last executing test programs:

8.304100678s ago: executing program 3 (id=357):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0x388, 0x41d9fda7)

8.075943436s ago: executing program 2 (id=358):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3, &(0x7f0000000000)={[{@user_xattr}, {@nobarrier}, {@norecovery}, {@errors_remount}, {@grpid}]}, 0x8, 0x638, &(0x7f0000000940)="$eJzs3c9rVNceAPDvnZn8MHnvJcrjvedbPAOPh8KriYlapBSqexH7Y9dVaqJYo5EkpY0VGsFuCqWbFgpddVH7D3TdCoWuuui2i266KoIUyaIWqVPunR9OJpn8GGdyY/L54HXuuWfmnnOTfHPOnJxzJ4A9ayT9rxBxMCKuJxFDDXmlqGaOVJ63/ODmheUH6bFy+dVfk7j5XrLUeK6k+jhYffEfQ5H8UIg4UFxd7vzijSuTMzPTc9X02MLV62PzizeOXr46eWn60vS1iecnTp08cfLU+LH2L66Y/as7e/vNt4c+OPf6F589Ssa//OlcEqfjcfUJ6bU1v7yv/ZIzIzES5YqHjcfTr+uppzz3TvHbUO3n5Imk+QA71sXqz2NPRPwzhqLY8N0civdfzrVyQFeVk6i1UcCek7QV//2drwiwzWr9gMp7+8q2ca+h0OVeCbAd7p+pDABUYr8nImrxX6qMDUZ/NjYwsJysGOdJIuIpRubq0jK+//bc7XSLpnG4FcOGn3SgMGCFpVvZKHct1Bra/ySLzeHoz1IDy4UV8V9o2NLjr7RZ/khTenP9D6ATlm5FxL+q7X/v1uJ/pCH+32izfPEPAAAAAAAAnXP3TEQ8t9b8v0J9/s93X5XLzfN/BiPidAfK3/jvf4V71Z2kA8UBDe6fiXhxzfm/9Tm+w8Vq6q/ZfICe5OLlmeljEfG3iDgSPX1perzpvI0zhI9+eODTVuU3zv9Lt7T82lzA6pnulZoW4k5NLkw+7XUDEfdvRfw7m/97qHpk5fyftP1P1pj/m8b39U2WceB/d863yts4/oFuKX8ecXjN9v9JdztZ//4cY1l/YKzWK1jtP+9+9HWr8sU/5Cdt/wcq8d8ba8d/X9J4v575rZ2/NyKOL5bKrfLb7f/3Jq8VYyk7f20R48LceERvcrZYKzf1zuTCwtzE1uoMu1UtHrLH8Ur8H/nv+uN/9f5/Qxzui4ilTZb5j8eDP7fK0/5DftL4n1q//z+8sv3f+s7EneFvWhSfnN9U+38ia9OPVI8Y/4NGq+/HsdkAzaW6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCMK0TEXyIpjNb3C4XR0YjBiPh7DBRmZucX/n9x9q1rU2le9vn/hdon/Q5V0knt8/+HI6InItL0RDVdyz8eEfsj4uPiviw9emF2ZirviwcAAAAAAAAAAAAAAAAAAIAdYjBb81/ua17/n/qlmHftgK4rVR/FO+w9pbZfWe7raEWAbdd+/APPus3Hf09X6wFsv9bx//BRObOt1QG2kf4/7F1txr8/F8AuoP2HvWqTY3r93a4HkAftPwAAAAAA7Cr7D939MYmIpRf2ZVuqt5pnsj/sboW8KwDkxhxe2LtKs3nXAMhLO+/xB7pQDyA/SX3v9zUX+7ee/Z90p0IAAAAAAAAAAAAAwCqHD1r/D3vV+uv/ze2H3Wyd9f9rBb/bBcAu0vqjP7T9sNt5jw8kG/wisP4fAAAAAAAAAAAAAHaA/htXJmdmpufmF5+9nZfaeFVf3pVfmtwJX7rO7jzuzpl7ImJnXGCndpKIqB2JUusn127BkWNVc/69BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1P0ZAAD//07JJFQ=")
r0 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
r1 = semget$private(0x0, 0x5, 0x480)
semctl$IPC_RMID(r1, 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
r2 = eventfd2(0x8000, 0x800)
write$eventfd(r2, &(0x7f0000000080)=0xfffffffffffffffb, 0x65)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020001000900010073797a300000000008000240000000032c000000030a01030000e6ff00000027020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_QUEUE_TOTAL={0x6, 0x2, 0x1, 0x0, 0xffff}, @NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x6}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a090400040000000000000200000014000480100001800c0001007061796c6f6164000c00034000000000000000040900020073797a3200000000140002001100014000000000000000000000000a"], 0x68}}, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

6.625285507s ago: executing program 3 (id=361):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001100)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffbff}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000000600)="80000080be44cba7ee6a3984f4c3", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r5, 0x1, 0xd8, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, 0x14)

4.780877134s ago: executing program 2 (id=364):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file5\x00', 0x82c0, 0x101)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_audit(0x10, 0x3, 0x9)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/3\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0, 0xfffffffffffffffb, 0x1, 0xfffffffffffffffd})
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

4.69058912s ago: executing program 0 (id=366):
r0 = inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x3)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x10000a0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
inotify_rm_watch(r0, r3)

4.690137999s ago: executing program 3 (id=367):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x64, 0x2, 0x6, 0x5, 0xa, 0x0, {0x0, 0x0, 0x5}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0xfffd}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x5}]}]}, 0x64}}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000080)="09000300010001", 0x7)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r4=>0x0})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r5}, 0x4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0x19, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x100}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0xb6}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfff}}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r7, 0x0, 0x10, 0x10, &(0x7f00000006c0)="0000000005000000", &(0x7f0000000700)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r1, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)

4.531223156s ago: executing program 0 (id=368):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000640)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0x3, 0x6369, 0x7, 0x0, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70b928, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0xffff, 0xb}, {0x4, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x5, 0x7, 0x40, 0x1, 0x0, 0xa}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="452eadc200"})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4)

4.341930087s ago: executing program 1 (id=369):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
flock(0xffffffffffffffff, 0x3)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x8, &(0x7f0000000180)=@raw=[@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x7}}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f0000000080)={0xf400, 0x1}, 0xf4240}, 0x94)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000040)=0x80, 0x4)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r3, 0x113, 0x1, &(0x7f00000000c0)=0x1, 0x4)

4.168094006s ago: executing program 3 (id=370):
fsopen(&(0x7f0000000000)='jffs2\x00', 0x1)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r1 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r1, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @mcast1, 0x5}, 0x1c)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200000054000480500001800a0001006d6174636800000040000280080002400000000028000300ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316330b00010068656c70657200000900010073797a30000000000900020073797a32", @ANYRES8=r1, @ANYRES8=r1], 0xa8}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r3 = dup2(r1, r1)
sendmmsg$unix(r3, &(0x7f0000008380), 0x400000000000174, 0x4008890)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x0, 0x0, 0x3}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYRESOCT=r3], &(0x7f0000000400)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x800)

4.134203452s ago: executing program 2 (id=371):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3380, 0x1, 0x40024e}, 0x0, 0x0, 0x0)
eventfd2(0x7fffffff, 0x800)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff], 0x0, 0x1})

3.806380297s ago: executing program 1 (id=372):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x24004001}, 0x0)
socket(0x2a, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.528843873s ago: executing program 2 (id=373):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000340)="fb", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x2, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592266c5b98fb19402835fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8)
r1 = fsopen(&(0x7f0000000200)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
dup(r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x8)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200060c10000000010000000000", 0x58}], 0x1)

3.517557005s ago: executing program 0 (id=374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
sendto$inet6(r3, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f00000002c0)=ANY=[], 0x9)

