 0xce1)
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x26e1, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_TIOCOUTQ(r4, 0x891d, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000100)={0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={0x0})
close(0x3)
ioctl$SIOCSIFHWADDR(r2, 0x8b26, &(0x7f0000000080)={'wlan1\x00', @random="8d0000008000"}) (fail_nth: 4)
syz_emit_ethernet(0x32, &(0x7f0000000740)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb08004500002400004002"], 0x0)

14.938239127s ago: executing program 3 (id=333):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x6, &(0x7f0000000e40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000440), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x84}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f0000000040)={0x1, 0x7f, 0x1f, 0x0, 0x83})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="02c9"], 0x15)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x2, &(0x7f0000000000)=@raw=[@ldst={0x2, 0x3, 0x3, 0xa, 0xb, 0x8e}, @call={0x85, 0x0, 0x0, 0x12}], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001a40)=""/102392, 0x18ff8)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x8000003d)
socket$nl_netfilter(0x10, 0x3, 0xc)
personality(0x1bb2baf3005ac137)

14.820334564s ago: executing program 6 (id=334):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000004c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000600)}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000180), 0x43)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='fsi_master_write\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000906010200000000000000000500ffff0c00078008000940000000050900020073797a3100000000050001000700000071307463ed1fea105d052eb2c20d4e4a7c6e27c208101facdec94c4c14f47539bcc3ca061ab7ed3bccff4cace1387a664dfc296fc9724fa3eb4dc9848098a45e28bcb640d996bba2f2b0af301d1ca71178c770cb5843d30eff0144938f9f94a1853b4ed7cb"], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})

12.976334844s ago: executing program 6 (id=335):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xf}, 0x8)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002b0009ef"], 0x14}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
dup(0xffffffffffffffff)
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup, 0x8, 0x1, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000380)}, 0x40)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x406, r2)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r8 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r8, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})

12.41669415s ago: executing program 3 (id=337):
syz_usb_connect(0x5, 0x215, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x16, 0xe, 0x8, 0xff, 0x2304, 0x23f, 0x409b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x203, 0x1, 0x0, 0x0, 0xc0, 0xc, [{{0x9, 0x4, 0xa0, 0x9, 0x9, 0x69, 0xb1, 0x73, 0x0, [], [{{0x9, 0x5, 0xe, 0x1, 0x400, 0x2, 0x4, 0x7, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x9, 0x7}]}}, {{0x9, 0x5, 0xe, 0x4, 0x40, 0x81, 0x8, 0xe, [@uac_iso={0x7, 0x25, 0x1, 0x1}]}}, {{0x9, 0x5, 0x7, 0x2, 0x40, 0xf, 0x7, 0xc8, [@generic={0x48, 0xf, "5b75a03de35a85d538987bd924bb6888943966d89d44fcf21fa8ec106d5be12e68f4e2fe292857192c5dc38c1947b6b8c97de2489b14138fe08a71c8cd6c65cd0b67256dd41b"}]}}, {{0x9, 0x5, 0x0, 0x8, 0x10, 0x6, 0x2, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0xb7, 0x100}]}}, {{0x9, 0x5, 0x3, 0x10, 0x200, 0xf6, 0xd6, 0x5, [@generic={0x2d, 0xc072d4ad659d46c1, "1fc89d9162c3180321c091171c2520b1600cfdbe688c744a58b49e168f8bb6fd1f5623df145f6b91bfdcdd"}]}}, {{0x9, 0x5, 0x4, 0x10, 0x10, 0x4, 0xf4, 0x9, [@generic={0xf3, 0x23, "555fdc11d908a103ebd75571df92d46fcb4ea7674acd7465cd873e9efba2f92bdb8c438d53f8eedac19e96f1a443e708952c1a98066e5bd30ae991b8865f4bebb914dcbcb58caadc0649678540f0e3a630a7425815f8845ce98b24065549346f417cc80bb1888c255fd87a04951c34320a1c6e1747d1620d49411e88904c0a74e9b145dd982be9e303f4c63cd0fd3d4a670a0e01c2ce1da59a01a44b647834ad96041e5affe0f621f0d8549b644ee5d087aeb2b029a208d63b39fbeecc399a933a44b76b62030eabf2c877cfcd2e2fd62aa08776bd9319307ddb7cfa0b462d371b7d0d5723c0bf4f69a74ffbf6fe919c0f"}]}}, {{0x9, 0x5, 0x11, 0xc, 0x400, 0x7, 0xc8, 0x0, [@generic={0x15, 0x21, "741b987fd2b7a06c9e0a8b6a48d64936eecbeb"}]}}, {{0x9, 0x5, 0x6, 0x8, 0x20, 0xf7, 0x7, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x5}]}}, {{0x9, 0x5, 0xc, 0x10, 0x400, 0x1, 0x8, 0x80, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xe8, 0x8}]}}]}}]}}]}}, 0x0)
syz_usb_connect$cdc_ecm(0x3, 0x65, &(0x7f0000000280)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x53, 0x1, 0x1, 0x7, 0x60, 0x0, [{{0x9, 0x4, 0x0, 0x80, 0x2, 0x2, 0x6, 0x0, 0xef, {{0x8, 0x24, 0x6, 0x0, 0x0, "b4bc9e"}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x5, 0x3ff, 0x800, 0x3}, [@mbim={0xc, 0x24, 0x1b, 0x3, 0x7, 0x3, 0x2, 0x6, 0x7}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x20, 0x9, 0x5, 0x52}}], {{0x9, 0x5, 0x82, 0x2, 0x20, 0x6, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x4, 0x4, 0xc0}}}}}]}}]}}, &(0x7f0000000640)={0xa, &(0x7f0000000000)={0xa, 0x6, 0xbded458b2895771d, 0x81, 0xfa, 0x3, 0x70, 0xb8}, 0x38, &(0x7f0000000300)={0x5, 0xf, 0x38, 0x3, [@ssp_cap={0x1c, 0x10, 0xa, 0x2, 0x4, 0xd, 0xf00, 0x8, [0x3f00, 0x3fcf, 0xc000, 0xf0]}, @ss_container_id={0x14, 0x10, 0x4, 0x7f, "02a2eb34ffebfe85b07c963da28a1aa6"}, @ptm_cap={0x3}]}, 0x5, [{0xf9, &(0x7f0000000340)=@string={0xf9, 0x3, "2759e26f41d9b8572dad99b61cc6ac91156ca80e7bd748f4a766f8b96c4d8b652120a1725fbdaad2d7ed9ca0d8cec423faf97b7a06f7f226aae61486a11d3c747fa2748e9366059dae86868719f8713f2bab663bfc7516483e664a65e95a4ce09fc4d0e0fe25c623ffdccf131d8766f5aed1a216e0ec472d23d1e2238623d853585fe88125e287a98f653ab8eb3e8ade2e46d9f803e0a66417c8d42e2a7998e0a5d0beede53a126a2bd3b173534b3194e2c91137b108b578c1c34faba55a52adb95a0751a28412b1ada8685aa499163fa604e1797d115a8b4cf92c1acbafc66cac8cdb4daf6a105cf0f7b7a6ec4eba9edd8c92c7754173"}}, {0x3e, &(0x7f0000000440)=@string={0x3e, 0x3, "0f5dc346263adcc1d2efd78ba15f0136ff63a11de4d9cd820b0d4b62dc99c0ea90645c2b5ba6a72b81214012ace0fa224b595251aac30d29308f6390"}}, {0x4, &(0x7f0000000480)=@lang_id={0x4, 0x3, 0x457}}, {0x6e, &(0x7f00000004c0)=@string={0x6e, 0x3, "dce6980d31f0a74af5563eac6a6c0ce05980aec3b5f91b3b4225a94c0fca958c3cdfa5b9040d4a3c92d3f47d8c8bef34b536359765dacf2df0259058bd69529c5f0c19caf5a61538bba98e4076ba3b008610f3c3df00405493a1b3aca32b39c573925112c5814696b26eb4f4"}}, {0xdd, &(0x7f0000000540)=@string={0xdd, 0x3, "630d43f0a9a2e1d3f86afbd2d9b09e294a5457e81ef2a318fd96f1d289c5ce2ea0a5c396913a33c5418116911d1b491ab5c219aba61baf8a1a2d83df892cd40bd4b04d0dc42e5c37ed745522dab13d975ab927293ed4ab58304f1f8e0faac112efa05994ec740430ad693664b2f867476c0e5ffefc44ab02e3ad0407a3a893cb3a19cefe269987cfc8a551099f7d8b598a68c2a093e17b4c7e09bd9254b91a2c7e70b2b3bdc51897886ab9d4c34f7c21333806f16293d15809d23a627b72a407132799616b0604a9df5f5a9fad2c619472e0076f53776f05bee9b4"}}]})

9.759185946s ago: executing program 6 (id=338):
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB='6\x00'/11, @ANYRES32, @ANYBLOB="addaced30a01a7fe46005a6cdee85322921644"], 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x80, 0x4b6, 0x401, 0x0, 0x12, 0xfffffff8}}, {0x4}}]}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000034000)=""/102400, 0x19000)
mmap$binder(&(0x7f0000bdf000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x2000004)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newtaction={0xec, 0x30, 0x48b, 0x0, 0x0, {}, [{0xd8, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0xa4, 0x1, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @remote}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x4, 0xffffffffffffffff, 0x4, 0xbbf}, @remote, @broadcast, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0xffffffff, 0x0, 0x1, 0xfffffffa}, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "87fb89", 0x18, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, @private2, {[@dstopts={0x5c, 0x1, '\x00', [@ra={0x5, 0x2, 0x3}, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x76cc5ae9}]}]}}}}}, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r1, 0x0, 0x0, 0x800)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

8.604739716s ago: executing program 6 (id=340):
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB='6\x00'/11, @ANYRES32, @ANYBLOB="addaced30a01a7fe46005a6cdee85322921644"], 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x80, 0x4b6, 0x401, 0x0, 0x12, 0xfffffff8}}, {0x4}}]}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000034000)=""/102400, 0x19000)
mmap$binder(&(0x7f0000bdf000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x2000004)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newtaction={0xec, 0x30, 0x48b, 0x0, 0x0, {}, [{0xd8, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0xa4, 0x1, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @remote}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x4, 0xffffffffffffffff, 0x4, 0xbbf}, @remote, @broadcast, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0xffffffff, 0x0, 0x1, 0xfffffffa}, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "87fb89", 0x18, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, @private2, {[@dstopts={0x5c, 0x1, '\x00', [@ra={0x5, 0x2, 0x3}, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x76cc5ae9}]}]}}}}}, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

8.4598184s ago: executing program 3 (id=342):
add_key(0x0, &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth1_to_bond\x00'})
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000f08000140000000140900010073797a30000000000900020073797a320000"], 0x78}}, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

5.752254219s ago: executing program 4 (id=343):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000004c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000140)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f0000000600)}, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000180), 0x43)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='fsi_master_write\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0xfffd}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x4c}}, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r6, 0x114, 0x8, &(0x7f00000008c0), 0x4)
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="340000000906010200000000000000000500ffff0c00078008000940000000050900020073797a3100000000050001000700000071307463ed1fea105d052eb2c20d4e4a7c6e27c208101facdec94c4c14f47539bcc3ca061ab7ed3bccff4cace1387a664dfc296fc9724fa3eb4dc9848098a45e28bcb640d996bba2f2b0af301d1ca71178c770cb5843d30eff0144938f9f94a1853b4ed7cb"], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})

5.573723839s ago: executing program 3 (id=344):
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff93)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.787967563s ago: executing program 4 (id=345):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f00000005c0)=@filter={'filter\x00', 0x42, 0x4, 0x260, 0xffffffff, 0x98, 0x0, 0x158, 0xffffffff, 0xffffffff, 0x1f0, 0x1f0, 0x1f0, 0xffffffff, 0x4, 0x0, {[{{@ip={@local, @loopback, 0x0, 0x0, 'veth0_to_bridge\x00', 'veth1_to_bond\x00', {}, {}, 0x6, 0x0, 0x20}, 0x0, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'veth1_to_bond\x00', 'netpci0\x00'}, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x3915, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0x10, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x2d, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="660aedffffff180000e272d2615c7a4b6ea7a0b8008ab100ea0000009500000000000000000000000000000000000000000000000000b180affc1908da03f8eaf782646f4a05f8799c2f1208be8887735cbd92c5fbf04e39500d1f4ead9d727701ae1ad1aed4f7184f010000000bc00003d5c7ac0f959ac7073af678922ded2f70dc7528305dbd685ddf9ea327e15963022522624ff033cfaab24326d06a90282862ae175f07e21feef87756b5668879a008f41cc5816206326a22ad0af99aaf0d092e46aa66a8"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

