last executing test programs:

4m10.188606014s ago: executing program 32 (id=1411):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$EBT_SO_GET_INIT_INFO(r0, 0x0, 0x82, &(0x7f00000002c0)={'filter\x00', 0x0, 0x0, 0x0, [0x3, 0x7, 0x83e, 0x1, 0xffffffffffffffff, 0x7]}, &(0x7f0000000200)=0x78)

3m58.544957211s ago: executing program 33 (id=1354):
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000))
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT, 0x2)
ioctl$DRM_IOCTL_ADD_MAP(0xffffffffffffffff, 0xc0286415, &(0x7f0000000080)={&(0x7f0000ffb000/0x4000)=nil, 0x9, 0x0, 0x2})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f00000000c0)={0x2, 0x0, 0x3})
r1 = getpid()
sched_setscheduler(r1, 0x6, &(0x7f0000000100)=0x3)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={<r3=>0xffffffffffffffff}, 0x106, 0x1}}, 0x20)
syz_emit_vhci(&(0x7f0000000200)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wpan1\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan0\x00', <r7=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r5, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_PID={0x8, 0x1c, r1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000880)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x4401, 0x0)
write$RDMA_USER_CM_CMD_JOIN_IP_MCAST(r0, &(0x7f0000000480)={0x10, 0x30, 0xfa00, {&(0x7f0000000440), 0x2, {0xa, 0x0, 0xca5, @mcast2, 0x3}, r3}}, 0x38)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
fcntl$notify(r8, 0x402, 0x80000000)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000580))
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000005c0), 0x2, 0x4}}, 0x20)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f00000006c0)={<r10=>0x0})
ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000700)={r10})
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000780)={'wpan3\x00', <r11=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r4, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x34, r5, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}]}, 0x34}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
ioctl$FE_DISHNETWORK_SEND_LEGACY_CMD(r0, 0x6f50, 0x7)

3m38.539214667s ago: executing program 34 (id=2088):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000), &(0x7f0000000040))
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipv4_newnexthop={0x30, 0x68, 0x521, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_GATEWAY={0x14, 0x6, @ip4=@loopback}]}, 0x30}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$inet6(r3, &(0x7f00000001c0)={&(0x7f0000000200)={0xa, 0x4e23, 0x2, @local, 0x81}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000040)="4b79de14be8c4001b08187e740d6fe173875a0a7a9f90b", 0x17}, {&(0x7f0000000080)="467824fb", 0x4}, {&(0x7f00000000c0)="2c707fb8778169e93ef18ec2c7aae7d9e733eff341a45a377e9c085cd5c04a05f0370f9aa679728fabcc9d7beb9f03b687cc4c0a141d189611ce0fe25f248f098d3790055c64", 0x46}, {&(0x7f00000003c0)="1683fec85ee6553b957d991b8d1903d874f551102c5533e9420904d7958ae771107b487940fedc74de23844c399551e1dfaa1ed78f6bcf9c530608f45614e645afa25ff87c33356cdaaf7ea5bd844c8c970b31c65b60b5224be17e693274455380d53bfb081616ca180ee8dbe85f2845d113395675d6d31d64fbbbb90a3959b3dd47d69c6ce8b469629637002d9df906a3912e8108a18177e1ff15868ab9584f2f22ce3e8003dcb1093918b6fa19f12b51b90857a543a53057ef7efeeb49b035eda0588793cb5e1ef7afad681801a7e309fae5f51edfecc3dc9956057b74e969c06e9bb33348f370adbc484657deae85fdaa404a45b78d53cb1749774e22c11f4e9530dbd52a80c0305bf45c632724da4f976abc2647100b3e8f80f17efba16d38b1e5bde555f293ff67f4112e6d9e048d73efa64a48e235afb303a71feaabe99639004a13cbbc3515167635110aa056e27869a1f8133bd0e0c08c256a71a6bf4b19c91b813494ed38a9d0a7ed63b2d7f80d2112aade27482a34742a606233c4e21c2b242034d1014a19c941a139e7a32262d66b17ae2c1f8dc48b7f634433e48fbcec9939f1d27800d55aaab1ed219846e049e5cc4f6b8413c1793b0782f28739dd19ca949f4c79d21130f0707f2605c4044047a5164a14be896d284a94834a60c7cc5d5d78a3dc787322b6f72c1a86a3107132ca7ec2d2856b498847075f366d3d813f617d2c2efa75115433142608987290ffce1b57f140e9d276c64c651669125e15a3002e44fb31d1254bb5793d759487a508eb4629a39a0e6d83bd196aa1085f8faa00d0ae81bac720c0b5fb79f8789925d91d58f3c51a73da62a67cb7dae040c8884e4ed04e79dc1a3e6e4a1ab49d2af671b51dd7f63d806532d4d5c252408662108753066bae80aec0b144126f01f4ba8ff0d12407520d2055877e9746815b539e4d1a06cf0b694804b0d1caefc18348f9ef141e5a7f3e8d1ef740a16d82db51fbe2198493fb9c629a30c7c39a72338fa068bcb1748dcb3b2aca32034d9aa0ad305a80acaaf5899bc5439b27dc8e48d5ffdef085db8dfaad6f507b49a9714ef236a730cc0b9d2243a23833b1f07695268306ae831d7973fc9de44914a9f1fa24ca2d3a4fa0ed51eb776d306f104e087df48fc40add51374c99351e3aac1148bbeefc5bf4e6ece1654c32431615e252a44638549cc6cb32164282d54a0f29536e505ade894eba77d6018781cb4f459c670f98598d60cf6a5a16dfdb82cc9a5b104b64481d3eea4eaed3d1d9623642e6d0aaf3bc02b96e569f986b9bda4b704c08864c25e63b7d881f2af6dd600faf225466d91dfac65c31d3baaa6f1de4b9dd057d8edc4cc72a272cf1d1ce38ae8e948630232b44b80826fdc5cdf5aae0c59754c4716906ca3dce6c74126d54662405b85b5c7a0d713574eddff9282be3c92882c6d156f15a3637ac9a90e8c22af2561a42a12c438d85d82ac694c06c8f09402ac5cf8080944e6ae47bc4e90d18e939a03a1541f8d80e159c7ffbb89036dcac65f6986b3c7e00072e78b3bbc24a1e431339b1cee15f2f74296dac68b0549622b32272664e11d71f652a698a6ebca029228aa74b1e7321303d23679deadeae5b3f673edc55bf31f4b6108f1d5117544063fb928eebb84d58d26cec3c7a6b96d191d07ba23ebd818f165594e59453e5952525df3fea01af58eac5a7adb7415077aaa2b5aa6c74a3776f4204c524ba0faf4fba9b65d28a478f5900c794207935f1a50d832996f239b6e7af09e065acd580274495967159d75e24f3f3aab3d5c177a30576624919da7d799eb1c317ec66112171dbefb17098c456a3db325645054352fd5b25c03f2ae8735a8e585adfc399e1928280f40e608995aeadc737a8b99769fabac2ebed62a9dbe01a22941f7fb2ac43e61d47ca79ad777ff4fd6433991079ba697dda7f82731761a15d5827e9bda5bad0f684c785d4bd49747d3360b7c4f44fc5f7ec0bc50ca8ab54d6ad39e62b4fcf2b48b9a6f67e8dec2fcac9625f0f2f60578674d79ab3a404b002525dbe3a17ca2417690aef98d2982bdef4bea754e58003688da478865a724673fcfcddb88743fc420a3bdffd8d4f1d8792be151ffbb302b9a4bdd8f6622bda29cb6260059c98ca86e30548d94e524be32cd5f8dd0673697bd2efe1f6891bd154ba63f816dd7d237029a64aad38230dcea8d0c96b8faf4e27b7db97c4b5287214e1e5d98b747528a0dec86627ad414f39392077175d52fc894a31ddccfea81c022e5bad71f2c575c83321625089d40845055d4802797e9ad7777d0226480768b727578ab3521be6ad0b6058ac3aac220eed62671383743a518bd2326a50813382961d9958ff0990bdcffa21618ba363e50d8ae64b21e83b68c7baae25f640a7f114e7a67249e02e38e6a44cc320506d6056e87f715c8a307329412a55c33c23999b94e7c9df8dcb22dcafd5b6aac10f3151aa571d1fc52051013c2f950e1d6c6e9ee6ff791a8d41ed71f115ab634e6755956134f1d6173b084365955f2ee337df37116a1e03e5b2547d8147ccbc30c888950bdba3b8932790e5cc1db9ef3ce93289b78018252a1521b1ff6af1c57dbd928d16d67e99f79fbe92177e4dd7b721b4e50ea09e5cf3e96de3229001c0f152d0d7f0d351776928bee10d9fdbee3a981f316c6f6974546e4b47104159c9233abefc2c9bddb0ae41a7ed3548cb06c8047ceeb0fc48a605f52f5feb5bc718fe496b2a4fb50253bacb7cab32a3fc42a5c5f8058c3c928f08058232406725a4eb3d0c25adf81f2db35e09b768176324c2aec68840a6252c2d81b43bae15e79f38ba57fa5359db18a484b72da1bb7d61fe98bc6a37d6a7ed4a0ed9f8f8babd813ee735d1fdf62ed97114b6c50ba4bab01351b9b2539c4cbbfb2ea41333fd68f759c12c9dde664f9e064e40f9f507a13e02a3c58573c362e6b5d532cbc4caab080dc37bf19fd77bcc28e3b9de8af6cd1c9fa788f5ed1b7217637e82c4dbf0cda0229a4e8addeca711c66fbb5dc419191d91450d33d006b1ce9bd952652bbbd7fffc0941f0fbd8fe19c27b2527dfd5f7813c371ba3d5b80f52d84e1f6f545cf50d56013d9d65c85a9ba28f40613cb85a6f340078c7d8c1a7c8c882fe9e0e822cd14aebcb554d8fb5112ae07dff3466af2d0da26563b0614b3b146069690f14511047d19b28ef532a99677e0d866d186569d3bb507593ab58e4a96154b24f034721c4e4a5475183f89028b2d594a71db1fe2930fb1d77703f0f08aafa5a11cec50b1d74a8a232c5f8d6ec6e58e53d89c0a41bf35dc085a745dd6a282aefcfabb1634e33f570dd91e3280607d76ffb5ad9c8757c6161f018f1080d1555aaf436591c84f43cea29dff189526cc2e75a3a1fb0d802d25ff4fcef8cc41aec3da491d54ae51adb190e73bf44f62bbe1f83e5ab14e82e93f97014fe282ee32d2591d09a743fcfc5317a545206f197e136eea234ac2f0be74c3d03244d85107262f13e784bc204d8689a293910f187630c3dea71676a6a1c37c5b603097f76288d418e30d367cb9f92ff8d12f97cbb4e9eb1db1b1a14c3bf4c2538fa308f96def8e2343163b33fe6a02a96fe13b0260d86554c45ece7bce93283e3130195aae516fbcdc29d3c3656a915979df26d1161627275f388b9e4fce84957f12658a1aa06fb2528f95e72edb01a60c0e9612156ccab4d0cb0fb0b9e2d47857e2e36e0ffcf2ab8db17b0aa4d5f581ff2631dc3db604faee66c6d3da78f86769bedb8f77ff5e5c2327972049fb0c5449af6db0514e14446d0d8edaba04edd715a741929f783ea2eeeb8d7632032d0ebe0260ce7c2b81b5fec3a1bc7c4b34dec6bb685745cbd27bb4256477d95c538e514ebbc406d377c0b5b0991cf38a86e4cf8d5ea43ec8fc715e96d71ab5a1810c4d0c585a49d0762380f6c0a836f754b0ee0eb489b2aa3fba7e8711c526124157fd49cbfcff71ab13ca466642b06be62d25ec695afc41b09821d90d8b21236c139f43ee113aa1a7cabfbcf40a19a060b60d2b153d77b7177c4853a59550cec3c73f159a56528171f618efcb4afe7815b7245694ab5d4a5d0f26ed194a152efb03f15a6e10b74a7eddcb60548abc7c5cf972efb0d171eec2f15b904e015e0d9557f4d885b10ddbd7fa6664d6dcfc524570a22041f06f4e38df6aa1e0ce31b7de0c099617bf198f2ddc3f7633539c5114bc1f4ee3c6192b6ef747b702f57b1ee933f76be23475bb6f7476b1b5819dd8ac12871d905a87d12c8515541246de9471c2e90ef01a9636f747229d29c04a4cb2c0eedfea9b3c92fd7fdac4f3bd0b5e9c99d15d2822ad218453054187d039f9f283acc59ad3131e9582988666b3c94a1e89ce3504df9bb02057aea87faf4ead8edc54274b409a0eba8ad7e629bdf3399931d5a4f6ca2762d4d92de9afe18a2312536a380f0835e0a4c50c5423b9a4f11175986f68f583c29f216df558e7ed4d5d3c440ab51c6217074b079f23c9e55dd5d6d8a9c0d6f7a9061239d73e8ddfe2a3046a5a5290617d9e2a89fc5c05b7fdf8517f4832676d2a0309aa6a529aa1062035eeed0427bc0c3abb9dba70e83991d303e2511b217c2e265d5e1e9aed7e738642f2c2fb6a23d40782ac0dd1ff8caa2cf5b1f4cde1a8ac259992a43ecc4bcc6b977a2aa19f82c4d9d632b0136bc3774b70d35f9e56b6ce58fc438c816008302d635549a46dfe7fad488869c9512c9d7843d25889a1b68adf4b4331a35a3e503ede171cd9439888217efe75b33550dfa9cbe8ac81952100323b81a89e60a547fa77308a3ea974572d43604fbec5f3db7b0f9d3634fe79d0f47f0b6296e4159b2e476201ba5547345ac0fa6b707a1b4960ec80221befbe09e1b6f80b994d6a4603d301fdd7488e1f254e75ef6c8f5c93a9d21a04a0b511e363a71a45474a7dcda52cb813f39fa1ca3929f6c3b477b9ac1a21805cfdcb622ad9f61be2353d64869b55f393229d004f1f71edac2ff8fb03cb7b1b78840945fbce6df772dade41d22adf1603e52d3fe17b903b8362608429c8653d81e9bb1eb091094c7603bfccd8336acfc715a78215b590a356820c8ef17414df477e1a295df4140a3deb6729d8a00f5162b31182d31ff49f557871feb01317ed17377f7a9fdf440c18360d7203a0989bc337be382e801d00756599bf41e1cbd468bcdbdb08ba2294e81fe8bfe65f27d53809481d0f638d057216503e3424ec7c66d14605678bf9697a0acf279a25b513cb72b5fe7894c99d21b99c770387e977f8c7febb52e8433815c0f6b27ef7041a190cd695c6a86ffb3dfeec4b9f434d8c1119775240eb972f4fab91b516d85e3c35696fd27975e1854fbc1a8b3a5d63ffb46a1a46165159592c39ffdb9e1835c57e18e576d426486a437882cc4a33aa27486b525732fb15fa9e1e1366b45fa75231a995c7496c2ec3bd5e3d41afec15bbeaf891d5a86313af4e33f070054466e7cab191fe30e09021ec3d780156ce61f42f445bbda86ca2a8ce21b43e5a478d328ea6ba44447612041f740974cd7473e83a29fe8c811ac3a981e56dd9dcb5470578c6ab5b7841329c5e394c76383a31706ee9bfd2fc4aa6cea8dc44b06d023c0955aa79de36e68a6f2caf5b9ed1660e61a550a3b630b426622b926ee4618ac863b6a23c45d8a64892e6dbc4d23d8e943a4f1776b78a45b3c28222148769d6a54f367660abad11e5f29fc9c6eb2603688058252779c4207ded2e8d16609f1d5f61c70cf8296b64c738c5bb9693757", 0x1000}], 0x4, &(0x7f0000000180)=[@hopopts={{0x28, 0x29, 0x36, {0x87, 0x1, '\x00', [@padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x9a}, @pad1, @pad1]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x9}}], 0x40}, 0x44881)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000380)=0x5, 0x4)

2m37.967685038s ago: executing program 35 (id=3472):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce8514000400e76a686bac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000480)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {}, {0x18, 0x17, {0x5, 0x7, @udp='udp:syz0\x00'}}}, ["", "", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x20008004}, 0x20044001)
bind$rds(r5, &(0x7f00000000c0)={0x2, 0x1, @loopback}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
fcntl$setflags(r0, 0x2, 0x0)
pipe(&(0x7f0000000340)={<r6=>0xffffffffffffffff})
fcntl$getflags(r6, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r7 = syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x615e, 0x0, 0x0, 0x1000034f}, &(0x7f00000000c0)=<r8=>0x0, &(0x7f0000000340)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x190, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x164, 0x4, 0x0, 0x1, [{0x160, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x150, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0xb, 0x1, 'policy\x00'}, @NFTA_MATCH_INFO={0x138, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad51f6d123a616cf3eb44b275fe6bc6bf402a3f9335458bb7a92f23fc0aa88f2495ff70157ea6b29f7fab11ec362920cab3350208c749f342b38e0df9334cea6fe1e331d76beb7094102d5d409992dcd236e3fd7a8785f97ae9d01b0822c161a491bef0501f8e81ddd66d1b676e8c9f0b2159c2cc0b069669b5af546f644c39bedd627181d27d9c185aae5d910550f08822c6fec60302779b9e812403a2ff826781b4c761bd14eb7515ae224260c9534891afdd05d18b2ffe91f4052766a0b9fe3955bfb1866142e7c1caceb88de7d6e8a5c08ce052bb461f0c7ee914ca5c98c19442d0262a6d04a8e3e29360a9b5871812e08542d54775f5843d70b15871bc247e30d66b83560c014f5000000"}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x1b8}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_emit_vhci(&(0x7f00000006c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x8}, @hci_rp_read_link_policy={{0x7f}, {0x69, 0xc9, 0xff}}}}, 0xffffffffffffffb2)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r7, 0x200047bc, 0x0, 0x0, 0x0, 0x5e)
getsockname$packet(r2, &(0x7f0000000680)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r11, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0x0, 0x4}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x4}}]}}]}, 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0800000004000000040000000900000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32], 0x50)