3.338288845s ago: executing program 1 (id=375):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x15, 0x3, &(0x7f00000001c0)=ANY=[], 0x0}, 0x94)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000840)}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, &(0x7f0000000300)=0x7, 0x4)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, &(0x7f00000002c0)={0x0, 0x1, 0x2})
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

2.842579687s ago: executing program 3 (id=376):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mknod$loop(0x0, 0x6000, 0x0)
creat(0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0xffffff51}, 0x1, 0x0, 0x0, 0x2000c014}, 0x80)
getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=@newlink={0x38, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @dev}]}}}]}, 0x38}}, 0x20000080)
sendto$packet(r1, &(0x7f0000000280)="3562547ac6b644a1775d0e6cbf8eeccaa8afd8b5be55606900bc4d904906da590cd409", 0x23, 0x4c800, &(0x7f0000000200)={0x11, 0x8100, r4, 0x1, 0x9, 0x6, @local}, 0x14)

2.449914192s ago: executing program 1 (id=377):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresuid(0x0, 0xee01, 0x0)
r3 = fanotify_init(0x200, 0x0)
close(r3)

2.382630733s ago: executing program 2 (id=378):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.382324863s ago: executing program 0 (id=379):
socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$inet(0x2, 0x4000000000000001, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
openat$urandom(0xffffffffffffff9c, &(0x7f0000000500), 0x123a00, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6(0xa, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x111, 0x6}}, 0x20)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x4}}, 0x20)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

1.458900297s ago: executing program 0 (id=380):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000000)=@security={'security\x00', 0x64, 0x4, 0x558, 0x100000c, 0x1c8, 0xc8, 0x0, 0xffffffff, 0xffffffff, 0x4c0, 0x4c0, 0x4c0, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @rand_addr, 0x0, 0x0, 'veth0_vlan\x00', 'syzkaller1\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@addrtype={{0x30}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}, {{@uncond, 0x0, 0xa0, 0x100, 0x0, {}, [@common=@unspec=@cluster={{0x30}, {0x0, 0x7}}]}, @common=@SET={0x60}}, {{@ip={@empty, @private, 0x0, 0x0, 'wg2\x00', 'veth0\x00'}, 0x0, 0x2d0, 0x2f8, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0xc9}]}}, @common=@ah={{0x30}}]}, @common=@inet=@TCPMSS={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x5b8)

1.360857013s ago: executing program 1 (id=381):
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000000c0), 0x3ffffffffc, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x800000000000)
ptrace$setsig(0x4203, r2, 0x0, &(0x7f0000001040)={0x3e, 0x4, 0x7})

1.360443823s ago: executing program 3 (id=382):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000003b80)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r3, &(0x7f0000000400)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r3, &(0x7f0000005240), 0x4000095, 0x4008880)
setxattr$trusted_overlay_redirect(0x0, &(0x7f0000000100), 0x0, 0x0, 0x2)

1.278540307s ago: executing program 2 (id=383):
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r3, 0x1, 0x2a, &(0x7f0000000100)=0xfffe, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000240)="3d4077e50823a7746c0ee30dd0afdfb5ff2a258d495dc9d2c2a25bc7dc0b11bde0d15d0770675db17901", 0x2a}, {&(0x7f0000000080)="b28231adddba8ed6f23bf98ca8caa015ab797f57", 0x14}], 0x2, 0x0)
recvmmsg(r3, &(0x7f0000001440)=[{{&(0x7f0000000280)=@un=@abs, 0x0, &(0x7f0000001400)=[{&(0x7f0000001480)=""/1}, {&(0x7f0000000300)=""/102}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/111}]}}], 0x700, 0x40002002, 0x0)
write$binfmt_misc(r2, &(0x7f0000000040), 0xffc1)
setsockopt$sock_int(r3, 0x1, 0x10, &(0x7f0000000180)=0x55b7, 0x4)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(0xffffffffffffffff, 0x4068aea3, 0x0)

30.913095ms ago: executing program 1 (id=384):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r4, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r4, 0x0, 0x0, 0x1, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000180)=0x2)
fcntl$setsig(r1, 0xa, 0x12)
ppoll(&(0x7f0000000140)=[{r2, 0x8002}], 0x1, 0x0, 0x0, 0x0)
r5 = dup2(r1, r2)
fcntl$setown(r5, 0x8, r0)
tkill(r0, 0x13)