3.589808806s ago: executing program 3 (id=346):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = syz_io_uring_setup(0x3b, &(0x7f0000000880)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="10"], 0x10}, 0x0, 0xe3d08660d7cd4e04})
r4 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r5 = creat(&(0x7f0000000200)='./bus\x00', 0x84)
write$FUSE_NOTIFY_STORE(r4, &(0x7f00000004c0)=ANY=[@ANYRESOCT=r3, @ANYRES32=r4], 0x2b)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000025c0)={0x11, 0x8, &(0x7f0000002680)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c", @ANYRESHEX=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = syz_open_dev$radio(0x0, 0x3, 0x2)
r8 = dup(0xffffffffffffffff)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd74)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYRESOCT=r7, @ANYRES32=r10, @ANYRESHEX=r9, @ANYRES16=r6, @ANYRES64=r1, @ANYRES16], 0x30}}, 0x800)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000400)=@IORING_OP_SENDMSG={0x9, 0x29, 0x0, r5, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@can, 0x80, &(0x7f0000000200)=[{&(0x7f0000000580)="51915018c478dec66826478a18ccf587425e26d66d66aaf257a5fac4d2967a1091667b31d2d7672a0a6b96a603bbdb569fda2fa78b7ed807a72dfd182fbdb190d5fe4241ddb5d9cc9edff30fc701b73210f6c5dfb6fc30e133b98db979937890fdf4593082107dc0acb2295bfabc4030124fdc769b3f9411816e127f46e0d4f8b0bac2f798f44225fd6d0816454a5e2ace0a75469c806b017433f5fff489690dc105368b1f7688d7724c25b569a49d4536b0030a04596113ff8ec912e83bd8b31a559f7b731529628fa0ce4a23eafa4dbdb042243973a2a195c8520beea5bc6b8606a4113c1518e705e59420d18b350dbacef356589dfd7cd4dc8cf6fe0a25e7b4886f8c3f20b04c2c3281e48b02bfe1584ae9de3015089df6638dc59b6b32120ba650323ef5d422e0c5caf366562b5cc27662b3285c72466087cc90cd45414654da799e81e2c06022589e685a442c1bc42043854797a351e4a1002f200103a4225af01dbe9f439d540f2456dbfb10cd315f503c2f5552decf5df3c460a2fe66d87e155f601ecaa0928f0b737e9625cf2d55681306d1f649e86316f7905943af359552ff0cc7a5d7128e03dec9efb03ab418911e28ed0f02f198b0611e30088dde8a1c9c3ef26499a78e677610c901b1721348797470cfe7510f8c04ff35fb3be5a0f999f3068330676345b5e4d781451e2db700ddeedb4396054d371a95802b158107058c7b1d7c3d61ab9229ab2cd41c23e896f4bce813366e8157c519a912d10946bf1708617c55a854fa3bae42ab522262a0089a821c39aac3615de5e93ecbd9d45f22fbb222646e7a65faf57a9c3499c06e7df4d60421bf958e37480e7dac143907fe255e0b772b2c18fc1689450249305e8469919a424ed3f6ec560ca134ad912314967f5d496504f67f3bf99d410825a0dd392672ce8fa83a302f26fbce709646c9df9e9429dc73def8488c54a5fa7408fb3da8d8919f477d72427fad2e0e49142ea5aebbb41bf4aa1e5e611addba01b7dbd304e508ba0eae56e5c2b26b340be16db795cd545926d24f5d5fc9465ae795195f07f8635c633a3e4de4424b54b8d67666c54e90bcbab6dcb8dab7db198c0c5eee8e1d0a077494ce015e462abc9f5bac1d1e77b305b8a441bf6667c2132d8032b9aaf645a7b3439ff819c9b2f7349eb520818701cecb95ed92f2a30dbf2f2dfc207786fff164786f20dc2e25a326008e2d400237a2a42190f72a66c795f26a1c06c3556f05f0c8832f2894eb527b6e53588b72600d413a4d18b3cf179660ba7f87dddfe415f6d23bc1824e78bba7a6839d9948ca6cf8027e5c4bea1b11f6dddd6c318236290c93e0fbecafae961833a83edafce8b5f523788210b10d7f4a786a81847d19a7df544d1cc53999f21a62d6a6739675132e8d447cb4ef08d44811b263017e316b50b62c920d955f9859f35dbf371a86673b2c29ee87995bdd73e1c48668b7e6401dd8e7e446b942f7b5caffc28836ac727e845ed0b3d05a733514cc7c0570874009b8d93dfb4b08bbad2186b5ea125a8b5d971b203d38f669f7118c9064188c4f05e62b6dbd082514c4bca81a9cb5e8ab838d249bf5f9520d3a1bbc77407770b8fa693a3a09fc6f0d5509727e8318fdc4ff2c77c6da7bb74ef38308d675c51d236f9f2036567ea8ecf683b532a9414d5e7af0c7b55eb6e7382a249b59a1bb0860fb304b8ddaf7ff5518f4033c78a9ad634108aa6941eef8def49c9c39d91d4bbbabe2798523445f9fa25f0feadecde31e9d5f9046ba0742be93f79bfc1842251e4e5fbd6a7782609e1a11f150f82a5aa44949feb8e7b390d3a155300698c8b9cee5ae6fa99cb6a7a4f1a28773421cd2dbeb3c3749ff237343af919d03a890f1ba21d46920821e056554a3cc614959c9ad135816390742a6ef51c7818eae4e6fbdc59ce50063888daf406e7852dff4d44706e19e05259921b22022ab3737a7bd5c3f518f82e21fb6f269e639dbeef47c295c3c28a1a2cc109d8d87c31d74c8c0b0089f24918f8d73ebeca8a48a5d7793e8b85c3112da633dd81af3a32db9a933b2d7ea11a4e4835a0e39b951dc5cd95eac818c2776f4a18df1bf35fac691e8ae9e2cc537d3fe2d41744d48f528ac392a8df6f9fa2c543bdac05922e6eccac3e3d9f0d920139432c2e96517953544e3ae1e20ccbb08559393567cf87e23d22f5367382a45ea689549a80749940a03807daff15e307f5baa35f21c5c240bf05cc4b22f3859fd8298168da5853711991ea41f4865511d0f8af24d760606cee07ac41a633feb23cf66da00e2af87b8a834b5abeaef8b6d99be65009004f5e009c535f220eec6e5bf6790d77c1fe5336ee31a3be09d2142533c92ec0735623e4b763586e1367924edaa88bdbf143dae2fcf531e4823bf62c985f66bfd793908a3eac699cee4caef1b00780195c20d40e3a154b740fb86069e37919429f5309253cc915815bbc6317263afe2fb32b37edf8eacadcba38b124eb57b34f7551e6aedca5d9a2c162f50abfc28d1430f54902e18225ec9b88e7fca7c6bec0d007037f04c43aa4e6c5a960054e8ac4a7f34f7cc80929570e39386d960733d45a3826d274e3c29916be354c3ba49d7522b4603d9d37a6211c07f1304c557aa8541824f53bf3cf27e05d0c89f70290d5e6856fef83b1f0e6362f8d2d65f3a7b5613b51f8062039b5959992724416257a3177737fddca0202f5837c60932aa3f681a238ec35f9e3b0f4abda46158a2e68fd497ab97152348def77080669499da8540a3ebfc9f8c19ba2e2323ea563537da75cb18fd7831cc7a6deaef883db2982440fa45e8a0fe9308cf7e6825542afb7a62d11f87cff6ee943e5d68fd83013d6abe4f2846a03fb44cef341a9fc2a168dc9ce07be181b216f75e2909b4e8d542c4e73d0e3961caf948db5d7302248aa4a65fddcc104ef9c43676e24e388d46a7e14546c5df7a1ebe5ba7b691b31ad4c0853acc2fa752dc33228b9837909e7aa2f9381810c6bcac6b3b32d31446c7afbcc11b77c63202dd5dbf3a0d255c33c6a605dd8b282d4ca25838a84d60681f0841c4ea1eb8a0fd11f5f989d9f4d259337fb3c7226893c18ed0588855ba5f1fc050c5a02bbdac687ee6a06167cd2f54a519ec95a277265c2f8788ca1b3fe741947c890cf84c20b24a7709459bbde15057c53bcf56d4de326a52bb4152a95618152eb80a73682802dbdf312a12d1a5b7403131dda01d95bc55d8240e634a138641c051a76c7ff79abe88d80c52fea0962e9ee116a48466a81a81fac14d45092cea6a05d12720af8d180af5cee1fbab94b9b49ad6f13099a2a70e80fda755b2e77041da95c325548b28e962e6ba05472f4fcc16a4a5baf904ed094a51dc4334b96fbeb24ec94628e81a7624cab19d90b1b4bcbd3253671375ac2cc919d00e7a44df102539d458a8c0e2123bcc2e26c1db5d4ee547584607dd27a260dcde9cae1b3185abf9cbfb3c0e23a090d79b5a7fb6ca469247ef7f7ce95afceb712a073d5961048143949ab3456b92ea809df19f21bcea8f3f2c78ae244da3d1a26dbffe44a7fbddb30654b17f5299aaf2075bdb01587d49dc9837c7c73deb29eecf7429479ed006c8893832b90534cf958ec9deac60c601f593691e84b378b6fc303c55d6cd0814ad2ea1fc977595efe4b1d582bbc50faa001610c1ae2121da74370750d58f34166cf6790090903b4ddd66a5d9b324dbff29be09c5934075d997015ac7e8972c68f720863bac1ae467745b902c09fb34a6ef5c02a7f2e26352813db4c11b565a1c9aff63b60c3ae2a2ac67089cc0ecc1566bfeb3d2c77f3dbaf15ee241959ce389b177ff98e411492ef9136f3b29be2bbec30a91b8e9795fd263ebe2222e738b61090e22815a461936f997863a03ff67e10d6bc2e7559ea33a37e00511a86281d5adf8cc76c019462daa963f1931c45ac3001b9a153f4fab2100ac677b9c511d1e7599459f46adde4c91bcffc8cf618b65a840af9462418dffebd4760a7329ead2f941b41b68fbbcbe52b9128cac9b09d86b820cd366e930d7418d08ee97ea7d1a1e683f129c8d524cec45ddbf9107c011b7898b355668b449b028792c1a7476836ca9b5a4841c19812b95a2f1f68779420d7b862e562e14a6b4b965bc17740105cd100c90bffdd731337de9487ad0f0300ecb98065d1bbae04a0219ef0c01c7571991533ffab1e12375f6a6119062b3872e6c710386ed5b9b0a3d4828abe8717a870a3379d25f9d2984017c93d6eb31bdb57121982e861032070811cb1a1425a0b6651482c967d970695da1e16ff748c92df4ffaa9d637a230b47455b4ab76f548efc57a839e0e082bd5b2c1d45e3e4640df4152efa42994f7699fa582ad3e2cefa43f3f5fff42b0d9ddd7497c75eb829fe72efd8690bcd5e2b11b85634a779bcdfbf338c26009422df9d69094615335ab35630065088b7411b616f255d610d899aefbc453a8b384ad87907258ce0766b16d5c73957fcd215b268ea78befe9b2671ae781ea3ec1df858893c2181271f021cddd1bab2e0d74b693bcebed8aee65d2687cb289699689846efdbcd14e801f0152357e77f6f8a7825cfbe8ea9bdcbaba7b5a81d1d6a54cff79a6a5124df8e60d68ab1265b36b21f6738c298ea3007cbbc19272ed21129bd9a0fa4d2b8db6a909f6a38dc010622cace4b9e377e5280fa412c8ce4bce79173377a826e1a7675335e1fb4402198b2446ea07d5b90d044ed7230767075137993e7fdd3fd5891b5f03abc2b4993a32f62eea3ee1dfa49346621cbe9b0f1af3877f56a2aea1b8f6b79d879d573dcd12294cf4619055b6333a8f3f8f676b42ed548fd1b2a3e86e8c7b6c94a841e86c88b231f4f847b4e76b36fadcaf1303514bb24cfc4f59714c8d607a87d82de08d4c35f856077d30bff413d6a5cf06e48042cc49146fa5fc698c09ee6b2bc22914be319c1bf1bf5428b6b6d9acac7db0399f1b60ec7c1b41622ffd8262de4fe4b311109895c5682c626e55c71e31b71233367e59c50813d68db611697551f854a8df173bfb3ffb1d47f328422f2a9338de32a97c1745d2f9a31daaf66b23012d117839cb17fa32d578bf0fd3d919987a0bfc13645eb345346c18efa5e94c8a5f78546809bf8c8ee127d326c564f3ff4b16c1398bf90845e144212615a217686136cd344be3ac675a18ae3f97530210e53bc54e0f0fc635ee83fc7419d0927f0b94e7e4ce1f773541269b7c2fabd3f8413b2d5280093e64bda07a0b1e29da35a3b0272e636871b2a3f8d84b5c6db0aa9df9cf7a2fdef6abee93f59f5949b6340f600464825016c58c1d4225a8ea3f8f7adc995bc93c8e5a8d6b8f7824361041ed8d6aea41ff8407fb3b24870879f4c88ea692a6993c57dd8a9e528013a429ecd52fb7fd1216a0f59ec4f38889d637eb51fb22637629b811499d57047a779d929a3185b4f677f0306ec65dc81640ecf4d7d26e77a361bd1c70de5ebc688eeb8f5bd52de296f08831e844e8d4a1386c29bb62042e08f3fcb80c97d0ed1d68e2b41fbd337e2e45ec803b0943d538ee705326ea5df0abf41a9e0eb17bd42192a7143a70501c3806d57f42f2d2d397213799c0432e26549b5f5cce6c85af17f2506d3284214c4cbefb1e1950e6ec17dcb4d950a747a6851617236b9aa075d2f9b4ee67a0131c6e816f4c5211de84ced8a12186fcb4944634f40f241898aeba413c27fbf39ecb40b1743341e8928a44d34913a3393fa7e68158f544889b9f0ee0a7d545caec8b0c90b9989d7", 0x1000}, {&(0x7f00000000c0)="5e2ab0e6d27fbf11171bcad5f2adee1f3b5a850f0002cce7f67e91c39f04430a126f54ddc295cf691728331a28eb3e03af480d1b7f8e2f71d78d9d97edf2425ca9a360db2925387b79f046ecf9e66525a0320c0c29a79302948ff19f00fc0130c480c1b824256af857418e62348a44a306befad64af2419089626f006bdc14fad4b2b21203693c46aeb4c19eb6be278cce3a", 0x92}, {&(0x7f0000000180)="4ab37d5e12a308491834b040be19b7403cdbd454504dc524a86fc9e3f3526001ddb9", 0x22}, {&(0x7f00000001c0)="d613c09ca37d8d50aaa1a2cee121c34c75dd05e85f8555", 0x17}, {&(0x7f00000002c0)="66ed172b3cd7a4525cf84b84a9e497d5319561ed48f2631d3bbe3b0a41f08fcd3da6793106833fcfe2cc3f7fccf8b35cf05350c59f33c983c930e0b72ec16ba7e718c8e51284738ca914077cc2335233d895be5fafdc26677b9686876c178e2db37139ee6257a8e6cc705cc6a2fbd1f885a9f8c2365565477d15f47c9f4871b2d6a8f659e6894a333c316e02881ee72bbf4fdff69d15a38a757044a9a99eaa64d18075d2785b477ac8110ca8b2d60b78fc326d77ac5b2a7ce657a29de98ca86f65e292ab4f32d245ed4309", 0xcb}], 0x5}, 0x0, 0x20044800, 0x0, {0x0, r10}})
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001580)=ANY=[@ANYBLOB="48000000100001002bbd7000fddbdf2500000000", @ANYBLOB="bd2de3e2c22b9451bce397a2125287854eced14ca164ce6e242b574a3c0c9f11357b7d1d2b561ecd513520ae6d25d6b4adcafed8dd86c77d724b6a42f9d0b5d40c95e85cf6eeae12f7ec4273fd1be1d19a62067857cbd4fe8fb48906bb671ccc5de22005ed27fe4fffb5d9e7600ab2b04a05995054289be1a67b5fb0a5fad1ebec6cd9f9b323b38129514cbc67045d99519ec98dcee5d98e50f617be680323431703fd4017203189f8fd59a4cf2b2b404b632af40588da539bef0c9f5c864f0f3075033a7006edb54b7f831d3021c527ac5d72242e7c1468c0d8486ff0324bec8571272349c49a389d790f63e287c0f5472599f0eddf1e2a51d8a83dadefe783d85e9f60fa5012068b935f979d6deb0377db5021c19cd45285b46d36eed44accbec875ed658ee8ff915b81d2229b7babf0efc8e605c09444863b48424ccead29d600f2626dcbc7e93e23aa0d0a97c82f4c0fec93e6d17e29cab636368e749fcce6e7ff2ce4539de851acbcc514d95d20bd2b5c611f70cf46c50fcd47157e814693aa1dd3f3f7134aa89e4144787451719ff0d3777a4fb3748d1ddf05e4ea5a508053465d634d2fa79a1d5282f0de70220567aaec8cfb8fc3ce105973a29ed6e306409c7792b3ba8e52fedfabff934b55c243746cf482a9661140e578008b79078d92090dafded24411ccb919cc4599f733eb63825be63ca5ccf15ead7fa27501ff3d4fe73bd3e0cbdbdcf704f840c3e484d91d5f6fc1198281b4e22180108042a48ad30a7c0fb042a24f3b87fd5997f94f8baf8f6c90047f6e58553b6d5caede70c6284a5680bd1359028f3ca903b6559a77321e4d25ba90b240eee14d1060865d2ff2aebe7a233b0d6158498815f9ed9bb734a091b2c1c213a9f7f9d1b3eb929b3b4988b73d3e207be6bd3a6cec322e119183fa59ba74869512e13a142d495d06874cca662862aa60cf90dc20c6bbf4b287cb9e2838f6675b23230eea0dabce04266d97138b4b8e79a7f7b97e554e20e8a091f09f2e94600ab2af84a6d17f37c19c3c278fa803d3b85efc4d7d5d24caa5561fd8f3896d233b288a211cef89b0fa302c7aa28d7034a225952dd9aae2c0652a31546f15267cbae87b538a4750f35a88148e655d77640204d1124345372da017ae01869177711aeabf2bb949451d6b76aef85307c8a2f97dbc38c32e51f5040ab7152974aa0eeb02403d2b91868eb33ad72d6e602b452412d78c4f3913d862ae50b34b93cda8ef7b97461dd3e2b7b510a5992f7ab2531d947b1a954d5edb8164224f494c82c45bc42809081a15092f04f4f0c621a3b3a94020ebd2dd5d956df31a329ce4522d6197061e51c092a1dcb2b4b0f1c620481418e837e7472d69fa60878c08e3d1109d46ef0d37ff9be1cb067384e7b3793dff4bf627f9f8421e279514b677421d91f09763e137d7ada51eecb38325223007408eab7bff8d128e18a51db87632513f45fc9938cbaf8de90001a1c4072aa4797b9a937be7d59c1237cff408100fc388a4e77dd19ebc4dc4bfaa245ee058d5883ed4038c7152407808cff80adf8fac9594572a3bda3830513353f1f2e8093f86ebe307387eee760b67d09a47ef88e2adfa0733579cd07bb86335b8cdc3fcd56ff82a0295a0b5cc3142659f112934f920ab73d0e977432bcfa1aaae78cf065fdcc7eb00d20dbf6fb0806122421680b256f397216efb3363bbc55fa1d9adc01f608eb9e08e344aae2e5910534663b38834f20c11baebd2d9c9a444e93fca47044df65a815cf96a2ead734e00cd3f5c390e4fe0860a55425549a5745f7adfda807d61817484a7f2cb602dea8adcbc1c8a8c2b649c9688aa5c16b4853d3144c1c0cae73cb5178d19d0768992f141f29c8bae2b2a1f3a4c660d5eae73f784b114e27be6a135fb2fc387f21bdf8217e74e7c11b1c9f5207cfa033ba9344a9b9750c44fbb298503e5bdf9957b64a761080f86fa6e66369280cee2d1937b5f00a466ece4b2cb19779dd4fd1bcf11373f5e3b6df059b756bcdee5d238a7f15ef319f2d6f39d67ab9318c9392fda58bfd7ed7a154bde07292b63934e23eb588f91a242c6d768ca2471a70e0bc6691613ed6c7a690edb2600fd611602643efea982c01506a6c86d26a6074aad5b2dc693328b4c0c60111f648a760f745eb1683fc6efe20fe24f70cb58e7b2d8c33dbfa7fb5e32074e1567a0c5443a94a713e19a7ca3dd659ea4139c84ddb61356773c12461415d25d11d64aed1729fb9b7cfd17d9f46cd98afa215219328f8435f3c32a6ec7cea6d3134a826cd2dd69a5dfcf62a83a1855bc9f5d45f5ae8e881be0c6edc0cde88f094c556250b373a6f9961c29af8bac89019502e11e671ce019a08884700f68ef91cc2f9db833ea99bdc6f46f189834c4acc45d43c80e1e5edb07a0fb3d83c6876a4bc8a385cc481a6c83cb4ba8e12d00002ee640a71ad99eb5f485a07e1984efc0de9c22c14223c66efc22e4d7e941e96139ddbba0b22e4745c9de10d3b6ba36b21998579dea331a4f05dc3e6239eb28d34b11f17149e6bff4c0d3aa5547a239037a71dfc78b4b6d9d23df9954bb7d929608f5f5d40ff268edb86627fe2f2c1157abb6ce8757b77fb89b607bdc8d1862c8b89232435846d76eea7ccb56352d7b296b812ca75c88d82aaa533d0a49b54c075587ce2a5f9d3d969069ac1ec4c4a480203cf3cda00ba53da01df731818db37646016def6a83e92f8c885e1c4c165bb42bb43c2e84757b8f8d970c3685f1e4d632012bcd7bbaddb49c480b576614467575b97ebfc2125a070f513b938e47154294d0cc8942c5de95d12b2c53b868276e676578c075fdab3231538545e40569a18cf813bf953f3e968034614212573143198f9999868567ef3627d22ac58dadd319c52c70662363f4a8c5b42bdc4e3707db753d54059709aa4d4f644c980e79a2cd9ee286d59712d7b336cc05cf248c6dbc08f357ea1256a7ec61e8e81436d2d9c5d15dd5d20512ad7e2e930728997874e71c1ca952cca588d62943ba394510ca9a37d91459344b15ea514e9b3c5104616ff54c1365f44550782be64ffc29634894bcc1d184b4621c79b2630b4653ebc44d90ef8419651e662da361528825a155d67dce6fbd09aa6e52b706d3042bc5f720b56efdaae460bc84fef0466fbcd0e6d3baaf2d4e4b2d3acefd11097b1d506197f6217ffce9bf75b2fadab8ff4269bd714983e0dd56174bbbb6c394add39635d12ab047aa2ffd058af04cfa77d604f5a15d57a8b8e5606e8f326555f04cf7f99cbc4af9b9818fe6c0f36e9658dd4f65ed1c1c582ea44dfd2fedcd7dd187cf573ff06025a99c060ef9970db646b886c54b78a8a68632572086fd349fa24ae8ec721c6f4708ec54188abc90ccf2516dc486d88e669012c1655c807f8b5d73488b3b79fe6560c7d26ef483a60a19cfe70c5765ca5c06cee2fdb7a029157b0d800efe62441888046cfd7df58ff124a91ca4567fd447cbf0d308e3f8fa9780034f0dd603252af7963354c190c24f8851331a7fefdfce9be77bf026301db50a133cf122c7884f38f388ce58c52e93972f94976304e68b02e6184cfd101626cf5af79572ae77085558e6a4e3c7ec498692a9c837fcf72b0188e4994d9647b30ebe4c79af1f1c1aba12ec70c0cbc5f39c068f8cc969468dbf97166011ed4727fe804cb6cb66dc9256d9d67f51b533b2833b295b4f52aff564e83386435bda1f0d78fc9f55e4112f2bed218e475827fa2d501e02b19f8cd66a6ce1fdde3ee86d1b29584839c32d93fd99bd0fb4c1cd1799d61515291effd4fc729e86a5c188762fa53da3144abcb46e5c75ce5fa0883d4c4ee745e05b37161e9bb1ea2b11fcb88a9c1e04c1732926147079aa3226b233dc90cde944b0177e5e43ac1ea6102bfea18cb2a20fcc0245c2e038f31b0c7f1ade6d5cd1aee4980c039a100281bbd175e683f3e127538900f0214c45ef5f639e4c70b0cd13401e341100c6395ce99bf1744b8aca7ea6faa110614468983edcb66fdea41f345e4d6b65e74dbb6dd2d44110ed682783ebe942767f0cc95aeca54769673dbd004e46bae96d2591361549e0861971fb86ff995a2562edbd768f5552f5116e9dfcad8dca148c5cb1c0acad17462449bbbffc994557f952a1f14cd4414a6a8f4665561c5c374b97edfd823e9f9e682e54058a43a9710281981db377cf2fb56a881bbdf143e7c67cfccb943f2b88343a5a624fa2400373b33ba7bcddef09f861a4dd4fd9b939d6d6d52ab1b10fa6241b09624315784630b2a1a14d1a45ce88980a07da280813a5deef944522fb275f7c5b33f2fc201170978df710acf51f03274a60fb9b55f0c42a2f3eeaf6e3a29b7d87d1386a16cb455588c91e392342a86509b95d7495898b526b98b5f3e7caacd0c7e6bcae855eeeb6a5809c656c70a584cc2c6976ec298fcb0ada711374a160fdb06c77569c12d0110859235ed0722fe2a8f77d2b9be209fb3b54be426310418b1dbd19c747dd01fc1d7c859f4a1dd6b11324058a58dd6e59648e3873d2c296215aac41e972350ecae8a23034c2dac8c47da7b57fa891a489c4f4f8d384482b54c06d2dec1c310854c454f28e6d7ca636ebfaef250dace470927a902af91961419b680ae2d753f6e58b96f8c84be6bc3a4527621712ebe5b658622ac349ea0b2cad54c48f976589733e901c826f490fa45cb66b091bbbc35ac29ff3c837923e07e8be8a22afc66a6e5c56f01ed3746f85c237e9b7c8597763fb98f51ddab0f54a75d5bca23776c27f6d7818d0d255277d7eab7ec9b21f6ef0376052124cef6386ab1fb56a671d75d5bb693d0f60e5522e10f08aac679cd9096ef1f414d31bfcfa604ff11f3bfd277293793175b242b461bf7c0a842d2f2abc6aef51c7b03786fd34ff0d4701d7e937b450347fdc3a005421a9f3fcd3df5aa000fdec11badc4cc34a7d410fa50a7f6200544a4bc996b6c8516dfaf800a98db91470020ad591c561f5e893357d06ff8561de4ed27463a9a8a6f285661a23eae3e20dd59867b3141040cf6b0b88156c7ed40bd9faf2fe5593476a4607765de2853fd2cf480aa3836a06ab59ac0c8e6fff027f7ce3d12ff4e2e43798435b869c3f990d0800c5f88f79e7064d61fdf90c180549b33beb6249ff514ffdc5b6dc55b213b29b13f731d182b071a89fda22b7fce7470d48314f16aee7a7ba0b5b2b38a513a56020b1fb63daff495aa077adf261d38c2a18577b8106b4bec487a9c74f920a496d183f5e137c477c2a8fe31be6cf3d0654bd3755bb52299d75fa7090a3f3122564a9213d37b0c098ff8f0ea3f162fa235cbc83eabef4bac8a9dcf2ae05bab6be97ad5c0a22d4856b3442d502a6aa369a0f4d28ab42d986fa72eb12eb6063149a5221940b850354e8dbf79c29eed385134297722f7792b7f64f149d2d9e3172cdde5e421d531500755762387eb1a6da32613dc4b1d96f64f6d16659f0ff017992a976fd33708f4bef1a7097516b28d691d553e78132d5a14a1d5f4ce3b0647a300cfd25f68ef65416de942b3f50934230350a5c07d52d391c7ac35a9d7c7a9bdb1045db6f57fe6c71c96ad1c59a94fc04c3339421802612e80023faee11edfac9a905c94dc6f7db7061fcfd6b46bd0b22193f6d67db9127c646ddaf510b1d308f18a1ad9adb6771df08dd07e6665e5d4f35c48f746b48a04a45672ce7ac5f54ef382fd880e51f44ace7e5d919219934e73349f0116ce15090f0627200be109a8761c084aea877d8934273c3fc2314b4", @ANYBLOB="24050400000000001400030076657468315f766c616e00000000000014001680100001"], 0x48}, 0x1, 0x0, 0x0, 0x40008d4}, 0x40000)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000000d240f010000000c000000000006241a0000000905810340000000000904010000020d00000904010102020d0000090582024000000000090503020002", @ANYRESHEX], 0x0)
syz_usb_control_io$cdc_ncm(r12, 0x0, 0x0)
r13 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
write$binfmt_elf32(r13, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69)
close(r13)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r12, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r12, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x20, 0x80, 0x1c, {0x10, 0xc, 0xe, 0x6, 0x10, 0x10, 0x0, 0x41000, 0x10, 0x10, 0x6, 0x10}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r12, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r12, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$cdc_ncm(r12, 0x0, 0x0)
sendmsg$nl_generic(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYRESHEX=r9], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000440), r11)