1m52.733329017s ago: executing program 36 (id=3847):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
setreuid(0x0, 0x0) (async)
fsopen(&(0x7f0000000240)='sysfs\x00', 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600a00, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001500)={0x114, 0x35, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x200000000000000}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x4000c)

1m51.409949416s ago: executing program 37 (id=3857):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000000)={'syztnl1\x00', <r1=>0x0, 0x40, 0x1, 0x80000001, 0x4, {{0x29, 0x4, 0x3, 0x27, 0xa4, 0x64, 0x0, 0x6, 0x0, 0x0, @private=0xa010100, @local, {[@rr={0x7, 0x27, 0xa6, [@multicast1, @local, @empty, @broadcast, @multicast2, @multicast1, @multicast1, @private=0xa010100, @local]}, @ssrr={0x89, 0x1f, 0x10, [@initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010102, @local, @empty, @private=0xa010102, @rand_addr=0x64010102, @multicast2]}, @lsrr={0x83, 0x17, 0x47, [@local, @loopback, @empty, @loopback, @multicast1]}, @lsrr={0x83, 0x17, 0x6, [@private=0xa010102, @empty, @loopback, @multicast1, @remote]}, @end, @ssrr={0x89, 0x7, 0x20, [@loopback]}, @timestamp_prespec={0x44, 0x14, 0x9f, 0x3, 0x5, [{@loopback, 0x3}, {@private=0xa010101}]}]}}}}})
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000140)={@empty, r1}, 0x14)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x40)
ioctl$EVIOCGPROP(r2, 0x80404509, &(0x7f00000001c0)=""/58)
ioctl$PPPIOCSMRU1(r2, 0x40047452, &(0x7f0000000200))
getsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f0000000240), &(0x7f0000000280)=0x4)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_POWER(r3, 0x112, 0x9, &(0x7f00000002c0)=0x6, 0x1)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r4=>r3, {0x2}}, './file0\x00'})
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000300), r4)
ioctl$PPPIOCSMRU1(r2, 0x40047452, &(0x7f0000000380)=0x3)
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), r2)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r3, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r6, 0x300, 0xfffffffa, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0xd4173a186590a575)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x40806685, &(0x7f0000000640)={0x1, 0x3, 0x1000, 0x37, &(0x7f0000000500)="584a40acd28908dcd3d265419f549c5b3970c725f63c8de4cd952e43e8aec2acff60cae49bf85ed9c7db293b6a2e0425cc8733534b1588", 0xe1, 0x0, &(0x7f0000000540)="de226137f4fcdc916ff38ec103b6effb2b6bf6d83e059102022fa285cb079975fce31326d001f5d93a743eb02fe247069c64d0e94bd4f24c1d1fe25953639bab034bc7b018ceb8c5a9791ce646b905d1b446449651f4d997395193973c615fc3a95779aa963498d1e9c03e30edaf116eec875f8e314bf4a3f502bf42eb499ec266d93ef3e2085465cb521646936d46ca957c4b463c545421a1b5739b7e6be017a3efafb4c5920b42fabfe94839292ce63cb5aae126cd905809147623882ffbc0a485e0564a2a9902e29a62d745a64039c7118fdfe00066f134eb2e2d97f156b4f3"})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r2, 0x7b2, &(0x7f00000016c0)={&(0x7f00000006c0)=[0x3, 0xc7c, 0x3, 0x0, 0x6, 0x65b, 0x7, 0x9, 0x4, 0x4, 0x6, 0x4, 0x2, 0x1ff, 0x7, 0x5, 0x5, 0xb8b, 0x2, 0x1, 0xd, 0x5, 0x0, 0xfffffff4, 0xa1f, 0x3, 0x7fffffff, 0x40, 0xf, 0x9, 0x10001, 0x401, 0x8, 0x9, 0x800, 0x1, 0x4, 0x8, 0x8, 0x1, 0x1, 0x8, 0x0, 0x22, 0x36f, 0x4, 0x49, 0x6e, 0x8, 0x1, 0x3, 0x1, 0xb, 0x9, 0x7, 0x4, 0x7fffffff, 0xe, 0x3, 0x9, 0x1, 0x7, 0x8, 0x8, 0x5, 0x5, 0xe13, 0xfff, 0x10000, 0x3, 0xcea1, 0xef35, 0x4, 0x2, 0x3, 0xb21, 0x100, 0xfffffff8, 0x4, 0x1, 0x4, 0x8, 0x100, 0x1000, 0x5, 0xd, 0x101, 0xca, 0x2, 0x0, 0x4, 0x2, 0xaf98, 0x7fff, 0x7, 0xa8f, 0xfffffffd, 0xfff, 0x9, 0x10001, 0x2, 0x7, 0x2, 0x7, 0xe, 0x5, 0xe, 0x4, 0x7, 0x0, 0x9, 0x9b98, 0x80000001, 0x6, 0x80, 0x1, 0xfffffffe, 0x4, 0xffff, 0x2, 0x16a, 0x3, 0x0, 0x6, 0x4, 0x3, 0x0, 0x101, 0x1ff, 0x2, 0xf000000, 0xffffffff, 0x5, 0x6830ff08, 0x36e3, 0x1, 0x56, 0x7fff, 0x1, 0x7, 0xa525, 0x3, 0x0, 0x6, 0xc2fb, 0x6, 0x1, 0x95, 0x5, 0x77e47670, 0x7, 0x0, 0x80000001, 0xffffff03, 0x6, 0xaab, 0x7, 0x0, 0xfffffffd, 0x8001, 0x1000, 0xf, 0x7, 0x4, 0x327, 0x681, 0x6, 0x9, 0x2, 0xe08, 0x8, 0x1ff, 0x6, 0xffffffff, 0x5, 0xfffffffa, 0xa, 0x1, 0x0, 0xf, 0x2, 0x1, 0x3, 0x2, 0x80000001, 0x6, 0x8, 0xb, 0x6f, 0x0, 0x10000, 0x1, 0x5, 0x6, 0x10001, 0x8, 0x4, 0x8001, 0x318, 0x9, 0x69, 0x7ff, 0x2, 0x1ff, 0xffffffa6, 0x7ff, 0x9, 0x101, 0x7ff, 0x5, 0x5, 0x2, 0xfa, 0x40f1, 0x7, 0x1, 0xc0e6, 0x2, 0xff, 0x4f4, 0x4, 0x0, 0x8, 0xff, 0x0, 0x80000000, 0x3, 0xfffffffe, 0x5, 0xfffff800, 0x10001, 0x80, 0x5, 0x2, 0xfffffff9, 0x36, 0x9, 0x10, 0xfffffffd, 0x8, 0xffff, 0x7, 0x8, 0x0, 0xfff, 0x0, 0x67, 0xb5e, 0x1df, 0x5, 0x4, 0x9, 0xfffffdea, 0x3, 0x8, 0x200, 0xfffffff7, 0xcc, 0x200, 0x33f4, 0xfffff9ef, 0x4, 0xffffff80, 0x1, 0x8, 0x34, 0x9, 0x889c, 0x12000000, 0x0, 0x80000001, 0x9e, 0x7, 0x5, 0x200, 0x2, 0x367, 0xffffffff, 0xd184, 0x1, 0x1, 0xfffffe01, 0x7f, 0x9, 0x2, 0x9, 0x7, 0xfffffffd, 0x5, 0x7fffffff, 0xf, 0x4, 0x400, 0x0, 0x7f, 0x40, 0xa72, 0xf95, 0x0, 0x3, 0xe, 0x3, 0x7, 0x3, 0x6d6, 0x7, 0x10, 0x1, 0x9, 0xdf, 0x0, 0x4, 0x2, 0x255, 0x1, 0x3, 0x9, 0xffffff35, 0x7, 0x0, 0x5, 0x3, 0x0, 0x5, 0x7, 0x3, 0x5, 0x1, 0x36dd, 0x5, 0x4, 0x9, 0x1, 0x99, 0xffffffff, 0x1, 0x0, 0x1, 0x0, 0x7, 0x4, 0x7, 0x7, 0xffffffff, 0x8, 0x9, 0xffffffff, 0x4, 0x50, 0x9, 0x4, 0x7, 0xffff5d10, 0xa, 0x7, 0x3, 0x7, 0x6, 0x9, 0x1, 0x9, 0x4, 0x5, 0x5, 0x9, 0x9, 0x0, 0x4, 0x2, 0xffff558e, 0x7, 0xa8000000, 0x5, 0xcfc, 0x6, 0x400, 0x9, 0xadb4, 0x7, 0x0, 0xa9a, 0x3, 0x2, 0x1, 0x40, 0x3, 0x0, 0x3, 0x6, 0x86, 0xfffffffa, 0x2, 0x2, 0x1, 0x2, 0x5, 0x3, 0x4, 0x8, 0xcdd, 0x3, 0x9, 0x7, 0x1, 0xe3a3, 0x200, 0xbb74, 0x7, 0x2, 0x7fff, 0x1, 0x0, 0x2, 0x8, 0x7fff, 0x3, 0xffffffff, 0xfffffffb, 0x8, 0x1, 0x7fffffff, 0x82, 0x0, 0x4, 0xb, 0x4, 0x800, 0xee0, 0x1, 0xb, 0xb0, 0xfffffffe, 0x1, 0x7, 0x9, 0xc18, 0x2, 0x80000000, 0x2, 0x7, 0x285, 0x6, 0x509, 0x8, 0x4, 0x6379342, 0x80000000, 0xcc7f, 0x3ff, 0x9, 0x3, 0x6, 0x6, 0x6b8, 0x2, 0xfffffbbf, 0x7, 0xf8, 0x6, 0xffffffff, 0x1, 0x9, 0x2, 0x62a, 0x10001, 0x1, 0x80, 0x48000000, 0x6, 0x2, 0x799, 0x36, 0x6, 0x6, 0x7, 0x8, 0xe51f, 0x3dca, 0x9d3, 0x0, 0x9, 0x9, 0x8000, 0x2, 0xfffffffa, 0x5, 0x7fff, 0x3ff, 0x1000, 0x400, 0x3, 0x1, 0x5, 0xffff, 0x25e, 0xce27, 0x4ac, 0xa000, 0x7, 0x4c0, 0x1, 0x5, 0x0, 0x9, 0x9, 0xf1, 0x7, 0x515, 0x7fffffff, 0x2cc, 0x333b, 0x1, 0x10001, 0x9, 0x2, 0x4, 0x4, 0x7b4, 0x200, 0x400, 0x6, 0x0, 0x4, 0x1, 0x1, 0x9, 0x0, 0xc, 0xfffffffd, 0x7, 0x7, 0x7, 0x75, 0x9, 0x2, 0x80000001, 0x2, 0x8, 0x3, 0x6a, 0x3f5b, 0x6, 0x3, 0x2, 0xff, 0x10001, 0x7, 0x2, 0xfffffbff, 0x2, 0x8, 0x1, 0x1, 0x0, 0x7, 0x40, 0x2, 0xfffffeff, 0x6, 0x10000, 0x80000001, 0x101, 0xfffffffb, 0x7, 0x4, 0xe8d5, 0x0, 0x4, 0x6, 0x3, 0x6, 0xfff, 0xfffffff8, 0x3, 0x4, 0x6, 0x113a, 0x7, 0x0, 0x6, 0x4b43, 0x8, 0x7f, 0x9, 0x2, 0x3, 0x4, 0x4, 0xfae, 0x8, 0x8001, 0x2, 0x3a8, 0x3, 0x8, 0x400, 0x3, 0x401, 0x401, 0xffff, 0x4, 0xfffffff3, 0xfffffff0, 0xd, 0x42332a5a, 0x9, 0x5a7, 0x2, 0x4, 0x9, 0x8001, 0x81, 0x4, 0x0, 0x8c, 0xff, 0x5, 0x1, 0x23f69370, 0x8001, 0x400, 0xfffffff8, 0x2, 0x6, 0x8, 0x0, 0x1, 0x34bf, 0x5b, 0xfffffffc, 0x4000000, 0x7ec, 0x6, 0x3, 0x2, 0x0, 0x2, 0xffffb7f0, 0x9, 0x36, 0x2, 0x7, 0x7fff, 0xfffffffd, 0x8, 0x7, 0x2, 0x9, 0x1ff, 0xf60, 0xaa3, 0x4, 0x8, 0x7, 0x0, 0x9, 0x5, 0xf1a, 0xfffffffc, 0x6, 0x3c3969c7, 0x178, 0x5, 0x7, 0x6, 0x9, 0x7f, 0x9, 0xc, 0x9, 0x2, 0x5, 0x3, 0x672d, 0x4, 0xff, 0x4, 0x69c, 0xbeac, 0x458f, 0x992d, 0x0, 0x20e, 0x17a36a6b, 0x9, 0x80000000, 0x76, 0x0, 0x0, 0x6, 0xa, 0x1000, 0x3, 0x2, 0x7, 0x200, 0x100, 0x12, 0x7, 0x1, 0x9, 0x0, 0x7, 0x446c, 0x3, 0x100, 0xaf, 0x162c, 0x4, 0xcb, 0xc, 0x7, 0x5, 0xc, 0x40, 0x4, 0xa8e, 0x8001, 0x7, 0x0, 0x8, 0x5, 0x5, 0xfb, 0xffffffff, 0x2, 0x1016ba1d, 0x2, 0x3, 0x0, 0x80, 0x81f, 0x4, 0x7, 0x7, 0x10001, 0x5, 0x8, 0x36fc, 0x80000000, 0x6, 0x6, 0x7efd, 0x2, 0x8, 0x8, 0x7, 0x3, 0x400, 0x1522, 0x3, 0x0, 0x3, 0x3, 0x9, 0x0, 0x2, 0x4, 0x8, 0x912, 0x9, 0x9, 0x2, 0x4, 0x3, 0x2, 0x9, 0x6, 0x40, 0x40, 0x2, 0xb, 0xfffffffc, 0x5, 0x6, 0x4, 0xffffff81, 0x9, 0x8, 0x6, 0x3, 0x5, 0x8000, 0x1, 0x97b, 0x3, 0x6, 0x29fe, 0x7, 0x800, 0x8, 0x4000, 0x2, 0x1ff, 0x6, 0x4, 0x1, 0xb5, 0x6b9, 0xfdb, 0xc3b, 0xdb2f, 0x10001, 0x2, 0x5131, 0x9, 0x5, 0x3, 0xa5ef, 0x3, 0x2, 0x8, 0x10, 0x8, 0x1, 0x7ff, 0xfffffb36, 0x2, 0xb, 0x4, 0x5, 0xffffff5f, 0x0, 0x50, 0xd, 0x1, 0x30000000, 0x8000, 0x3ff, 0xc9, 0x5, 0x9, 0x7, 0x2e2b, 0x1fcc, 0x10, 0x6, 0x10001, 0x6, 0xb811, 0xbe4, 0x12b, 0x4, 0x3ff, 0x9, 0x76df, 0x0, 0xbeb, 0xf08000, 0xde, 0x24000, 0x0, 0x4, 0x65b9a7d6, 0x4, 0x1, 0x9, 0x7ff, 0xc11, 0x9, 0x7, 0x80000000, 0xffff4d71, 0x3, 0x3, 0x1, 0x28000000, 0x33, 0x5, 0x4546, 0x7e, 0x7, 0x2, 0x4, 0x0, 0x15, 0x7ff, 0x5, 0x81, 0x4, 0x7, 0x800, 0xe8b4, 0x9, 0x200, 0x7ff, 0x1, 0xfff, 0x1, 0x1, 0x7ff00, 0x5, 0x8, 0x4, 0x5, 0xfffffffe, 0x8, 0x2af, 0x7c30503b, 0x2, 0x81, 0x8001, 0xb, 0x6, 0x9, 0xe5, 0x4, 0x93c, 0xff, 0x4, 0x401, 0x855, 0x10, 0x90, 0x4, 0xd865, 0xb, 0xffff1b1f, 0x0, 0x3, 0xa2, 0x4, 0x9f, 0x7ff, 0x7, 0xa, 0x1, 0x642, 0xfffffffd, 0x4, 0x7, 0x81, 0x0, 0x8, 0x21f, 0xfff, 0x62331959, 0x8, 0x6, 0x213, 0x2, 0x51d, 0x2, 0x7, 0xff, 0x40, 0x38, 0x80, 0xffffff58, 0x9, 0x7, 0x10001, 0x2, 0xd80, 0x36f0, 0x7, 0x68, 0xffffff4f, 0x4, 0xffffff74, 0x1e, 0x79b2, 0x7, 0x6, 0x2, 0x9, 0x7ff, 0x4, 0x6, 0x6a2e9dd9, 0xfff, 0x4ee6, 0x4, 0xa11, 0x6, 0x8000, 0x7f, 0x2, 0x80, 0x10, 0x8, 0xfffffff6, 0x6, 0x0, 0x8, 0x7, 0x7, 0x8000, 0x8000, 0x8, 0x8, 0x7, 0x2, 0x6, 0xffffffff, 0x7, 0x4, 0x7, 0x2, 0x81, 0x6, 0x0, 0x10, 0x3, 0x8, 0x1000, 0x5f4, 0x3ff, 0x7f, 0x7, 0x4, 0xaec, 0x1, 0x2, 0x4, 0x9, 0x7, 0x0, 0x100, 0x8, 0x81, 0xc, 0x3, 0x6], 0x3, 0x400, 0x5})
sendmsg$nl_route(r4, &(0x7f00000017c0)={&(0x7f0000001700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)=@ipv6_getmulticast={0x14, 0x3a, 0x100, 0x70bd2d, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008800}, 0x1)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001840), r4)
sendmsg$NL80211_CMD_GET_REG(r4, &(0x7f0000001900)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000018c0)={&(0x7f0000001880)={0x3c, r7, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x63}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0xa}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x4004)
ioctl$sock_rose_SIOCADDRT(r4, 0x890b, &(0x7f0000001940)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x81, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={'rose', 0x0}, 0x7, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @null]})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_GET(r8, &(0x7f0000001a80)={&(0x7f00000019c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001a40)={&(0x7f0000001a00)={0x1c, r5, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@L2TP_ATTR_DEBUG={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000001ac0)=0x4)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, &(0x7f0000001b00))
ioctl$SNDRV_TIMER_IOCTL_CREATE(r4, 0xc02054a5, &(0x7f0000001b40)={0x4, r0, 'id1\x00'})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000001bc0), 0x101000, 0x0)
r9 = syz_open_dev$sndpcmc(&(0x7f0000001c00), 0xfffffffffffffff8, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r9, 0xc1004110, &(0x7f0000001c40)={0x8, [0x7, 0x3c000, 0x1ff], [{0x3, 0x2, 0x0, 0x1}, {0x8, 0x3, 0x1}, {0x0, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x6, 0x3, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x7, 0xf, 0x0, 0x0, 0x0, 0x1}, {0xa2aa, 0x7, 0x1, 0x0, 0x1}, {0x1b, 0xfff, 0x1, 0x0, 0x1}, {0x0, 0xf3, 0x0, 0x1}, {0x7, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x259, 0x5}, {0x7ff, 0xfffffffc, 0x0, 0x1, 0x1, 0x1}], 0x7})
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000001d80), r2)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000001e40)={&(0x7f0000001d40)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001dc0)={0x24, r10, 0x300, 0x70bd28, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x8}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x4000080)