0s ago: executing program 0 (id=385):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r3, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffffffff2e2be82db1af00000000", 0x18)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e20, 0x1000040, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3c}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.71' (ED25519) to the list of known hosts.
[   73.911217][ T5754] cgroup: Unknown subsys name 'net'
[   74.050427][ T5754] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   75.442294][ T5754] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.871342][ T5771] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.888370][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.897117][ T5777] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.906961][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.915347][ T5777] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.923430][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.931552][ T5777] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.941213][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.958411][ T5778] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.962946][ T5777] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   76.976107][ T5779] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.982869][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   76.991848][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   77.002881][ T5777] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   77.008489][ T5781] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   77.010869][ T5779] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   77.020539][ T5781] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   77.026345][ T5779] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   77.042247][ T5777] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   77.042275][ T5779] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   77.050652][ T5777] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   77.072245][ T5777] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   77.080858][ T5777] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   77.088692][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   77.475904][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   77.581610][ T5768] chnl_net:caif_netlink_parms(): no params data found
[   77.593135][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   77.721844][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.730770][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.740071][ T5767] bridge_slave_0: entered allmulticast mode
[   77.747672][ T5767] bridge_slave_0: entered promiscuous mode
[   77.761435][ T5766] chnl_net:caif_netlink_parms(): no params data found
[   77.783479][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.790750][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.798352][ T5767] bridge_slave_1: entered allmulticast mode
[   77.806098][ T5767] bridge_slave_1: entered promiscuous mode
[   77.895514][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.903259][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.910769][ T5769] bridge_slave_0: entered allmulticast mode
[   77.917827][ T5769] bridge_slave_0: entered promiscuous mode
[   77.926689][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.934090][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.941696][ T5768] bridge_slave_0: entered allmulticast mode
[   77.949028][ T5768] bridge_slave_0: entered promiscuous mode
[   77.970592][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.977998][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.985648][ T5769] bridge_slave_1: entered allmulticast mode
[   77.993026][ T5769] bridge_slave_1: entered promiscuous mode
[   78.000236][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.008978][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.018755][ T5768] bridge_slave_1: entered allmulticast mode
[   78.025845][ T5768] bridge_slave_1: entered promiscuous mode
[   78.035558][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.049879][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.126774][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.134516][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[   78.142170][ T5766] bridge_slave_0: entered allmulticast mode
[   78.148963][ T5766] bridge_slave_0: entered promiscuous mode
[   78.178974][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.188801][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.197693][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.206042][ T5766] bridge_slave_1: entered allmulticast mode
[   78.213974][ T5766] bridge_slave_1: entered promiscuous mode
[   78.224621][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.237817][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.251871][ T5767] team0: Port device team_slave_0 added
[   78.261538][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.298768][ T5767] team0: Port device team_slave_1 added
[   78.318656][ T5769] team0: Port device team_slave_0 added
[   78.363410][ T5769] team0: Port device team_slave_1 added
[   78.370346][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.380017][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.408537][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.424300][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.436928][ T5768] team0: Port device team_slave_0 added
[   78.446373][ T5768] team0: Port device team_slave_1 added
[   78.469780][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.477266][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.505029][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.519299][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.575425][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.583092][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.610830][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.623523][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.630698][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.658972][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.673849][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.681111][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.708496][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.727344][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.737061][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.763982][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.790687][ T5766] team0: Port device team_slave_0 added
[   78.821558][ T5767] hsr_slave_0: entered promiscuous mode
[   78.828034][ T5767] hsr_slave_1: entered promiscuous mode
[   78.838447][ T5766] team0: Port device team_slave_1 added
[   78.868023][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.875051][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.901531][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.948799][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.956141][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.985296][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.009434][ T5769] hsr_slave_0: entered promiscuous mode
[   79.016436][ T5769] hsr_slave_1: entered promiscuous mode
[   79.023218][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.031258][ T5769] Cannot create hsr debugfs directory
[   79.042254][ T5768] hsr_slave_0: entered promiscuous mode
[   79.049617][ T5768] hsr_slave_1: entered promiscuous mode
[   79.056081][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.064056][ T5768] Cannot create hsr debugfs directory
[   79.123613][ T5776] Bluetooth: hci0: command tx timeout
[   79.123896][ T5779] Bluetooth: hci2: command tx timeout
[   79.136089][ T5777] Bluetooth: hci1: command tx timeout
[   79.206258][ T5766] hsr_slave_0: entered promiscuous mode
[   79.212565][ T5777] Bluetooth: hci3: command tx timeout
[   79.219141][ T5766] hsr_slave_1: entered promiscuous mode
[   79.225308][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   79.233195][ T5766] Cannot create hsr debugfs directory