3.471300432s ago: executing program 4 (id=347):
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYBLOB='6\x00'/11, @ANYRES32, @ANYBLOB="addaced30a01a7fe46005a6cdee85322921644"], 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x80, 0x4b6, 0x401, 0x0, 0x12, 0xfffffff8}}, {0x4}}]}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0), 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000034000)=""/102400, 0x19000)
mmap$binder(&(0x7f0000bdf000/0x1000)=nil, 0x1000, 0x1, 0x11, 0xffffffffffffffff, 0x2000004)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newtaction={0xec, 0x30, 0x48b, 0x0, 0x0, {}, [{0xd8, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0xa4, 0x1, 0x0, 0x0, {{0x8}, {0x7c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @remote}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x3, 0x4, 0xffffffffffffffff, 0x4, 0xbbf}, @remote, @broadcast, 0xff000000}}, @TCA_NAT_PARMS={0x28, 0x1, {{0x7, 0xffffffff, 0x0, 0x1, 0xfffffffa}, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010100, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xec}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "87fb89", 0x18, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfd, 0x0}, @private2, {[@dstopts={0x5c, 0x1, '\x00', [@ra={0x5, 0x2, 0x3}, @padn={0x1, 0x1, [0x0]}, @jumbo={0xc2, 0x4, 0x76cc5ae9}]}]}}}}}, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r1, 0x0, 0x0, 0x800)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

3.470264607s ago: executing program 6 (id=348):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x1a)
r0 = syz_open_pts(0xffffffffffffffff, 0x2b8700)
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040))
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000080)={<r1=>0x0, 0xfff}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000100)={r1, @in={{0x2, 0x4e23, @remote}}, 0x7, 0x2, 0x1, 0x8, 0x0, 0x9, 0xe2}, 0x9c)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f00000001c0)={<r2=>r1, 0x1}, &(0x7f0000000200)=0x8)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000240)={<r4=>r2, 0x4}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000002c0)={0x74, 0x8000, 0x8, 0xd, <r5=>r4}, &(0x7f0000000300)=0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_open_dev$vcsa(&(0x7f0000000380), 0xf, 0x1219c0)
syz_io_uring_setup(0x72e2, &(0x7f00000003c0)={0x0, 0xa6d0, 0x20, 0x1, 0xef, 0x0, r7}, &(0x7f0000000440), &(0x7f0000000480))
setsockopt$inet_sctp_SCTP_CONTEXT(r7, 0x84, 0x11, &(0x7f00000004c0)={r5, 0x10}, 0x8)
fdatasync(r7)
setsockopt$MRT_ADD_VIF(r7, 0x0, 0xca, &(0x7f0000000500)={0x1, 0x1, 0x4, 0x5b630adb, @vifc_lcl_addr=@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
sendmsg$inet(r6, &(0x7f0000000600)={&(0x7f0000000540)={0x2, 0x4e24, @private=0xa010102}, 0x10, &(0x7f0000000580), 0x0, &(0x7f00000005c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x18}, 0x20000000)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000640), &(0x7f0000000680)=0x4)
ioctl$EVIOCGBITSW(r7, 0x80404525, &(0x7f00000006c0)=""/202)
shutdown(r3, 0x1)
ioctl$EVIOCGRAB(r7, 0x40044590, &(0x7f00000007c0)=0x200)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r7, 0x84, 0x22, &(0x7f0000000800)={0x800, 0xa, 0x9, 0x3, r5}, &(0x7f0000000840)=0x10)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r0, 0x4018f514, &(0x7f0000000880)={0x7f, 0x401, 0x1})
syz_open_dev$radio(&(0x7f00000008c0), 0x0, 0x2)
ioctl$EVIOCGBITKEY(r7, 0x80404521, &(0x7f0000000900)=""/117)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000980)='./cgroup.net/syz0\x00', 0x200002, 0x0)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000a00), r7)
sendmsg$IPVS_CMD_ZERO(r7, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x3c, r8, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x101}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_vlan\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x48000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000b00)='mmc_request_start\x00', r7, 0x0, 0x2}, 0x18)
recvmsg$unix(r6, &(0x7f0000000dc0)={&(0x7f0000000b80)=@abs, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000c00)=""/123, 0x7b}], 0x1, &(0x7f0000000cc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}, 0x10022)
recvfrom$inet6(r3, &(0x7f0000000e00)=""/246, 0xf6, 0x40000000, &(0x7f0000000f00)={0xa, 0x4e23, 0x5823a226, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x5}, 0x1c)

2.447846739s ago: executing program 6 (id=349):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xf}, 0x8)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000002b0009ef"], 0x14}}, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup=r8, 0x8, 0x1, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000380)}, 0x40)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
fcntl$dupfd(r7, 0x406, r2)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r9 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r9, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x86c}})

2.404392468s ago: executing program 4 (id=350):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x6)
write$tun(r0, &(0x7f0000000700)={@void, @void, @llc={@llc={0x2, 0xaa, 'Kk', "35b671"}}}, 0x7)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x1, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], &(0x7f0000000500)=[0x2], 0x0, 0x1f}}, 0x3c)
openat$tun(0xffffffffffffff9c, 0x0, 0x60004, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file2\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
ioctl(r3, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0x1bc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, [@tmpl={0x104, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}, {{@in6=@loopback, 0x0, 0x6c}, 0xa}, {{@in=@broadcast, 0x0, 0x32}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x3}, {{@in=@local, 0x0, 0x32}, 0x0, @in=@remote, 0x0, 0x4}]}]}, 0x1bc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000500)={@link_local, @local, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @broadcast}, @timestamp_reply={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}}}}}, 0x0)

1.210303624s ago: executing program 4 (id=351):
add_key(&(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'veth1_to_bond\x00'})
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a50000000060a0b040000000000000000020000002400048020000180070001006374000014000280080002400000000f08000140000000140900010073797a30000000000900020073797a320000"], 0x78}}, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

0s ago: executing program 4 (id=352):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000005, 0x3032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000490000/0x4000)=nil, 0x4000, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x8, &(0x7f0000000080)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x2f, 0x62, 0xa, 0xff00, 0x14}, [@call={0x75}, @exit, @map_fd, @jmp]}, &(0x7f0000000140)='GPL\x00', 0x2, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffe7a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x24, r1, 0x400, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}]}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4004008)

kernel console output (not intermixed with test programs):