1m22.217578911s ago: executing program 38 (id=4123):
sendmmsg(0xffffffffffffffff, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000000100)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000a40)="118db76e8efb27d530b26a8302bad647e35540226c4052b6d573165d39ad8ead67632e8fe108cf55473bc22914286359c3bb3decf99ed04d34d1a73ae48dae0e69ee69fe", 0x44}], 0x4}}], 0x1, 0x880)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x42, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010001fff001201000006000043be4354", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a000100"], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

1m13.211118769s ago: executing program 39 (id=4239):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x28, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, r1, 0x18803, 0xc104}, [@IFLA_MASTER={0x8, 0xa, r1}]}, 0x28}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

1m11.604501419s ago: executing program 0 (id=4314):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
write(r0, &(0x7f0000000000), 0x0)

1m11.531212838s ago: executing program 0 (id=4324):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x40)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a0)
mount$overlay(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = creat(&(0x7f00000003c0)='./file0\x00', 0x2)
r2 = fanotify_init(0xf00, 0x1)
fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x810, r0, 0x0)

1m11.53095206s ago: executing program 0 (id=4325):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xe)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
vmsplice(r1, &(0x7f0000e79000)=[{&(0x7f00003fb000)="f7", 0x1}], 0x1, 0xd)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000c83000/0x4000)=nil)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="180200000000020000000000000000001c00000001000000000a0000009500000000000000696f"], &(0x7f00000005c0)='syzkaller\x00'}, 0x94)
r6 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f00000000c0)={0x8, @sdr={0x3432564e, 0xfffff001}})
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r4, &(0x7f0000000440), &(0x7f0000000040)=@udp=r3}, 0x20)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x21)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), r1)
sendmsg$BATADV_CMD_GET_VLAN(r0, &(0x7f0000000580)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000540)={&(0x7f00000006c0)={0x28, r7, 0x8, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xe7}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="4b8c55afa403"}]}, 0x28}}, 0x68b838b5647d82ba)
mknod(&(0x7f0000000280)='./file0\x00', 0x1ffa, 0x0)
r8 = open(&(0x7f0000000040)='./file0\x00', 0x70e, 0x0)
read(r8, 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaa23aaaaaaaaaa0c0800450000b00000000000119078000000000000000000004e20009c907801000000000000007b4b142b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d0000000000000000000061caaa2f19935e6996c7096ffeeb3bfbc1f39cb307b3472eb9cdb042d2643fcbb2c5a57d107d544af6e8dafe09"], 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r5}, 0x8)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x5d}, 0x94)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00}, 0x94)
syz_extract_tcp_res(&(0x7f0000000240), 0x9, 0xc7)
mkdir(0x0, 0x191)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000080)='./control\x00', 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

1m11.290576979s ago: executing program 0 (id=4326):
openat$cdrom(0xffffffffffffff9c, 0x0, 0xc0100, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7fffffff)
ftruncate(r2, 0x2007ffb)
timer_create(0x5, &(0x7f0000000000)={0x0, 0x1a, 0x1, @thr={&(0x7f00000000c0)="6573b1c15e4d47ccd6e50954f89799ee142d76153a1d544b9ebfad67fbf7a1ba3aa54f589f15df6709d59c70fec9e854f43119794647aac9c6f9fadf9a7557b6bb82fbb0de87791001e500f484e92c781a4092b434eb7c1dcb3effe13e632ed2b98e0494373a8558fea8d43cbcc4c49bfb4c2fbe6e01134aed7ca3f1bee063246428be49b87c7f058c3ae03a7e", &(0x7f0000000200)="5a3b5e497315cad4f42cf4a429aa8f21a4638a9d89c3b230c6e6c69c3b2e9ca3bfb2fe5b874cc09c52a3b2de9120d05361586a7b3be83a0dd3e8ada759d09511f53d2a3b3c1cffaecfb679be6c4c31861f9fe180e8cc256c29688fb8bf1ac89a065750fe99e36ae9d4c054193a8d4d0122e2284bcb8d2cb168175e87a1a16b048a2db34291efac561cb97389ae52ee0e162d746e9470664365b46d28eaf250016fed3ab14a9d2f99bef6fec524695e54fe2568cada3b0334e2a51b3854387ebd44476331348933aee9a96f790d012ed688bfc59bb498c39691795f25801df514ec13edfb081775af066d7b5f"}}, &(0x7f0000000180))
sendfile(r2, r2, 0x0, 0x1000000201005)

1m10.361155009s ago: executing program 0 (id=4329):
r0 = userfaultfd(0x801)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

1m10.181584659s ago: executing program 0 (id=4332):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r2], 0x18, 0x40001}}], 0x4000000000002b3, 0x0)
close(0x3)
syz_emit_vhci(&(0x7f0000001400)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x6, 0xc9, 0x0, 0x3}}}, 0x9)

57.371422072s ago: executing program 40 (id=4313):
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r3=>0x0})
connect$can_bcm(r2, &(0x7f0000000140)={0x1d, r3}, 0x10)
socket(0x10, 0x3, 0x0)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vxcan0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44060}, 0x98)

56.169812056s ago: executing program 41 (id=4322):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_TMR_START(r0, 0x5402)
ioctl$SNDCTL_TMR_TEMPO(r0, 0xc0045405, &(0x7f0000001080)=0x8f)
r1 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1f, 0x4, &(0x7f00000001c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x81}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x28, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f00000002c0)=[{0x5, 0x4, 0xa, 0xa}], 0x10, 0x7ff}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x7, 0x0, 0x3, 0x6, 0x2, 0x7ff}, 0x20)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@random="e90c630faca2", @local, @void, {@ipv4={0x6000, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "61c03d2d2548741ff5015767096e1cd263026dd8f0703d2e22e3916500fdb8ec", "615eee2cb3c51e06deb424010178396b2afe4378c81f63a9eefc66ef338492fd3b688b2b06e6f206e4e6b8d1174296cd", "d8dbed9defbb6502c2888b524721c5807f3b4eedba8966f8774437de", {"c5f2fb530587df89cc9aa18e60d1a66b", "0c9ec23f1b56eba488bfededb3c997ae"}}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r3, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x5, &(0x7f0000002500)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000ffffffdc0700001000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2681d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e6e83d15645aa818d92b21aa6459512f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa8666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340a1c8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e517232586872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f747f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000600001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736dd19363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480e5aee9c9e5f2e5a56a6d920335c8e8726fd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419dfc75c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047050d7296cd3856476a0ea49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2ddf267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed186a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d36df524b760ab92efcce7dd1574a0730a9e015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbe4fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c63fb9450dd03985d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921bd4d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a980010000fdf278218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9d3696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3138e2361c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f21d9d5bc27d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c30600a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86da86b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3d70001500e34ad2e1b2e64af4e37211b524e20f4ae1ba89a32bad2af9030f8add5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a12105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460eee57ceb3c33f4e90eb1fffffffffffffcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c2615318bf813e788c84409dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f11b615c87c441dc970ec896a5af6bf69b50a244bc138a1cae3d220bcff6bcb3058c6e0d1cc0da889710f33f5638f805ce602365492282863cc8092b16656dea03cd50182aabbac78a14506dcbf823bec4a5dad14c4d7353b6a55c28321647df3a85bf9fca4e18aeaf4867e6a3dbdd7a5dbe1a52bddae83fc368404a032b75649cf74d7af8e9e3e43fad643ad3e8575a2bb0507531eac5e10b631575f1360803c8f556e07f292ab66b9bcea0c2f09db289a5934a4f2f5fe5cfc52b270a4a5fa2a8de62dcaf7ef52f1fd84c55e6a0c5a365a3b4e73c4ac6fc26367f3f6c07b06a0874c039622ba2bd369b105f57099f742a000a36c2f044a5de24604f82a1f197d9a70b5a62f794f57ec02df70d459fedd6125ae41479a2661360a79e175f0add2820018d5985183ee80f681403a7d08e0e2b88d0750c90b7ed5fed6f81ce797f3b60445ce811d2b4e45005a5ea06c1fe927af06433cd3885dc954e698a7a73416c73bfab7773a6e5e14338797ce9148cda4c0bf05fb67915aeb3661e755e4e1a0ceedfe8e91ee5361ff4c7c07b422e1443a6616b6eb3c325d5687644a4c0a1d44d9dfd82896f56bdfa0790406984c123e1d37da4a9a9444485e9b1e3b6b548528989d2aecc1e7b6ee92ca19298801105ced8964e000000000000000000000000000000000000000000000000000000000003d1c031ee2fc25c7ad34283187545b1343f7ab862e66cf5bf4ba4dbf5fda31619c05ddb97199ad4d01471e9b3c7f485b1e74d0ed34201915e79d5ed229f0773ab6b38529c45b10d0796e005b6d663b942320339b9fe1d4e393b4bcb596898cde06955a345db3cb956b0e5da1c1dba7046f4d12fc65085302f333516804d9f"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
sendmmsg$alg(r1, &(0x7f0000000140), 0x4924b68, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs2/custom1\x00', 0x800, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r4, 0xc018620c, &(0x7f0000000040))

54.700885718s ago: executing program 42 (id=4332):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000004780)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)='A', 0x1}], 0x1, &(0x7f0000000200)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r2], 0x18, 0x40001}}], 0x4000000000002b3, 0x0)
close(0x3)
syz_emit_vhci(&(0x7f0000001400)=@HCI_EVENT_PKT={0x4, @hci_ev_mode_change={{0x14, 0x6}, {0x6, 0xc9, 0x0, 0x3}}}, 0x9)

43.062758396s ago: executing program 4 (id=4467):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000000)=0x84, 0xfde1)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000bc0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f0000000200)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, r2}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000300000000000000030000001801000100786c2500000000002020207b1af8ff00000000bfa100be8045fbda4dd42c450045d5203f5d000000000007010000f8ffffffb702000008000000b703000001000080850000002d0000009500000000e400000ace41abf4aff8b751ce0f8ab86790e8a09a6d661ef3bc8c23902a4a5d8913f6ee0a41a0b70ef31a724503b0dac3de6dff5b6ddc19c6fe"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r4}, 0xc)
getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000340)={<r5=>0x0, 0x9, 0x8, 0xfff}, &(0x7f0000000380)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040))
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000140)={r6}, 0x8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x3938700}, {0x0, 0x9}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f00000001c0)={<r7=>r0, 0x4, 0x5, 0x4})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r9, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000023c0)={0x14, 0x2e, 0x1, 0x70bd25, 0x0, "", [@nested={0x4, 0x119}]}, 0x14}], 0x1, 0x0, 0x0, 0x84}, 0x300)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6040850}, 0x20000040)
r12 = socket(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={0x48, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @handle=@pci={{0x8}, {0x11}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4500}, 0x240001d0)
write(r12, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_STATUS(r7, 0x84, 0xe, &(0x7f00000003c0)={r6, 0x9, 0x7, 0x7, 0x0, 0x8, 0x0, 0x6e, {r5, @in6={{0xa, 0x4e24, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3a}}, 0x6}}, 0x9, 0x0, 0x4, 0xb, 0x2800000}}, &(0x7f00000004c0)=0xb0)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

41.819695003s ago: executing program 4 (id=4484):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001580)=ANY=[@ANYBLOB="1400a6003200010325bd7000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)

41.812410275s ago: executing program 4 (id=4487):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000640)={0x268, 0x1, 0x5, 0x3, 0x0, 0x0, {0x1, 0x0, 0x9}, [{{0x254, 0x1, {{0x2, 0x28a9}, 0x4, 0x0, 0x87, 0x6, 0x21, 'syz1\x00', "f52d3367e358e9acaebde6dedc69b1b386e009e15dcdc0659461162109ad33e0", "92e3ba8c2c32031d6be883a00eb489675761836d51c854df286c76d325b51dd6", [{0x1, 0x8, {0x3, 0xe}}, {0x3, 0x1ff, {0x2, 0x8}}, {0xb6, 0x9, {0x2, 0x1}}, {0x6, 0xe, {0x3, 0xc}}, {0x82aa, 0x1, {0x2, 0x7}}, {0x7, 0x7, {0x2, 0x10000}}, {0x2, 0xbdc, {0x1, 0x9}}, {0x1, 0x9400, {0x1, 0x9}}, {0x3, 0xe4, {0x2, 0x1}}, {0xe8, 0x7, {0x1, 0x7}}, {0x4, 0xfffc, {0x0, 0x6}}, {0x2, 0x7e78, {0x5000000, 0x7}}, {0xd, 0x921, {0x3}}, {0xff, 0x200, {0x2, 0x7}}, {0x8, 0x4, {0x0, 0x2}}, {0x1, 0x38, {0x3, 0x9ec}}, {0xf6f0, 0x6, {0x3, 0x7}}, {0x2, 0x7, {0x1}}, {0x100, 0x4, {0x2, 0x7f}}, {0x4, 0x6, {0x2}}, {0x8, 0x0, {0x1, 0x8f}}, {0xfff8, 0x6, {0x1, 0x7}}, {0x9, 0x9, {0x0, 0x5}}, {0x4, 0x2, {0x0, 0x800000}}, {0x5, 0xf, {0x2, 0x44}}, {0x7, 0x400, {0x0, 0xf585}}, {0xd22, 0x8001, {0x1, 0x4}}, {0x1, 0x5, {0x1, 0x3}}, {0x4, 0x1, {0x0, 0x6d}}, {0x10, 0x7}, {0x8001, 0x3, {0x2, 0x2}}, {0x3, 0x6a2, {0x2, 0x16}}, {0x6, 0x3ff, {0x0, 0x1000}}, {0x0, 0x9, {0x0, 0x3e}}, {0x6, 0x1, {0x2, 0x80}}, {0x1, 0x3, {0x1, 0x1}}, {0x7, 0xd, {0x3}}, {0xffff, 0x2, {0x2, 0x100}}, {0x6, 0x9, {0x2, 0x3ff}}, {0x65, 0x2, {0x3, 0xa}}]}}}]}, 0x268}}, 0x0)

41.81222331s ago: executing program 9 (id=4488):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='fd/3\x00')
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x1d, 0x3, &(0x7f0000000280)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @map_val={0x18, 0xa, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4}], &(0x7f00000002c0)='GPL\x00', 0x3, 0x98, &(0x7f0000000300)=""/152, 0x41100, 0x54, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x3, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xd}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_ext={0x1c, 0x9, &(0x7f00000000c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000140)='syzkaller\x00', 0x1000, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x1, 0x3}, 0x8, 0x10, &(0x7f0000000240)={0x4, 0xe, 0x1, 0x7fff}, 0x10, 0x287dc, r3, 0x3, 0x0, &(0x7f00000004c0)=[{0x5, 0x5, 0x9, 0x3}, {0x2, 0x3, 0x8, 0x9}, {0x1, 0x2, 0x0, 0x1}], 0x10, 0x7e0}, 0x94)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r1)

41.703022378s ago: executing program 4 (id=4489):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x101040)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0), 0x2441, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x4)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r2, &(0x7f0000000140)={0x0, 0xf0ff, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
socket(0x15, 0x5, 0x0)

41.702898986s ago: executing program 9 (id=4490):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000100001009effffffffffffff0000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0)

41.702138322s ago: executing program 4 (id=4491):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