[   79.516123][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.554915][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.577129][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.601031][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.624299][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.642427][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.661091][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.675658][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.748973][ T5768] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.776185][ T5768] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.787166][ T5768] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.797610][ T5768] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.868168][ T5766] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.880511][ T5766] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.891194][ T5766] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.901274][ T5766] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   80.044894][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.074895][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.097646][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   80.121750][ T3473] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.129383][ T3473] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.143352][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.150744][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.174421][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   80.201020][ T3473] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.208479][ T3473] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.243828][ T1774] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.251525][ T1774] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.279815][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.296393][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   80.328344][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   80.364274][ T3554] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.371458][ T3554] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.390942][ T3554] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.398379][ T3554] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.421370][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   80.446360][ T3554] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.453874][ T3554] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.518639][ T3473] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.526074][ T3473] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.601336][ T5768] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   80.778939][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.928444][ T5767] veth0_vlan: entered promiscuous mode
[   80.963770][ T5767] veth1_vlan: entered promiscuous mode
[   81.029930][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.085708][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.100287][ T5767] veth0_macvtap: entered promiscuous mode
[   81.144137][ T5767] veth1_macvtap: entered promiscuous mode
[   81.175732][ T5768] veth0_vlan: entered promiscuous mode
[   81.200988][ T5769] veth0_vlan: entered promiscuous mode
[   81.209569][ T5777] Bluetooth: hci1: command tx timeout
[   81.209621][ T5779] Bluetooth: hci2: command tx timeout
[   81.215194][ T5777] Bluetooth: hci0: command tx timeout
[   81.230311][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.241719][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.257589][ T5768] veth1_vlan: entered promiscuous mode
[   81.283695][ T5779] Bluetooth: hci3: command tx timeout
[   81.289853][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.299640][ T5769] veth1_vlan: entered promiscuous mode
[   81.357069][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.367068][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.378387][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.387770][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.431062][ T5769] veth0_macvtap: entered promiscuous mode
[   81.468587][ T5769] veth1_macvtap: entered promiscuous mode
[   81.487437][ T5768] veth0_macvtap: entered promiscuous mode
[   81.499929][ T5768] veth1_macvtap: entered promiscuous mode
[   81.511017][ T5766] veth0_vlan: entered promiscuous mode
[   81.547486][ T5766] veth1_vlan: entered promiscuous mode
[   81.563694][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.583650][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.599092][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.629417][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.658945][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.669397][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.680540][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.695503][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.707213][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.719900][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.731688][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.761765][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.780240][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.789550][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.798780][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.826614][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.838444][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.849891][ T5768] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.865003][ T5768] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.876751][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.894834][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.910061][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.946653][ T5768] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.958408][ T5768] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.969602][ T5768] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.978542][ T5768] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.997667][ T5766] veth0_macvtap: entered promiscuous mode
[   82.017207][ T5766] veth1_macvtap: entered promiscuous mode
[   82.055833][ T1774] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.069469][ T1774] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.097053][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.107982][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.118616][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.130422][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.140711][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.151380][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.170138][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.209336][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.222054][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.234679][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.246228][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.256434][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.268119][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.280088][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.310128][ T5766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.325621][ T5766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.335066][ T5766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.344253][ T5766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.394488][ T3473] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.407897][ T3473] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.523832][ T1774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.544316][ T1774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.611334][ T3554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.629042][ T3554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.734704][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.751501][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.282184][ T5779] Bluetooth: hci0: command tx timeout
[   83.288586][ T5779] Bluetooth: hci2: command tx timeout
[   83.296516][ T5779] Bluetooth: hci1: command tx timeout
[   83.365801][ T5779] Bluetooth: hci3: command tx timeout
[   83.432728][ T1774] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.477115][ T1774] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.112582][ T3554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.139237][ T3554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.734456][ T5779] Bluetooth: hci1: command tx timeout
[   85.739938][ T5779] Bluetooth: hci2: command tx timeout
[   85.745470][ T5777] Bluetooth: hci0: command tx timeout
[   85.751394][ T5777] Bluetooth: hci3: command tx timeout
[   86.936760][ T5866] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   87.172794][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   88.532993][ T5880] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.390524][ T5884] syz.1.15[5884]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   89.438849][ T5884] loop1: detected capacity change from 0 to 512
[   90.338299][ T5884] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[   90.380914][ T5884] EXT4-fs warning (device loop1): ext4_enable_quotas:7188: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   90.489297][ T5884] EXT4-fs (loop1): mount failed
[   90.575210][ T5893] netlink: 'syz.3.16': attribute type 1 has an invalid length.
[   90.888702][ T5896] netlink: 14 bytes leftover after parsing attributes in process `syz.3.16'.
[   92.081072][ T5903] loop1: detected capacity change from 0 to 256
[   92.927155][ T5903] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   92.933427][   T42] cfg80211: failed to load regulatory.db
[   95.144875][ T5922] xt_TPROXY: Can be used only with -p tcp or -p udp
[   96.001121][ T5933] netlink: 24 bytes leftover after parsing attributes in process `syz.2.28'.
[   96.915248][ T5946] x_tables: duplicate entry at hook 3
[   96.958553][ T5946] netlink: 'syz.2.30': attribute type 16 has an invalid length.
[   96.983395][ T5946] netlink: 'syz.2.30': attribute type 17 has an invalid length.
[   97.006170][ T5947] loop3: detected capacity change from 0 to 2048
[   97.142392][    T8] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   97.184927][ T5946] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   97.208549][ T5947] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.539761][    T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   97.741528][    T8] usb 1-1: config 0 has no interfaces?
[   97.850762][    T8] usb 1-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[   97.872040][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.880458][    T8] usb 1-1: Product: syz
[   98.089079][    T8] usb 1-1: Manufacturer: syz
[   98.094272][    T8] usb 1-1: SerialNumber: syz
[   98.106453][    T8] usb 1-1: config 0 descriptor??