 116.307930][ T6097]  dump_stack_lvl+0x189/0x250
[  116.307965][ T6097]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.307993][ T6097]  ? __pfx__printk+0x10/0x10
[  116.308037][ T6097]  should_fail_ex+0x414/0x560
[  116.308082][ T6097]  _copy_to_user+0x31/0xb0
[  116.308109][ T6097]  simple_read_from_buffer+0xe1/0x170
[  116.308144][ T6097]  proc_fail_nth_read+0x1df/0x250
[  116.308167][ T6097]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.308203][ T6097]  ? rw_verify_area+0x258/0x650
[  116.308228][ T6097]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  116.308261][ T6097]  vfs_read+0x1fd/0x980
[  116.308293][ T6097]  ? __pfx___mutex_lock+0x10/0x10
[  116.308313][ T6097]  ? __pfx_vfs_read+0x10/0x10
[  116.308341][ T6097]  ? __fget_files+0x2a/0x420
[  116.308375][ T6097]  ? __fget_files+0x3a0/0x420
[  116.308403][ T6097]  ? __fget_files+0x2a/0x420
[  116.308442][ T6097]  ksys_read+0x145/0x250
[  116.308470][ T6097]  ? __pfx_ksys_read+0x10/0x10
[  116.308501][ T6097]  ? do_syscall_64+0xba/0x210
[  116.308524][ T6097]  do_syscall_64+0xf6/0x210
[  116.308544][ T6097]  ? clear_bhb_loop+0x45/0xa0
[  116.308569][ T6097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.308589][ T6097] RIP: 0033:0x7f7c3798d37c
[  116.308607][ T6097] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  116.308623][ T6097] RSP: 002b:00007f7c387b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  116.308644][ T6097] RAX: ffffffffffffffda RBX: 00007f7c37bb5fa0 RCX: 00007f7c3798d37c
[  116.308657][ T6097] RDX: 000000000000000f RSI: 00007f7c387b40a0 RDI: 0000000000000004
[  116.308669][ T6097] RBP: 00007f7c387b4090 R08: 0000000000000000 R09: 0000000000000000
[  116.308680][ T6097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.308691][ T6097] R13: 0000000000000000 R14: 00007f7c37bb5fa0 R15: 00007fffa5c03848
[  116.308721][ T6097]  </TASK>
[  116.526626][    C0] vkms_vblank_simulate: vblank timer overrun
[  116.549824][ T6100] syz.0.56: attempt to access beyond end of device
[  116.549824][ T6100] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  116.562988][ T6100] FAT-fs (loop0): unable to read boot sector
[  117.423723][ T6065] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.445239][ T6065] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.618322][ T6105] block nbd2: shutting down sockets
[  117.664921][ T6105] block nbd2: NBD_DISCONNECT
[  117.669873][ T6105] block nbd2: Send disconnect failed -22
[  117.680083][ T6105] block nbd2: Send disconnect failed -22
[  117.734839][ T6065] team0: Port device team_slave_0 added
[  117.745854][ T6106] Zero length message leads to an empty skb
[  117.767453][ T5834] Bluetooth: hci5: command tx timeout
[  117.804885][ T6065] team0: Port device team_slave_1 added
[  118.139813][ T6065] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.196302][ T6065] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.296036][ T6114] can: request_module (can-proto-0) failed.
[  118.396923][ T6065] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.476432][ T6065] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.642792][ T6065] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  118.683106][ T5874] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  118.720182][ T6065] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.907410][ T6127] netlink: 'syz.0.63': attribute type 2 has an invalid length.
[  119.494124][ T5874] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  120.013182][ T5834] Bluetooth: hci5: command tx timeout
[  120.356614][    C1] vcan0: j1939_tp_rxtimer: 0xffff888030e2fc00: rx timeout, send abort
[  120.484385][ T5874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  120.507392][ T5874] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  120.719296][ T6138] /dev/loop2: Can't open blockdev
[  120.856791][    C1] vcan0: j1939_tp_rxtimer: 0xffff888023b47800: rx timeout, send abort
[  120.866435][    C1] vcan0: j1939_tp_rxtimer: 0xffff888030e2fc00: abort rx timeout. Force session deactivation
[  120.901720][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  120.919221][ T5874] usb 5-1: SerialNumber: syz
[  121.365104][    C1] vcan0: j1939_tp_rxtimer: 0xffff888023b47800: abort rx timeout. Force session deactivation
[  121.984252][ T5874] usb 5-1: 0:2 : does not exist
[  122.246956][ T5834] Bluetooth: hci5: command tx timeout
[  122.247808][ T5874] usb 5-1: unit 5: unexpected type 0x0b
[  122.382102][ T6146] netlink: 8 bytes leftover after parsing attributes in process `syz.0.66'.
[  122.498850][ T5874] usb 5-1: USB disconnect, device number 3
[  122.505869][ T6142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.66'.
[  122.613832][ T6156] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  122.649932][ T6065] hsr_slave_0: entered promiscuous mode
[  122.714476][ T6065] hsr_slave_1: entered promiscuous mode
[  122.847604][ T6065] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  122.855268][ T6065] Cannot create hsr debugfs directory
[  123.230055][ T5912] udevd[5912]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  123.330993][ T6165] FAULT_INJECTION: forcing a failure.
[  123.330993][ T6165] name failslab, interval 1, probability 0, space 0, times 1
[  123.343944][ T6165] CPU: 0 UID: 0 PID: 6165 Comm: syz.4.69 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  123.343970][ T6165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  123.343983][ T6165] Call Trace:
[  123.343992][ T6165]  <TASK>
[  123.344000][ T6165]  dump_stack_lvl+0x189/0x250
[  123.344043][ T6165]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.344069][ T6165]  ? __pfx__printk+0x10/0x10
[  123.344103][ T6165]  ? __pfx___might_resched+0x10/0x10
[  123.344132][ T6165]  ? fs_reclaim_acquire+0x7d/0x100
[  123.344158][ T6165]  should_fail_ex+0x414/0x560
[  123.344192][ T6165]  should_failslab+0xa8/0x100
[  123.344223][ T6165]  __kmalloc_noprof+0xcb/0x4f0
[  123.344251][ T6165]  ? iovec_from_user+0x87/0x250
[  123.344279][ T6165]  iovec_from_user+0x87/0x250
[  123.344306][ T6165]  __import_iovec+0x163/0x7f0
[  123.344341][ T6165]  import_iovec+0x74/0xa0
[  123.344368][ T6165]  ___sys_sendmsg+0x1e7/0x2a0
[  123.344393][ T6165]  ? __pfx____sys_sendmsg+0x10/0x10
[  123.344450][ T6165]  ? __fget_files+0x2a/0x420
[  123.344478][ T6165]  ? __fget_files+0x3a0/0x420
[  123.344525][ T6165]  __x64_sys_sendmsg+0x19b/0x260
[  123.344549][ T6165]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  123.344586][ T6165]  ? do_syscall_64+0xba/0x210
[  123.344610][ T6165]  do_syscall_64+0xf6/0x210
[  123.344628][ T6165]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  123.344647][ T6165]  ? clear_bhb_loop+0x45/0xa0
[  123.344671][ T6165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.344690][ T6165] RIP: 0033:0x7f7c3798e969
[  123.344714][ T6165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.344730][ T6165] RSP: 002b:00007f7c38772038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.344755][ T6165] RAX: ffffffffffffffda RBX: 00007f7c37bb6160 RCX: 00007f7c3798e969
[  123.344769][ T6165] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[  123.344781][ T6165] RBP: 00007f7c38772090 R08: 0000000000000000 R09: 0000000000000000
[  123.344793][ T6165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.344803][ T6165] R13: 0000000000000000 R14: 00007f7c37bb6160 R15: 00007fffa5c03848
[  123.344833][ T6165]  </TASK>
[  123.563429][    C0] vkms_vblank_simulate: vblank timer overrun
[  124.331911][ T5834] Bluetooth: hci5: command tx timeout
[  124.881195][ T6065] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  125.109862][ T6065] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  125.773969][ T6065] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  125.893561][ T6065] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  126.644425][ T6065] 8021q: adding VLAN 0 to HW filter on device bond0
[  126.735148][ T6065] 8021q: adding VLAN 0 to HW filter on device team0
[  126.776619][ T5875] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  126.908592][ T1112] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.915892][ T1112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.015669][ T1112] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.023002][ T1112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.046448][ T5875] usb 4-1: Using ep0 maxpacket: 32
[  127.121287][ T5875] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  127.209127][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.273082][ T5875] usb 4-1: config 0 descriptor??
[  127.344293][ T5875] gspca_main: nw80x-2.14.0 probing 055f:d001
[  127.523393][ T5875] gspca_nw80x: reg_w err -71
[  127.548530][ T5875] nw80x 4-1:0.0: probe with driver nw80x failed with error -71
[  127.610441][ T5875] usb 4-1: USB disconnect, device number 4
[  127.935742][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.4.80'.
[  127.992286][ T6208] netlink: 8 bytes leftover after parsing attributes in process `syz.4.80'.
[  129.120102][ T6212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.81'.
[  129.248977][ T6211] netlink: 8 bytes leftover after parsing attributes in process `syz.0.81'.
[  129.301352][ T5822] syz-executor (5822) used greatest stack depth: 20200 bytes left
[  130.176005][ T6221] xt_CT: No such helper "pptp"
[  130.292152][ T6222] vlan2: entered promiscuous mode
[  130.297548][ T6222] veth1_to_batadv: entered promiscuous mode
[  130.656356][ T1155] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.772081][ T6232] netlink: 60 bytes leftover after parsing attributes in process `syz.0.86'.
[  130.809146][ T6065] 8021q: adding VLAN 0 to HW filter on device batadv0
[  130.951912][ T1155] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.332250][ T1155] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.428453][ T6240] netlink: 'syz.3.89': attribute type 10 has an invalid length.
[  131.988552][ T6240] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  132.108397][ T1155] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.437478][ T5872] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  132.617109][ T5872] usb 1-1: Using ep0 maxpacket: 8
[  132.655388][ T5872] usb 1-1: config 0 has no interfaces?
[  132.688848][ T5872] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  132.777142][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.895364][ T5872] usb 1-1: config 0 descriptor??
[  132.925360][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  132.936527][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  133.438476][ T1155] bridge_slave_1: left allmulticast mode
[  133.444324][ T1155] bridge_slave_1: left promiscuous mode
[  133.464058][ T6251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  133.501978][ T6251] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  133.504949][ T1155] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.568521][ T1155] bridge_slave_0: left allmulticast mode
[  133.574534][ T1155] bridge_slave_0: left promiscuous mode
[  133.751807][ T1155] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.758336][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  133.769350][ T5831] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  133.778087][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  133.789125][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  133.804306][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  134.529812][ T6267] netlink: 'syz.4.95': attribute type 21 has an invalid length.
[  135.256593][ T5875] usb 1-1: USB disconnect, device number 5
[  136.748928][ T1155] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  136.771544][ T1155] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.788688][ T1155] bond0 (unregistering): Released all slaves
[  136.806569][ T5831] Bluetooth: hci3: command tx timeout
[  136.836005][ T6267] netlink: 132 bytes leftover after parsing attributes in process `syz.4.95'.
[  137.250979][ T6065] veth0_vlan: entered promiscuous mode
[  137.568504][   T59] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  137.666933][ T5872] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  137.748014][ T6065] veth1_vlan: entered promiscuous mode
[  137.783365][   T59] usb 4-1: Using ep0 maxpacket: 8
[  137.814464][   T59] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.859315][ T5872] usb 1-1: device descriptor read/64, error -71
[  137.872201][   T59] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.906483][   T59] usb 4-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  137.940672][   T59] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.953998][   T59] usb 4-1: config 0 descriptor??
[  138.156716][ T5872] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  138.195344][ T6065] veth0_macvtap: entered promiscuous mode
[  138.337285][ T5872] usb 1-1: device descriptor read/64, error -71
[  138.387372][   T59] logitech 0003:046D:C20E.0002: rdesc size test failed for formula gp
[  138.417886][   T59] logitech 0003:046D:C20E.0002: unbalanced delimiter at end of report description
[  138.457280][   T59] logitech 0003:046D:C20E.0002: parse failed
[  138.478328][ T5872] usb usb1-port1: attempt power cycle
[  138.520741][   T59] logitech 0003:046D:C20E.0002: probe with driver logitech failed with error -22
[  138.545569][ T1155] hsr_slave_0: left promiscuous mode
[  138.572638][ T1155] hsr_slave_1: left promiscuous mode
[  138.597819][   T59] usb 4-1: USB disconnect, device number 5
[  138.640298][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  138.686819][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_0
[  138.730954][ T1155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.741795][ T6300] FAULT_INJECTION: forcing a failure.
[  138.741795][ T6300] name failslab, interval 1, probability 0, space 0, times 0
[  138.755709][ T1155] batman_adv: batadv0: Removing interface: batadv_slave_1
[  138.764042][ T6300] CPU: 0 UID: 0 PID: 6300 Comm: syz.4.100 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  138.764070][ T6300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  138.764083][ T6300] Call Trace:
[  138.764091][ T6300]  <TASK>
[  138.764100][ T6300]  dump_stack_lvl+0x189/0x250
[  138.764132][ T6300]  ? __pfx_mod_objcg_state+0x10/0x10
[  138.764161][ T6300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  138.764188][ T6300]  ? __pfx__printk+0x10/0x10
[  138.764216][ T6300]  ? percpu_ref_get_many+0x19/0x140
[  138.764242][ T6300]  ? look_up_lock_class+0x74/0x170
[  138.764278][ T6300]  should_fail_ex+0x414/0x560
[  138.764312][ T6300]  should_failslab+0xa8/0x100
[  138.764336][ T6300]  __kmalloc_noprof+0xcb/0x4f0
[  138.764356][ T6300]  ? io_cqring_event_overflow+0xd2/0x5f0
[  138.764378][ T6300]  io_cqring_event_overflow+0xd2/0x5f0
[  138.764400][ T6300]  io_req_cqe_overflow+0xf0/0x150
[  138.764422][ T6300]  __io_submit_flush_completions+0x240/0xe10
[  138.764444][ T6300]  ? io_submit_fail_init+0x3d2/0x590
[  138.764464][ T6300]  ? io_openat2_prep+0x1ee/0x530
[  138.764487][ T6300]  io_submit_sqes+0x1889/0x1d20
[  138.764530][ T6300]  __se_sys_io_uring_enter+0x2df/0x2b20
[  138.764566][ T6300]  ? ksys_write+0x1cb/0x250
[  138.764588][ T6300]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  138.764607][ T6300]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  138.764622][ T6300]  ? __pfx_vfs_write+0x10/0x10
[  138.764643][ T6300]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  138.764660][ T6300]  ? __fget_files+0x3a0/0x420
[  138.764688][ T6300]  ? fput+0xa0/0xd0
[  138.764703][ T6300]  ? ksys_write+0x1f0/0x250
[  138.764721][ T6300]  ? rcu_is_watching+0x15/0xb0
[  138.764747][ T6300]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  138.764769][ T6300]  do_syscall_64+0xf6/0x210
[  138.764784][ T6300]  ? clear_bhb_loop+0x45/0xa0
[  138.764802][ T6300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.764835][ T6300] RIP: 0033:0x7f7c3798e969
[  138.764850][ T6300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.764861][ T6300] RSP: 002b:00007f7c387b4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  138.764877][ T6300] RAX: ffffffffffffffda RBX: 00007f7c37bb5fa0 RCX: 00007f7c3798e969
[  138.764887][ T6300] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000003
[  138.764896][ T6300] RBP: 00007f7c387b4090 R08: 0000000000000000 R09: 0000000000000000
[  138.764905][ T6300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.764913][ T6300] R13: 0000000000000000 R14: 00007f7c37bb5fa0 R15: 00007fffa5c03848
[  138.764935][ T6300]  </TASK>
[  139.028866][ T5831] Bluetooth: hci3: command tx timeout
[  139.096552][ T5872] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  139.127873][ T5872] usb 1-1: device descriptor read/8, error -71
[  139.332155][ T1155] veth1_macvtap: left promiscuous mode
[  139.347680][ T1155] veth0_macvtap: left promiscuous mode
[  139.372006][ T1155] veth1_vlan: left promiscuous mode
[  139.390793][ T1155] veth0_vlan: left promiscuous mode
[  139.497086][ T5872] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  139.592128][ T5872] usb 1-1: device descriptor read/8, error -71
[  139.707391][ T5872] usb usb1-port1: unable to enumerate USB device
[  140.230450][ T6310] overlayfs: failed to resolve './file1': -2
[  140.405058][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  141.507868][ T5831] Bluetooth: hci3: command tx timeout
[  142.687695][ T6331] warn_alloc: 1 callbacks suppressed
[  142.687719][ T6331] syz.3.109: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  142.708821][ T6331] CPU: 1 UID: 0 PID: 6331 Comm: syz.3.109 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  142.708856][ T6331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  142.708871][ T6331] Call Trace:
[  142.708884][ T6331]  <TASK>
[  142.708895][ T6331]  dump_stack_lvl+0x189/0x250
[  142.708937][ T6331]  ? __pfx_dump_stack_lvl+0x10/0x10
[  142.708968][ T6331]  ? __pfx__printk+0x10/0x10
[  142.709005][ T6331]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  142.709040][ T6331]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  142.709076][ T6331]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  142.709112][ T6331]  warn_alloc+0x214/0x310
[  142.709141][ T6331]  ? __pfx___schedule+0x10/0x10
[  142.709172][ T6331]  ? __pfx_warn_alloc+0x10/0x10
[  142.709189][ T6331]  ? kasan_save_track+0x4f/0x80
[  142.709215][ T6331]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  142.709241][ T6331]  ? xskq_create+0x56/0x170
[  142.709269][ T6331]  ? __x64_sys_setsockopt+0x18b/0x220
[  142.709285][ T6331]  ? do_syscall_64+0xf6/0x210
[  142.709301][ T6331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.709330][ T6331]  __vmalloc_node_range_noprof+0x125/0x12c0
[  142.709376][ T6331]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  142.709398][ T6331]  ? __kasan_kmalloc+0x93/0xb0
[  142.709430][ T6331]  vmalloc_user_noprof+0x74/0x80
[  142.709448][ T6331]  ? xskq_create+0xbf/0x170
[  142.709474][ T6331]  xskq_create+0xbf/0x170
[  142.709505][ T6331]  xsk_init_queue+0xb0/0x110
[  142.709544][ T6331]  xsk_setsockopt+0x43f/0x710
[  142.709573][ T6331]  ? __pfx_xsk_setsockopt+0x10/0x10
[  142.709600][ T6331]  ? __lock_acquire+0xaac/0xd20
[  142.709630][ T6331]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  142.709649][ T6331]  ? __pfx_xsk_setsockopt+0x10/0x10
[  142.709676][ T6331]  do_sock_setsockopt+0x257/0x3e0
[  142.709697][ T6331]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  142.709712][ T6331]  ? __fget_files+0x2a/0x420
[  142.709743][ T6331]  ? __fget_files+0x3a0/0x420
[  142.709771][ T6331]  ? __fget_files+0x2a/0x420
[  142.709805][ T6331]  __x64_sys_setsockopt+0x18b/0x220
[  142.709828][ T6331]  do_syscall_64+0xf6/0x210
[  142.709847][ T6331]  ? clear_bhb_loop+0x45/0xa0
[  142.709869][ T6331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.709887][ T6331] RIP: 0033:0x7f838398e969
[  142.709906][ T6331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.709921][ T6331] RSP: 002b:00007f83817f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  142.709942][ T6331] RAX: ffffffffffffffda RBX: 00007f8383bb6160 RCX: 00007f838398e969
[  142.709956][ T6331] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000a
[  142.709967][ T6331] RBP: 00007f8383a10ab1 R08: 0000000000000052 R09: 0000000000000000
[  142.709978][ T6331] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  142.709990][ T6331] R13: 0000000000000000 R14: 00007f8383bb6160 R15: 00007fff705d92d8
[  142.710017][ T6331]  </TASK>
[  142.710034][ T6331] Mem-Info:
[  143.019549][ T6331] active_anon:365 inactive_anon:5634 isolated_anon:0
[  143.019549][ T6331]  active_file:4415 inactive_file:35506 isolated_file:0
[  143.019549][ T6331]  unevictable:768 dirty:17 writeback:25
[  143.019549][ T6331]  slab_reclaimable:9757 slab_unreclaimable:99225
[  143.019549][ T6331]  mapped:35412 shmem:1466 pagetables:859
[  143.019549][ T6331]  sec_pagetables:5 bounce:0
[  143.019549][ T6331]  kernel_misc_reclaimable:0
[  143.019549][ T6331]  free:1002765 free_pcp:2852 free_cma:0
[  143.066094][ T6331] Node 0 active_anon:1456kB inactive_anon:22560kB active_file:17592kB inactive_file:142040kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:141668kB dirty:72kB writeback:80kB shmem:4328kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11184kB pagetables:3428kB sec_pagetables:20kB all_unreclaimable? no Balloon:0kB
[  143.100980][ T6331] Node 1 active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  143.135129][ T6331] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  143.164760][ T6331] lowmem_reserve[]: 0 2504 2504 2504 2504
[  143.170752][ T6331] Node 0 DMA32 free:81996kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:1452kB inactive_anon:22556kB active_file:17500kB inactive_file:142028kB unevictable:1536kB writepending:152kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:11460kB local_pcp:9580kB free_cma:0kB
[  143.203881][ T6331] lowmem_reserve[]: 0 0 0 0 0
[  143.208890][ T6331] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  143.238144][ T6331] lowmem_reserve[]: 0 0 0 0 0
[  143.243010][ T6331] Node 1 Normal free:3913480kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:72kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  143.274356][ T6331] lowmem_reserve[]: 0 0 0 0 0
[  143.279663][ T6331] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  143.294068][ T6331] Node 0 DMA32: 1*4kB (M) 3*8kB (UME) 5*16kB (UME) 13*32kB (UME) 4*64kB (UE) 27*128kB (UME) 25*256kB (UME) 9*512kB (ME) 9*1024kB (UM) 6*2048kB (UM) 11*4096kB (M) = 81804kB
[  143.311638][ T6331] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  143.323930][ T6331] Node 1 Normal: 212*4kB (UE) 59*8kB (UME) 46*16kB (UME) 200*32kB (UME) 94*64kB (UME) 23*128kB (UME) 15*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3913480kB
[  143.342669][ T6331] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.352380][ T6331] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.362572][ T6331] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  143.373157][ T6331] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  143.384643][ T6331] 41392 total pagecache pages
[  143.391360][ T6331] 0 pages in swap cache
[  143.395928][ T6331] Free swap  = 124996kB
[  143.400247][ T6331] Total swap = 124996kB
[  143.404479][ T6331] 2097051 pages RAM
[  143.408564][ T6331] 0 pages HighMem/MovableOnly
[  143.413655][ T6331] 424226 pages reserved
[  143.417973][ T6331] 0 pages cma reserved
[  143.526754][ T5831] Bluetooth: hci3: command tx timeout
[  143.581220][ T6328] input: syz1 as /devices/virtual/input/input6
[  144.457451][ T6338] FAULT_INJECTION: forcing a failure.
[  144.457451][ T6338] name failslab, interval 1, probability 0, space 0, times 0
[  144.526618][ T6338] CPU: 1 UID: 0 PID: 6338 Comm: syz.3.110 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  144.526648][ T6338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  144.526660][ T6338] Call Trace:
[  144.526668][ T6338]  <TASK>
[  144.526676][ T6338]  dump_stack_lvl+0x189/0x250
[  144.526711][ T6338]  ? __pfx_dump_stack_lvl+0x10/0x10
[  144.526739][ T6338]  ? __pfx__printk+0x10/0x10
[  144.526776][ T6338]  ? __pfx___might_resched+0x10/0x10
[  144.526804][ T6338]  ? fs_reclaim_acquire+0x7d/0x100
[  144.526830][ T6338]  should_fail_ex+0x414/0x560
[  144.526865][ T6338]  should_failslab+0xa8/0x100
[  144.526895][ T6338]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  144.526920][ T6338]  ? __d_alloc+0x31/0x6f0