41.650183772s ago: executing program 4 (id=4493):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2b9}]]}, 0x30}}, 0x200000c0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="84010000100013070000000000000000ac1414bb000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000200000000000000000000000000000000320000006401010200000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000002000100000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c00120061656779733132382d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800100"/316], 0x184}, 0x1, 0x0, 0x0, 0x4001}, 0x1000c080)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r8 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000001ac0)={r7, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_BLOCK_SIZE(r8, 0x4c09, 0x10000)
syz_emit_ethernet(0xc6, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000088a83c00810045000800450000b0000000000011907800000000e000000100004e20009c000200000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424dbcfd56f1375461caaa2f19935e6996c7096ffeeb030000e4ffffff639a3bfbc1f39cb307b347e0a768b042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b7500090583"], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
ioctl$FBIOGET_FSCREENINFO(r6, 0x4602, &(0x7f0000000440))
socket(0x16, 0x484fe434e7a03be6, 0x4)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x100, 0x0, 0x1, {0x0, 0x0, 0x0, r5, 0x1081}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44085}, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r9 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x40f5, 0x80, 0x0, 0x224}, &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, 0x0, 0x0, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_CLOCK(r9, 0x1d, &(0x7f0000000240), 0x0)

41.558389157s ago: executing program 9 (id=4495):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)

40.824933762s ago: executing program 9 (id=4502):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r0 = socket$inet6(0xa, 0x3, 0xba32)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r2})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r3 = syz_open_dev$loop(&(0x7f00000000c0), 0x8, 0x20000)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r4, 0xc038563b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1})
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f00000007c0)={0xfeb6, 0x5, r2, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})
close_range(r0, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x80801)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x7d})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f0000760000/0x4000)=nil, 0x4000, 0x3000001, 0x8031, 0xffffffffffffffff, 0x7fda8000)
r6 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r6, &(0x7f0000000200)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xd}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1, 0x2, 0x3, 0xfffffff9, 0x9, 0x101, 0x2, 0xffff}}}}]}, 0x58}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00'})
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r9, 0xc0045516, &(0x7f0000000000))
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)
read(r5, &(0x7f00000000c0)=""/175, 0x20)

40.703380023s ago: executing program 9 (id=4503):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

40.620178443s ago: executing program 9 (id=4505):
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)
syz_clone(0x2000, &(0x7f00000000c0)="477d945e12727cb19048bac0bf389c3f33040482b7dfc20db6d94582127ba973e93b05e03407f3a95777609afc7e66dbf27f583eb0f09363a7b07bfa53749fddce18b6ba0b1f4c498bbdbb59e8d190afbfc4990d560f3c3c2727f24dbdee2b50504d0da011ad8f7565746395a980e75ab33f4f8f2c4dba41b497532821cc9fbefc663d3db832ee624c00a0d6f03c07de6859faeb56c4b35384fa3c026dd993a49d23796f234e613c8b031b17bb9a7a3f4aa0c946b52b4b3aed2c26d28651ba756f9f8bf0bcc628850d9a00373d1532d879059ad30c64", 0xd6, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="8b27b0172cbc7a67b0cddc08662622e3ad0fdfc9d1c1c11838153949862bcf440432ee371829de69ed1f2f5a5871fd1a33c765ed7812bc0ec99efa79103798c138f43284604638740f153ffd727f05f4013f2dccf9328a0219c39f0c378d4d4d6977c82b8e00cb22a7993fa1dc2d18d4e53f2e720004c8188ea492ec05dd07e18544dbf3ed47c00dc80d5faa614e23575d61f34df60079a2b415ee77b9484579e02479396968985bc4adb6afd9fa3e23e836bdc1c2b8cd0a73faa328ca42221d6c")

39.544295618s ago: executing program 5 (id=4510):
unshare(0x2040400) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
shutdown(r0, 0x2) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) (async)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x58, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x44, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x4000004) (async)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r4, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x1, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)

39.450735109s ago: executing program 5 (id=4511):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)

39.059529949s ago: executing program 5 (id=4512):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
socket$inet6(0xa, 0x3, 0xba32)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r2 = syz_open_dev$loop(&(0x7f00000000c0), 0x8, 0x20000)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r3, 0xc038563b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1})
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0xfeb6, 0x5, r1, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})

38.951000341s ago: executing program 5 (id=4513):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
write(r0, &(0x7f0000000000), 0x95)

38.950859765s ago: executing program 5 (id=4514):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

38.861037665s ago: executing program 5 (id=4515):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8048802) (fail_nth: 3)

37.407841039s ago: executing program 6 (id=4519):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x22, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'veth0_vlan\x00', 0x6c07})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'pimreg1\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x7, 0x8, 0xd401}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {0x0, 0xc}, {0x8, 0xfff2}}, [@TCA_RATE={0x0, 0x5, {0x53, 0xe}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000095}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000000)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00002fb96dffff1144ee163cddcb000000800000827600000000000000", 0x26}, {&(0x7f0000000780)="f058050000007f8f", 0x8}], 0x2}, 0x5)
socket$nl_route(0x10, 0x3, 0x0)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25d7dbfb, {0x0, 0x0, 0x0, r11, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x10, 0x8, 0x8, 0x8, 0x81}, 0x103, 0x0, 0x7, 0x7, 0x7, 0xa, 0x12, 0x87, 0x7, 0x3, {0x3, 0x2, 0x3, 0x35db, 0x2, 0x6}}}}]}, 0x78}}, 0x0)
socket$kcm(0x11, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r12 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x2c, 0x2c, 0xd27, 0x170bd2b, 0x802, {0x0, 0x0, 0x0, r13, {0x0, 0x10}, {0x0, 0x2}, {0x8, 0x4}}, [@TCA_RATE={0x6, 0x5, {0x7, 0x9}}]}, 0x2c}}, 0x2)

37.119916489s ago: executing program 6 (id=4520):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001b40)=@newtfilter={0x68, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x4}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'vlan0\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0xf00, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)

37.059632799s ago: executing program 6 (id=4521):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0xfeb6, 0x5, r1, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})

36.849760312s ago: executing program 6 (id=4522):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$BINDER_GET_FROZEN_INFO(r3, 0xc00c620f, &(0x7f0000000200)={r0})

36.319890818s ago: executing program 6 (id=4523):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

36.209856593s ago: executing program 6 (id=4524):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a", @ANYRES32, @ANYBLOB="000000001000009e1c"], 0x44}}, 0x2000800)

26.425640302s ago: executing program 43 (id=4493):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2b9}]]}, 0x30}}, 0x200000c0)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="84010000100013070000000000000000ac1414bb000000000000000000000000fe8000000000000000000000000000bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e000000200000000000000000000000000000000320000006401010200000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000002000100000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004c00120061656779733132382d67656e6572696300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800100"/316], 0x184}, 0x1, 0x0, 0x0, 0x4001}, 0x1000c080)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r8 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000001ac0)={r7, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, "ff9f020bbe82b398b1c4369d03740250ceaac594b1b3d741dd17c1ac0d38ef2a565ef1e8336300", "a9103939c787a16c1ca43f80026d1f3c4da06963dd89d130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b7e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0xfffffffffffffffe]}})
ioctl$LOOP_SET_BLOCK_SIZE(r8, 0x4c09, 0x10000)
syz_emit_ethernet(0xc6, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000088a83c00810045000800450000b0000000000011907800000000e000000100004e20009c000200000000000000007b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424dbcfd56f1375461caaa2f19935e6996c7096ffeeb030000e4ffffff639a3bfbc1f39cb307b347e0a768b042d2643fcbb2c5a57df67d544af6e8dafe09"], 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000ec31f8104c1302007eec0102030109021b0001000000000904000001098b7500090583"], 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x101000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
ioctl$FBIOGET_FSCREENINFO(r6, 0x4602, &(0x7f0000000440))
socket(0x16, 0x484fe434e7a03be6, 0x4)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x100, 0x0, 0x1, {0x0, 0x0, 0x0, r5, 0x1081}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44085}, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r9 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x40f5, 0x80, 0x0, 0x224}, &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
syz_io_uring_submit(r10, r11, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, 0x0, 0x0, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_CLOCK(r9, 0x1d, &(0x7f0000000240), 0x0)

25.397817686s ago: executing program 44 (id=4505):
syz_emit_vhci(0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_SCODATA_PKT={0x3, {0xc9}}, 0x4)
syz_clone(0x2000, &(0x7f00000000c0)="477d945e12727cb19048bac0bf389c3f33040482b7dfc20db6d94582127ba973e93b05e03407f3a95777609afc7e66dbf27f583eb0f09363a7b07bfa53749fddce18b6ba0b1f4c498bbdbb59e8d190afbfc4990d560f3c3c2727f24dbdee2b50504d0da011ad8f7565746395a980e75ab33f4f8f2c4dba41b497532821cc9fbefc663d3db832ee624c00a0d6f03c07de6859faeb56c4b35384fa3c026dd993a49d23796f234e613c8b031b17bb9a7a3f4aa0c946b52b4b3aed2c26d28651ba756f9f8bf0bcc628850d9a00373d1532d879059ad30c64", 0xd6, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)="8b27b0172cbc7a67b0cddc08662622e3ad0fdfc9d1c1c11838153949862bcf440432ee371829de69ed1f2f5a5871fd1a33c765ed7812bc0ec99efa79103798c138f43284604638740f153ffd727f05f4013f2dccf9328a0219c39f0c378d4d4d6977c82b8e00cb22a7993fa1dc2d18d4e53f2e720004c8188ea492ec05dd07e18544dbf3ed47c00dc80d5faa614e23575d61f34df60079a2b415ee77b9484579e02479396968985bc4adb6afd9fa3e23e836bdc1c2b8cd0a73faa328ca42221d6c")

23.658540265s ago: executing program 45 (id=4515):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8048802) (fail_nth: 3)

22.724622844s ago: executing program 1 (id=4528):
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x2000)=nil, 0x930, 0x0, 0x12, r0, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000036c0)=@newlink={0x4c, 0x10, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4f26c}, [@IFLA_BROADCAST={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @IFLA_VFINFO_LIST={0x20, 0x16, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x18, 0xc, 0x0, 0x1, [{0x14, 0x1, {0x1, 0xdc0, 0x5, 0x8100}}]}]}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x40c1) (async)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='befs\x00', 0x200000, 0x0)

22.630624138s ago: executing program 1 (id=4529):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000640)={0x268, 0x1, 0x5, 0x3, 0x0, 0x0, {0x1, 0x0, 0x9}, [{{0x254, 0x1, {{0x2, 0x28a9}, 0x4, 0x0, 0x87, 0x6, 0x21, 'syz1\x00', "f52d3367e358e9acaebde6dedc69b1b386e009e15dcdc0659461162109ad33e0", "92e3ba8c2c32031d6be883a00eb489675761836d51c854df286c76d325b51dd6", [{0x1, 0x8, {0x3, 0xe}}, {0x3, 0x1ff, {0x2, 0x8}}, {0xb6, 0x9, {0x2, 0x1}}, {0x6, 0xe, {0x3, 0xc}}, {0x82aa, 0x1, {0x2, 0x7}}, {0x7, 0x7, {0x2, 0x10000}}, {0x2, 0xbdc, {0x1, 0x9}}, {0x1, 0x9400, {0x1, 0x9}}, {0x3, 0xe4, {0x2, 0x1}}, {0xe8, 0x7, {0x1, 0x7}}, {0x4, 0xfffc, {0x0, 0x6}}, {0x2, 0x7e78, {0x6000000, 0x7}}, {0xd, 0x921, {0x3}}, {0xff, 0x200, {0x2, 0x7}}, {0x8, 0x4, {0x0, 0x2}}, {0x1, 0x38, {0x3, 0x9ec}}, {0xf6f0, 0x6, {0x3, 0x7}}, {0x2, 0x7, {0x1}}, {0x100, 0x4, {0x2, 0x7f}}, {0x4, 0x6, {0x2}}, {0x8, 0x0, {0x1, 0x8f}}, {0xfff8, 0x6, {0x1, 0x7}}, {0x9, 0x9, {0x0, 0x5}}, {0x4, 0x2, {0x0, 0x800000}}, {0x5, 0xf, {0x2, 0x44}}, {0x7, 0x400, {0x0, 0xf585}}, {0xd22, 0x8001, {0x1, 0x4}}, {0x1, 0x5, {0x1, 0x3}}, {0x4, 0x1, {0x0, 0x6d}}, {0x10, 0x7}, {0x8001, 0x3, {0x2, 0x2}}, {0x3, 0x6a2, {0x2, 0x16}}, {0x6, 0x3ff, {0x0, 0x1000}}, {0x0, 0x9, {0x0, 0x3e}}, {0x6, 0x1, {0x2, 0x80}}, {0x1, 0x3, {0x1, 0x1}}, {0x7, 0xd, {0x3}}, {0xffff, 0x2, {0x2, 0x100}}, {0x6, 0x9, {0x2, 0x3ff}}, {0x65, 0x2, {0x3, 0xa}}]}}}]}, 0x268}}, 0x0)

22.630385298s ago: executing program 1 (id=4530):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0xfeb6, 0x5, r1, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})

22.440043684s ago: executing program 1 (id=4531):
r0 = socket$kcm(0x10, 0x2, 0x0)
syz_emit_ethernet(0x42, &(0x7f00000010c0)={@local, @random='\x00 \x00\x00\x00\b', @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2a}, {[@lsrr={0x83, 0x7, 0xd7, [@multicast2]}, @ssrr={0x89, 0x3, 0xd8}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3}}}}}}, 0x0) (async)
sendmsg$inet(r0, &(0x7f0000000400)={0x0, 0x50, &(0x7f0000000000)=[{&(0x7f0000000100)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703340000002603000000000000040014000d000a000d0000009ee517d3334abc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20004002)

22.439923354s ago: executing program 1 (id=4532):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008000)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})

22.38080014s ago: executing program 1 (id=4533):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x40081, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000a00)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000005000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c"], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000002100010000000000fddbdf25fc000000000000000000000000000001fc020000000000000000000000000001fffc0000000000000a00008000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000005000110000000000000009000000ffff7f00000100000000000000000000ffff0a01010264010102000000000000000000000000e00000010000000000000000000000003c00000000000000020008002c001300ff010000000000000000000000000001fe8000000000000000000000000000bb0000000002"], 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r3, &(0x7f0000000300)="e21bb75e165794c63d1b8ec8dd78752d2469ef19ad538364a4d9f8ba51483be8eea1eb38ea2199e668c1075ccda9fe8a5223", 0xfffffcf7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="18010000", @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf250100000014000180080003000300000008000400", @ANYRES32, @ANYBLOB="04000300ac00028054000180080001000300000008000100060000000800010000000000080001000700000008000100080000000800010007000000080001000200000008000100020000000800010002000000080001000800000024000180080001000300000008000100020000000800010000000000080001000000000014000180080001000200000008000100030000001c000180080001000000000008000100140000000800010001000000040003003800028034000180080001000500000008000100050000000800010006000000080001000800000008000100080000000800010002000000040003"], 0x118}, 0x1, 0x0, 0x0, 0x804}, 0x4050)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r7, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0xfffffffffffffffd)
r8 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/pids.max\x00', 0xc8442, 0x11)
read$FUSE(r8, &(0x7f0000000300)={0x2020}, 0x2020)
connect$inet(r8, &(0x7f0000000100)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

20.368217854s ago: executing program 46 (id=4524):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a", @ANYRES32, @ANYBLOB="000000001000009e1c"], 0x44}}, 0x2000800)

7.383493085s ago: executing program 47 (id=4533):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x40081, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000a00)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac1414aa00000000000000000000000000000005000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400000000000000000080000000000000000000000000000000044000500ac1414aa000000000000000000000000000000003c"], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="cc0000002100010000000000fddbdf25fc000000000000000000000000000001fc020000000000000000000000000001fffc0000000000000a00008000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000005000110000000000000009000000ffff7f00000100000000000000000000ffff0a01010264010102000000000000000000000000e00000010000000000000000000000003c00000000000000020008002c001300ff010000000000000000000000000001fe8000000000000000000000000000bb0000000002"], 0xcc}, 0x1, 0x0, 0x0, 0x800}, 0x42000)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r3, &(0x7f0000000300)="e21bb75e165794c63d1b8ec8dd78752d2469ef19ad538364a4d9f8ba51483be8eea1eb38ea2199e668c1075ccda9fe8a5223", 0xfffffcf7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="18010000", @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf250100000014000180080003000300000008000400", @ANYRES32, @ANYBLOB="04000300ac00028054000180080001000300000008000100060000000800010000000000080001000700000008000100080000000800010007000000080001000200000008000100020000000800010002000000080001000800000024000180080001000300000008000100020000000800010000000000080001000000000014000180080001000200000008000100030000001c000180080001000000000008000100140000000800010001000000040003003800028034000180080001000500000008000100050000000800010006000000080001000800000008000100080000000800010002000000040003"], 0x118}, 0x1, 0x0, 0x0, 0x804}, 0x4050)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r7, 0x4068aea3, &(0x7f0000000000)={0xa8, 0x0, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x3d70000000, &(0x7f0000ffe000/0x2000)=nil})
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0xfffffffffffffffd)
r8 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup/pids.max\x00', 0xc8442, 0x11)
read$FUSE(r8, &(0x7f0000000300)={0x2020}, 0x2020)
connect$inet(r8, &(0x7f0000000100)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

3.408059874s ago: executing program 3 (id=4652):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001b40)=@newtfilter={0x23, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x4, 0x15}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)

3.340513272s ago: executing program 3 (id=4677):
openat$cdrom(0xffffffffffffff9c, 0x0, 0xc0100, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7fffffff)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005) (fail_nth: 11)

2.989317392s ago: executing program 2 (id=4683):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x10000000000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x1) (fail_nth: 3)

2.780159967s ago: executing program 2 (id=4686):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000000000000000000000000000007fffffff0001000000000071273fa79d93014b8e3381b6"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (fail_nth: 9)