[   98.166094][ T5955] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[   99.885426][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.924080][    T8] usb 1-1: USB disconnect, device number 2
[  100.144827][ T5962] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  101.205915][ T5969] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  101.480931][ T5971] sch_tbf: burst 6281 is lower than device lo mtu (65550) !
[  101.566965][ T5980] netlink: 12 bytes leftover after parsing attributes in process `syz.1.35'.
[  101.796312][ T5980] vlan2: entered allmulticast mode
[  101.804557][ T5980] veth1_to_hsr: entered allmulticast mode
[  102.620450][ T5989] bridge_slave_0: left allmulticast mode
[  102.628506][ T5989] bridge_slave_0: left promiscuous mode
[  102.906254][ T5989] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.717778][ T5997] netlink: 12 bytes leftover after parsing attributes in process `syz.0.44'.
[  104.219036][ T5989] bridge_slave_1: left allmulticast mode
[  104.241370][ T5989] bridge_slave_1: left promiscuous mode
[  104.277703][ T5989] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.333484][ T5989] bond0: (slave bond_slave_0): Releasing backup interface
[  104.406564][ T5989] bond0: (slave bond_slave_1): Releasing backup interface
[  104.465074][ T5989] team0: Port device team_slave_0 removed
[  104.505400][ T5989] team0: Port device team_slave_1 removed
[  104.512778][ T5989] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.520425][ T5989] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.553572][ T5989] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.575649][ T5989] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.654218][ T5993] team0: Mode changed to "broadcast"
[  104.661491][ T6002] syz_tun: entered allmulticast mode
[  104.797868][ T6014] UBIFS error (pid: 6014): cannot open "./file0", error -22
[  105.623680][ T6019] netlink: 'syz.2.51': attribute type 1 has an invalid length.
[  109.395501][ T6047] syzkaller0: entered promiscuous mode
[  109.412076][ T6047] syzkaller0: entered allmulticast mode
[  110.652432][ T6063] sctp: failed to load transform for md5: -2
[  112.004101][ T6086] netlink: zone id is out of range
[  112.009576][ T6086] netlink: zone id is out of range
[  112.053299][ T6086] netlink: zone id is out of range
[  112.082896][ T6086] netlink: zone id is out of range
[  112.113335][ T6086] netlink: zone id is out of range
[  112.131821][ T6090] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  112.146316][ T6086] netlink: zone id is out of range
[  112.161672][ T6086] netlink: zone id is out of range
[  112.181084][ T6086] netlink: zone id is out of range
[  112.213564][ T6086] netlink: zone id is out of range
[  113.846418][ T6107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.74'.
[  113.994218][ T6110] binder: 6109:6110 ioctl c0306201 200000000080 returned -14
[  114.038923][ T6110] binder: 6109:6110 ioctl 4068aea3 0 returned -22
[  114.108108][ T6112] binder: 6109:6112 ioctl c0306201 2000000003c0 returned -14
[  114.522165][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  117.336689][ T6136] netlink: 'syz.1.82': attribute type 4 has an invalid length.
[  117.391721][ T6138] netlink: 24 bytes leftover after parsing attributes in process `syz.3.83'.
[  117.427506][ T6136] netlink: 'syz.1.82': attribute type 4 has an invalid length.
[  117.473613][ T6136] netlink: 'syz.1.82': attribute type 4 has an invalid length.
[  117.615032][ T6136] syz.1.82 (6136) used greatest stack depth: 20872 bytes left
[  118.169851][   T42] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  118.364157][   T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.389014][   T42] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  118.405747][   T42] usb 4-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[  118.427377][   T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.458205][   T42] usb 4-1: config 0 descriptor??
[  118.689876][   T23] usb 4-1: USB disconnect, device number 2
[  118.700083][ T6157] binder: 6155:6157 ioctl c0306201 200000000080 returned -14
[  118.739165][ T6157] binder: 6155:6157 ioctl 4068aea3 0 returned -22
[  118.758588][ T6157] binder: 6155:6157 ioctl c0306201 2000000003c0 returned -14
[  123.022135][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  127.936012][ T6217] loop1: detected capacity change from 0 to 2048
[  128.151861][ T6217] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.202375][ T6225] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1244: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  128.590892][ T6227] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  128.727923][ T6227] EXT4-fs (loop1): This should not happen!! Data will be lost
[  128.727923][ T6227] 
[  128.833980][ T6227] EXT4-fs (loop1): Total free blocks count 0
[  128.840263][ T6227] EXT4-fs (loop1): Free/Dirty block details
[  128.879519][ T6227] EXT4-fs (loop1): free_blocks=2415919504
[  128.897625][ T6227] EXT4-fs (loop1): dirty_blocks=32
[  128.907702][ T6227] EXT4-fs (loop1): Block reservation details
[  128.932350][ T6227] EXT4-fs (loop1): i_reserved_data_blocks=2
[  129.264684][ T3468] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 192 with error 28
[  130.553743][ T6250] netlink: 24 bytes leftover after parsing attributes in process `syz.3.111'.
[  131.580442][ T6252] netlink: 28 bytes leftover after parsing attributes in process `syz.3.111'.
[  131.611308][ T6252] veth3: entered promiscuous mode
[  131.653366][ T6252] veth3: entered allmulticast mode
[  131.799262][ T6256] netlink: 'syz.1.112': attribute type 1 has an invalid length.
[  132.207882][ T6256] bond1: entered promiscuous mode
[  132.549879][ T6256] 8021q: adding VLAN 0 to HW filter on device bond1
[  132.635664][ T6257] vlan3: entered allmulticast mode
[  132.640867][ T6257] bond1: entered allmulticast mode
[  132.784584][ T6260] bond1: (slave bridge1): making interface the new active one
[  132.802031][ T6260] bridge1: entered promiscuous mode
[  132.818013][ T6260] bridge1: entered allmulticast mode
[  132.838760][ T6260] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  132.899442][ T6271] netlink: 12 bytes leftover after parsing attributes in process `syz.3.117'.
[  132.986577][ T6271] 8021q: adding VLAN 0 to HW filter on device bond1
[  133.208917][ T6273] bond1: entered promiscuous mode
[  133.232731][ T6273] bond1: entered allmulticast mode
[  133.249357][ T6273] 8021q: adding VLAN 0 to HW filter on device bond1
[  133.285626][ T6273] team0: Port device bond1 added
[  133.381383][ T6271] vxcan3: entered promiscuous mode
[  133.391634][ T6271] bond1: (slave vxcan3): refused to change device type
[  133.689782][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  133.696871][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  134.039315][ T6299] loop2: detected capacity change from 0 to 16
[  134.111440][ T6299] erofs: (device loop2): mounted with root inode @ nid 36.
[  134.177768][ T6299] sch_fq: defrate 0 ignored.
[  134.202558][ T2131] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  134.460544][ T2131] usb 4-1: unable to get BOS descriptor or descriptor too short
[  134.488179][ T2131] usb 4-1: unable to read config index 0 descriptor/start: -71
[  134.514077][ T2131] usb 4-1: can't read configurations, error -71
[  134.628829][ T6312] netlink: 'syz.1.131': attribute type 21 has an invalid length.
[  134.637602][ T6312] netlink: 128 bytes leftover after parsing attributes in process `syz.1.131'.
[  134.647242][ T6312] netlink: 3 bytes leftover after parsing attributes in process `syz.1.131'.
[  134.670475][ T6312] netlink: 'syz.1.131': attribute type 21 has an invalid length.
[  134.679291][ T6312] netlink: 128 bytes leftover after parsing attributes in process `syz.1.131'.
[  134.689250][ T6312] netlink: 3 bytes leftover after parsing attributes in process `syz.1.131'.
[  140.716002][ T6351] net_ratelimit: 24 callbacks suppressed
[  140.716017][ T6351] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  140.742872][    C0] Illegal XDP return value 16128 on prog  (id 23) dev lo, expect packet loss!
[  140.818801][ T6350] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  141.142239][    T8] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  142.972849][ T6370] fuse: Unknown parameter 'grou00000000000000000000'
[  143.043887][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  143.112701][    T8] usb 1-1: unable to read config index 0 descriptor/start: -71
[  143.141686][    T8] usb 1-1: can't read configurations, error -71
[  145.180272][ T6386] netlink: 52 bytes leftover after parsing attributes in process `syz.1.152'.
[  145.189848][   T23] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  145.566855][ T6388] netlink: 76 bytes leftover after parsing attributes in process `syz.1.152'.
[  145.793579][ T6388] netlink: 52 bytes leftover after parsing attributes in process `syz.1.152'.
[  146.026301][   T23] usb 4-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  146.042418][   T23] usb 4-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  146.064728][   T23] usb 4-1: New USB device found, idVendor=03f0, idProduct=0f9b, bcdDevice=d2.cf
[  146.083635][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.095592][ T6390] process 'syz.0.153' launched './file1' with NULL argv: empty string added
[  146.104934][   T23] usb 4-1: Product: syz
[  146.109129][   T23] usb 4-1: Manufacturer: syz
[  146.118384][   T23] usb 4-1: SerialNumber: syz
[  146.382574][    T8] usb 4-1: USB disconnect, device number 5