[  144.526941][ T6338]  __d_alloc+0x31/0x6f0
[  144.526963][ T6338]  d_alloc_parallel+0xe0/0x14e0
[  144.526982][ T6338]  ? smack_log+0xef/0x3f0
[  144.527006][ T6338]  ? __pfx_smack_log+0x10/0x10
[  144.527025][ T6338]  ? register_lock_class+0x51/0x320
[  144.527046][ T6338]  ? smk_access+0x14c/0x4e0
[  144.527072][ T6338]  ? __lock_acquire+0xaac/0xd20
[  144.527092][ T6338]  ? __pfx_d_alloc_parallel+0x10/0x10
[  144.527115][ T6338]  ? __raw_spin_lock_init+0x45/0x100
[  144.527134][ T6338]  ? __init_waitqueue_head+0xa9/0x150
[  144.527159][ T6338]  __lookup_slow+0x116/0x3d0
[  144.527180][ T6338]  ? __pfx___lookup_slow+0x10/0x10
[  144.527203][ T6338]  ? bpf_lsm_inode_permission+0x9/0x20
[  144.527220][ T6338]  ? security_inode_permission+0xb7/0x310
[  144.527250][ T6338]  ? down_read+0x1ad/0x2e0
[  144.527270][ T6338]  lookup_slow+0x53/0x70
[  144.527288][ T6338]  walk_component+0x2d2/0x400
[  144.527303][ T6338]  ? path_lookupat+0x156/0x430
[  144.527322][ T6338]  path_lookupat+0x163/0x430
[  144.527347][ T6338]  filename_lookup+0x212/0x570
[  144.527370][ T6338]  ? __pfx_filename_lookup+0x10/0x10
[  144.527409][ T6338]  ? strncpy_from_user+0x150/0x290
[  144.527436][ T6338]  ? getname_flags+0x1e5/0x540
[  144.527454][ T6338]  __se_sys_move_mount+0x36a/0x580
[  144.527481][ T6338]  ? fput+0xa0/0xd0
[  144.527501][ T6338]  ? __pfx___se_sys_move_mount+0x10/0x10
[  144.527534][ T6338]  ? do_syscall_64+0xba/0x210
[  144.527548][ T6338]  ? __x64_sys_move_mount+0x20/0xc0
[  144.527590][ T6338]  do_syscall_64+0xf6/0x210
[  144.527607][ T6338]  ? clear_bhb_loop+0x45/0xa0
[  144.527628][ T6338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.527645][ T6338] RIP: 0033:0x7f838398e969
[  144.527661][ T6338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.527675][ T6338] RSP: 002b:00007f8384748038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  144.527693][ T6338] RAX: ffffffffffffffda RBX: 00007f8383bb5fa0 RCX: 00007f838398e969
[  144.527706][ T6338] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
[  144.527716][ T6338] RBP: 00007f8384748090 R08: 0000000000000204 R09: 0000000000000000
[  144.527726][ T6338] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[  144.527736][ T6338] R13: 0000000000000000 R14: 00007f8383bb5fa0 R15: 00007fff705d92d8
[  144.527763][ T6338]  </TASK>
[  145.337306][ T6342] input: syz1 as /devices/virtual/input/input7
[  145.517109][ T5872] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  145.689840][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.744999][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.755904][ T5872] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  145.781603][ T5872] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.791870][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.096195][ T5872] usb 5-1: config 0 descriptor??
[  146.597583][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  146.715559][ T5872] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  146.726173][ T5872] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  147.403824][ T5872] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  147.457967][ T5872] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  147.485991][ T5872] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  147.580640][ T5872] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  147.642884][ T5872] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  147.705116][ T1155] team0 (unregistering): Port device team_slave_1 removed
[  147.753426][ T5872] usb 5-1: USB disconnect, device number 4
[  147.812804][   T59] kernel write not supported for file /105/oom_score_adj (pid: 59 comm: kworker/1:2)
[  148.462916][ T1155] team0 (unregistering): Port device team_slave_0 removed
[  149.901212][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028476c00: rx timeout, send abort
[  150.401367][    C1] vcan0: j1939_tp_rxtimer: 0xffff888030229c00: rx timeout, send abort
[  150.410221][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028476c00: abort rx timeout. Force session deactivation
[  150.762323][ T6376] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  150.909736][    C1] vcan0: j1939_tp_rxtimer: 0xffff888030229c00: abort rx timeout. Force session deactivation
[  152.214434][ T6065] veth1_macvtap: entered promiscuous mode
[  152.370153][ T6358] bridge0: port 3(vlan2) entered blocking state
[  152.391965][ T6358] bridge0: port 3(vlan2) entered disabled state
[  152.411663][ T6358] vlan2: entered allmulticast mode
[  152.418506][ T6358] bridge0: entered allmulticast mode
[  152.446113][ T6358] vlan2: left allmulticast mode
[  152.465105][ T6358] bridge0: left allmulticast mode
[  152.910914][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.992783][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.036762][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.100086][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.139815][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.170990][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.216501][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.258063][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.398078][ T6065] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.447127][ T6388] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  153.697244][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.728963][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.756468][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.837846][ T6398] =======================================================
[  153.837846][ T6398] WARNING: The mand mount option has been deprecated and
[  153.837846][ T6398]          and is ignored by this kernel. Remove the mand
[  153.837846][ T6398]          option from the mount to silence this warning.
[  153.837846][ T6398] =======================================================
[  153.891430][ T6398] option changes via remount are deprecated (pid=6390 comm=syz.4.124)
[  154.244948][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.255255][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.265979][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.293181][ T6065] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.303783][ T6065] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.332826][ T6065] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.378249][    C1] Unknown status report in ack skb
[  154.414075][ T6065] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.526619][ T6065] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.560105][ T6065] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.607469][ T6065] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.971822][ T6266] chnl_net:caif_netlink_parms(): no params data found
[  155.119295][ T6413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.127'.
[  156.660033][ T6422] syz.0.128: attempt to access beyond end of device
[  156.660033][ T6422] loop0: rw=0, sector=0, nr_sectors = 1 limit=0
[  156.674359][ T6422] FAT-fs (loop0): unable to read boot sector
[  156.984117][ T6430] netlink: 28 bytes leftover after parsing attributes in process `syz.4.130'.
[  157.255527][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.322589][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  157.756710][ T6266] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.785608][ T6266] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.813678][ T6266] bridge_slave_0: entered allmulticast mode
[  157.868457][ T6266] bridge_slave_0: entered promiscuous mode
[  157.908747][ T6266] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.970825][ T6266] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.017679][ T6266] bridge_slave_1: entered allmulticast mode
[  158.137808][ T6266] bridge_slave_1: entered promiscuous mode
[  158.788378][ T5886] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  159.110607][ T5886] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.148657][ T5886] usb 5-1: config 0 has no interfaces?
[  159.205156][ T5886] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  159.253455][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.273503][ T6266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.301610][ T5886] usb 5-1: config 0 descriptor??
[  159.313012][ T6448] netdevsim netdevsim3 netdevsim0: Device is already in use.
[  159.439085][ T6266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.474420][ T6320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.490679][ T6320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.084366][ T6266] team0: Port device team_slave_0 added
[  160.191398][ T6266] team0: Port device team_slave_1 added
[  160.768484][ T6266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.826047][ T6266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.852063][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.985804][ T6266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  161.033639][ T6266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.095575][ T6266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.187495][ T5886] usb 5-1: USB disconnect, device number 5
[  161.222182][ T6266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  162.709043][ T6266] hsr_slave_0: entered promiscuous mode
[  162.779652][ T6266] hsr_slave_1: entered promiscuous mode
[  162.842571][ T6266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  162.891568][ T6266] Cannot create hsr debugfs directory
[  162.896033][ T6489] netlink: 28 bytes leftover after parsing attributes in process `syz.3.140'.
[  162.946470][ T5929] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  163.128522][ T5929] usb 5-1: config index 0 descriptor too short (expected 65069, got 45)
[  163.176080][ T5929] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  163.268680][ T5929] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  163.491473][ T5929] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.576511][ T5929] usb 5-1: config 0 has no interfaces?
[  163.626866][ T5929] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  163.666699][ T5929] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.816896][ T5886] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  164.537309][ T5929] usb 5-1: config 0 descriptor??
[  164.717503][ T5886] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  164.738232][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.762944][ T5886] usb 1-1: config 0 descriptor??
[  164.798684][   T10] usb 5-1: USB disconnect, device number 6
[  165.051223][ T5886] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  165.085643][ T5886] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  165.173774][ T5886] [drm:udl_init] *ERROR* Selecting channel failed
[  165.835255][ T5886] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  165.936667][ T5886] [drm] Initialized udl on minor 2
[  165.945764][ T5886] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  166.375776][ T5886] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  166.407783][ T5871] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  166.423191][ T5886] usb 1-1: USB disconnect, device number 10
[  166.441215][ T5871] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  166.636599][ T6513] input: syz1 as /devices/virtual/input/input8
[  166.848838][ T6266] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  166.951290][ T6266] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  167.287228][ T6266] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  167.936922][ T6266] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  169.180000][ T6266] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.438275][ T6530] FAULT_INJECTION: forcing a failure.
[  169.438275][ T6530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  169.452120][ T6530] CPU: 0 UID: 0 PID: 6530 Comm: syz.3.150 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  169.452148][ T6530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  169.452160][ T6530] Call Trace:
[  169.452189][ T6530]  <TASK>
[  169.452198][ T6530]  dump_stack_lvl+0x189/0x250
[  169.452235][ T6530]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.452261][ T6530]  ? __pfx__printk+0x10/0x10
[  169.452306][ T6530]  should_fail_ex+0x414/0x560
[  169.452341][ T6530]  _copy_from_user+0x2d/0xb0
[  169.452366][ T6530]  __copy_msghdr+0x3c5/0x5b0
[  169.452391][ T6530]  ___sys_sendmsg+0x1a5/0x2a0
[  169.452414][ T6530]  ? __pfx____sys_sendmsg+0x10/0x10
[  169.452473][ T6530]  ? __fget_files+0x2a/0x420
[  169.452503][ T6530]  ? __fget_files+0x3a0/0x420
[  169.452544][ T6530]  __sys_sendmmsg+0x227/0x430
[  169.452571][ T6530]  ? __pfx___sys_sendmmsg+0x10/0x10
[  169.452602][ T6530]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  169.452639][ T6530]  ? ksys_write+0x1f0/0x250
[  169.452678][ T6530]  __x64_sys_sendmmsg+0xa0/0xc0
[  169.452702][ T6530]  do_syscall_64+0xf6/0x210
[  169.452722][ T6530]  ? asm_sysvec_call_function_single+0x1a/0x20
[  169.452743][ T6530]  ? clear_bhb_loop+0x45/0xa0
[  169.452768][ T6530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.452787][ T6530] RIP: 0033:0x7f838398e969
[  169.452806][ T6530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.452823][ T6530] RSP: 002b:00007f8384727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  169.452844][ T6530] RAX: ffffffffffffffda RBX: 00007f8383bb6080 RCX: 00007f838398e969
[  169.452858][ T6530] RDX: 0000000000000001 RSI: 0000200000000e40 RDI: 0000000000000004
[  169.452870][ T6530] RBP: 00007f8384727090 R08: 0000000000000000 R09: 0000000000000000
[  169.452882][ T6530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.452894][ T6530] R13: 0000000000000000 R14: 00007f8383bb6080 R15: 00007fff705d92d8
[  169.452925][ T6530]  </TASK>
[  169.471064][ T6266] 8021q: adding VLAN 0 to HW filter on device team0
[  170.157622][ T6374] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.164945][ T6374] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.986789][ T6534] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  171.021307][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.029980][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.191537][ T6539] sctp: failed to load transform for md5: -2
[  171.214884][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  171.628543][ T6266] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  172.318405][ T6556] openvswitch: netlink: Message has 24 unknown bytes.
[  172.325888][ T6556] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  172.546608][ T6564] netlink: 'syz.3.157': attribute type 39 has an invalid length.
[  172.604072][ T6562] input: syz1 as /devices/virtual/input/input9
[  173.496578][   T59] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  173.674091][ T6266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.722888][   T59] usb 6-1: Using ep0 maxpacket: 8
[  173.761073][   T59] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  173.801408][   T59] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.937591][   T59] usb 6-1: Product: syz
[  173.946179][   T59] usb 6-1: Manufacturer: syz
[  173.988106][   T59] usb 6-1: SerialNumber: syz
[  174.082167][   T59] usb 6-1: config 0 descriptor??
[  174.374172][   T59] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  174.832149][ T6586] Driver unsupported XDP return value 0 on prog  (id 33) dev N/A, expect packet loss!
[  175.438746][ T6599] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  176.088036][   T59] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  177.072432][ T6266] veth0_vlan: entered promiscuous mode
[  177.095212][ T6266] veth1_vlan: entered promiscuous mode
[  177.137971][ T6266] veth0_macvtap: entered promiscuous mode
[  177.153627][ T6266] veth1_macvtap: entered promiscuous mode
[  177.461691][ T6619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  177.966457][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.056460][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.096636][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.133709][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.134098][ T5929] usb 6-1: USB disconnect, device number 2
[  178.178171][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.212056][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.233664][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.264015][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.316577][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.367394][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.419782][ T6266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.473437][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.565002][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.630253][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.668303][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.770313][ T6638] openvswitch: netlink: Message has 24 unknown bytes.
[  178.778155][ T6638] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  179.256612][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.334037][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.406582][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.587521][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  179.599804][ T6266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  179.625387][ T6266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  180.450112][ T6266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  180.783293][ T6654] ubi31: attaching mtd0
[  180.833738][ T6654] ubi31: scanning is finished
[  180.846019][ T6654] ubi31: empty MTD device detected
[  181.128809][ T6266] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  181.181382][ T6266] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  181.205056][ T6266] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  181.214124][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  181.233932][ T6266] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  181.263568][ T6656] FAULT_INJECTION: forcing a failure.
[  181.263568][ T6656] name failslab, interval 1, probability 0, space 0, times 0
[  181.296682][   T30] audit: type=1800 audit(1745637148.988:2): pid=6656 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.171" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  181.318458][ T6656] CPU: 0 UID: 0 PID: 6656 Comm: syz.3.171 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  181.318486][ T6656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  181.318499][ T6656] Call Trace:
[  181.318507][ T6656]  <TASK>
[  181.318516][ T6656]  dump_stack_lvl+0x189/0x250
[  181.318554][ T6656]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.318605][ T6656]  ? __pfx__printk+0x10/0x10
[  181.318643][ T6656]  ? __pfx___might_resched+0x10/0x10
[  181.318671][ T6656]  ? fs_reclaim_acquire+0x7d/0x100
[  181.318699][ T6656]  should_fail_ex+0x414/0x560
[  181.318735][ T6656]  should_failslab+0xa8/0x100
[  181.318769][ T6656]  __kmalloc_node_noprof+0xd1/0x4e0
[  181.318797][ T6656]  ? alloc_slab_obj_exts+0x39/0xa0
[  181.318829][ T6656]  alloc_slab_obj_exts+0x39/0xa0
[  181.318855][ T6656]  __memcg_slab_post_alloc_hook+0x332/0x820
[  181.318891][ T6656]  __kvmalloc_node_noprof+0x44e/0x5e0
[  181.318914][ T6656]  ? seq_read_iter+0x1fd/0xe10
[  181.318936][ T6656]  seq_read_iter+0x1fd/0xe10
[  181.318961][ T6656]  ? __asan_memset+0x22/0x50
[  181.318983][ T6656]  seq_read+0x2e2/0x3d0
[  181.319008][ T6656]  ? __pfx_seq_read+0x10/0x10
[  181.319035][ T6656]  ? rw_verify_area+0x258/0x650
[  181.319053][ T6656]  ? __pfx_seq_read+0x10/0x10
[  181.319072][ T6656]  vfs_read+0x1fd/0x980
[  181.319095][ T6656]  ? __pfx___mutex_lock+0x10/0x10
[  181.319110][ T6656]  ? __pfx_vfs_read+0x10/0x10
[  181.319130][ T6656]  ? __fget_files+0x2a/0x420
[  181.319155][ T6656]  ? __fget_files+0x3a0/0x420
[  181.319176][ T6656]  ? __fget_files+0x2a/0x420
[  181.319205][ T6656]  ksys_read+0x145/0x250
[  181.319223][ T6656]  ? rcu_is_watching+0x15/0xb0
[  181.319245][ T6656]  ? __pfx_ksys_read+0x10/0x10
[  181.319274][ T6656]  ? do_syscall_64+0xba/0x210
[  181.319292][ T6656]  do_syscall_64+0xf6/0x210
[  181.319306][ T6656]  ? clear_bhb_loop+0x45/0xa0
[  181.319325][ T6656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.319339][ T6656] RIP: 0033:0x7f838398e969
[  181.319352][ T6656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.319364][ T6656] RSP: 002b:00007f8384748038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  181.319380][ T6656] RAX: ffffffffffffffda RBX: 00007f8383bb5fa0 RCX: 00007f838398e969
[  181.319391][ T6656] RDX: 0000000000002020 RSI: 00002000000007c0 RDI: 0000000000000003
[  181.319400][ T6656] RBP: 00007f8384748090 R08: 0000000000000000 R09: 0000000000000000
[  181.319408][ T6656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.319416][ T6656] R13: 0000000000000000 R14: 00007f8383bb5fa0 R15: 00007fff705d92d8
[  181.319439][ T6656]  </TASK>
[  181.981098][   T10] usb 6-1: Using ep0 maxpacket: 8
[  181.986961][ T6654] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  182.007661][ T6654] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  182.019968][ T6654] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  182.030284][ T6654] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  182.048315][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  182.086034][ T6654] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  182.099981][ T6654] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  182.127335][   T10] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  182.172352][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.243269][ T6665] option changes via remount are deprecated (pid=6661 comm=syz.3.172)
[  182.997637][   T10] usb 6-1: config 0 descriptor??
[  183.158778][ T6654] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1763611901
[  183.247510][ T6654] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  183.280307][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.291359][   T10] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  183.330083][ T6662] ubi31: background thread "ubi_bgt31d" started, PID 6662
[  183.387354][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.426330][ T1155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.459586][ T1155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.651798][ T6676] netlink: 20 bytes leftover after parsing attributes in process `syz.4.174'.
[  183.763454][ T6676] vlan2: entered promiscuous mode
[  183.792833][ T6676] syz_tun: entered promiscuous mode
[  185.895208][ T5872] usb 6-1: USB disconnect, device number 3
[  189.135732][ T6715] warn_alloc: 1 callbacks suppressed
[  189.135753][ T6715] syz.3.182: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  189.156326][ T6715] CPU: 1 UID: 0 PID: 6715 Comm: syz.3.182 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  189.156353][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  189.156367][ T6715] Call Trace:
[  189.156378][ T6715]  <TASK>
[  189.156388][ T6715]  dump_stack_lvl+0x189/0x250
[  189.156425][ T6715]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.156454][ T6715]  ? __pfx__printk+0x10/0x10
[  189.156485][ T6715]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  189.156509][ T6715]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  189.156534][ T6715]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  189.156560][ T6715]  warn_alloc+0x214/0x310
[  189.156575][ T6715]  ? __pfx___schedule+0x10/0x10
[  189.156601][ T6715]  ? __pfx_warn_alloc+0x10/0x10
[  189.156615][ T6715]  ? kasan_save_track+0x4f/0x80
[  189.156635][ T6715]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  189.156657][ T6715]  ? xskq_create+0x56/0x170
[  189.156688][ T6715]  ? __x64_sys_setsockopt+0x18b/0x220
[  189.156702][ T6715]  ? do_syscall_64+0xf6/0x210
[  189.156714][ T6715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.156738][ T6715]  __vmalloc_node_range_noprof+0x125/0x12c0
[  189.156789][ T6715]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  189.156807][ T6715]  ? __kasan_kmalloc+0x93/0xb0
[  189.156834][ T6715]  vmalloc_user_noprof+0x74/0x80
[  189.156849][ T6715]  ? xskq_create+0xbf/0x170
[  189.156870][ T6715]  xskq_create+0xbf/0x170
[  189.156895][ T6715]  xsk_init_queue+0xb0/0x110
[  189.156920][ T6715]  xsk_setsockopt+0x43f/0x710
[  189.156944][ T6715]  ? __pfx_xsk_setsockopt+0x10/0x10
[  189.156966][ T6715]  ? __lock_acquire+0xaac/0xd20