2.650234527s ago: executing program 2 (id=4688):
openat$cdrom(0xffffffffffffff9c, 0x0, 0xc0100, 0x0)
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x1, 0x2)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x7fffffff)
ftruncate(r2, 0x2007ffb)
sendfile(r2, r2, 0x0, 0x1000000201005)

2.388666941s ago: executing program 3 (id=4691):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r1 = socket(0x1, 0x803, 0x0)
socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800e00010069703665727370616e000000030b00"/40, @ANYRES32=r2, @ANYBLOB], 0x44}}, 0x4000000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x115}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8048802)

2.340311619s ago: executing program 3 (id=4692):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001b40)=@newtfilter={0x68, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x4}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x3c, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'vlan0\x00'}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x2000000, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)

2.340125369s ago: executing program 3 (id=4693):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
mount$tmpfs(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100), 0x81, &(0x7f0000000200)={[{@nr_inodes={'nr_inodes', 0x3d, [0x65]}}]})
pipe2$watch_queue(&(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r3, 0x5760, 0x1f)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0x100000000000f7)
read$watch_queue(r2, &(0x7f0000000000), 0x21)
keyctl$revoke(0x3, r1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x48000009, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0xe}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_PLIMIT={0x8, 0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_QUANTUM={0x5, 0xf}]}}]}, 0x78}}, 0x0)

2.200205829s ago: executing program 3 (id=4696):
r0 = getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRES16=r1])
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000001200)='./file0\x00', &(0x7f0000001240)=@FILEID_UDF_WITH_PARENT={0x14, 0x52, {{0x101, 0x1759, 0x8f, 0x4}, 0xfffffffd, 0xfffffffe}}, &(0x7f0000001280), 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x4e21, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000600)=[@fadd={0x58, 0x114, 0x6, {{0x2, 0x1}, &(0x7f0000000580)=0x2, 0x0, 0xc03c, 0x2, 0x2, 0x8, 0x7b, 0x5}}], 0x58}, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000284000/0x4000)=nil, 0x4000, 0x0, 0x810, 0xffffffffffffffff, 0x82214000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000200)='cgroup.clone_children\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000080)=0x4, 0x12)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$netlink(0x10, 0x3, 0x8000000004)
socket(0x10, 0xa, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000001580), 0x138a09f12d5f022c, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000040)=0x401)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="70020000130029", @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
modify_ldt$read(0x1100, 0x0, 0xfffffffffffffe5e)
sched_setscheduler(0x0, 0x2, 0x0)
r6 = syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4000000000000007910900000000000620000000000000095000000000000009e574bffff1729aba9b39a58e3cd8757e44cf3611b8e327a0279acba1f7791408d1efa421239728e2e5cc319b58520609dfd4a1a021d000000000000efffff75c3d894d99aef659f8b0000c515d8c219fbd9da31fc3ce3e9a2653000aec385a84a3d3f466bba30ac1486a70037fb03adef1a427fb0f4cb3072182da7c30000000000000000000000000000000000000000000000000000297e9fed660213ecb576987ad0972f18fbb7c9ecc03901f028b15b30ecf3205f90c9684ddc80d13bf37afc00e5efd686e6fb5ef4ee00b66126f773434a5c0d2ad3526bc484a6b94396117615f78f97637d8f8838aa75efb657ddafb15b88d97e47731cc3f55ce4e6a42562e6fb1f0000003030249c350044b09c36d10549a5949ff21418f1517508fb13540a82b5030cd9bb1bb066ca833c1fef6cefa28543ee520e46a3e96aca0d5a5f8cb34ad9c54c3a9a698f835bb83bcfd81ac5cfa18ce0740717994b5152cd0fa735433e50dccee16a208245b4366d44bb7ebd169b9e3a66d0cb29291a50f642ae4cb007540c806cd1cf88fdcaa393d1e1a697649401a802b474e374c767cb1ce52fd917d6af3de547be8429540de37f868a7f25d47c4b710836436008d4e8c8b42aeee84629d06d75ef09e0260b41de1f750480e492b6822d6275b7ccda1141707069cdb21de7a98dc37efdd806cc3619ad0659998bdd90b008c1aed04ee682b8ffd25741abbd9c6482ca45b82b6b7f25f71280cd6ba8bbb1e32dfe84831d1fc132755ce9aaf1952cb6829e9d6f4cbd8a07dc0cebcad512b3e0f2daa622bc805d2e152e0765b20cd6c8e2f4fff81e1458a43f35d36b25225dc0fbaf3b8131f5a8ae73e8badc519350edf048d5f56617"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000180)=0x8)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r6)
syz_usb_connect$cdc_ecm(0x1, 0x4d, &(0x7f0000000380)=ANY=[], 0x0)

1.700222904s ago: executing program 2 (id=4701):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000010000100009e0000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008805}, 0x0)

1.64059681s ago: executing program 2 (id=4702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_OPER(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r2, 0x1, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x1, 0x48}}}}, [@NL80211_ATTR_TDLS_OPERATION={0x5}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x20008004)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$P9_RMKDIR(r3, &(0x7f0000000240)={0x14, 0x49, 0x2, {0x40, 0x3, 0x1}}, 0x14)
write$char_usb(r3, &(0x7f0000000600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d36cf7333ea9dc98af537780ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc0e001d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c2948d673ef2a8a937136ca9842717585894453a83280edc21f3fadb974c36696fe7d8bd136a005a69d14d034a869c4035282ac7c91642a05743814b4cd57df50a4eb15dd7a561637ea4ef6b3bcf89695f125fcd390746357917a6bcf55e0268a09ae5b1195f99a7fe5fec2d4115978052e195d7b5df345b827121a86166c9095e387301fc561654db0183715239247eb9dc15e83c20389aa6271b42125bd475b82db032150aa39fab06fde1034347a8a884c74edb21be34c8cf5b437ad7223970defbb27ca8eb0029fdd4acd4bc92236584ed42f03706376c583a5c8e5cf9f2415ee1f8c1b01f34d7cf1b673db2158eb99d55878ee41b391f8d7339c6f3471ae4af25e5ecb8cea2fbed9f915ce483f1a9411ca5b21776295aa4f52fa31d875f9850f3e07b8093b0f92570d41d77e68e9a79a27b6f5a2c9a100cde02ea745353e996b99b43e0f1aa51288d863859bc618a602c17a15e285e6c189a21a4762b57ce396c852a5453f035c7a2d849a98c30a2e7f797ed13ffae44e4d15a240d092a25b4820e0d2fe3b9cb74b89efc977634d1f37eddc1433f6b06fd13c543bceca1254f91413d8b914bd67f1dca660ad8ef561dfb2ce5f0486b3e1a19a3682dad8a727177a1ea448273c3cd308300e3b4fc4f96efa8d6d723de8b38f7688e13c47b2aa801ba5c33a138208412524250e41eb253520f68324dbdb5e7de6e02dc315e20cf1844cc7a5f15428dd342bcf40895d94b3de0e1acdb698a94e0dd881edfb7569d0c81981213e7186eac0d80dd35e1a48aa5319678db523e9cea10163e3924c52d1d4ff589b3b228d98e64e6ee22990600ac9b272b483520148dac0e26d27ef618c86b0a49075f71d8c21e49bbcf83eb1374f0ad393074e32fa33a257f13fb187ba40b02ee6e688092e81ce0c04e3e53507b4b244fcf3afd4dbf05747a8c81828351558223a7bd0ff6684e94cd264ab3841cca4983c10b627c3c13286872798a3bce148b7f9847cb2b485bb900ad006b08482c801e9f05e5e57591e9c9ed1235c397ebffec2bffdf0eaa4aa2b3927e583f913edb95ce47603bc725ad16c59c4b638668190bd1f9c4b2c9e1b14a85d9e3e81ef3668baf27e59dd14d1ade2d7873d4feb989cdac04675f40b59a1a41453b44e0fdb89f4a7f3f52cb3a6a79d0763f85826fe1b5acb3215a0328c32ccdf2c21bb4ab3310c2d33f9b1255582e0807492ce59953f6cd4422bfa5ea9192177bbf13bd7a83807362036708653bd01b67d3def4ef7041ea29995404c0b10b0eae74bbf614652f887f755e94d390341437d50cecbf2c16fa21638ad3f85f30db17e1af9bf2b4aa8113d6a9170dc4c024f484200a471e9c73f6d2055585bdb499156081d3bc288a2ddd2b9d856c69c22ad3b4ee16555c64d86b7a9d83722860fdbf06b3a1592f3e5832fdf2d3ee078e54b7cee981cec96de0a4c77e052d2f86061cba468f6c5861771014dd56320f5fd4f84b5a890838e9fe72f41620d131cfdb7d0e627dd490acab383d5fc8cfc95e966ced3dfe3d315ad76a0452a50e8b4e9882ca9294eaa12f73629affc9050df48aedc1da6081259226056012decf4a60c3e252860cc7452e6058d8029d2d0971496e19cc94558c96678bd1b074894271b2bff2810f8a684c9329c584641bfeeb2fd4db920aec9d18e1b05803c37bc1b3cd1b3782a713ea754b1a35f137e21e31afd230aa1ba53cbc0af2ec98c860c993441007f910b8814e115725753f7a05d0b0b290048dd6aa97f3ae6f14b9652db8017e23303a3aa52c9fd5b83aa3f8ecb5e280425709237cd6fc6728664168bb2dda083ceab3ca528a78432104912e96a2ff9057885b1aebf1a8423b5c390f32bc5f3f0093870a27d8eee3576aa70a9b1ee21041a64e7dc0bbac8b46e7aa6a825bddeeab7ffbdad2ffa238a6cc77532551ebe4e650faadf67328371563e17b508ace6ed5dfcec60cd4b90ca23260f8ae78d937b7503f9595f233c7b719b837484bb684b2f9ca4df4d716a7de9ceadf0212e7f24574f1f14015ffb583c9ad2747cbddf2f0903d3dfc60eb204c6b581ba9caba16471d1bfb09b8b96ddadadcc97435ad6fe5ed249e25b01e0d5af5fe0430e4fb18eefce981fa6c78abab2a35f186137f256d8719f2053316680c03e7499941efd68a0ff066519f4d02608c320228c8cdc42fde4abecefde9d2113f730529e0215f284732d267c6804a49778a4ee32fb860122b4584a519ced4dfc0c8a3d25d90142d16e9e36eff436881dbddd06b99dee8c4e2ff7dbc19edaa7e1ad5b1f9d713abd72d4e4547b3a46ab6acfaa7d92b6da52b75bd530f6d833d156b95f1da248219c85fe807af0a47ae22c20392c889f5e89a3524cf42412a70277fe98196deb7a4c2b136fba8cc411afa84ab762d9b95b284d95f9220b3789ab54dcfa21cd2b99fcd501263cf23654c332a3aa37c6dac0c9c54e5602a691192707708e53abea4c63b7943b1348d3cf0bdce7e4076e3a4ed9afe8651cd8e953e30104534dcb6e85ab77773b60be7e46f6cd07ea8fc675d27593223dadb9cba83f3976e5133d79afd6e4a83877bd8f0d56bd99f3d996df0295838ffb421781da6c088f18f1f94e149659f02f01b99c73de89826f65bd3dbb44468518e0f0dd5fca324d3c9864d192040cd067b54b8801610bf8391ded4df50968bf7a0d0c0f7c56f47da904ad9bcc52e8690a844b7b0be9a4e7bc8ae396382ad4f6910df9eee9f19cacd9fb0aa9a378ee8b2e58befcd7158d1ea6cdc73cc63233d8c09fb4a04e7e672d7d0c7187f7b027e87560649eb8dfe97c81f3dea408f7f9c171e38892f077e9423e91b55a4635ddbea7b535d31c8ab28ae5030f04356bf05c737884a351a8da8ae81535ed5e9628befc767cd431907dd388c00b9a8d8ebf5b57017f70830dac5eb2872b77da544742d2c93940a94ad88d094090be124e254a1973d8197fe5ed060e387e14680ea92e9a93799e64aca69ded0219486df2541b9fa209923c8d0f57978a39eba4fd17e9108243101d441cfe2c0374aaa65c434cea22e5d103588d526fc92531249ff8b8cd4783d8b915584c5ac71ff330797c85d5f66510a403cf996bec00239cef1730a35c1138b8f7f63f14e253e4d91999632d80f23076f7af79a38388e935e198d666efe799a4b8c2d82e443f01ea4907183d3bc9fb5bb94e119b1fb34beaaf1c0d296c4898600f99488a243c00309ee68a3c7297f3851ca8226eb72103d3e9981ab2dbc7dce584795aa452ee7950508f6016f04c965309f381edb1ce91059c3c21e0f7adf67f966d690545fb9597529fd5885937c433c5a156867951fc419f92ad55795a4267b0c66b59ba22ba782f92d431e37748aa41949a954b3c68120ddac938788b6d753d9152a562f8bf972c744359def08a16da4c077df2795710397e70faa3fe8e004ccf7275ad42d518094821207ad6813f66bf5c15e1a61298b3f977d7fd783f7cac82e88b652a14b9f6df36425cf89507428a6594d2200f392faea2542e6e51faa934ec1218652afd32c1f09ba277f8faa0b0fbf60b82340b42f88115394b36524026e71638bb7faec318168164e7448214f755c36dba743b15858788365171e521b9722d7950d48cb274b67361c89ef262a320186b8fb4ab84394fffdba09b14ca27608e6f49b6513d84a182459666d66902ef5cd3fa048d811401b910fc284c2d07dfe83bd398321f5e4a528b5c76dd2a4bbb7e68ce5826788c065cc686c8e174cc7cafdb289b0e4accd73fb54cccfdf3111a22a0fd764e5677cb54c94f7387b3290e8ea96a43ab678c514a33f497c3ed42ddaae3b1bad3c137d2b4aa193b2de5f4ac6e3f2a1404fcdf9919e18fb4cc8c042a72b550cf01d1dfffb8857d05d92430a669197cd66b7c7c88c539ff61aa880b94b5375989bae5fb8f381f8b211e52fd1bc3060eb2ad77d8de778a49ef3a21d992d3166c586eb5f3bb72a29da04c88441c381752939dc478b3088a66c869949b6d05a66286c61598dba66afb6d5", 0xfec)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x2, 0x8, 0x101, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TIMEOUT_DATA={0x1c, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x200}]}, 0x54}, 0x1, 0x0, 0x0, 0x90}, 0x40080)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x644, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x630, 0x1, [@m_police={0x47c, 0x1, 0x0, 0x0, {{0xb}, {0x450, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0xffffffff, 0x5, 0x0, 0x0, 0x0, {0x81, 0x1, 0x0, 0xd85}, {0x1}, 0x4, 0x0, 0x2}}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x5, 0xfffffe01, 0x81, 0xffff, 0x80000001, 0x200, 0xfffffff4, 0x79f, 0xe, 0xd86, 0x0, 0x5a75, 0x2, 0x7f, 0x81, 0x36ad, 0x8, 0x1, 0x8, 0x8, 0x3, 0x0, 0x0, 0x80000000, 0x555, 0x100, 0xd1, 0x6, 0x7, 0x8, 0x1, 0x3, 0x1, 0xffffff81, 0x8, 0x40, 0x7, 0x9, 0x278, 0x8, 0x2, 0x0, 0x26d1c8ca, 0x5, 0xf1, 0xe, 0x4b, 0x8, 0x3, 0xccbf, 0x6, 0x7ff, 0x0, 0x9, 0x2, 0x6, 0xc, 0xfffffff2, 0x5, 0x4, 0x8, 0x2, 0x8001, 0x3b13, 0x7, 0x5, 0x1, 0xfffffff9, 0x3, 0x5, 0x8001, 0x7, 0x6, 0x8f57, 0x8, 0x6, 0x7ff, 0x5, 0x3, 0x0, 0xffffffff, 0x6, 0x1, 0x200, 0x2, 0x1, 0x1, 0x80, 0x7ff, 0x3, 0xffffffff, 0x10, 0x3, 0x10000, 0x2, 0x6, 0x254cae9d, 0xc, 0x4, 0xf, 0x5304, 0x3, 0x5, 0x2, 0x2, 0x8, 0x10000, 0xff, 0x1, 0x7, 0x0, 0x6, 0x9, 0x7fff, 0x2, 0xffff, 0x8, 0xbb86, 0x8, 0x1, 0x9, 0x5, 0xe, 0x1, 0x1, 0x80000000, 0x8, 0x400, 0x2, 0x0, 0xa, 0xff, 0xf944, 0x5, 0x4fc5, 0x1, 0x200, 0x7, 0x1, 0x4e, 0x1, 0x10001, 0x5, 0x4cff, 0x6, 0x6, 0x3, 0x9, 0x1ff, 0x5, 0x3, 0x7fffffff, 0xff, 0xfffffffe, 0x0, 0x5, 0x9, 0x0, 0x80, 0x1c0000, 0x1, 0x81, 0x4, 0x4, 0x7, 0x9, 0xac, 0x4f, 0x1ff, 0x2, 0x0, 0x2, 0xee0, 0x5, 0x1, 0x10, 0x5, 0x4, 0xfffffff7, 0x1, 0x1, 0x9, 0xda62, 0xe, 0x6dd, 0x3, 0x6, 0x0, 0x6, 0x7, 0x9, 0xb587, 0x9, 0xfffffff8, 0x2, 0x8, 0xc594, 0x401, 0x1, 0x7, 0x7, 0xffffffff, 0x4, 0x9, 0x2, 0x0, 0xac, 0xa49b, 0x2, 0x5afa, 0x80, 0x80000001, 0x2, 0xc, 0x7ff, 0x2, 0x6, 0x1, 0x100, 0x6, 0xd, 0x8, 0x2, 0x6, 0x8, 0xee, 0x10, 0x440, 0x1ff, 0x8, 0x3, 0xfffffff9, 0x1ff, 0x7, 0x1, 0x9, 0x8, 0x7c, 0x5, 0xffff7fff, 0x2, 0x7, 0x2, 0x2, 0xb23, 0x80, 0x5, 0x4, 0x4, 0xfffffff0, 0x353d, 0x862c, 0x800, 0x6, 0x2]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x9}]]}, {0x4}, {0xc}, {0xc}}}, @m_mirred={0x1b0, 0x1d, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x5, 0x7, 0x7fffffff, 0x200}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffb3, 0x800, 0x4, 0x6, 0x9}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0xffffffffffffffff, 0x0, 0x9}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2000001, 0x4, 0x2, 0x2}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x7, 0x2, 0x8, 0x7}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x2, 0x4, 0x6, 0x10001, 0x7}, 0x2}}]}, {0xc3, 0x6, "2b728d72194af1813192d0808fd0ca2fcf7bdd40322ae24be21f31e8f266cb783821e3c1ce779ec2b706871e34046986235f44d0a036fd1b1ce3fb084c4a7cdf473384a753fee6df1d13987c7ae490c85d971df6345723dec47eeef92081cd9f5552b5eaa17338fea11930d4d7133005115e65bf960aa1b5f2715ab79b08886822151ad540803e951b885cff4376c10b963a5834f6bfe2d078747197e7340827e17d1655493406ad1f971be63945d358e98f52a3935d49fff612b4a498a6dd"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x644}, 0x1, 0x0, 0x0, 0x84040}, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000340), 0x80201, 0x0)
ioctl$RTC_UIE_OFF(r4, 0x7004)