[  147.471968][    C0] sched: RT throttling activated
[  147.664825][ T6416] netlink: 'syz.1.159': attribute type 1 has an invalid length.
[  147.696416][ T6416] 8021q: adding VLAN 0 to HW filter on device bond2
[  148.388128][ T6416] bond2: (slave ip6gretap1): making interface the new active one
[  148.448612][ T6416] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  150.362576][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  154.940998][ T6495] Cannot find add_set index 0 as target
[  157.158295][ T6530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.191'.
[  157.580993][ T6534] netlink: 'syz.1.192': attribute type 1 has an invalid length.
[  157.993667][ T6534] 8021q: adding VLAN 0 to HW filter on device bond3
[  158.030531][ T6536] bond3: entered allmulticast mode
[  158.138294][ T6538] bond3: (slave ip6gretap2): making interface the new active one
[  158.244600][ T6538] ip6gretap2: entered allmulticast mode
[  158.268133][ T6538] bond3: (slave ip6gretap2): Enslaving as an active interface with an up link
[  160.922599][ T6555] netlink: 'syz.0.197': attribute type 1 has an invalid length.
[  161.659109][ T6555] bond1: entered promiscuous mode
[  161.676111][ T6555] 8021q: adding VLAN 0 to HW filter on device bond1
[  161.725497][ T6561] vlan2: entered allmulticast mode
[  161.736861][ T6561] bond1: entered allmulticast mode
[  162.797363][ T6555] bond1: (slave bridge1): making interface the new active one
[  162.814752][ T6572] netlink: 'syz.1.203': attribute type 1 has an invalid length.
[  162.822791][ T6555] bridge1: entered promiscuous mode
[  162.828366][ T6555] bridge1: entered allmulticast mode
[  162.848657][ T6555] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  163.338290][ T6579] netlink: 12 bytes leftover after parsing attributes in process `syz.0.206'.
[  165.310965][ T6579] netlink: 63 bytes leftover after parsing attributes in process `syz.0.206'.
[  166.602176][ T6604] netlink: 'syz.2.212': attribute type 1 has an invalid length.
[  166.646373][ T6604] bond1: entered promiscuous mode
[  166.653164][ T6604] 8021q: adding VLAN 0 to HW filter on device bond1
[  166.715804][ T6604] vlan2: entered allmulticast mode
[  166.721175][ T6604] bond1: entered allmulticast mode
[  166.800731][ T6604] bond1: (slave bridge1): making interface the new active one
[  166.829303][ T6604] bridge1: entered promiscuous mode
[  166.839711][ T6604] bridge1: entered allmulticast mode
[  166.857520][ T6604] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  169.497341][ T6624] loop0: detected capacity change from 0 to 512
[  169.547110][ T6624] EXT4-fs: Ignoring removed orlov option
[  169.721605][ T6624] EXT4-fs: Ignoring removed mblk_io_submit option
[  169.802443][ T6624] ext4: Unknown parameter 'obj_user'
[  174.384185][ T6672] netlink: 'syz.3.234': attribute type 9 has an invalid length.
[  175.734364][ T6688] binder_alloc: 6687: binder_alloc_buf, no vma
[  176.665695][ T6698] syz_tun: entered allmulticast mode
[  176.853370][ T6696] syz_tun: left allmulticast mode
[  180.446196][ T6748] syzkaller0: entered promiscuous mode
[  180.466945][ T6748] syzkaller0: entered allmulticast mode
[  182.166304][ T6769] syz.2.260: vmalloc error: size 18446744073709551614, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  182.213830][ T6769] CPU: 0 PID: 6769 Comm: syz.2.260 Not tainted syzkaller #0
[  182.221188][ T6769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  182.231567][ T6769] Call Trace:
[  182.234974][ T6769]  <TASK>
[  182.237929][ T6769]  dump_stack_lvl+0x18c/0x250
[  182.242678][ T6769]  ? show_regs_print_info+0x20/0x20
[  182.248019][ T6769]  ? load_image+0x420/0x420
[  182.252585][ T6769]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  182.259059][ T6769]  ? cpuset_print_current_mems_allowed+0x2e7/0x360
[  182.265701][ T6769]  warn_alloc+0x246/0x340
[  182.270096][ T6769]  ? zone_watermark_ok_safe+0x230/0x230
[  182.275877][ T6769]  ? __mutex_trylock_common+0x159/0x260
[  182.281554][ T6769]  __vmalloc_node_range+0x126/0x1330
[  182.287081][ T6769]  ? tomoyo_path_number_perm+0x217/0x620
[  182.293108][ T6769]  ? rcu_is_watching+0x15/0xb0
[  182.297970][ T6769]  ? trace_contention_end+0x39/0xe0
[  182.303274][ T6769]  ? __mutex_lock+0x315/0xcc0
[  182.308258][ T6769]  ? tomoyo_path_number_perm+0x5b4/0x620
[  182.313942][ T6769]  ? dvb_dvr_do_ioctl+0x79/0x220
[  182.318934][ T6769]  ? tomoyo_path_number_perm+0x217/0x620
[  182.324627][ T6769]  ? free_vm_area+0x50/0x50
[  182.329263][ T6769]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  182.334420][ T6769]  vmalloc+0x79/0x90
[  182.338356][ T6769]  ? dvb_dvr_do_ioctl+0x12e/0x220
[  182.343698][ T6769]  dvb_dvr_do_ioctl+0x12e/0x220
[  182.348694][ T6769]  dvb_usercopy+0x195/0x2b0
[  182.353330][ T6769]  ? dvb_dvr_release+0x3e0/0x3e0
[  182.358394][ T6769]  ? dvb_generic_ioctl+0xb0/0xb0
[  182.363567][ T6769]  ? dvb_dvr_poll+0x230/0x230
[  182.368493][ T6769]  dvb_dvr_ioctl+0x29/0x30
[  182.372958][ T6769]  __se_sys_ioctl+0xfd/0x170
[  182.377681][ T6769]  do_syscall_64+0x55/0xa0
[  182.382334][ T6769]  ? clear_bhb_loop+0x40/0x90
[  182.387132][ T6769]  ? clear_bhb_loop+0x40/0x90
[  182.392215][ T6769]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  182.398423][ T6769] RIP: 0033:0x7f2958f9c819
[  182.402892][ T6769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  182.422982][ T6769] RSP: 002b:00007f2959e7d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  182.431694][ T6769] RAX: ffffffffffffffda RBX: 00007f2959216090 RCX: 00007f2958f9c819
[  182.439878][ T6769] RDX: fffffffffffffffe RSI: 0000000000006f2d RDI: 0000000000000004
[  182.447853][ T6769] RBP: 00007f2959032c91 R08: 0000000000000000 R09: 0000000000000000
[  182.455913][ T6769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.464003][ T6769] R13: 00007f2959216128 R14: 00007f2959216090 R15: 00007ffd01fddeb8
[  182.472008][ T6769]  </TASK>
[  183.621752][ T6769] Mem-Info:
[  183.679679][ T6769] active_anon:42091 inactive_anon:0 isolated_anon:0
[  183.679679][ T6769]  active_file:16062 inactive_file:39966 isolated_file:0
[  183.679679][ T6769]  unevictable:768 dirty:192 writeback:0
[  183.679679][ T6769]  slab_reclaimable:10270 slab_unreclaimable:91673
[  183.679679][ T6769]  mapped:27333 shmem:38135 pagetables:573
[  183.679679][ T6769]  sec_pagetables:0 bounce:0
[  183.679679][ T6769]  kernel_misc_reclaimable:0
[  183.679679][ T6769]  free:1306229 free_pcp:13069 free_cma:0
[  183.982525][ T6769] Node 0 active_anon:168380kB inactive_anon:0kB active_file:64248kB inactive_file:159660kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:109432kB dirty:764kB writeback:0kB shmem:150912kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10940kB pagetables:2480kB sec_pagetables:0kB all_unreclaimable? no
[  184.234161][ T6769] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  184.273604][ T6769] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  184.316010][ T6769] lowmem_reserve[]: 0 2521 2522 2522 2522
[  184.351356][ T6769] Node 0 DMA32 free:1326116kB boost:0kB min:34644kB low:43304kB high:51964kB reserved_highatomic:0KB active_anon:171404kB inactive_anon:0kB active_file:64248kB inactive_file:158836kB unevictable:1536kB writepending:772kB present:3129332kB managed:2586952kB mlocked:0kB bounce:0kB free_pcp:15024kB local_pcp:12392kB free_cma:0kB
[  184.721414][ T6769] lowmem_reserve[]: 0 0 0 0 0
[  184.832685][ T6769] Node 0 Normal free:8kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048576kB managed:872kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  184.870140][ T6769] lowmem_reserve[]: 0 0 0 0 0
[  184.875886][ T6769] Node 1 Normal free:3885916kB boost:0kB min:55244kB low:69052kB high:82860kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:30700kB local_pcp:8864kB free_cma:0kB
[  185.022403][ T6769] lowmem_reserve[]: 0 0 0 0 0
[  185.027293][ T6769] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  185.034677][ T6796] netlink: 'syz.0.269': attribute type 9 has an invalid length.
[  185.072154][ T6769] Node 0 DMA32: 2*4kB (E) 12*8kB (UE) 100*16kB (UE) 328*32kB (UME) 42*64kB (UE) 42*128kB (UME) 16*256kB (UME) 8*512kB (UME) 8*1024kB (ME) 1*2048kB (M) 314*4096kB (UM) = 1324840kB
[  185.114276][ T6769] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  185.162185][ T6769] Node 1 Normal: 161*4kB (U) 39*8kB (UE) 38*16kB (UE) 57*32kB (UE) 23*64kB (UME) 7*128kB (U) 1*256kB (U) 2*512kB (UM) 0*1024kB 0*2048kB 947*4096kB (ME) = 3885948kB
[  185.209230][ T6769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.247747][ T6769] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  185.289981][ T6769] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  185.331555][ T6769] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  185.363522][ T6769] 93443 total pagecache pages
[  185.378550][ T6769] 0 pages in swap cache
[  185.399361][ T6769] Free swap  = 124996kB
[  185.453141][ T6769] Total swap = 124996kB
[  185.460524][ T6769] 2097051 pages RAM
[  185.469438][ T6769] 0 pages HighMem/MovableOnly
[  185.474782][ T6769] 416927 pages reserved
[  185.479151][ T6769] 0 pages cma reserved
[  187.247463][ T6811] bond_slave_1: entered promiscuous mode
[  187.259425][ T6811] bond_slave_1: left promiscuous mode
[  187.798712][ T6828] netlink: 8 bytes leftover after parsing attributes in process `syz.0.285'.
[  190.806829][ T6854] loop0: detected capacity change from 0 to 4096
[  191.212692][ T5874] IPVS: starting estimator thread 0...
[  191.302996][ T6863] IPVS: using max 20 ests per chain, 48000 per kthread