[  189.157004][ T6715]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  189.157020][ T6715]  ? __pfx_xsk_setsockopt+0x10/0x10
[  189.157043][ T6715]  do_sock_setsockopt+0x257/0x3e0
[  189.157060][ T6715]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  189.157073][ T6715]  ? __fget_files+0x2a/0x420
[  189.157101][ T6715]  ? __fget_files+0x3a0/0x420
[  189.157123][ T6715]  ? __fget_files+0x2a/0x420
[  189.157154][ T6715]  __x64_sys_setsockopt+0x18b/0x220
[  189.157174][ T6715]  do_syscall_64+0xf6/0x210
[  189.157208][ T6715]  ? clear_bhb_loop+0x45/0xa0
[  189.157227][ T6715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.157242][ T6715] RIP: 0033:0x7f838398e969
[  189.157258][ T6715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.157270][ T6715] RSP: 002b:00007f8384727038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  189.157286][ T6715] RAX: ffffffffffffffda RBX: 00007f8383bb6080 RCX: 00007f838398e969
[  189.157298][ T6715] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000009
[  189.157307][ T6715] RBP: 00007f8383a10ab1 R08: 0000000000000052 R09: 0000000000000000
[  189.157317][ T6715] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  189.157326][ T6715] R13: 0000000000000000 R14: 00007f8383bb6080 R15: 00007fff705d92d8
[  189.157350][ T6715]  </TASK>
[  189.452004][ T6715] Mem-Info:
[  189.455284][ T6715] active_anon:704 inactive_anon:8971 isolated_anon:0
[  189.455284][ T6715]  active_file:2038 inactive_file:825 isolated_file:0
[  189.455284][ T6715]  unevictable:768 dirty:66 writeback:0
[  189.455284][ T6715]  slab_reclaimable:5950 slab_unreclaimable:101568
[  189.455284][ T6715]  mapped:40553 shmem:6817 pagetables:1027
[  189.455284][ T6715]  sec_pagetables:0 bounce:0
[  189.455284][ T6715]  kernel_misc_reclaimable:0
[  189.455284][ T6715]  free:760973 free_pcp:915 free_cma:0
[  189.561942][ T6715] Node 0 active_anon:2568kB inactive_anon:7320kB active_file:5520kB inactive_file:780kB unevictable:1536kB isolated(anon):0kB isolated(file):128kB mapped:137032kB dirty:76kB writeback:0kB shmem:2744kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10960kB pagetables:3252kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.596464][ T6715] Node 1 active_anon:248kB inactive_anon:28664kB active_file:2632kB inactive_file:2620kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:25180kB dirty:188kB writeback:0kB shmem:24524kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:704kB pagetables:756kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  189.630079][ T6715] Node 0 DMA free:10244kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:116kB local_pcp:116kB free_cma:0kB
[  189.661043][ T6715] lowmem_reserve[]: 0 2504 2504 2504 2504
[  189.666893][ T6715] Node 0 DMA32 free:48604kB boost:6144kB min:40448kB low:49024kB high:57600kB reserved_highatomic:0KB active_anon:2564kB inactive_anon:7316kB active_file:5436kB inactive_file:780kB unevictable:1536kB writepending:76kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:1496kB local_pcp:516kB free_cma:0kB
[  189.697346][ T6715] lowmem_reserve[]: 0 0 0 0 0
[  189.702063][ T6715] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:84kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  189.728908][ T6715] lowmem_reserve[]: 0 0 0 0 0
[  189.733642][ T6715] Node 1 Normal free:2982540kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:248kB inactive_anon:28664kB active_file:2632kB inactive_file:2620kB unevictable:1536kB writepending:188kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:2712kB local_pcp:1828kB free_cma:0kB
[  189.773614][ T6715] lowmem_reserve[]: 0 0 0 0 0
[  189.778584][ T6715] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10244kB
[  189.791451][ T6715] Node 0 DMA32: 556*4kB (UME) 517*8kB (UME) 514*16kB (ME) 293*32kB (UME) 161*64kB (UME) 53*128kB (UME) 23*256kB (UME) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 48472kB
[  189.808769][ T6715] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  189.820357][ T6715] Node 1 Normal: 1*4kB (E) 7*8kB (UME) 7*16kB (UE) 6*32kB (E) 9*64kB (ME) 8*128kB (UME) 3*256kB (UE) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (ME) 725*4096kB (M) = 2981548kB
[  189.837531][ T6715] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  189.851374][ T6715] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  189.862356][ T6715] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  189.874419][ T6715] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  189.885257][ T6715] 9765 total pagecache pages
[  189.889949][ T6715] 53 pages in swap cache
[  189.894194][ T6715] Free swap  = 114000kB
[  189.898427][ T6715] Total swap = 124996kB
[  189.902585][ T6715] 2097051 pages RAM
[  189.930561][ T6715] 0 pages HighMem/MovableOnly
[  189.935368][ T6715] 424226 pages reserved
[  189.961095][ T6715] 0 pages cma reserved
[  194.340091][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  194.346848][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.876091][ T6755] option changes via remount are deprecated (pid=6751 comm=syz.3.190)
[  196.699335][ T6749] netlink: 8 bytes leftover after parsing attributes in process `syz.4.188'.
[  196.812516][ T6749] netlink: 8 bytes leftover after parsing attributes in process `syz.4.188'.
[  197.586535][   T30] audit: type=1800 audit(1745637164.878:3): pid=6761 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.192" name="bus" dev="overlay" ino=308 res=0 errno=0
[  200.586813][ T5834] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  200.738813][ T5834] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  200.838226][ T5834] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  200.868329][ T5834] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  200.943618][ T5834] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  203.654138][ T5834] Bluetooth: hci6: command tx timeout
[  205.686499][ T5834] Bluetooth: hci6: command tx timeout
[  205.766836][   T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  206.021848][   T10] usb 5-1: Using ep0 maxpacket: 16
[  206.048204][ T6811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  206.516577][   T10] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  206.574104][   T10] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  206.596646][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.647730][   T10] usb 5-1: Product: syz
[  206.651983][   T10] usb 5-1: Manufacturer: syz
[  206.718862][   T10] usb 5-1: SerialNumber: syz
[  206.729820][ T6768] chnl_net:caif_netlink_parms(): no params data found
[  206.747550][   T10] usb 5-1: config 0 descriptor??
[  206.786263][   T10] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  206.836133][ T5834] Bluetooth: Frame is too long (len 16, expected len 4)
[  206.838454][   T10] usb 5-1: Detected FT232R
[  207.606952][   T10] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  207.827222][ T5834] Bluetooth: hci6: command tx timeout
[  209.948627][ T5834] Bluetooth: hci6: command tx timeout
[  210.595057][   T10] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  210.658033][   T10] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  210.778777][   T10] usb 5-1: USB disconnect, device number 7
[  210.862250][   T10] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  210.883889][   T10] ftdi_sio 5-1:0.0: device disconnected
[  211.979409][ T6768] bridge0: port 1(bridge_slave_0) entered blocking state
[  212.034726][ T6768] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.099230][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  212.105388][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[  212.105498][ T6768] bridge_slave_0: entered allmulticast mode
[  212.111548][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  212.376221][ T6839] syz.5.206: attempt to access beyond end of device
[  212.376221][ T6839] loop5: rw=0, sector=0, nr_sectors = 1 limit=0
[  212.390038][ T6839] FAT-fs (loop5): unable to read boot sector
[  212.826697][ T5872] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  212.976993][ T6768] bridge_slave_0: entered promiscuous mode
[  213.017953][ T6768] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.034410][ T6768] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.042159][ T6768] bridge_slave_1: entered allmulticast mode
[  213.067011][ T5872] usb 4-1: Using ep0 maxpacket: 16
[  213.097678][ T5872] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  213.172484][ T6768] bridge_slave_1: entered promiscuous mode
[  213.224620][ T5872] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  213.736666][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.786070][ T5872] usb 4-1: Product: syz
[  213.796961][ T6842] netlink: 8 bytes leftover after parsing attributes in process `syz.4.204'.
[  213.838617][ T5872] usb 4-1: Manufacturer: syz
[  213.843308][ T5872] usb 4-1: SerialNumber: syz
[  214.039490][ T5872] usb 4-1: config 0 descriptor??
[  214.068624][ T5872] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  214.794733][ T5872] usb 4-1: Detected FT232R
[  214.836979][ T6843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.204'.
[  214.857563][ T5872] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  216.639947][ T6768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.116664][ T5872] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  217.121075][ T6768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.146807][ T5874] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  217.152538][ T5872] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  217.252461][ T5872] usb 4-1: USB disconnect, device number 6
[  217.357111][ T5874] usb 6-1: Using ep0 maxpacket: 16
[  217.459233][ T5872] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  217.477108][ T5872] ftdi_sio 4-1:0.0: device disconnected
[  217.530211][ T5874] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[  218.128817][ T5874] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  218.152604][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.181121][ T5874] usb 6-1: Product: syz
[  218.193332][ T5874] usb 6-1: Manufacturer: syz
[  218.309412][ T5874] usb 6-1: SerialNumber: syz
[  218.353395][ T5874] usb 6-1: config 0 descriptor??
[  218.367456][ T5874] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  218.449090][ T6865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  218.912827][ T5874] usb 6-1: Detected FT232R
[  218.939384][ T6768] team0: Port device team_slave_0 added
[  218.980689][ T6768] team0: Port device team_slave_1 added
[  219.016127][ T5874] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  219.072830][ T5874] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  219.118410][ T5874] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  219.170365][ T5874] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  219.765905][ T5874] usb 6-1: USB disconnect, device number 4
[  219.881954][ T5874] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  219.902429][ T6768] batman_adv: batadv0: Adding interface: batadv_slave_0
[  220.031985][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  220.079034][ T6768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  220.105736][    C1] vkms_vblank_simulate: vblank timer overrun
[  220.114117][ T6768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  220.193196][ T5874] ftdi_sio 6-1:0.0: device disconnected
[  220.687988][ T6768] batman_adv: batadv0: Adding interface: batadv_slave_1
[  220.695103][ T6768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.096614][ T6768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  222.109114][ T5831] Bluetooth: hci4: command 0x0406 tx timeout
[  222.596894][ T6768] hsr_slave_0: entered promiscuous mode
[  222.730500][ T6768] hsr_slave_1: entered promiscuous mode
[  222.750880][ T6768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  222.814088][ T6768] Cannot create hsr debugfs directory
[  224.401408][ T6899] syz.6.218: attempt to access beyond end of device
[  224.401408][ T6899] loop6: rw=0, sector=0, nr_sectors = 1 limit=0
[  224.414968][ T6899] FAT-fs (loop6): unable to read boot sector
[  228.798597][ T6933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  229.160045][ T6938] netlink: 20 bytes leftover after parsing attributes in process `syz.3.226'.
[  229.702805][ T6938] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  229.711907][ T6938] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  229.720664][ T6938] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  229.729488][ T6938] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  230.080607][ T6943] input: syz1 as /devices/virtual/input/input10
[  231.552741][ T5872] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  231.949026][ T5872] usb 4-1: config 0 has an invalid interface number: 82 but max is 1
[  232.025254][ T5872] usb 4-1: config 0 has an invalid interface descriptor of length 2, skipping
[  232.096455][ T5872] usb 4-1: config 0 has an invalid interface number: 183 but max is 1
[  232.104719][ T5872] usb 4-1: config 0 has no interface number 0
[  232.146523][ T5872] usb 4-1: config 0 has no interface number 1
[  232.161932][ T5872] usb 4-1: config 0 interface 82 altsetting 1 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  232.186742][ T5872] usb 4-1: config 0 interface 82 has no altsetting 0
[  232.194140][ T5872] usb 4-1: config 0 interface 183 has no altsetting 0
[  232.211621][ T5872] usb 4-1: New USB device found, idVendor=05c6, idProduct=9215, bcdDevice=f3.9f
[  232.246527][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.255397][ T5872] usb 4-1: Product: syz
[  232.284312][ T6953] netlink: 4 bytes leftover after parsing attributes in process `syz.6.229'.
[  232.305131][ T5872] usb 4-1: Manufacturer: syz
[  232.313830][ T5872] usb 4-1: SerialNumber: syz
[  232.334445][ T6953] ipvlan2: entered promiscuous mode
[  232.423049][ T6961] option changes via remount are deprecated (pid=6958 comm=syz.5.230)
[  232.793162][ T5872] usb 4-1: config 0 descriptor??
[  232.794498][ T6953] bridge0: port 3(ipvlan2) entered blocking state
[  232.852465][ T6953] bridge0: port 3(ipvlan2) entered disabled state
[  232.881365][ T6953] ipvlan2: entered allmulticast mode
[  232.934930][ T6953] bridge0: entered allmulticast mode
[  233.001639][ T6953] ipvlan2: left allmulticast mode
[  233.004148][ T5872] usb 4-1: can't set config #0, error -71
[  233.062164][ T5872] usb 4-1: USB disconnect, device number 7
[  233.093443][ T6953] bridge0: left allmulticast mode
[  234.814778][ T6768] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  234.953346][ T6768] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  235.007716][ T5833] Bluetooth: Frame is too long (len 16, expected len 4)
[  235.134898][ T6768] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  235.142761][ T5833] Bluetooth: Frame is too long (len 16, expected len 4)
[  235.285123][ T6984] option changes via remount are deprecated (pid=6978 comm=syz.6.234)
[  235.854397][ T6768] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  237.686747][ T5833] Bluetooth: hci5: command 0x0406 tx timeout
[  237.719709][ T6768] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.802362][ T7005] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  237.996297][ T6768] 8021q: adding VLAN 0 to HW filter on device team0
[  238.061819][ T1155] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.069145][ T1155] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.221841][ T6320] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.229161][ T6320] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.453603][ T7007] netlink: 4 bytes leftover after parsing attributes in process `syz.6.238'.
[  238.863080][ T7017] option changes via remount are deprecated (pid=7011 comm=syz.4.239)
[  239.737315][ T6768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  240.040721][ T7021] syz.5.240: attempt to access beyond end of device
[  240.040721][ T7021] loop5: rw=0, sector=0, nr_sectors = 1 limit=0
[  240.053945][ T7021] FAT-fs (loop5): unable to read boot sector
[  240.374124][ T7014] syz.6.238 (7014): drop_caches: 2
[  240.507139][ T7028] option changes via remount are deprecated (pid=7025 comm=syz.3.242)
[  241.017291][ T5886] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  241.226469][ T5886] usb 5-1: Using ep0 maxpacket: 16
[  241.234999][ T5886] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  241.278658][ T5886] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  241.316510][ T5886] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.324584][ T5886] usb 5-1: Product: syz
[  241.406425][ T5886] usb 5-1: Manufacturer: syz
[  241.411111][ T5886] usb 5-1: SerialNumber: syz
[  241.506739][ T5886] usb 5-1: config 0 descriptor??
[  241.521946][ T6768] 8021q: adding VLAN 0 to HW filter on device batadv0
[  241.721507][ T5886] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  241.762215][ T5886] usb 5-1: Detected FT232R
[  243.872459][ T5886] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  244.082120][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  244.143547][ T5886] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  244.707130][ T5886] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  244.809471][ T5886] usb 5-1: USB disconnect, device number 8
[  245.552872][ T5886] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  246.141982][ T5886] ftdi_sio 5-1:0.0: device disconnected
[  248.124064][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  248.825746][ T7087] input: syz1 as /devices/virtual/input/input11
[  249.421057][ T6768] veth0_vlan: entered promiscuous mode
[  249.588575][ T6768] veth1_vlan: entered promiscuous mode
[  249.650652][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  249.803371][ T6768] veth0_macvtap: entered promiscuous mode
[  250.429190][ T6768] veth1_macvtap: entered promiscuous mode
[  250.605864][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.686533][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.746426][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.797291][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  250.886417][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  250.942971][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.026427][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.086690][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.114573][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.178542][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  251.196400][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.214528][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.226706][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.267890][ T6768] batman_adv: batadv0: Interface activated: batadv_slave_0
[  251.299741][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.425013][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.436821][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.448143][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.472683][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  251.964685][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.027337][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.062147][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.093394][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.174262][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.236484][ T6768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.299556][ T6768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.347853][ T6768] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.658232][ T7135] vivid-008: disconnect
[  253.287071][ T5871] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  254.046512][ T5871] usb 4-1: Using ep0 maxpacket: 16
[  254.165202][ T5871] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  254.222880][ T5871] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  254.234845][ T7149] input: syz1 as /devices/virtual/input/input12
[  254.405020][ T5871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.444382][ T5871] usb 4-1: Product: syz
[  254.699993][ T5871] usb 4-1: Manufacturer: syz
[  254.724814][ T5871] usb 4-1: SerialNumber: syz
[  254.863587][ T5871] usb 4-1: config 0 descriptor??
[  255.197042][ T5871] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  255.212909][ T5871] usb 4-1: Detected FT232R
[  256.027262][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  256.034006][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  257.102033][ T5833] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  257.111937][ T5833] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  257.121326][ T5833] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  257.131411][ T5833] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  257.141396][ T5833] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  257.726711][ T5871] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  258.012705][ T5871] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  258.061791][ T7138] vivid-008: reconnect
[  258.071243][ T5871] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  258.148694][ T5871] usb 4-1: USB disconnect, device number 8
[  258.255771][ T5871] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  258.277451][ T5871] ftdi_sio 4-1:0.0: device disconnected
[  259.537424][ T5833] Bluetooth: hci6: command tx timeout
[  260.558007][ T7186] input: syz1 as /devices/virtual/input/input13
[  261.616499][ T5833] Bluetooth: hci6: command tx timeout
[  261.684181][ T7159] chnl_net:caif_netlink_parms(): no params data found
[  261.753947][ T7194] netlink: 4 bytes leftover after parsing attributes in process `syz.5.267'.
[  262.076311][   T13] bridge_slave_1: left allmulticast mode
[  262.082496][   T13] bridge_slave_1: left promiscuous mode
[  262.146196][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.327644][   T13] bridge_slave_0: left allmulticast mode
[  262.355812][   T13] bridge_slave_0: left promiscuous mode
[  262.387266][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.753824][ T7208] warn_alloc: 1 callbacks suppressed
[  262.753869][ T7208] syz.6.268: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  262.775769][ T7208] CPU: 1 UID: 0 PID: 7208 Comm: syz.6.268 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  262.775804][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  262.775836][ T7208] Call Trace:
[  262.775847][ T7208]  <TASK>
[  262.775857][ T7208]  dump_stack_lvl+0x189/0x250
[  262.775900][ T7208]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  262.775927][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.775957][ T7208]  ? __pfx__printk+0x10/0x10
[  262.775992][ T7208]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  262.776026][ T7208]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  262.776069][ T7208]  warn_alloc+0x214/0x310
[  262.776099][ T7208]  ? __pfx_warn_alloc+0x10/0x10
[  262.776119][ T7208]  ? kasan_save_track+0x4f/0x80
[  262.776147][ T7208]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  262.776177][ T7208]  ? xskq_create+0x56/0x170
[  262.776211][ T7208]  ? __x64_sys_setsockopt+0x18b/0x220
[  262.776240][ T7208]  ? do_syscall_64+0xf6/0x210
[  262.776260][ T7208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.776296][ T7208]  __vmalloc_node_range_noprof+0x125/0x12c0
[  262.776349][ T7208]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  262.776375][ T7208]  ? __kasan_kmalloc+0x93/0xb0
[  262.776411][ T7208]  vmalloc_user_noprof+0x74/0x80
[  262.776433][ T7208]  ? xskq_create+0xbf/0x170
[  262.776463][ T7208]  xskq_create+0xbf/0x170
[  262.776500][ T7208]  xsk_init_queue+0xb0/0x110
[  262.776535][ T7208]  xsk_setsockopt+0x43f/0x710
[  262.776569][ T7208]  ? __pfx_xsk_setsockopt+0x10/0x10
[  262.776600][ T7208]  ? rcu_read_unlock_special+0x3fe/0x4c0
[  262.776628][ T7208]  ? irqentry_exit+0x74/0x90
[  262.776662][ T7208]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  262.776686][ T7208]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  262.776708][ T7208]  ? __pfx_xsk_setsockopt+0x10/0x10
[  262.776740][ T7208]  do_sock_setsockopt+0x257/0x3e0
[  262.776764][ T7208]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  262.776791][ T7208]  ? __fget_files+0x3a0/0x420
[  262.776822][ T7208]  ? __fget_files+0x2a/0x420
[  262.776864][ T7208]  __x64_sys_setsockopt+0x18b/0x220
[  262.776892][ T7208]  do_syscall_64+0xf6/0x210