1.639983604s ago: executing program 2 (id=4703):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$BINDER_GET_FROZEN_INFO(r3, 0xc00c620f, &(0x7f0000000200)={r0})

1.099244204s ago: executing program 8 (id=4707):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b", 0x1d}], 0x1}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}], 0x1}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000b40)=ANY=[], 0x290}}], 0x1, 0x810)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)={0x9c, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x4}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20000080}, 0x10080)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

980.319436ms ago: executing program 7 (id=4708):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
ioctl$SIOCAX25GETUID(r0, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}) (fail_nth: 1)

980.037561ms ago: executing program 8 (id=4709):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0xa, 0xfffc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x2}]}}]}, 0x3c}}, 0x4000010)
write(r0, &(0x7f0000000000), 0x0)

919.292267ms ago: executing program 8 (id=4710):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x2b)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r1, &(0x7f0000002240)={0x2020}, 0x2020)
writev(r1, &(0x7f0000002140)=[{&(0x7f0000000040)='T01\n', 0x4}, {&(0x7f0000000080)="37c870ef0c000000e20ecbf61fc3", 0xe}], 0x2)
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x1800022)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000280))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
sendmsg$NFNL_MSG_CTHELPER_GET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x1, 0x9, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0xdddfb8c95d0a80d3}, 0x4000080)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$tmpfs(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0)
move_mount(r4, &(0x7f0000008080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x313)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

918.932058ms ago: executing program 7 (id=4711):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'netdevsim0\x00', &(0x7f0000000700)=@ethtool_coalesce={0xf, 0xb, 0xe70, 0xd99, 0x76, 0x1d1, 0x800, 0x4, 0xb572, 0x1ff, 0x4, 0x7, 0x0, 0x2, 0x9, 0xfc, 0x8e3c, 0x8, 0xff, 0x8, 0x8, 0x202, 0x6}})
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="119b030e7deba3ec69da3c0cce0764c6baa1660000000000000000000000b8000000000000000000", 0x28)
r2 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r2)
sendmmsg$alg(r2, &(0x7f0000003f40)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000180)="2bae8f85ee", 0x5}, {0x0}], 0x2, &(0x7f00000006c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x20000040}], 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000000000000000000000000000007fffffff0001000000000071273fa79d93014b8e3381b6"], 0xfdef)
r4 = socket(0xa, 0x2, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000040)=0x1c)
rt_sigqueueinfo(0x0, 0x3c, &(0x7f0000000000)={0x30, 0x6, 0xfb2})
ioctl$KDSETMODE(r5, 0x4b45, 0x1)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback={0xff00000000000000}}, 0x59)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

860.551896ms ago: executing program 8 (id=4712):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
syz_usb_connect$uac1(0x1, 0x71, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0), 0x0, 0x1})

730.655126ms ago: executing program 7 (id=4713):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000000000000000000000000000007fffffff0001000000000071273fa79d93014b8e3381b6"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x700, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

310.650005ms ago: executing program 8 (id=4714):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x8}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r2, &(0x7f00000003c0)={{0x6, @rose, 0x2}, [@default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0) (async)
close_range(r0, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x4000011, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) (async)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) (async)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) (async)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x4)
writev(r3, &(0x7f0000000680)=[{&(0x7f0000000040)="646a53e446de86a0", 0x8}], 0x1)

219.863706ms ago: executing program 8 (id=4715):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000040)={0x0, 0x0, 0x700})

80.414514ms ago: executing program 7 (id=4716):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x10)
bind$ax25(r0, &(0x7f0000000100)={{0x3, @default, 0x5}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x120}, 0x1, 0x0, 0x0, 0x44041}, 0x0)

80.277766ms ago: executing program 7 (id=4717):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone3(&(0x7f0000000080)={0x2001080, 0x0, 0x0, 0x0, {0x25}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = socket$netlink(0x10, 0x3, 0x4)
writev(r0, &(0x7f0000fb1000)=[{&(0x7f0000000080)="480000001400197f09004b0101048c590288ffff800100001f0000010028213ee20600d4ff5bffff00f83bf8617c63b7c7e5ed5e00000000000000000000ea040018125d4b18857a", 0x48}], 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))

0s ago: executing program 7 (id=4718):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000000e2ffca1b", 0x1d}], 0x1}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}], 0x1}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000300), 0x0, &(0x7f0000000b40)=ANY=[], 0x290}}], 0x1, 0x810)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x4048040)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000600)={0x9c, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@HEADER={0x4}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20000080}, 0x10080)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

06] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.430311][T19306] R13: 00007f8216016038 R14: 00007f8216015fa0 R15: 00007ffc506b7618
[  357.430325][T19306]  </TASK>
[  357.910423][T19315] xt_NFQUEUE: number of queues (5) out of range (got 65536)
[  358.019694][T19319] FAULT_INJECTION: forcing a failure.
[  358.019694][T19319] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  358.023992][T19319] CPU: 0 UID: 0 PID: 19319 Comm: syz.5.4476 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.024011][T19319] Tainted: [L]=SOFTLOCKUP
[  358.024015][T19319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  358.024022][T19319] Call Trace:
[  358.024026][T19319]  <TASK>
[  358.024031][T19319]  dump_stack_lvl+0x100/0x190
[  358.024053][T19319]  should_fail_ex.cold+0x5/0xa
[  358.024066][T19319]  ? prepare_alloc_pages+0x16d/0x5f0
[  358.024085][T19319]  should_fail_alloc_page+0xeb/0x140
[  358.024103][T19319]  prepare_alloc_pages+0x1f0/0x5f0
[  358.024123][T19319]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  358.024138][T19319]  ? rcu_is_watching+0x12/0xc0
[  358.024153][T19319]  ? __lock_acquire+0x4a5/0x2630
[  358.024175][T19319]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  358.024191][T19319]  ? do_raw_spin_lock+0x128/0x260
[  358.024203][T19319]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  358.024219][T19319]  ? find_held_lock+0x2b/0x80
[  358.024237][T19319]  ? __lock_acquire+0x4a5/0x2630
[  358.024255][T19319]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  358.024271][T19319]  ? policy_nodemask+0xed/0x4f0
[  358.024289][T19319]  alloc_pages_mpol+0x1fb/0x550
[  358.024306][T19319]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  358.024323][T19319]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  358.024341][T19319]  folio_alloc_mpol_noprof+0x36/0x340
[  358.024361][T19319]  shmem_alloc_folio+0x135/0x160
[  358.024374][T19319]  shmem_alloc_and_add_folio+0x371/0xd40
[  358.024391][T19319]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  358.024407][T19319]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  358.024425][T19319]  shmem_get_folio_gfp+0x6ab/0x1900
[  358.024443][T19319]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  358.024459][T19319]  ? filemap_map_pages+0x9e0/0x2170
[  358.024475][T19319]  shmem_fault+0x1f9/0xa20
[  358.024489][T19319]  ? __lock_acquire+0x4a5/0x2630
[  358.024506][T19319]  ? __pfx_shmem_fault+0x10/0x10
[  358.024523][T19319]  ? __pfx_filemap_map_pages+0x10/0x10
[  358.024541][T19319]  __do_fault+0x10d/0x550
[  358.024559][T19319]  do_fault+0xaf9/0x1a00
[  358.024579][T19319]  __handle_mm_fault+0x180f/0x2b60
[  358.024596][T19319]  ? __pfx___handle_mm_fault+0x10/0x10
[  358.024610][T19319]  ? pte_offset_map_lock+0x174/0x320
[  358.024626][T19319]  ? find_held_lock+0x2b/0x80
[  358.024644][T19319]  ? follow_page_pte+0x5b3/0x1400
[  358.024664][T19319]  handle_mm_fault+0x36d/0xa20
[  358.024680][T19319]  __get_user_pages+0xf9c/0x34d0
[  358.024703][T19319]  ? __pfx___get_user_pages+0x10/0x10
[  358.024724][T19319]  populate_vma_page_range+0x267/0x3f0
[  358.024744][T19319]  ? __pfx_populate_vma_page_range+0x10/0x10
[  358.024762][T19319]  ? __pfx_find_vma_intersection+0x10/0x10
[  358.024779][T19319]  ? do_mmap+0x93f/0x12f0
[  358.024798][T19319]  __mm_populate+0x107/0x3a0
[  358.024817][T19319]  ? __pfx___mm_populate+0x10/0x10
[  358.024836][T19319]  ? up_write+0x290/0x4f0
[  358.024849][T19319]  vm_mmap_pgoff+0x37f/0x470
[  358.024868][T19319]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  358.024886][T19319]  ? __fget_files+0x21f/0x3d0
[  358.024908][T19319]  ksys_mmap_pgoff+0x7d/0x5b0
[  358.024924][T19319]  ? __pfx_ksys_write+0x10/0x10
[  358.024941][T19319]  __x64_sys_mmap+0x125/0x190
[  358.024954][T19319]  do_syscall_64+0x106/0xf80
[  358.024966][T19319]  ? clear_bhb_loop+0x40/0x90
[  358.024979][T19319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.024991][T19319] RIP: 0033:0x7f898059bf79
[  358.025002][T19319] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  358.025013][T19319] RSP: 002b:00007f8981405028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  358.025024][T19319] RAX: ffffffffffffffda RBX: 00007f8980815fa0 RCX: 00007f898059bf79
[  358.025031][T19319] RDX: 0000000003000001 RSI: 0000000000b36000 RDI: 0000200000000000
[  358.025038][T19319] RBP: 00007f8981405090 R08: ffffffffffffffff R09: 000000007fda8000
[  358.025045][T19319] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[  358.025051][T19319] R13: 00007f8980816038 R14: 00007f8980815fa0 R15: 00007ffd06e0f748
[  358.025065][T19319]  </TASK>
[  358.160087][T19304] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.225362][T19322] binder: 19321:19322 ioctl 400c4808 200000000040 returned -22
[  358.230090][T19304] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.255522][T19324] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.257978][T19324] batadv_slave_0: entered promiscuous mode
[  358.287552][T19304] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.287813][T19329] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4479'.
[  358.455044][T14559] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  358.461962][T14543] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  358.463016][T19337] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  358.467105][T19337] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  358.484366][T14555] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  358.487032][T14555] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  358.541034][ T5935] usb 10-1: new low-speed USB device number 9 using dummy_hcd
[  358.561958][T19349] FAULT_INJECTION: forcing a failure.
[  358.561958][T19349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.566133][T19349] CPU: 3 UID: 0 PID: 19349 Comm: syz.6.4486 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.566152][T19349] Tainted: [L]=SOFTLOCKUP
[  358.566173][T19349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  358.566181][T19349] Call Trace:
[  358.566186][T19349]  <TASK>
[  358.566190][T19349]  dump_stack_lvl+0x100/0x190
[  358.566212][T19349]  should_fail_ex.cold+0x5/0xa
[  358.566227][T19349]  _copy_from_user+0x2e/0xd0
[  358.566246][T19349]  snd_pcm_oss_write2+0x1c2/0x400
[  358.566263][T19349]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  358.566277][T19349]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  358.566299][T19349]  snd_pcm_oss_write+0x729/0xa30
[  358.566315][T19349]  ? security_file_permission+0x76/0x210
[  358.566334][T19349]  vfs_write+0x2aa/0x1070
[  358.566350][T19349]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  358.566366][T19349]  ? __pfx_vfs_write+0x10/0x10
[  358.566380][T19349]  ? find_held_lock+0x2b/0x80
[  358.566406][T19349]  ? __fget_files+0x215/0x3d0
[  358.566424][T19349]  ? __fget_files+0x215/0x3d0
[  358.566443][T19349]  ? __fget_files+0x21f/0x3d0
[  358.566464][T19349]  ksys_write+0x12a/0x250
[  358.566479][T19349]  ? __pfx_ksys_write+0x10/0x10
[  358.566499][T19349]  do_syscall_64+0x106/0xf80
[  358.566511][T19349]  ? clear_bhb_loop+0x40/0x90
[  358.566525][T19349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.566537][T19349] RIP: 0033:0x7f2cc1b9bf79
[  358.566547][T19349] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  358.566568][T19349] RSP: 002b:00007f2cc2ad4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  358.566580][T19349] RAX: ffffffffffffffda RBX: 00007f2cc1e15fa0 RCX: 00007f2cc1b9bf79
[  358.566588][T19349] RDX: 000000000000fc36 RSI: 0000200000000500 RDI: 0000000000000003
[  358.566594][T19349] RBP: 00007f2cc2ad4090 R08: 0000000000000000 R09: 0000000000000000
[  358.566601][T19349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  358.566607][T19349] R13: 00007f2cc1e16038 R14: 00007f2cc1e15fa0 R15: 00007ffd195073a8
[  358.566623][T19349]  </TASK>
[  358.733281][T19359] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4494'.
[  358.736150][T19359] nbd: must specify at least one socket
[  358.748916][T19361] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.761951][ T5935] usb 10-1: unable to get BOS descriptor or descriptor too short
[  358.764487][ T5935] usb 10-1: no configurations
[  358.766003][ T5935] usb 10-1: can't read configurations, error -22
[  358.864513][T19361] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.930243][T19369] FAULT_INJECTION: forcing a failure.
[  358.930243][T19369] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  358.940332][T19369] CPU: 3 UID: 0 PID: 19369 Comm: syz.6.4497 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  358.940353][T19369] Tainted: [L]=SOFTLOCKUP
[  358.940357][T19369] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  358.940364][T19369] Call Trace:
[  358.940368][T19369]  <TASK>
[  358.940373][T19369]  dump_stack_lvl+0x100/0x190
[  358.940395][T19369]  should_fail_ex.cold+0x5/0xa
[  358.940408][T19369]  ? prepare_alloc_pages+0x16d/0x5f0
[  358.940428][T19369]  should_fail_alloc_page+0xeb/0x140
[  358.940446][T19369]  prepare_alloc_pages+0x1f0/0x5f0
[  358.940466][T19369]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  358.940481][T19369]  ? kmem_cache_alloc_lru_noprof+0x297/0x6e0
[  358.940496][T19369]  ? xas_alloc+0x350/0x460
[  358.940509][T19369]  ? __lock_acquire+0x4a5/0x2630
[  358.940527][T19369]  ? css_rstat_updated+0x1ce/0x5a0
[  358.940544][T19369]  ? __pfx_css_rstat_updated+0x10/0x10
[  358.940560][T19369]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  358.940578][T19369]  ? rcu_is_watching+0x12/0xc0
[  358.940595][T19369]  ? __lock_acquire+0x4a5/0x2630
[  358.940612][T19369]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  358.940628][T19369]  ? policy_nodemask+0xed/0x4f0
[  358.940646][T19369]  alloc_pages_mpol+0x1fb/0x550
[  358.940663][T19369]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  358.940678][T19369]  ? find_held_lock+0x2b/0x80
[  358.940692][T19369]  ? filemap_get_read_batch+0x30a/0xa60
[  358.940706][T19369]  ? filemap_get_read_batch+0x30a/0xa60
[  358.940723][T19369]  folio_alloc_noprof+0x22/0x330
[  358.940734][T19369]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  358.940755][T19369]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  358.940776][T19369]  ? page_cache_sync_ra+0x1bb/0xb10
[  358.940791][T19369]  filemap_get_pages+0x898/0x2050
[  358.940809][T19369]  ? folios_put_refs+0x66d/0x840
[  358.940825][T19369]  ? __pfx_filemap_get_pages+0x10/0x10
[  358.940842][T19369]  ? __pfx___might_resched+0x10/0x10
[  358.940856][T19369]  filemap_splice_read+0x46e/0xc80
[  358.940877][T19369]  ? __pfx_filemap_splice_read+0x10/0x10
[  358.940919][T19369]  ? trace_kmalloc+0x101/0x130
[  358.940936][T19369]  ? lockdep_init_map_type+0x5c/0x250
[  358.940955][T19369]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  358.940972][T19369]  ? __pfx_filemap_splice_read+0x10/0x10
[  358.941000][T19369]  do_splice_read+0x285/0x370
[  358.941019][T19369]  splice_direct_to_actor+0x2a1/0xa30
[  358.941038][T19369]  ? __pfx_direct_splice_actor+0x10/0x10
[  358.941058][T19369]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  358.941079][T19369]  do_splice_direct+0x174/0x240
[  358.941097][T19369]  ? __pfx_do_splice_direct+0x10/0x10
[  358.941113][T19369]  ? avc_policy_seqno+0x9/0x20
[  358.941135][T19369]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  358.941154][T19369]  ? rw_verify_area+0xce/0x6d0
[  358.941168][T19369]  do_sendfile+0xadc/0xe20
[  358.941186][T19369]  ? __pfx_do_sendfile+0x10/0x10
[  358.941200][T19369]  ? __fget_files+0x21f/0x3d0
[  358.941221][T19369]  __x64_sys_sendfile64+0x1d8/0x220
[  358.941238][T19369]  ? ksys_write+0x1ac/0x250
[  358.941253][T19369]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  358.941276][T19369]  do_syscall_64+0x106/0xf80
[  358.941286][T19369]  ? clear_bhb_loop+0x40/0x90
[  358.941300][T19369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.941312][T19369] RIP: 0033:0x7f2cc1b9bf79
[  358.941322][T19369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  358.941333][T19369] RSP: 002b:00007f2cc2ab3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  358.941344][T19369] RAX: ffffffffffffffda RBX: 00007f2cc1e16090 RCX: 00007f2cc1b9bf79
[  358.941351][T19369] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  358.941357][T19369] RBP: 00007f2cc2ab3090 R08: 0000000000000000 R09: 0000000000000000
[  358.941364][T19369] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  358.941371][T19369] R13: 00007f2cc1e16128 R14: 00007f2cc1e16090 R15: 00007ffd195073a8
[  358.941385][T19369]  </TASK>
[  359.096685][T19361] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.165067][T19361] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.369867][T19373] MPI: mpi too large (107144 bits)
[  359.376215][T14543] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  359.386498][T14559] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  359.405653][T14543] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  359.442034][T14559] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  359.575734][T19381] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  359.703779][T19385] binder: 19384:19385 ioctl c018620c 200000000040 returned -22
[  359.965632][   T41] kauditd_printk_skb: 6 callbacks suppressed
[  359.965644][T19390] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  359.965643][   T41] audit: type=1400 audit(2000000407.585:33037): avc:  denied  { remount } for  pid=19388 comm="syz.6.4507" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  360.031000][  T831] usb 10-1: new low-speed USB device number 11 using dummy_hcd
[  360.214552][  T831] usb 10-1: unable to get BOS descriptor or descriptor too short
[  360.217404][  T831] usb 10-1: no configurations
[  360.219001][  T831] usb 10-1: can't read configurations, error -22
[  360.764313][T19392] vlan2: entered promiscuous mode
[  360.765953][T19392] bridge0: entered promiscuous mode
[  360.791630][   T41] audit: type=1804 audit(2000000408.415:33038): pid=19394 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.4509" name="bus" dev="ramfs" ino=89342 res=1 errno=0
[  360.806228][   T41] audit: type=1804 audit(2000000408.425:33039): pid=19394 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.6.4509" name="bus" dev="ramfs" ino=89342 res=1 errno=0
[  360.811273][T19398] tipc: Started in network mode
[  360.823146][T19398] tipc: Node identity 7f000001, cluster identity 4711
[  360.825452][T19398] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  360.829001][T19398] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  360.832264][T19398] tipc: Enabled bearer <udp:syz0>, priority 10
[  360.867525][T19401] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.942643][T19401] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.005307][T19401] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.087271][T19401] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  361.212086][T14543] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  361.219320][T14543] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  361.229876][T14543] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  361.238082][T14543] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  361.322603][T19409] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  361.971192][T17881] tipc: Node number set to 2130706433
[  361.981188][ T6018] usb 11-1: new low-speed USB device number 13 using dummy_hcd
[  362.146999][ T6018] usb 11-1: unable to get BOS descriptor or descriptor too short
[  362.149836][ T6018] usb 11-1: no configurations
[  362.151709][ T6018] usb 11-1: can't read configurations, error -22
[  362.695002][T19423] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4517'.
[  362.753574][T19425] FAULT_INJECTION: forcing a failure.
[  362.753574][T19425] name failslab, interval 1, probability 0, space 0, times 0
[  362.757529][T19425] CPU: 2 UID: 0 PID: 19425 Comm: syz.6.4518 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  362.757548][T19425] Tainted: [L]=SOFTLOCKUP
[  362.757552][T19425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  362.757559][T19425] Call Trace:
[  362.757564][T19425]  <TASK>
[  362.757568][T19425]  dump_stack_lvl+0x100/0x190
[  362.757590][T19425]  should_fail_ex.cold+0x5/0xa
[  362.757605][T19425]  should_failslab+0xc2/0x120
[  362.757622][T19425]  __kvmalloc_node_noprof+0xfa/0xa00
[  362.757637][T19425]  ? bpf_test_run_xdp_live+0x13a/0x760
[  362.757656][T19425]  ? lockdep_hardirqs_on+0x78/0x100
[  362.757670][T19425]  bpf_test_run_xdp_live+0x13a/0x760
[  362.757689][T19425]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  362.757709][T19425]  ? mark_held_locks+0x40/0x70
[  362.757726][T19425]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  362.757746][T19425]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  362.757773][T19425]  ? 0xffffffffa0206480
[  362.757782][T19425]  ? 0xffffffffa0206480
[  362.757791][T19425]  ? 0xffffffffa0206480
[  362.757799][T19425]  ? bpf_dispatcher_change_prog+0x2dc/0xa60
[  362.757821][T19425]  bpf_prog_test_run_xdp+0xd7d/0x1670
[  362.757838][T19425]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  362.757853][T19425]  ? fput+0x79/0x100
[  362.757864][T19425]  ? __bpf_prog_get+0x97/0x2a0
[  362.757878][T19425]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  362.757890][T19425]  __sys_bpf+0x1725/0x4b90
[  362.757902][T19425]  ? __pfx___sys_bpf+0x10/0x10
[  362.757912][T19425]  ? proc_fail_nth_write+0x9f/0x220
[  362.757924][T19425]  ? find_held_lock+0x2b/0x80
[  362.757940][T19425]  ? find_held_lock+0x2b/0x80
[  362.757953][T19425]  ? ksys_write+0x190/0x250
[  362.757971][T19425]  ? __mutex_unlock_slowpath+0x15c/0x790
[  362.757984][T19425]  ? __fget_files+0x215/0x3d0
[  362.758007][T19425]  ? fput+0x79/0x100
[  362.758018][T19425]  ? ksys_write+0x1ac/0x250
[  362.758032][T19425]  ? __pfx_ksys_write+0x10/0x10
[  362.758050][T19425]  __x64_sys_bpf+0x7b/0xc0
[  362.758061][T19425]  ? lockdep_hardirqs_on+0x78/0x100
[  362.758072][T19425]  do_syscall_64+0x106/0xf80
[  362.758083][T19425]  ? clear_bhb_loop+0x40/0x90
[  362.758097][T19425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.758113][T19425] RIP: 0033:0x7f2cc1b9bf79
[  362.758139][T19425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  362.758150][T19425] RSP: 002b:00007f2cc2ad4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  362.758162][T19425] RAX: ffffffffffffffda RBX: 00007f2cc1e15fa0 RCX: 00007f2cc1b9bf79
[  362.758169][T19425] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  362.758175][T19425] RBP: 00007f2cc2ad4090 R08: 0000000000000000 R09: 0000000000000000
[  362.758182][T19425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  362.758188][T19425] R13: 00007f2cc1e16038 R14: 00007f2cc1e15fa0 R15: 00007ffd195073a8
[  362.758202][T19425]  </TASK>
[  362.987428][T19428] netlink: 104 bytes leftover after parsing attributes in process `syz.6.4519'.
[  363.283368][T19438] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  363.495441][T19440] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.581727][T19440] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.642306][T19440] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.713949][T19440] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.895095][T14544] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  363.909919][T14544] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  363.926089][T14550] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  363.938595][T14550] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  374.042453][ T5929] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  374.052136][ T5929] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  374.055849][ T5929] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  374.059220][ T5929] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  374.062051][ T5929] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  374.193431][T19518] chnl_net:caif_netlink_parms(): no params data found
[  374.244454][T19518] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.246809][T19518] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.249104][T19518] bridge_slave_0: entered allmulticast mode
[  374.251843][T19518] bridge_slave_0: entered promiscuous mode
[  374.254945][T19518] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.257194][T19518] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.259525][T19518] bridge_slave_1: entered allmulticast mode
[  374.262223][T19518] bridge_slave_1: entered promiscuous mode
[  374.316164][T19518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.320566][T19518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.336334][T19518] team0: Port device team_slave_0 added
[  374.339480][T19518] team0: Port device team_slave_1 added
[  374.353238][T19518] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.355476][T19518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  374.363965][T19518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.368220][T19518] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.370472][T19518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  374.378942][T19518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.400267][T19518] hsr_slave_0: entered promiscuous mode
[  374.402720][T19518] hsr_slave_1: entered promiscuous mode
[  374.404838][T19518] debugfs: 'hsr0' already exists in 'hsr'
[  374.406798][T19518] Cannot create hsr debugfs directory
[  374.688971][T14556] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.825640][T14556] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  374.893065][T14556] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.052904][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  375.058644][ T5939] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  375.071086][ T5939] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  375.074287][ T5939] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  375.076864][ T5939] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  375.085689][T14556] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  375.243892][T19544] chnl_net:caif_netlink_parms(): no params data found
[  375.277866][T19518] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  375.289531][T19518] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  375.300217][T19518] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  375.306906][T19518] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  375.402729][T19544] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.404954][T19544] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.407202][T19544] bridge_slave_0: entered allmulticast mode
[  375.412875][T19544] bridge_slave_0: entered promiscuous mode
[  375.444608][T19544] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.446940][T19544] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.449237][T19544] bridge_slave_1: entered allmulticast mode
[  375.452925][T19544] bridge_slave_1: entered promiscuous mode
[  375.587607][T14556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.604445][T14556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.671946][T14556] bond0 (unregistering): Released all slaves
[  375.704848][T19544] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.712092][T19518] 8021q: adding VLAN 0 to HW filter on device bond0
[  375.715375][T19544] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  375.735115][T19518] 8021q: adding VLAN 0 to HW filter on device team0
[  375.740335][T19544] team0: Port device team_slave_0 added
[  375.757126][T14544] bridge0: port 1(bridge_slave_0) entered blocking state
[  375.759373][T14544] bridge0: port 1(bridge_slave_0) entered forwarding state
[  375.766740][T19544] team0: Port device team_slave_1 added
[  375.770788][T14543] bridge0: port 2(bridge_slave_1) entered blocking state
[  375.773044][T14543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  375.805919][T19544] batman_adv: batadv0: Adding interface: batadv_slave_0
[  375.808115][T19544] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  375.816261][T19544] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  375.820701][T19544] batman_adv: batadv0: Adding interface: batadv_slave_1
[  375.824706][T19544] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  375.834872][T19544] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  375.984763][T19544] hsr_slave_0: entered promiscuous mode
[  375.987533][T19544] hsr_slave_1: entered promiscuous mode
[  375.990141][T19544] debugfs: 'hsr0' already exists in 'hsr'
[  376.000955][T19544] Cannot create hsr debugfs directory
[  376.131060][ T5939] Bluetooth: hci1: command tx timeout
[  376.223414][T19518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  376.242339][T19518] veth0_vlan: entered promiscuous mode
[  376.246875][T19518] veth1_vlan: entered promiscuous mode
[  376.260105][T19518] veth0_macvtap: entered promiscuous mode
[  376.266499][T19518] veth1_macvtap: entered promiscuous mode
[  376.276575][T19518] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.296582][T19518] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.309717][T14548] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  376.322769][T14556] hsr_slave_0: left promiscuous mode
[  376.324982][T14556] hsr_slave_1: left promiscuous mode
[  376.327038][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  376.329364][T14556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  376.337249][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  376.339666][T14556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  376.347604][T14556] veth1_macvtap: left promiscuous mode
[  376.349385][T14556] veth0_macvtap: left promiscuous mode
[  376.351433][T14556] veth1_vlan: left promiscuous mode
[  376.353072][T14556] veth0_vlan: left promiscuous mode
[  376.463578][T14556] team0 (unregistering): Port device team_slave_1 removed
[  376.470034][T14556] team0 (unregistering): Port device team_slave_0 removed
[  376.540861][T14548] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  376.544059][T14548] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  376.546800][T14548] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  376.590089][T14548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.602350][T14548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.618482][T14549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  376.623696][T14549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  376.754731][ T5929] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  376.759179][ T5929] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  376.765297][ T5929] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  376.776203][ T5929] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  376.779195][ T5929] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  376.906596][T19621] chnl_net:caif_netlink_parms(): no params data found