[  191.932220][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c26c000: rx timeout, send abort
[  192.442034][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c26c000: abort rx timeout. Force session deactivation
[  195.261927][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  195.268398][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  197.864247][ T6948] netlink: 24 bytes leftover after parsing attributes in process `syz.3.308'.
[  198.055882][ T6954] Zero length message leads to an empty skb
[  198.230270][ T6965] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  198.261746][ T6958] syz.3.313 uses obsolete (PF_INET,SOCK_PACKET)
[  199.500296][ T6980] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  199.792026][ T6989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.122658][ T6980] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.185121][ T6993] syzkaller0: entered promiscuous mode
[  200.190827][ T6993] syzkaller0: entered allmulticast mode
[  200.233555][ T6980] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.339684][ T6980] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.416301][ T6980] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.432633][ T6980] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.453013][ T6980] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.474308][ T6980] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  202.161248][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802b967000: rx timeout, send abort
[  202.360119][ T5777] Bluetooth: hci0: command 0x0406 tx timeout
[  202.366896][ T5777] Bluetooth: hci1: command 0x0406 tx timeout
[  202.373195][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  202.670330][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802b967000: abort rx timeout. Force session deactivation
[  202.792939][ T7017] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  202.848523][ T7017] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  202.890741][ T7017] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  202.977649][ T7022] warning: `syz.2.330' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  203.057337][ T7022] bridge_slave_0: left allmulticast mode
[  203.065908][ T7022] bridge_slave_0: left promiscuous mode
[  203.076162][ T7022] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.100873][ T7022] bridge_slave_1: left allmulticast mode
[  203.126902][ T7022] bridge_slave_1: left promiscuous mode
[  203.161734][ T7022] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.265380][ T7022] bond0: (slave bond_slave_0): Releasing backup interface
[  203.283207][ T7022] bond0: (slave bond_slave_1): Releasing backup interface
[  203.355275][ T7022] team0: Port device team_slave_0 removed
[  204.350289][ T7022] team0: Port device team_slave_1 removed
[  204.565502][ T7022] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  204.664868][ T7022] batman_adv: batadv0: Removing interface: batadv_slave_0
[  204.683739][ T5779] Bluetooth: hci0: unexpected event for opcode 0x080d
[  204.701142][ T7022] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  204.773898][ T7022] batman_adv: batadv0: Removing interface: batadv_slave_1
[  204.838324][ T7022] bond1: (slave bridge1): Releasing backup interface
[  204.862099][ T7022] bridge1: left promiscuous mode
[  204.867345][ T7022] bridge1: left allmulticast mode
[  204.885722][ T7037] capability: warning: `syz.0.336' uses 32-bit capabilities (legacy support in use)
[  205.683391][ T7046] netlink: 4 bytes leftover after parsing attributes in process `syz.2.339'.
[  207.367996][ T7066] loop2: detected capacity change from 0 to 2048
[  207.454546][ T7066] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  208.774634][ T5779] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  208.787682][ T5779] Bluetooth: hci0: Injecting HCI hardware error event
[  208.797871][ T5779] Bluetooth: hci0: hardware error 0x00
[  211.168986][ T5779] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  211.887781][ T7114] loop2: detected capacity change from 0 to 1024
[  211.980530][ T7114] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  212.062267][ T7114] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  213.168209][ T7114] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  213.893587][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.011934][ T7139] Bluetooth: MGMT ver 1.22
[  214.151895][   T27] audit: type=1326 audit(1776185116.221:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa2f19c819 code=0x7ffc0000
[  214.294701][   T27] audit: type=1326 audit(1776185116.221:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa2f19c819 code=0x7ffc0000
[  214.459925][   T27] audit: type=1326 audit(1776185116.221:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7ffa2f19c819 code=0x7ffc0000
[  214.653942][   T27] audit: type=1326 audit(1776185116.221:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa2f19c819 code=0x7ffc0000
[  214.898144][   T27] audit: type=1326 audit(1776185116.221:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7142 comm="syz.0.366" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa2f19c819 code=0x7ffc0000
[  218.556042][ T7192] xt_cluster: node mask cannot exceed total number of nodes
[  220.506796][    C0] ------------[ cut here ]------------
[  220.513044][    C0] WARNING: CPU: 0 PID: 7208 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[  220.523385][    C0] Modules linked in:
[  220.527500][    C0] CPU: 0 PID: 7208 Comm: syz.0.385 Not tainted syzkaller #0
[  220.534973][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  220.545484][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  220.551867][    C0] Code: 24 4c 89 e7 e8 8e 80 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 79 be 82 f7 0f 0b e9 f6 f7 ff ff e8 6d be 82 f7 <0f> 0b e9 48 fb ff ff e8 61 be 82 f7 48 c7 c7 00 85 64 8e 4c 89 e6
[  220.572164][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  220.578600][    C0] RAX: ffffffff8a046393 RBX: ffffffff8a045196 RCX: ffff88802267da00
[  220.586863][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  220.595352][    C0] RBP: 0000000000000000 R08: ffff88802267da00 R09: 0000000000000003
[  220.603567][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bdc23c0
[  220.611931][    C0] R13: dffffc0000000000 R14: ffff88805bdc28b0 R15: ffff888021758c24
[  220.620285][    C0] FS:  00007ffa300486c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  220.629292][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  220.635958][    C0] CR2: 0000001b2d41dff8 CR3: 0000000026d84000 CR4: 00000000003506f0
[  220.644159][    C0] Call Trace:
[  220.647635][    C0]  <IRQ>
[  220.650674][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  220.656321][    C0]  ieee80211_beacon_get_tim+0xbf/0x580
[  220.661818][    C0]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  220.669702][    C0]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  220.676723][    C0]  __iterate_interfaces+0x243/0x500
[  220.683362][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  220.689697][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  220.697271][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  220.703953][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  220.711028][    C0]  mac80211_hwsim_beacon+0xbb/0x1b0
[  220.716355][    C0]  __hrtimer_run_queues+0x520/0xc40
[  220.721628][    C0]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  220.727995][    C0]  ? hw_scan_work+0xf60/0xf60
[  220.732912][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  220.738430][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  220.744893][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  220.750158][    C0]  handle_softirqs+0x280/0x820
[  220.755366][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  220.760521][    C0]  ? do_softirq+0x1a0/0x1a0
[  220.765294][    C0]  __irq_exit_rcu+0xd3/0x190
[  220.770153][    C0]  ? irq_exit_rcu+0x20/0x20
[  220.774881][    C0]  irq_exit_rcu+0x9/0x20
[  220.779522][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  220.785455][    C0]  </IRQ>
[  220.788529][    C0]  <TASK>
[  220.791590][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  220.797962][    C0] RIP: 0010:mroute6_is_socket+0x21d/0x380
[  220.804128][    C0] Code: 48 81 c3 c0 0e 00 00 48 89 d8 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df 42 80 3c 30 00 74 08 48 89 df e8 a6 7b 93 f8 48 8b 3b <4c> 89 fe 31 d2 4c 89 e1 e8 a6 97 40 ff 89 c3 31 ff 89 c6 e8 9b 47
[  220.825347][    C0] RSP: 0018:ffffc9000d00f2a0 EFLAGS: 00000246
[  220.831649][    C0] RAX: 1ffff1100f54f590 RBX: ffff88807aa7ac80 RCX: d988105a61318200
[  220.840376][    C0] RDX: 0000000000000002 RSI: ffffffff8acadb60 RDI: ffff888021cf8c00
[  220.849015][    C0] RBP: ffffc9000d00f410 R08: ffffffff8e8b14ef R09: 1ffffffff1d1629d
[  220.857481][    C0] R10: dffffc0000000000 R11: fffffbfff1d1629e R12: ffffc9000d00f2e0
[  220.865692][    C0] R13: 1ffff92001a01e54 R14: dffffc0000000000 R15: ffffc9000d00f330
[  220.874012][    C0]  ? mroute_clean_tables+0xad0/0xad0
[  220.879592][    C0]  ? nf_hook+0xa2/0x390
[  220.884019][    C0]  ip6_finish_output2+0x32e/0x1630
[  220.889403][    C0]  ? ip6_mtu+0x7d/0x3f0
[  220.893726][    C0]  ? nf_hook+0x390/0x390
[  220.898220][    C0]  ? ip6_finish_output+0x57b/0x820
[  220.903466][    C0]  ? ip6_send_skb+0x10f/0x380
[  220.908209][    C0]  ip6_send_skb+0x1d5/0x380
[  220.912834][    C0]  rawv6_push_pending_frames+0x6ee/0x8d0