[  262.776914][ T7208]  ? clear_bhb_loop+0x45/0xa0
[  262.776941][ T7208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.776963][ T7208] RIP: 0033:0x7f516718e969
[  262.776984][ T7208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.777003][ T7208] RSP: 002b:00007f5164bf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  262.777027][ T7208] RAX: ffffffffffffffda RBX: 00007f51673b6240 RCX: 00007f516718e969
[  262.777043][ T7208] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000009
[  262.777056][ T7208] RBP: 00007f5167210ab1 R08: 0000000000000052 R09: 0000000000000000
[  262.777070][ T7208] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.777084][ T7208] R13: 0000000000000000 R14: 00007f51673b6240 R15: 00007ffeac03b828
[  262.777118][ T7208]  </TASK>
[  263.069006][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.076043][ T7208] Mem-Info:
[  263.079741][ T7208] active_anon:377 inactive_anon:6659 isolated_anon:0
[  263.079741][ T7208]  active_file:12334 inactive_file:3325 isolated_file:0
[  263.079741][ T7208]  unevictable:768 dirty:69 writeback:0
[  263.079741][ T7208]  slab_reclaimable:5782 slab_unreclaimable:104352
[  263.079741][ T7208]  mapped:43037 shmem:3687 pagetables:1045
[  263.079741][ T7208]  sec_pagetables:0 bounce:0
[  263.079741][ T7208]  kernel_misc_reclaimable:0
[  263.079741][ T7208]  free:515514 free_pcp:584 free_cma:0
[  263.124803][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.131123][ T7208] Node 0 active_anon:76kB inactive_anon:88kB active_file:120kB inactive_file:88kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:132052kB dirty:40kB writeback:0kB shmem:1588kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10916kB pagetables:2608kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  263.163692][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.171257][ T7208] Node 1 active_anon:1432kB inactive_anon:26548kB active_file:49216kB inactive_file:13212kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40096kB dirty:236kB writeback:0kB shmem:13160kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1268kB pagetables:1572kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  263.205123][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.211699][ T7208] Node 0 DMA free:10244kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:112kB free_cma:0kB
[  263.239782][ T7208] lowmem_reserve[]: 0 2504 2504 2504 2504
[  263.245584][ T7208] Node 0 DMA32 free:42640kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:76kB inactive_anon:88kB active_file:120kB inactive_file:88kB unevictable:1536kB writepending:40kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:1396kB local_pcp:808kB free_cma:0kB
[  263.275839][ T7208] lowmem_reserve[]: 0 0 0 0 0
[  263.280676][ T7208] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  263.307414][ T7208] lowmem_reserve[]: 0 0 0 0 0
[  263.312188][ T7208] Node 1 Normal free:2009172kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:1432kB inactive_anon:26548kB active_file:49216kB inactive_file:13212kB unevictable:1536kB writepending:236kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:1060kB local_pcp:480kB free_cma:0kB
[  263.342725][    C1] vkms_vblank_simulate: vblank timer overrun
[  263.349391][ T7208] lowmem_reserve[]: 0 0 0 0 0
[  263.354130][ T7208] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10244kB
[  263.366935][ T7208] Node 0 DMA32: 63*4kB (ME) 90*8kB (UME) 160*16kB (ME) 108*32kB (UME) 48*64kB (ME) 33*128kB (ME) 13*256kB (ME) 5*512kB (UM) 2*1024kB (M) 8*2048kB (M) 1*4096kB (M) = 42700kB
[  263.385046][ T7208] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  263.396770][ T7208] Node 1 Normal: 7*4kB (UME) 4*8kB (E) 5*16kB (E) 451*32kB (ME) 373*64kB (ME) 51*128kB (ME) 22*256kB (UM) 9*512kB (ME) 8*1024kB (UME) 4*2048kB (ME) 473*4096kB (M) = 2009004kB
[  263.414390][ T7208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  263.423997][ T7208] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  263.433631][ T7208] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  263.443273][ T7208] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  263.453205][ T7208] 20419 total pagecache pages
[  263.457944][ T7208] 1089 pages in swap cache
[  263.462468][ T7208] Free swap  = 106412kB
[  263.467032][ T7208] Total swap = 124996kB
[  263.471292][ T7208] 2097051 pages RAM
[  263.475726][ T7208] 0 pages HighMem/MovableOnly
[  263.480769][ T7208] 424226 pages reserved
[  263.484930][ T7208] 0 pages cma reserved
[  263.686468][ T5833] Bluetooth: hci6: command tx timeout
[  263.748492][ T7206] xt_l2tp: unknown flags: 17
[  265.673317][ T7227] syz.6.272: attempt to access beyond end of device
[  265.673317][ T7227] loop6: rw=0, sector=0, nr_sectors = 1 limit=0
[  265.687041][ T7227] FAT-fs (loop6): unable to read boot sector
[  265.844432][ T5833] Bluetooth: hci6: command tx timeout
[  266.976570][ T5833] Bluetooth: Frame is too long (len 16, expected len 4)
[  267.782678][ T7241] netlink: 8 bytes leftover after parsing attributes in process `syz.5.273'.
[  268.238043][ T7246] input: syz1 as /devices/virtual/input/input14
[  269.724867][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.794000][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.810893][   T13] bond0 (unregistering): Released all slaves
[  270.212298][ T7256] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  270.311050][ T7256] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  270.503231][   T13] hsr_slave_0: left promiscuous mode
[  270.616664][   T13] hsr_slave_1: left promiscuous mode
[  270.807463][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.815035][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.369029][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.436207][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.562828][   T13] veth1_macvtap: left promiscuous mode
[  273.592645][   T13] veth0_macvtap: left promiscuous mode
[  273.615149][   T13] veth1_vlan: left promiscuous mode
[  273.642887][   T13] veth0_vlan: left promiscuous mode
[  273.867200][ T5833] Bluetooth: Frame is too long (len 16, expected len 4)
[  275.668125][ T7294] input: syz1 as /devices/virtual/input/input15
[  276.568548][ T7302] option changes via remount are deprecated (pid=7299 comm=syz.3.288)
[  278.573861][ T7312] option changes via remount are deprecated (pid=7305 comm=syz.6.290)
[  280.292213][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.3.291'.
[  281.089488][ T7323] warn_alloc: 1 callbacks suppressed
[  281.089537][ T7323] syz.6.292: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  281.109856][ T7323] CPU: 0 UID: 0 PID: 7323 Comm: syz.6.292 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  281.109890][ T7323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  281.109905][ T7323] Call Trace:
[  281.109917][ T7323]  <TASK>
[  281.109928][ T7323]  dump_stack_lvl+0x189/0x250
[  281.109964][ T7323]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  281.109993][ T7323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.110023][ T7323]  ? __pfx__printk+0x10/0x10
[  281.110057][ T7323]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  281.110093][ T7323]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  281.110136][ T7323]  warn_alloc+0x214/0x310
[  281.110166][ T7323]  ? __pfx_warn_alloc+0x10/0x10
[  281.110195][ T7323]  ? __x64_sys_setsockopt+0x18b/0x220
[  281.110231][ T7323]  __vmalloc_node_range_noprof+0x125/0x12c0
[  281.110256][ T7323]  ? rcu_is_watching+0x15/0xb0
[  281.110288][ T7323]  ? trace_irq_disable+0x37/0x110
[  281.110311][ T7323]  ? preempt_schedule_irq+0xde/0x150
[  281.110344][ T7323]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  281.110385][ T7323]  ? irqentry_exit+0x74/0x90
[  281.110417][ T7323]  ? lockdep_hardirqs_on+0x9c/0x150
[  281.110454][ T7323]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  281.110478][ T7323]  ? is_bpf_text_address+0x26/0x2b0
[  281.110518][ T7323]  vmalloc_user_noprof+0x74/0x80
[  281.110539][ T7323]  ? xskq_create+0xbf/0x170
[  281.110570][ T7323]  xskq_create+0xbf/0x170
[  281.110606][ T7323]  xsk_init_queue+0xb0/0x110
[  281.110651][ T7323]  xsk_setsockopt+0x43f/0x710
[  281.110685][ T7323]  ? __pfx_xsk_setsockopt+0x10/0x10
[  281.110731][ T7323]  ? __pfx_xsk_setsockopt+0x10/0x10
[  281.110763][ T7323]  do_sock_setsockopt+0x257/0x3e0
[  281.110789][ T7323]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  281.110807][ T7323]  ? __fget_files+0x2a/0x420
[  281.110845][ T7323]  ? __fget_files+0x3a0/0x420
[  281.110876][ T7323]  ? __fget_files+0x2a/0x420
[  281.110920][ T7323]  __x64_sys_setsockopt+0x18b/0x220
[  281.110951][ T7323]  do_syscall_64+0xf6/0x210
[  281.110973][ T7323]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  281.110996][ T7323]  ? clear_bhb_loop+0x45/0xa0
[  281.111024][ T7323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.111045][ T7323] RIP: 0033:0x7f516718e969
[  281.111065][ T7323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.111084][ T7323] RSP: 002b:00007f5164bf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  281.111108][ T7323] RAX: ffffffffffffffda RBX: 00007f51673b6240 RCX: 00007f516718e969
[  281.111124][ T7323] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000009
[  281.111137][ T7323] RBP: 00007f5167210ab1 R08: 0000000000000052 R09: 0000000000000000
[  281.111151][ T7323] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.111165][ T7323] R13: 0000000000000000 R14: 00007f51673b6240 R15: 00007ffeac03b828
[  281.111199][ T7323]  </TASK>
[  281.111238][ T7323] Mem-Info:
[  281.413196][ T7323] active_anon:1038 inactive_anon:9122 isolated_anon:0
[  281.413196][ T7323]  active_file:12393 inactive_file:3290 isolated_file:0
[  281.413196][ T7323]  unevictable:768 dirty:103 writeback:0
[  281.413196][ T7323]  slab_reclaimable:5697 slab_unreclaimable:103831
[  281.413196][ T7323]  mapped:47807 shmem:7229 pagetables:1094
[  281.413196][ T7323]  sec_pagetables:0 bounce:0
[  281.413196][ T7323]  kernel_misc_reclaimable:0
[  281.413196][ T7323]  free:448074 free_pcp:4537 free_cma:0
[  281.458607][ T7323] Node 0 active_anon:36kB inactive_anon:1360kB active_file:132kB inactive_file:28kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:141460kB dirty:44kB writeback:0kB shmem:2796kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10916kB pagetables:2548kB sec_pagetables:0kB all_unreclaimable? yes Balloon:0kB
[  281.491593][ T7323] Node 1 active_anon:4116kB inactive_anon:35128kB active_file:49440kB inactive_file:13132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:49768kB dirty:368kB writeback:0kB shmem:26120kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1272kB pagetables:1828kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  281.526890][ T7323] Node 0 DMA free:10244kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB
[  281.555535][ T7323] lowmem_reserve[]: 0 2504 2504 2504 2504
[  281.561646][ T7323] Node 0 DMA32 free:40964kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:2048KB active_anon:36kB inactive_anon:1360kB active_file:132kB inactive_file:28kB unevictable:1536kB writepending:44kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:2804kB local_pcp:164kB free_cma:0kB
[  281.592910][ T7323] lowmem_reserve[]: 0 0 0 0 0
[  281.598121][ T7323] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  281.625029][ T7323] lowmem_reserve[]: 0 0 0 0 0
[  281.629894][ T7323] Node 1 Normal free:1755832kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:4116kB inactive_anon:35128kB active_file:49440kB inactive_file:13132kB unevictable:1536kB writepending:368kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:468kB free_cma:0kB
[  281.660540][ T7323] lowmem_reserve[]: 0 0 0 0 0
[  281.665278][ T7323] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10244kB
[  281.677999][ T7323] Node 0 DMA32: 25*4kB (E) 46*8kB (E) 127*16kB (UE) 120*32kB (UEH) 43*64kB (UME) 27*128kB (UME) 17*256kB (ME) 3*512kB (M) 2*1024kB (UM) 8*2048kB (UM) 1*4096kB (M) = 40964kB
[  281.695723][ T7323] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  281.707791][ T7323] Node 1 Normal: 10*4kB (UME) 6*8kB (UE) 7*16kB (ME) 39*32kB (UME) 381*64kB (UME) 56*128kB (UME) 23*256kB (UM) 11*512kB (UME) 9*1024kB (UME) 7*2048kB (UME) 412*4096kB (M) = 1755624kB
[  281.726035][ T7323] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  281.735603][ T7323] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  281.744920][ T7323] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  281.754500][ T7323] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  281.763827][ T7323] 24028 total pagecache pages
[  281.768939][ T7323] 1116 pages in swap cache
[  281.773753][ T7323] Free swap  = 106428kB
[  281.777998][ T7323] Total swap = 124996kB
[  281.782347][ T7323] 2097051 pages RAM
[  281.786154][ T7323] 0 pages HighMem/MovableOnly
[  281.790874][ T7323] 424226 pages reserved
[  281.795026][ T7323] 0 pages cma reserved
[  283.010627][ T7332] syz.3.294: attempt to access beyond end of device
[  283.010627][ T7332] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  283.024407][ T7332] FAT-fs (loop3): unable to read boot sector
[  285.148164][   T13] team0 (unregistering): Port device team_slave_1 removed
[  286.449178][   T13] team0 (unregistering): Port device team_slave_0 removed
[  287.156987][ T7349] input: syz1 as /devices/virtual/input/input16
[  289.062762][ T5831] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  289.079075][ T5831] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  289.091608][ T5831] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  289.115704][ T5831] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  289.133773][ T5831] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  291.287004][ T5831] Bluetooth: hci7: command tx timeout
[  293.366737][ T5831] Bluetooth: hci7: command tx timeout
[  293.990290][ T7159] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.024811][ T7159] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.415709][ T7159] bridge_slave_0: entered allmulticast mode
[  294.657689][ T7159] bridge_slave_0: entered promiscuous mode
[  294.816038][ T7159] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.876695][ T7159] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.936704][ T7159] bridge_slave_1: entered allmulticast mode
[  294.979383][ T7159] bridge_slave_1: entered promiscuous mode
[  295.446494][ T5831] Bluetooth: hci7: command tx timeout
[  296.344532][ T7410] option changes via remount are deprecated (pid=7405 comm=syz.4.309)
[  296.534388][ T7159] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.951020][ T7416] delete_channel: no stack
[  297.187965][ T7159] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.246580][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  297.540301][ T5831] Bluetooth: hci7: command tx timeout
[  298.811394][ T7437] warn_alloc: 1 callbacks suppressed
[  298.811415][ T7437] syz.4.313: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  298.832075][ T7437] CPU: 1 UID: 0 PID: 7437 Comm: syz.4.313 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  298.832108][ T7437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  298.832122][ T7437] Call Trace:
[  298.832139][ T7437]  <TASK>
[  298.832149][ T7437]  dump_stack_lvl+0x189/0x250
[  298.832188][ T7437]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.832217][ T7437]  ? __pfx__printk+0x10/0x10
[  298.832251][ T7437]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  298.832285][ T7437]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  298.832319][ T7437]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  298.832356][ T7437]  warn_alloc+0x214/0x310
[  298.832377][ T7437]  ? __pfx___schedule+0x10/0x10
[  298.832414][ T7437]  ? __pfx_warn_alloc+0x10/0x10
[  298.832434][ T7437]  ? kasan_save_track+0x4f/0x80
[  298.832462][ T7437]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  298.832492][ T7437]  ? xskq_create+0x56/0x170
[  298.832524][ T7437]  ? __x64_sys_setsockopt+0x18b/0x220
[  298.832543][ T7437]  ? do_syscall_64+0xf6/0x210
[  298.832561][ T7437]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.832596][ T7437]  __vmalloc_node_range_noprof+0x125/0x12c0
[  298.832651][ T7437]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  298.832676][ T7437]  ? __kasan_kmalloc+0x93/0xb0
[  298.832712][ T7437]  vmalloc_user_noprof+0x74/0x80
[  298.832733][ T7437]  ? xskq_create+0xbf/0x170
[  298.832762][ T7437]  xskq_create+0xbf/0x170
[  298.832796][ T7437]  xsk_init_queue+0xb0/0x110
[  298.832830][ T7437]  xsk_setsockopt+0x43f/0x710
[  298.832863][ T7437]  ? __pfx_xsk_setsockopt+0x10/0x10
[  298.832894][ T7437]  ? __lock_acquire+0xaac/0xd20
[  298.832929][ T7437]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  298.832950][ T7437]  ? __pfx_xsk_setsockopt+0x10/0x10
[  298.832981][ T7437]  do_sock_setsockopt+0x257/0x3e0
[  298.833005][ T7437]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  298.833023][ T7437]  ? __fget_files+0x2a/0x420
[  298.833072][ T7437]  ? __fget_files+0x3a0/0x420
[  298.833103][ T7437]  ? __fget_files+0x2a/0x420
[  298.833154][ T7437]  __x64_sys_setsockopt+0x18b/0x220
[  298.833202][ T7437]  do_syscall_64+0xf6/0x210
[  298.833224][ T7437]  ? clear_bhb_loop+0x45/0xa0
[  298.833251][ T7437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.833273][ T7437] RIP: 0033:0x7f7c3798e969
[  298.833295][ T7437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.833315][ T7437] RSP: 002b:00007f7c38751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  298.833338][ T7437] RAX: ffffffffffffffda RBX: 00007f7c37bb6240 RCX: 00007f7c3798e969
[  298.833355][ T7437] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  298.833368][ T7437] RBP: 00007f7c37a10ab1 R08: 0000000000000052 R09: 0000000000000000
[  298.833382][ T7437] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.833397][ T7437] R13: 0000000000000000 R14: 00007f7c37bb6240 R15: 00007fffa5c03848
[  298.833431][ T7437]  </TASK>
[  298.833441][ T7437] Mem-Info:
[  299.134806][ T7437] active_anon:324 inactive_anon:6423 isolated_anon:0
[  299.134806][ T7437]  active_file:12402 inactive_file:3290 isolated_file:0
[  299.134806][ T7437]  unevictable:768 dirty:154 writeback:0
[  299.134806][ T7437]  slab_reclaimable:5607 slab_unreclaimable:103640
[  299.134806][ T7437]  mapped:44025 shmem:3667 pagetables:1071
[  299.134806][ T7437]  sec_pagetables:5 bounce:0
[  299.134806][ T7437]  kernel_misc_reclaimable:0
[  299.134806][ T7437]  free:362571 free_pcp:2811 free_cma:0
[  299.180276][ T7437] Node 0 active_anon:36kB inactive_anon:628kB active_file:140kB inactive_file:28kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116224kB dirty:48kB writeback:0kB shmem:2048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10884kB pagetables:2444kB sec_pagetables:0kB all_unreclaimable? yes Balloon:0kB
[  299.214052][ T7437] Node 1 active_anon:1260kB inactive_anon:25064kB active_file:49468kB inactive_file:13132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:59876kB dirty:568kB writeback:0kB shmem:12620kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1280kB pagetables:1840kB sec_pagetables:20kB all_unreclaimable? no Balloon:0kB
[  299.247873][ T7437] Node 0 DMA free:10244kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:112kB free_cma:0kB
[  299.275331][ T7437] lowmem_reserve[]: 0 2504 2504 2504 2504
[  299.281234][ T7437] Node 0 DMA32 free:42532kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:2048KB active_anon:36kB inactive_anon:628kB active_file:140kB inactive_file:28kB unevictable:1536kB writepending:48kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:4356kB local_pcp:988kB free_cma:0kB
[  299.311324][ T7437] lowmem_reserve[]: 0 0 0 0 0
[  299.316898][ T7437] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB
[  299.343635][ T7437] lowmem_reserve[]: 0 0 0 0 0
[  299.348501][ T7437] Node 1 Normal free:1397176kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:1260kB inactive_anon:25064kB active_file:49468kB inactive_file:13132kB unevictable:1536kB writepending:568kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:6912kB local_pcp:5936kB free_cma:0kB
[  299.379612][ T7437] lowmem_reserve[]: 0 0 0 0 0
[  299.384356][ T7437] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10244kB
[  299.397084][ T7437] Node 0 DMA32: 31*4kB (UME) 47*8kB (UE) 136*16kB (ME) 104*32kB (UMEH) 50*64kB (ME) 34*128kB (UME) 17*256kB (UME) 6*512kB (UME) 3*1024kB (UM) 7*2048kB (UM) 1*4096kB (M) = 42484kB
[  299.416411][ T7437] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  299.428114][ T7437] Node 1 Normal: 7*4kB (UME) 6*8kB (UME) 11*16kB (ME) 274*32kB (UME) 375*64kB (UME) 51*128kB (UME) 20*256kB (M) 11*512kB (UME) 9*1024kB (UME) 5*2048kB (UME) 324*4096kB (M) = 1396860kB
[  299.446900][ T7437] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  299.456537][ T7437] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  299.465943][ T7437] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  299.475855][ T7437] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  299.485297][ T7437] 20394 total pagecache pages
[  299.490031][ T7437] 1035 pages in swap cache
[  299.494454][ T7437] Free swap  = 107464kB
[  299.498952][ T7437] Total swap = 124996kB
[  299.503191][ T7437] 2097051 pages RAM
[  299.507122][ T7437] 0 pages HighMem/MovableOnly
[  299.511832][ T7437] 424226 pages reserved
[  299.515985][ T7437] 0 pages cma reserved
[  299.928312][ T7441] netlink: 8 bytes leftover after parsing attributes in process `syz.4.314'.
[  300.022839][ T7159] team0: Port device team_slave_0 added
[  300.309489][ T7159] team0: Port device team_slave_1 added
[  300.329122][ T7452] overlay: Unknown parameter 'appraise'
[  301.045775][   T13] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.077520][ T5929] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  301.321828][ T5929] usb 5-1: Using ep0 maxpacket: 8
[  301.340527][ T5929] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  301.350145][ T5929] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.427201][ T5929] usb 5-1: config 0 descriptor??
[  301.442001][ T7459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.316'.
[  301.722703][   T13] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.773531][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_0
[  301.800854][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.884590][ T5929] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  301.929947][ T5929] asix 5-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffc3
[  301.941309][ T5929] asix 5-1:0.0: probe with driver asix failed with error -61
[  301.949473][ T7159] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.098848][ T5886] usb 5-1: USB disconnect, device number 9
[  303.113394][   T13] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.473868][ T7159] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.486493][ T7159] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.517392][ T7159] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.233621][ T7360] chnl_net:caif_netlink_parms(): no params data found
[  304.346619][   T59] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  304.556673][ T5886] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  304.564765][   T59] usb 7-1: Using ep0 maxpacket: 16
[  304.589323][   T59] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=f4.9b
[  304.617024][   T59] usb 7-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  304.681960][   T59] usb 7-1: Product: syz
[  304.701017][   T59] usb 7-1: SerialNumber: syz
[  304.736711][ T5886] usb 5-1: Using ep0 maxpacket: 16
[  304.795895][ T7500] option changes via remount are deprecated (pid=7496 comm=syz.3.323)
[  304.957779][   T59] usb 7-1: config 0 descriptor??
[  304.968061][ T5886] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  304.977523][ T5886] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  304.989510][   T59] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  304.996194][ T5886] usb 5-1: Product: syz
[  305.002417][   T59] dvb_usb_af9015 7-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  305.011902][ T5886] usb 5-1: Manufacturer: syz
[  305.016935][ T5886] usb 5-1: SerialNumber: syz
[  305.022144][   T59] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  305.031261][ T5886] usb 5-1: config 0 descriptor??