[  220.918531][    C0]  ? raw6_getfrag+0x3a0/0x3a0
[  220.923392][    C0]  ? rawv6_send_hdrinc+0x1640/0x1640
[  220.928809][    C0]  rawv6_sendmsg+0x131b/0x1770
[  220.933669][    C0]  ? compat_rawv6_ioctl+0x70/0x70
[  220.938902][    C0]  ? aa_sk_perm+0x83c/0x970
[  220.943516][    C0]  ? lock_chain_count+0x20/0x20
[  220.948422][    C0]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  220.954917][    C0]  ? inet_sendmsg+0x7c/0x2f0
[  220.959628][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  220.965233][    C0]  ? security_socket_sendmsg+0x80/0xa0
[  220.970834][    C0]  ? inet_send_prepare+0x260/0x260
[  220.976239][    C0]  ____sys_sendmsg+0x5ba/0x960
[  220.981196][    C0]  ? __asan_memset+0x22/0x40
[  220.986014][    C0]  ? __sys_sendmsg_sock+0x30/0x30
[  220.991348][    C0]  ? __import_iovec+0x3fa/0x850
[  220.996934][    C0]  ? import_iovec+0x73/0xa0
[  221.002191][    C0]  ___sys_sendmsg+0x2a6/0x360
[  221.007109][    C0]  ? __sys_sendmsg+0x2a0/0x2a0
[  221.012057][    C0]  ? __might_fault+0xc6/0x120
[  221.016797][    C0]  ? __might_fault+0xaa/0x120
[  221.021642][    C0]  __sys_sendmmsg+0x2ca/0x510
[  221.026778][    C0]  ? __ia32_sys_sendmsg+0x90/0x90
[  221.032028][    C0]  ? __ia32_sys_get_robust_list+0x110/0x110
[  221.038141][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  221.044337][    C0]  ? lock_chain_count+0x20/0x20
[  221.049234][    C0]  __x64_sys_sendmmsg+0xa0/0xb0
[  221.054817][    C0]  do_syscall_64+0x55/0xa0
[  221.059442][    C0]  ? clear_bhb_loop+0x40/0x90
[  221.064289][    C0]  ? clear_bhb_loop+0x40/0x90
[  221.069295][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  221.075460][    C0] RIP: 0033:0x7ffa2f19c819
[  221.080067][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.100025][    C0] RSP: 002b:00007ffa30048028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  221.108989][    C0] RAX: ffffffffffffffda RBX: 00007ffa2f416180 RCX: 00007ffa2f19c819
[  221.117108][    C0] RDX: 0000000000000062 RSI: 0000200000002940 RDI: 0000000000000005
[  221.125717][    C0] RBP: 00007ffa2f232c91 R08: 0000000000000000 R09: 0000000000000000
[  221.133754][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.141918][    C0] R13: 00007ffa2f416218 R14: 00007ffa2f416180 R15: 00007ffc5e496128
[  221.150206][    C0]  </TASK>
[  221.153382][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  221.160735][    C0] CPU: 0 PID: 7208 Comm: syz.0.385 Not tainted syzkaller #0
[  221.168307][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  221.178406][    C0] Call Trace:
[  221.181685][    C0]  <IRQ>
[  221.184699][    C0]  dump_stack_lvl+0x18c/0x250
[  221.189502][    C0]  ? show_regs_print_info+0x20/0x20
[  221.194751][    C0]  ? load_image+0x420/0x420
[  221.199387][    C0]  panic+0x2dc/0x730
[  221.203320][    C0]  ? bpf_jit_dump+0xd0/0xd0
[  221.207947][    C0]  __warn+0x2e0/0x470
[  221.212108][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.218087][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.223846][    C0]  report_bug+0x2be/0x4f0
[  221.228210][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.233991][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.239880][    C0]  ? __ieee80211_beacon_get+0x1235/0x1600
[  221.245644][    C0]  handle_bug+0xcf/0x120
[  221.250102][    C0]  exc_invalid_op+0x1a/0x50
[  221.254733][    C0]  asm_exc_invalid_op+0x1a/0x20
[  221.259603][    C0] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  221.266142][    C0] Code: 24 4c 89 e7 e8 8e 80 c0 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 79 be 82 f7 0f 0b e9 f6 f7 ff ff e8 6d be 82 f7 <0f> 0b e9 48 fb ff ff e8 61 be 82 f7 48 c7 c7 00 85 64 8e 4c 89 e6
[  221.286387][    C0] RSP: 0018:ffffc90000007a18 EFLAGS: 00010246
[  221.292660][    C0] RAX: ffffffff8a046393 RBX: ffffffff8a045196 RCX: ffff88802267da00
[  221.300745][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  221.308972][    C0] RBP: 0000000000000000 R08: ffff88802267da00 R09: 0000000000000003
[  221.317220][    C0] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88805bdc23c0
[  221.325609][    C0] R13: dffffc0000000000 R14: ffff88805bdc28b0 R15: ffff888021758c24
[  221.333852][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  221.339716][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.345639][    C0]  ? __ieee80211_beacon_get+0x1233/0x1600
[  221.351475][    C0]  ? __ieee80211_beacon_get+0x36/0x1600
[  221.357157][    C0]  ieee80211_beacon_get_tim+0xbf/0x580
[  221.362730][    C0]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  221.369518][    C0]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  221.375266][    C0]  __iterate_interfaces+0x243/0x500
[  221.380682][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  221.386976][    C0]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  221.394529][    C0]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  221.401045][    C0]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  221.408100][    C0]  mac80211_hwsim_beacon+0xbb/0x1b0
[  221.413404][    C0]  __hrtimer_run_queues+0x520/0xc40
[  221.418938][    C0]  ? ktime_get_update_offsets_now+0x99/0x3f0
[  221.425095][    C0]  ? hw_scan_work+0xf60/0xf60
[  221.429872][    C0]  ? hrtimer_interrupt+0x9c0/0x9c0
[  221.435698][    C0]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  221.442224][    C0]  hrtimer_run_softirq+0x187/0x2b0
[  221.447926][    C0]  handle_softirqs+0x280/0x820
[  221.452792][    C0]  ? __irq_exit_rcu+0xd3/0x190
[  221.457587][    C0]  ? do_softirq+0x1a0/0x1a0
[  221.462191][    C0]  __irq_exit_rcu+0xd3/0x190
[  221.466828][    C0]  ? irq_exit_rcu+0x20/0x20
[  221.471447][    C0]  irq_exit_rcu+0x9/0x20
[  221.475713][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  221.481647][    C0]  </IRQ>
[  221.484592][    C0]  <TASK>
[  221.487628][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  221.493709][    C0] RIP: 0010:mroute6_is_socket+0x21d/0x380
[  221.499694][    C0] Code: 48 81 c3 c0 0e 00 00 48 89 d8 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df 42 80 3c 30 00 74 08 48 89 df e8 a6 7b 93 f8 48 8b 3b <4c> 89 fe 31 d2 4c 89 e1 e8 a6 97 40 ff 89 c3 31 ff 89 c6 e8 9b 47
[  221.519773][    C0] RSP: 0018:ffffc9000d00f2a0 EFLAGS: 00000246
[  221.526135][    C0] RAX: 1ffff1100f54f590 RBX: ffff88807aa7ac80 RCX: d988105a61318200
[  221.534389][    C0] RDX: 0000000000000002 RSI: ffffffff8acadb60 RDI: ffff888021cf8c00
[  221.542479][    C0] RBP: ffffc9000d00f410 R08: ffffffff8e8b14ef R09: 1ffffffff1d1629d
[  221.550761][    C0] R10: dffffc0000000000 R11: fffffbfff1d1629e R12: ffffc9000d00f2e0
[  221.559798][    C0] R13: 1ffff92001a01e54 R14: dffffc0000000000 R15: ffffc9000d00f330
[  221.568098][    C0]  ? mroute_clean_tables+0xad0/0xad0
[  221.573508][    C0]  ? nf_hook+0xa2/0x390
[  221.577853][    C0]  ip6_finish_output2+0x32e/0x1630
[  221.583943][    C0]  ? ip6_mtu+0x7d/0x3f0
[  221.588369][    C0]  ? nf_hook+0x390/0x390
[  221.592718][    C0]  ? ip6_finish_output+0x57b/0x820
[  221.598090][    C0]  ? ip6_send_skb+0x10f/0x380
[  221.602852][    C0]  ip6_send_skb+0x1d5/0x380
[  221.607743][    C0]  rawv6_push_pending_frames+0x6ee/0x8d0
[  221.613942][    C0]  ? raw6_getfrag+0x3a0/0x3a0
[  221.619022][    C0]  ? rawv6_send_hdrinc+0x1640/0x1640
[  221.624945][    C0]  rawv6_sendmsg+0x131b/0x1770
[  221.630109][    C0]  ? compat_rawv6_ioctl+0x70/0x70
[  221.635181][    C0]  ? aa_sk_perm+0x83c/0x970
[  221.639819][    C0]  ? lock_chain_count+0x20/0x20
[  221.645162][    C0]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  221.652004][    C0]  ? inet_sendmsg+0x7c/0x2f0
[  221.656751][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  221.662479][    C0]  ? security_socket_sendmsg+0x80/0xa0
[  221.668066][    C0]  ? inet_send_prepare+0x260/0x260
[  221.673318][    C0]  ____sys_sendmsg+0x5ba/0x960
[  221.678143][    C0]  ? __asan_memset+0x22/0x40
[  221.682948][    C0]  ? __sys_sendmsg_sock+0x30/0x30
[  221.688352][    C0]  ? __import_iovec+0x3fa/0x850
[  221.694143][    C0]  ? import_iovec+0x73/0xa0
[  221.698983][    C0]  ___sys_sendmsg+0x2a6/0x360
[  221.704322][    C0]  ? __sys_sendmsg+0x2a0/0x2a0
[  221.709202][    C0]  ? __might_fault+0xc6/0x120
[  221.714361][    C0]  ? __might_fault+0xaa/0x120
[  221.719067][    C0]  __sys_sendmmsg+0x2ca/0x510
[  221.723779][    C0]  ? __ia32_sys_sendmsg+0x90/0x90
[  221.728918][    C0]  ? __ia32_sys_get_robust_list+0x110/0x110
[  221.734845][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  221.740940][    C0]  ? lock_chain_count+0x20/0x20
[  221.746081][    C0]  __x64_sys_sendmmsg+0xa0/0xb0
[  221.750955][    C0]  do_syscall_64+0x55/0xa0
[  221.755496][    C0]  ? clear_bhb_loop+0x40/0x90
[  221.760352][    C0]  ? clear_bhb_loop+0x40/0x90
[  221.765213][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  221.771425][    C0] RIP: 0033:0x7ffa2f19c819
[  221.776064][    C0] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.796518][    C0] RSP: 002b:00007ffa30048028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  221.805055][    C0] RAX: ffffffffffffffda RBX: 00007ffa2f416180 RCX: 00007ffa2f19c819
[  221.813315][    C0] RDX: 0000000000000062 RSI: 0000200000002940 RDI: 0000000000000005
[  221.821312][    C0] RBP: 00007ffa2f232c91 R08: 0000000000000000 R09: 0000000000000000
[  221.829311][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  221.837392][    C0] R13: 00007ffa2f416218 R14: 00007ffa2f416180 R15: 00007ffc5e496128
[  221.845670][    C0]  </TASK>
[  221.849381][    C0] Kernel Offset: disabled
[  221.853800][    C0] Rebooting in 86400 seconds..