[  305.036748][   T59] dvb_usb_af9035 7-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  305.052061][   T13] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.204572][ T5886] usb 7-1: USB disconnect, device number 2
[  305.584092][ T7159] hsr_slave_0: entered promiscuous mode
[  305.657072][ T7159] hsr_slave_1: entered promiscuous mode
[  305.691048][ T7159] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.724806][ T7159] Cannot create hsr debugfs directory
[  306.154571][ T7506] program syz.6.325 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  307.239909][ T7360] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.252391][ T7517] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  307.268604][ T7360] bridge0: port 1(bridge_slave_0) entered disabled state
[  307.275970][ T7360] bridge_slave_0: entered allmulticast mode
[  307.388003][ T7360] bridge_slave_0: entered promiscuous mode
[  307.699749][ T5833] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  307.710773][ T5833] Bluetooth: hci3: Injecting HCI hardware error event
[  307.719877][ T5831] Bluetooth: hci3: hardware error 0x00
[  307.747028][ T7360] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.863358][ T7360] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.966785][ T7360] bridge_slave_1: entered allmulticast mode
[  307.974992][ T7360] bridge_slave_1: entered promiscuous mode
[  308.859051][ T5886] usb 5-1: USB disconnect, device number 10
[  308.992863][ T7360] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.047779][ T7360] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  309.409471][ T7531] warn_alloc: 1 callbacks suppressed
[  309.409520][ T7531] syz.4.331: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  309.430182][ T7531] CPU: 1 UID: 0 PID: 7531 Comm: syz.4.331 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  309.430218][ T7531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  309.430242][ T7531] Call Trace:
[  309.430254][ T7531]  <TASK>
[  309.430271][ T7531]  dump_stack_lvl+0x189/0x250
[  309.430309][ T7531]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.430346][ T7531]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.430399][ T7531]  warn_alloc+0x214/0x310
[  309.430438][ T7531]  ? __pfx_warn_alloc+0x10/0x10
[  309.430461][ T7531]  ? kasan_save_track+0x4f/0x80
[  309.430491][ T7531]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  309.430524][ T7531]  ? xskq_create+0x56/0x170
[  309.430558][ T7531]  ? __x64_sys_setsockopt+0x18b/0x220
[  309.430579][ T7531]  ? do_syscall_64+0xf6/0x210
[  309.430599][ T7531]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.430635][ T7531]  __vmalloc_node_range_noprof+0x125/0x12c0
[  309.430695][ T7531]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  309.430722][ T7531]  ? __kasan_kmalloc+0x93/0xb0
[  309.430761][ T7531]  vmalloc_user_noprof+0x74/0x80
[  309.430784][ T7531]  ? xskq_create+0xbf/0x170
[  309.430816][ T7531]  xskq_create+0xbf/0x170
[  309.430854][ T7531]  xsk_init_queue+0xb0/0x110
[  309.430891][ T7531]  xsk_setsockopt+0x43f/0x710
[  309.430925][ T7531]  ? __pfx_xsk_setsockopt+0x10/0x10
[  309.430959][ T7531]  ? __lock_acquire+0xaac/0xd20
[  309.430998][ T7531]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  309.431020][ T7531]  ? __pfx_xsk_setsockopt+0x10/0x10
[  309.431055][ T7531]  do_sock_setsockopt+0x257/0x3e0
[  309.431081][ T7531]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  309.431101][ T7531]  ? __fget_files+0x2a/0x420
[  309.431140][ T7531]  ? __fget_files+0x3a0/0x420
[  309.431171][ T7531]  ? __fget_files+0x2a/0x420
[  309.431216][ T7531]  __x64_sys_setsockopt+0x18b/0x220
[  309.431247][ T7531]  do_syscall_64+0xf6/0x210
[  309.431269][ T7531]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  309.431291][ T7531]  ? clear_bhb_loop+0x45/0xa0
[  309.431320][ T7531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.431343][ T7531] RIP: 0033:0x7f7c3798e969
[  309.431364][ T7531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.431384][ T7531] RSP: 002b:00007f7c38751038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  309.431408][ T7531] RAX: ffffffffffffffda RBX: 00007f7c37bb6240 RCX: 00007f7c3798e969
[  309.431433][ T7531] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[  309.431447][ T7531] RBP: 00007f7c37a10ab1 R08: 0000000000000052 R09: 0000000000000000
[  309.431462][ T7531] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.431476][ T7531] R13: 0000000000000000 R14: 00007f7c37bb6240 R15: 00007fffa5c03848
[  309.431512][ T7531]  </TASK>
[  309.431581][ T7531] Mem-Info:
[  309.721282][ T7531] active_anon:331 inactive_anon:6588 isolated_anon:0
[  309.721282][ T7531]  active_file:12409 inactive_file:3379 isolated_file:0
[  309.721282][ T7531]  unevictable:768 dirty:70 writeback:0
[  309.721282][ T7531]  slab_reclaimable:5586 slab_unreclaimable:104984
[  309.721282][ T7531]  mapped:43056 shmem:3679 pagetables:1053
[  309.721282][ T7531]  sec_pagetables:0 bounce:0
[  309.721282][ T7531]  kernel_misc_reclaimable:0
[  309.721282][ T7531]  free:291483 free_pcp:1109 free_cma:0
[  309.768250][    C1] vkms_vblank_simulate: vblank timer overrun
[  309.775826][ T7531] Node 0 active_anon:40kB inactive_anon:88kB active_file:140kB inactive_file:28kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111604kB dirty:16kB writeback:0kB shmem:1540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10884kB pagetables:2352kB sec_pagetables:0kB all_unreclaimable? yes Balloon:0kB
[  309.809836][    C1] vkms_vblank_simulate: vblank timer overrun
[  309.816172][ T7531] Node 1 active_anon:1284kB inactive_anon:26264kB active_file:49496kB inactive_file:13488kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60620kB dirty:264kB writeback:0kB shmem:13176kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1388kB pagetables:1860kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  309.849786][    C1] vkms_vblank_simulate: vblank timer overrun
[  309.856068][ T7531] Node 0 DMA free:10244kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB
[  309.856705][ T5831] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  309.887183][ T7531] lowmem_reserve[]: 0 2504 2504 2504 2504
[  309.896795][ T7531] Node 0 DMA32 free:42024kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:4096KB active_anon:40kB inactive_anon:88kB active_file:140kB inactive_file:28kB unevictable:1536kB writepending:16kB present:3129332kB managed:2564664kB mlocked:0kB bounce:0kB free_pcp:2580kB local_pcp:2116kB free_cma:0kB
[  309.928342][ T7531] lowmem_reserve[]: 0 0 0 0 0
[  309.933248][ T7531] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  309.960659][ T7531] lowmem_reserve[]: 0 0 0 0 0
[  309.966843][ T7531] Node 1 Normal free:1112920kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:1284kB inactive_anon:26264kB active_file:49496kB inactive_file:13488kB unevictable:1536kB writepending:264kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:2068kB local_pcp:756kB free_cma:0kB
[  310.002523][ T7531] lowmem_reserve[]: 0 0 0 0 0
[  310.009266][ T7531] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 1*2048kB (M) 2*4096kB (M) = 10244kB
[  310.024143][ T7531] Node 0 DMA32: 30*4kB (UE) 50*8kB (UME) 142*16kB (UME) 102*32kB (UMEH) 50*64kB (UME) 30*128kB (UME) 17*256kB (ME) 6*512kB (ME) 3*1024kB (UM) 7*2048kB (UM) 1*4096kB (M) = 42024kB
[  310.042782][ T7531] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  310.055118][ T7531] Node 1 Normal: 4*4kB (E) 5*8kB (ME) 0*16kB 372*32kB (UME) 374*64kB (UME) 50*128kB (UME) 20*256kB (M) 11*512kB (UME) 7*1024kB (ME) 4*2048kB (ME) 255*4096kB (M) = 1112888kB
[  310.075130][ T7531] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  310.084752][ T7531] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  310.094312][ T7531] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  310.104243][ T7531] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  310.114688][ T7531] 20555 total pagecache pages
[  310.120006][ T7531] 1087 pages in swap cache
[  310.124440][ T7531] Free swap  = 107532kB
[  310.128757][ T7531] Total swap = 124996kB
[  310.132942][ T7531] 2097051 pages RAM
[  310.136831][ T7531] 0 pages HighMem/MovableOnly
[  310.141516][ T7531] 424226 pages reserved
[  310.145677][ T7531] 0 pages cma reserved
[  310.476516][ T5831] Bluetooth: Frame is too long (len 16, expected len 4)
[  312.524446][   T13] bridge_slave_1: left allmulticast mode
[  312.556654][   T13] bridge_slave_1: left promiscuous mode
[  312.786878][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.797660][   T13] bridge_slave_0: left allmulticast mode
[  312.803621][   T13] bridge_slave_0: left promiscuous mode
[  312.821067][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.987426][ T5871] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  314.128690][ T5871] usb 4-1: device descriptor read/64, error -71
[  314.376567][ T5871] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  314.536518][ T5871] usb 4-1: device descriptor read/64, error -71
[  314.682348][ T5871] usb usb4-port1: attempt power cycle
[  314.817619][ T5833] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  314.827437][ T5833] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  314.835653][ T5833] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  314.844712][ T5833] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  314.852576][ T5833] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  315.036508][ T5871] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  315.067557][ T5871] usb 4-1: device descriptor read/8, error -71
[  315.241384][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.269436][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.306507][ T5871] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  315.317372][   T13] bond0 (unregistering): Released all slaves
[  315.357269][ T5871] usb 4-1: device descriptor read/8, error -71
[  315.371955][ T7360] team0: Port device team_slave_0 added
[  315.527604][ T5871] usb usb4-port1: unable to enumerate USB device
[  315.600502][ T7360] team0: Port device team_slave_1 added
[  316.394296][ T7569] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  316.447261][ T7569] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  316.626434][ T5874] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  316.723381][ T7360] batman_adv: batadv0: Adding interface: batadv_slave_0
[  316.781241][ T7360] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  316.886872][ T5831] Bluetooth: hci5: command tx timeout
[  316.926923][ T7360] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.302642][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  317.311495][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  319.013524][ T5831] Bluetooth: hci5: command tx timeout
[  320.226678][ T7360] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.233717][ T7360] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.697242][ T7360] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.046599][ T5833] Bluetooth: hci5: command tx timeout
[  322.497743][ T5874] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  322.624156][ T7360] hsr_slave_0: entered promiscuous mode
[  322.641374][ T7360] hsr_slave_1: entered promiscuous mode
[  322.659978][ T7360] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  322.676586][ T7360] Cannot create hsr debugfs directory
[  322.749870][   T13] hsr_slave_0: left promiscuous mode
[  322.798223][ T5874] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.826527][   T13] hsr_slave_1: left promiscuous mode
[  322.832742][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.854931][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.875821][ T5874] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 64
[  322.930601][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.952805][ T5874] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  322.974566][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.987842][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.038094][ T5874] usb 4-1: Product: syz
[  323.042454][ T5874] usb 4-1: Manufacturer: syz
[  323.058018][ T5874] usb 4-1: SerialNumber: syz
[  323.075914][   T13] veth1_macvtap: left promiscuous mode
[  323.125323][   T13] veth0_macvtap: left promiscuous mode
[  323.146584][   T13] veth1_vlan: left promiscuous mode
[  323.154785][ T7623] overlay: ./file0 is not a directory
[  323.161372][ T5833] Bluetooth: hci5: command tx timeout
[  323.300485][ T7609] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  323.358633][   T13] veth0_vlan: left promiscuous mode
[  323.979366][ T7609] process 'syz.3.346' launched './file0' with NULL argv: empty string added
[  324.434000][ T7609] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  325.132912][ T5874] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  325.143850][ T5874] cdc_ncm 4-1:1.0: dwNtbInMaxSize=14 is too small. Using 2048
[  325.161072][ T5874] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  325.346985][ T5874] cdc_ncm 4-1:1.0: setting tx_max = 16384
[  326.307079][   T13] team0 (unregistering): Port device team_slave_1 removed
[  326.422162][   T13] team0 (unregistering): Port device team_slave_0 removed
[  326.806665][   T31] INFO: task syz.0.163:6598 blocked for more than 143 seconds.
[  326.832799][   T31]       Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0
[  326.850976][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  326.862950][   T31] task:syz.0.163       state:D stack:23672 pid:6598  tgid:6594  ppid:5818   task_flags:0x400040 flags:0x00004004
[  326.875439][   T31] Call Trace:
[  326.879178][   T31]  <TASK>
[  326.883118][   T31]  __schedule+0x168f/0x4c70
[  326.893626][   T31]  ? schedule+0x165/0x360
[  326.901503][   T31]  ? __pfx___schedule+0x10/0x10
[  326.915112][   T31]  ? schedule+0x91/0x360
[  326.960855][   T31]  schedule+0x165/0x360
[  326.978816][   T31]  schedule_preempt_disabled+0x13/0x30
[  327.016528][   T31]  __mutex_lock+0x724/0xe80
[  327.022519][   T31]  ? __mutex_lock+0x51b/0xe80
[  327.033472][   T31]  ? relay_open+0x3b8/0x920
[  327.045178][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  327.056066][   T31]  relay_open+0x3b8/0x920
[  327.071376][   T31]  do_blk_trace_setup+0x591/0x9d0
[  327.086651][   T31]  blk_trace_setup+0x116/0x1f0
[  327.100868][   T31]  ? __pfx_blk_trace_setup+0x10/0x10
[  327.114822][   T31]  ? smack_log+0xef/0x3f0
[  327.120052][   T31]  ? smk_access+0x14c/0x4e0
[  327.124839][   T31]  sg_ioctl+0xaf3/0x2230
[  327.129979][   T31]  ? smack_file_ioctl+0x2a9/0x340
[  327.136757][   T31]  ? __pfx_sg_ioctl+0x10/0x10
[  327.141714][   T31]  ? __rcu_read_unlock+0x84/0xe0
[  327.147413][   T31]  ? __fget_files+0x3a0/0x420
[  327.156783][   T31]  ? __fget_files+0x2a/0x420
[  327.165682][   T31]  ? bpf_lsm_file_ioctl+0x9/0x20
[  327.173147][   T31]  ? __pfx_sg_ioctl+0x10/0x10
[  327.182607][   T31]  __se_sys_ioctl+0xf9/0x170
[  327.195049][   T31]  do_syscall_64+0xf6/0x210
[  327.211945][   T31]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  327.228232][   T31]  ? clear_bhb_loop+0x45/0xa0
[  327.233660][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.240256][   T31] RIP: 0033:0x7f5ba238e969
[  327.244923][   T31] RSP: 002b:00007f5ba329d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  327.254234][   T31] RAX: ffffffffffffffda RBX: 00007f5ba25b6160 RCX: 00007f5ba238e969
[  327.262941][   T31] RDX: 00002000000001c0 RSI: 00000000c0481273 RDI: 0000000000000009
[  327.272587][   T31] RBP: 00007f5ba2410ab1 R08: 0000000000000000 R09: 0000000000000000
[  327.283587][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  327.297187][   T31] R13: 0000000000000000 R14: 00007f5ba25b6160 R15: 00007ffefaa82fc8
[  327.308627][   T31]  </TASK>
[  327.318753][   T31] 
[  327.318753][   T31] Showing all locks held in the system:
[  327.362138][   T31] 4 locks held by kworker/u8:1/13:
[  327.368753][   T31] 1 lock held by khungtaskd/31:
[  327.375412][   T31]  #0: ffffffff8df3b860 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  327.396442][   T31] 3 locks held by kworker/u8:4/64:
[  327.402227][   T31]  #0: ffff88801a089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0
[  327.424678][   T31]  #1: ffffc90001567c60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0
[  327.435999][   T31]  #2: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  327.445879][   T31] 1 lock held by dhcpcd/5484:
[  327.461375][   T31]  #0: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newroute+0x109/0x210
[  327.472498][   T31] 2 locks held by getty/5582:
[  327.477566][   T31]  #0: ffff88814d6750a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  327.488215][   T31]  #1: ffffc900036d32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  327.499774][   T31] 6 locks held by kworker/0:5/5874:
[  327.505606][   T31]  #0: ffff888143ee6948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b1/0x17a0
[  327.517040][   T31]  #1: ffffc90004bd7c60 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ec/0x17a0
[  327.531540][   T31]  #2: ffff888144fa4198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00
[  327.545488][   T31]  #3: ffff88805cde2198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  327.562625][   T31]  #4: ffff88805c6ee160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x400
[  327.586202][   T31]  #5: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: register_netdev+0x18/0x60
[  327.602356][   T31] 3 locks held by syz.1.10/5939:
[  327.608541][   T31] 2 locks held by syz.0.163/6598:
[  327.613895][   T31]  #0: ffff88802523d718 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0xfb/0x1f0
[  327.631024][   T31]  #1: ffffffff8df8ed08 (relay_channels_mutex){+.+.}-{4:4}, at: relay_open+0x3b8/0x920
[  327.649090][   T31] 4 locks held by udevd/6868:
[  327.683113][   T31]  #0: ffff88820ba02e80 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb7/0xe10
[  327.769063][   T31]  #1: ffff888141f3d888 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x55/0x3c0
[  327.837600][   T31]  #2: ffff88820c74e1e8 (kn->active#5){.+.+}-{0:0}, at: kernfs_seq_start+0x75/0x3c0
[  327.848344][   T31]  #3: ffff88805cde2198 (&dev->mutex){....}-{4:4}, at: uevent_show+0x174/0x330
[  327.862781][   T31] 1 lock held by syz-executor/7159:
[  327.868523][   T31]  #0: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3e/0x1c0
[  327.891158][   T31] 1 lock held by syz-executor/7360:
[  327.903003][   T31]  #0: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  327.915737][   T31] 1 lock held by syz-executor/7559:
[  327.925474][   T31]  #0: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: __tun_chr_ioctl+0x37a/0x1d90
[  327.942910][   T31] 2 locks held by syz.3.346/7609:
[  327.949333][   T31]  #0: ffffffff8f3450f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  327.964238][   T31]  #1: ffffffff8f344f08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  327.994702][   T31] 4 locks held by syz.6.349/7626:
[  328.008914][   T31]  #0: ffffffff8f3450f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  328.020470][   T31]  #1: ffff88803375e6d0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0
[  328.031978][   T31]  #2: ffffffff8f344f08 (genl_mutex){+.+.}-{4:4}, at: genl_dumpit+0xdb/0x1b0
[  328.043151][   T31]  #3: ffffffff8f2e0b88 (rtnl_mutex){+.+.}-{4:4}, at: macsec_dump_txsc+0xad/0x280
[  328.053211][   T31] 2 locks held by syz.4.352/7636:
[  328.058722][   T31]  #0: ffffffff8f3450f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  328.068419][   T31]  #1: ffffffff8f344f08 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  328.080033][   T31] 
[  328.092431][   T31] =============================================
[  328.092431][   T31] 
[  328.112274][   T31] NMI backtrace for cpu 0
[  328.112297][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  328.112322][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  328.112334][   T31] Call Trace:
[  328.112343][   T31]  <TASK>
[  328.112352][   T31]  dump_stack_lvl+0x189/0x250
[  328.112382][   T31]  ? __wake_up_klogd+0xd9/0x110
[  328.112406][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.112433][   T31]  ? __pfx__printk+0x10/0x10
[  328.112472][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  328.112500][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  328.112523][   T31]  ? _printk+0xcf/0x120
[  328.112557][   T31]  ? __pfx__printk+0x10/0x10
[  328.112589][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  328.112736][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  328.112769][   T31]  watchdog+0xfee/0x1030
[  328.112795][   T31]  ? watchdog+0x1de/0x1030
[  328.112827][   T31]  kthread+0x70e/0x8a0
[  328.112853][   T31]  ? __pfx_watchdog+0x10/0x10
[  328.112874][   T31]  ? __pfx_kthread+0x10/0x10
[  328.112898][   T31]  ? __pfx_kthread+0x10/0x10
[  328.112918][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.112948][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.112978][   T31]  ? __pfx_kthread+0x10/0x10
[  328.112999][   T31]  ret_from_fork+0x4b/0x80
[  328.113016][   T31]  ? __pfx_kthread+0x10/0x10
[  328.113037][   T31]  ret_from_fork_asm+0x1a/0x30
[  328.113084][   T31]  </TASK>
[  328.113093][   T31] Sending NMI from CPU 0 to CPUs 1:
[  328.269694][    C1] NMI backtrace for cpu 1
[  328.269718][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  328.269738][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  328.269751][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  328.269785][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 db 19 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  328.269800][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  328.269816][    C1] RAX: f95e74ff548b1500 RBX: ffffffff81973c98 RCX: f95e74ff548b1500
[  328.269829][    C1] RDX: 0000000000000001 RSI: ffffffff8d7349db RDI: ffffffff8bc0f4a0
[  328.269842][    C1] RBP: ffffc90000197f20 R08: ffff8880b8932b5b R09: 1ffff1101712656b
[  328.269854][    C1] R10: dffffc0000000000 R11: ffffed101712656c R12: ffffffff8f7d9570
[  328.269867][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110038dcb40
[  328.269878][    C1] FS:  0000000000000000(0000) GS:ffff888126203000(0000) knlGS:0000000000000000
[  328.269892][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  328.269904][    C1] CR2: 0000555564bde5c8 CR3: 000000005f6a0000 CR4: 00000000003526f0
[  328.269919][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  328.269929][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  328.269939][    C1] Call Trace:
[  328.269949][    C1]  <TASK>
[  328.269956][    C1]  default_idle+0x13/0x20
[  328.269974][    C1]  default_idle_call+0x74/0xb0
[  328.269993][    C1]  do_idle+0x1e8/0x510
[  328.270024][    C1]  ? __pfx_do_idle+0x10/0x10
[  328.270047][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.270082][    C1]  cpu_startup_entry+0x44/0x60
[  328.270214][    C1]  start_secondary+0x101/0x110
[  328.270244][    C1]  common_startup_64+0x13e/0x147
[  328.270279][    C1]  </TASK>
[  328.292619][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  328.292648][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(full) 
[  328.292680][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  328.292696][   T31] Call Trace:
[  328.292705][   T31]  <TASK>
[  328.292716][   T31]  dump_stack_lvl+0x99/0x250
[  328.292755][   T31]  ? __asan_memcpy+0x40/0x70
[  328.292787][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  328.292823][   T31]  ? __pfx__printk+0x10/0x10
[  328.292875][   T31]  panic+0x2db/0x790
[  328.292912][   T31]  ? __pfx_panic+0x10/0x10
[  328.292943][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  328.292976][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  328.293003][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  328.293045][   T31]  watchdog+0x102d/0x1030
[  328.293076][   T31]  ? watchdog+0x1de/0x1030
[  328.293113][   T31]  kthread+0x70e/0x8a0
[  328.293143][   T31]  ? __pfx_watchdog+0x10/0x10
[  328.293169][   T31]  ? __pfx_kthread+0x10/0x10
[  328.293196][   T31]  ? __pfx_kthread+0x10/0x10
[  328.293220][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.293254][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  328.293289][   T31]  ? __pfx_kthread+0x10/0x10
[  328.293314][   T31]  ret_from_fork+0x4b/0x80
[  328.293334][   T31]  ? __pfx_kthread+0x10/0x10
[  328.293360][   T31]  ret_from_fork_asm+0x1a/0x30
[  328.293413][   T31]  </TASK>
[  328.607851][   T31] Kernel Offset: disabled
[  328.613080][   T31] Rebooting in 86400 seconds..