[  376.931015][ T6163] usb 6-1: new low-speed USB device number 13 using dummy_hcd
[  376.990108][T19621] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.992554][T19621] bridge0: port 1(bridge_slave_0) entered disabled state
[  376.994897][T19621] bridge_slave_0: entered allmulticast mode
[  376.997603][T19621] bridge_slave_0: entered promiscuous mode
[  377.000739][T19621] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.003178][T19621] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.005723][T19621] bridge_slave_1: entered allmulticast mode
[  377.008908][T19621] bridge_slave_1: entered promiscuous mode
[  377.030814][T19621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  377.065079][T19621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  377.084803][T19621] team0: Port device team_slave_0 added
[  377.088418][T19621] team0: Port device team_slave_1 added
[  377.096395][ T6163] usb 6-1: unable to get BOS descriptor or descriptor too short
[  377.098866][ T6163] usb 6-1: no configurations
[  377.100357][ T6163] usb 6-1: can't read configurations, error -22
[  377.110436][T19621] batman_adv: batadv0: Adding interface: batadv_slave_0
[  377.114415][T19621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  377.122731][T19621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  377.127008][T19621] batman_adv: batadv0: Adding interface: batadv_slave_1
[  377.129236][T19621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  377.137552][T19621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  377.162146][T19621] hsr_slave_0: entered promiscuous mode
[  377.164486][T19621] hsr_slave_1: entered promiscuous mode
[  377.166654][T19621] debugfs: 'hsr0' already exists in 'hsr'
[  377.168499][T19621] Cannot create hsr debugfs directory
[  377.181192][ T5939] Bluetooth: hci0: command tx timeout
[  377.529282][T14556] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.615914][T14556] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.645468][T19653] befs: (nullb0): No write support. Marking filesystem read-only
[  377.655622][T19653] befs: (nullb0): invalid magic header
[  377.706577][T14556] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.716190][T19661] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  377.836025][T14556] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  377.861132][T19671] netlink: 'syz.1.4531': attribute type 10 has an invalid length.
[  377.863636][T19671] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4531'.
[  377.866422][T19671] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  377.868671][T19671] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  377.872061][T19671] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  378.028761][T19621] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.211842][ T5939] Bluetooth: hci1: command tx timeout
[  378.219691][T14556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.244189][T14556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.282445][T14556] bond0 (unregistering): Released all slaves
[  378.286784][T14556] bond1 (unregistering): Released all slaves
[  378.313609][T19621] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.458552][T19621] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.531538][T19621] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.851276][ T5939] Bluetooth: hci2: command tx timeout
[  378.950682][T19544] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  378.963764][T19544] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  378.974317][T19544] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  378.989699][T19544] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  379.052574][T14556] hsr_slave_0: left promiscuous mode
[  379.054703][T14556] hsr_slave_1: left promiscuous mode
[  379.056787][T14556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  379.059458][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  379.061924][T14556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  379.073420][T14556] veth1_macvtap: left promiscuous mode
[  379.075373][T14556] veth0_macvtap: left promiscuous mode
[  379.077215][T14556] veth1_vlan: left promiscuous mode
[  379.078908][T14556] veth0_vlan: left promiscuous mode
[  379.219925][T14556] team0 (unregistering): Port device team_slave_1 removed
[  379.236581][T14556] team0 (unregistering): Port device team_slave_0 removed
[  379.251101][ T5939] Bluetooth: hci0: command tx timeout
[  379.328609][T19621] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  379.339013][T19621] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  379.346750][T19621] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  379.356633][T19621] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  379.406422][T19544] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.422560][T19544] 8021q: adding VLAN 0 to HW filter on device team0
[  379.436417][T14550] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.438735][T14550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.451872][T14550] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.454184][T14550] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.476903][T19621] 8021q: adding VLAN 0 to HW filter on device bond0
[  379.509303][T19621] 8021q: adding VLAN 0 to HW filter on device team0
[  379.517613][T14543] bridge0: port 1(bridge_slave_0) entered blocking state
[  379.519906][T14543] bridge0: port 1(bridge_slave_0) entered forwarding state
[  379.533252][T14543] bridge0: port 2(bridge_slave_1) entered blocking state
[  379.535539][T14543] bridge0: port 2(bridge_slave_1) entered forwarding state
[  379.557795][T19621] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  379.561677][T19621] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  379.623754][T19544] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.687050][T19544] veth0_vlan: entered promiscuous mode
[  379.694042][T19544] veth1_vlan: entered promiscuous mode
[  379.709491][T19544] veth0_macvtap: entered promiscuous mode
[  379.714750][T19544] veth1_macvtap: entered promiscuous mode
[  379.749280][T19544] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.758635][T19544] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.769083][T14544] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  379.781055][T14544] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  379.785073][T19621] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.787826][T14544] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  379.790722][T14544] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.038412][ T5929] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  380.042957][ T5929] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  380.045705][ T5929] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  380.048290][ T5929] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  380.050731][ T5929] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  380.078556][T14556] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.139441][T14556] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.163128][T14555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.165378][T14555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.187310][T14549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.189604][T14549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.215964][T14556] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.286865][T19621] veth0_vlan: entered promiscuous mode
[  380.291534][ T5929] Bluetooth: hci1: command tx timeout
[  380.294302][T19621] veth1_vlan: entered promiscuous mode
[  380.302382][T14556] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.318328][T19761] chnl_net:caif_netlink_parms(): no params data found
[  380.361219][T19621] veth0_macvtap: entered promiscuous mode
[  380.376825][T19621] veth1_macvtap: entered promiscuous mode
[  380.401572][T19621] batman_adv: batadv0: Interface activated: batadv_slave_0
[  380.407968][T19621] batman_adv: batadv0: Interface activated: batadv_slave_1
[  380.433557][T14543] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.447357][T14543] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.461796][T19761] bridge0: port 1(bridge_slave_0) entered blocking state
[  380.464659][T19761] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.467011][T19761] bridge_slave_0: entered allmulticast mode
[  380.470385][T19761] bridge_slave_0: entered promiscuous mode
[  380.484629][T14543] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.488162][T19790] netlink: 'syz.2.4536': attribute type 18 has an invalid length.
[  380.490447][T19790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4536'.
[  380.491714][T14543] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.495823][T19761] bridge0: port 2(bridge_slave_1) entered blocking state
[  380.498082][T19761] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.500467][T19761] bridge_slave_1: entered allmulticast mode
[  380.503530][T19761] bridge_slave_1: entered promiscuous mode
[  380.533506][T14543] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  380.536329][T14543] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  380.539062][T14543] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  380.541151][T19790] netlink: 'syz.2.4536': attribute type 18 has an invalid length.
[  380.545070][T19790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4536'.
[  380.551398][T19761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  380.569760][T14543] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  380.577643][T19761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  380.610533][T19790] Cannot find add_set index 0 as target
[  380.610812][T19761] team0: Port device team_slave_0 added
[  380.631057][T14543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.633316][T14543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.634084][T19761] team0: Port device team_slave_1 added
[  380.668363][T19761] batman_adv: batadv0: Adding interface: batadv_slave_0
[  380.670795][T19761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  380.680558][T19761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  380.705269][T19761] batman_adv: batadv0: Adding interface: batadv_slave_1
[  380.707735][T19761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  380.717026][T19761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  380.730079][T14556] bridge_slave_1: left allmulticast mode
[  380.732039][T14556] bridge_slave_1: left promiscuous mode
[  380.733892][T14556] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.737449][T14556] bridge_slave_0: left allmulticast mode
[  380.739258][T14556] bridge_slave_0: left promiscuous mode
[  380.742568][T14556] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.867538][T19797] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  380.931011][ T5929] Bluetooth: hci2: command tx timeout
[  381.017440][T14556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  381.073606][T14556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  381.114861][T14556] bond0 (unregistering): Released all slaves
[  381.127216][T14549] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.130562][T14549] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.178612][T19761] hsr_slave_0: entered promiscuous mode
[  381.183513][T19761] hsr_slave_1: entered promiscuous mode
[  381.185674][T19761] debugfs: 'hsr0' already exists in 'hsr'
[  381.191399][T19761] Cannot create hsr debugfs directory
[  381.213886][T14556] tipc: Disabling bearer <udp:syz0>
[  381.218369][T14556] tipc: Left network mode
[  381.331206][ T5929] Bluetooth: hci0: command tx timeout
[  381.450169][   T41] audit: type=1400 audit(2000000429.065:33040): avc:  denied  { bind } for  pid=19816 comm="syz.7.4542" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  381.586024][T19832] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  381.672592][T19837] FAULT_INJECTION: forcing a failure.
[  381.672592][T19837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  381.676410][T19837] CPU: 3 UID: 0 PID: 19837 Comm: syz.7.4545 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  381.676429][T19837] Tainted: [L]=SOFTLOCKUP
[  381.676433][T19837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  381.676440][T19837] Call Trace:
[  381.676445][T19837]  <TASK>
[  381.676450][T19837]  dump_stack_lvl+0x100/0x190
[  381.676471][T19837]  should_fail_ex.cold+0x5/0xa
[  381.676486][T19837]  _copy_from_user+0x2e/0xd0
[  381.676504][T19837]  snd_pcm_oss_write2+0x1c2/0x400
[  381.676521][T19837]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  381.676548][T19837]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  381.676571][T19837]  snd_pcm_oss_write+0x729/0xa30
[  381.676588][T19837]  ? security_file_permission+0x76/0x210
[  381.676606][T19837]  vfs_write+0x2aa/0x1070
[  381.676622][T19837]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  381.676639][T19837]  ? __pfx_vfs_write+0x10/0x10
[  381.676653][T19837]  ? find_held_lock+0x2b/0x80
[  381.676667][T19837]  ? __fget_files+0x215/0x3d0
[  381.676684][T19837]  ? __fget_files+0x215/0x3d0
[  381.676703][T19837]  ? __fget_files+0x21f/0x3d0
[  381.676724][T19837]  ksys_write+0x12a/0x250
[  381.676740][T19837]  ? __pfx_ksys_write+0x10/0x10
[  381.676759][T19837]  do_syscall_64+0x106/0xf80
[  381.676770][T19837]  ? clear_bhb_loop+0x40/0x90
[  381.676784][T19837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.676796][T19837] RIP: 0033:0x7fddd159bf79
[  381.676807][T19837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  381.676820][T19837] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  381.676835][T19837] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  381.676842][T19837] RDX: 000000000000fc36 RSI: 0000200000000500 RDI: 0000000000000003
[  381.676849][T19837] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  381.676856][T19837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  381.676862][T19837] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  381.676877][T19837]  </TASK>
[  381.765012][T14556] hsr_slave_0: left promiscuous mode
[  381.767943][T14556] hsr_slave_1: left promiscuous mode
[  381.769919][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.772482][T14556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  381.775381][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  381.777522][T14556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  381.796128][T14556] veth1_macvtap: left promiscuous mode
[  381.797817][T14556] veth0_macvtap: left promiscuous mode
[  381.799516][T14556] veth1_vlan: left promiscuous mode
[  381.801352][T14556] veth0_vlan: left promiscuous mode
[  381.884446][T19852] netlink: 40 bytes leftover after parsing attributes in process `syz.7.4549'.
[  381.887344][T19852] nbd: must specify at least one socket
[  382.131073][ T5929] Bluetooth: hci4: command tx timeout
[  382.371122][ T5929] Bluetooth: hci1: command tx timeout
[  382.491785][T14556] team0 (unregistering): Port device team_slave_1 removed
[  382.498486][T14556] team0 (unregistering): Port device team_slave_0 removed
[  382.568399][T19859] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  383.011241][ T5929] Bluetooth: hci2: command tx timeout
[  383.279654][T14556] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.316511][T19761] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  383.322285][T19761] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  383.327578][T19761] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  383.333055][T19761] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  383.379581][T19761] 8021q: adding VLAN 0 to HW filter on device bond0
[  383.393229][T19761] 8021q: adding VLAN 0 to HW filter on device team0
[  383.404433][T14556] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.414751][T14548] bridge0: port 1(bridge_slave_0) entered blocking state
[  383.414791][ T5929] Bluetooth: hci0: command tx timeout
[  383.417044][T14548] bridge0: port 1(bridge_slave_0) entered forwarding state
[  383.422621][T14548] bridge0: port 2(bridge_slave_1) entered blocking state
[  383.424898][T14548] bridge0: port 2(bridge_slave_1) entered forwarding state
[  383.474885][T14556] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.534651][T19761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  383.539936][T14556] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.680107][T19761] veth0_vlan: entered promiscuous mode
[  383.708966][T19761] veth1_vlan: entered promiscuous mode
[  383.738726][T19761] veth0_macvtap: entered promiscuous mode
[  383.905611][T14556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.925191][T14556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.951984][T14556] bond0 (unregistering): Released all slaves
[  383.958121][T19761] veth1_macvtap: entered promiscuous mode
[  383.967212][T19761] batman_adv: batadv0: Interface activated: batadv_slave_0
[  383.972524][T19761] batman_adv: batadv0: Interface activated: batadv_slave_1
[  383.978006][T14548] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  383.983738][T14548] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  383.986577][T14548] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  383.989631][T14548] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.058496][T14548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.061977][T14548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.077555][T14548] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  384.080117][T14548] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  384.211103][ T5929] Bluetooth: hci4: command tx timeout
[  384.485749][T19972] binder: 19971:19972 ioctl c018620c 200000000040 returned -22
[  384.492482][T19959] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.566707][T14556] hsr_slave_0: left promiscuous mode
[  384.569714][T14556] hsr_slave_1: left promiscuous mode
[  384.571997][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  384.574359][T14556] batman_adv: batadv0: Removing interface: batadv_slave_0
[  384.578039][T14556] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  384.581274][T14556] batman_adv: batadv0: Removing interface: batadv_slave_1
[  384.587277][T14556] veth1_macvtap: left promiscuous mode
[  384.589079][T14556] veth0_macvtap: left promiscuous mode
[  384.590975][T14556] veth1_vlan: left promiscuous mode
[  384.592726][T14556] veth0_vlan: left promiscuous mode
[  384.707099][T14556] team0 (unregistering): Port device team_slave_1 removed
[  384.714240][T14556] team0 (unregistering): Port device team_slave_0 removed
[  384.778649][T19959] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.785308][   T10] usb 12-1: new low-speed USB device number 11 using dummy_hcd
[  384.873605][T19959] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.959705][   T10] usb 12-1: unable to get BOS descriptor or descriptor too short
[  384.964300][   T10] usb 12-1: no configurations
[  384.965992][   T10] usb 12-1: can't read configurations, error -22
[  385.093398][ T5929] Bluetooth: hci2: command tx timeout
[  385.448651][T20007] vlan2: entered promiscuous mode
[  385.450350][T20007] bridge0: entered promiscuous mode
[  385.514858][T20010] kernel profiling enabled (shift: 63)
[  385.516097][   T41] audit: type=1804 audit(2000000433.135:33041): pid=20013 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4566" name="bus" dev="ramfs" ino=92844 res=1 errno=0
[  385.516847][T20010] profiling shift: 63 too large
[  385.541423][   T41] audit: type=1804 audit(2000000433.135:33042): pid=20013 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.7.4566" name="bus" dev="ramfs" ino=92844 res=1 errno=0
[  385.562634][T20015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4567'.
[  385.573747][T20017] FAULT_INJECTION: forcing a failure.
[  385.573747][T20017] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  385.577868][T20017] CPU: 0 UID: 0 PID: 20017 Comm: syz.7.4566 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  385.577886][T20017] Tainted: [L]=SOFTLOCKUP
[  385.577891][T20017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  385.577897][T20017] Call Trace:
[  385.577902][T20017]  <TASK>
[  385.577906][T20017]  dump_stack_lvl+0x100/0x190
[  385.577954][T20017]  should_fail_ex.cold+0x5/0xa
[  385.577967][T20017]  ? prepare_alloc_pages+0x16d/0x5f0
[  385.577986][T20017]  should_fail_alloc_page+0xeb/0x140
[  385.578004][T20017]  prepare_alloc_pages+0x1f0/0x5f0
[  385.578024][T20017]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  385.578039][T20017]  ? kmem_cache_alloc_lru_noprof+0x297/0x6e0
[  385.578053][T20017]  ? xas_alloc+0x350/0x460
[  385.578066][T20017]  ? __lock_acquire+0x4a5/0x2630
[  385.578084][T20017]  ? css_rstat_updated+0x1ce/0x5a0
[  385.578100][T20017]  ? __pfx_css_rstat_updated+0x10/0x10
[  385.578116][T20017]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  385.578134][T20017]  ? rcu_is_watching+0x12/0xc0
[  385.578150][T20017]  ? __lock_acquire+0x4a5/0x2630
[  385.578168][T20017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  385.578184][T20017]  ? policy_nodemask+0xed/0x4f0
[  385.578201][T20017]  alloc_pages_mpol+0x1fb/0x550
[  385.578218][T20017]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  385.578234][T20017]  ? find_held_lock+0x2b/0x80
[  385.578247][T20017]  ? filemap_get_read_batch+0x30a/0xa60
[  385.578261][T20017]  ? filemap_get_read_batch+0x30a/0xa60
[  385.578284][T20017]  folio_alloc_noprof+0x22/0x330
[  385.578301][T20017]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  385.578332][T20017]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  385.578360][T20017]  ? page_cache_sync_ra+0x1bb/0xb10
[  385.578383][T20017]  filemap_get_pages+0x898/0x2050
[  385.578411][T20017]  ? folios_put_refs+0x66d/0x840
[  385.578433][T20017]  ? __pfx_filemap_get_pages+0x10/0x10
[  385.578459][T20017]  ? __pfx___might_resched+0x10/0x10
[  385.578482][T20017]  filemap_splice_read+0x46e/0xc80
[  385.578514][T20017]  ? __pfx_filemap_splice_read+0x10/0x10
[  385.578558][T20017]  ? trace_kmalloc+0x101/0x130
[  385.578583][T20017]  ? lockdep_init_map_type+0x5c/0x250
[  385.578608][T20017]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  385.578632][T20017]  ? __pfx_filemap_splice_read+0x10/0x10
[  385.578655][T20017]  do_splice_read+0x285/0x370
[  385.578680][T20017]  splice_direct_to_actor+0x2a1/0xa30
[  385.578704][T20017]  ? __pfx_direct_splice_actor+0x10/0x10
[  385.578735][T20017]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  385.578767][T20017]  do_splice_direct+0x174/0x240
[  385.578793][T20017]  ? __pfx_do_splice_direct+0x10/0x10
[  385.578816][T20017]  ? avc_policy_seqno+0x9/0x20
[  385.578842][T20017]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  385.578871][T20017]  ? rw_verify_area+0xce/0x6d0
[  385.578895][T20017]  do_sendfile+0xadc/0xe20
[  385.578921][T20017]  ? __pfx_do_sendfile+0x10/0x10
[  385.578951][T20017]  ? __fget_files+0x21f/0x3d0
[  385.578981][T20017]  __x64_sys_sendfile64+0x1d8/0x220
[  385.579006][T20017]  ? ksys_write+0x1ac/0x250
[  385.579028][T20017]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  385.579062][T20017]  do_syscall_64+0x106/0xf80
[  385.579080][T20017]  ? clear_bhb_loop+0x40/0x90
[  385.579102][T20017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.579119][T20017] RIP: 0033:0x7fddd159bf79
[  385.579136][T20017] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  385.579152][T20017] RSP: 002b:00007fddd2467028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  385.579169][T20017] RAX: ffffffffffffffda RBX: 00007fddd1816090 RCX: 00007fddd159bf79
[  385.579181][T20017] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  385.579191][T20017] RBP: 00007fddd2467090 R08: 0000000000000000 R09: 0000000000000000
[  385.579201][T20017] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000001
[  385.579212][T20017] R13: 00007fddd1816128 R14: 00007fddd1816090 R15: 00007ffd983bd9c8
[  385.579236][T20017]  </TASK>
[  385.592080][T20015] pim6reg: entered allmulticast mode
[  385.701957][T20019] cgroup: subsys name conflicts with all
[  385.763398][T20015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4567'.
[  386.051387][T19959] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.291039][ T5929] Bluetooth: hci4: command tx timeout
[  386.467770][T20031] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  386.564505][T20038] binder: 20037:20038 ioctl c018620c 200000000040 returned -1
[  386.638636][T20043] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  386.647958][T20045] FAULT_INJECTION: forcing a failure.
[  386.647958][T20045] name failslab, interval 1, probability 0, space 0, times 0
[  386.652078][T20045] CPU: 1 UID: 0 PID: 20045 Comm: syz.7.4573 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  386.652096][T20045] Tainted: [L]=SOFTLOCKUP
[  386.652101][T20045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  386.652107][T20045] Call Trace:
[  386.652112][T20045]  <TASK>
[  386.652116][T20045]  dump_stack_lvl+0x100/0x190
[  386.652139][T20045]  should_fail_ex.cold+0x5/0xa
[  386.652154][T20045]  ? tomoyo_realpath_from_path+0xb6/0x690
[  386.652169][T20045]  should_failslab+0xc2/0x120
[  386.652186][T20045]  __kmalloc_noprof+0xe0/0x850
[  386.652203][T20045]  tomoyo_realpath_from_path+0xb6/0x690
[  386.652221][T20045]  tomoyo_path_number_perm+0x23c/0x580
[  386.652233][T20045]  ? tomoyo_path_number_perm+0x22e/0x580
[  386.652246][T20045]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  386.652272][T20045]  ? find_held_lock+0x2b/0x80
[  386.652286][T20045]  ? __fget_files+0x215/0x3d0
[  386.652302][T20045]  ? hook_file_ioctl_common+0x146/0x410
[  386.652322][T20045]  ? __fget_files+0x21f/0x3d0
[  386.652342][T20045]  security_file_ioctl+0xd3/0x230
[  386.652356][T20045]  __x64_sys_ioctl+0xb7/0x210
[  386.652372][T20045]  do_syscall_64+0x106/0xf80
[  386.652383][T20045]  ? clear_bhb_loop+0x40/0x90
[  386.652398][T20045]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.652409][T20045] RIP: 0033:0x7fddd159bf79
[  386.652419][T20045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  386.652430][T20045] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.652441][T20045] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  386.652449][T20045] RDX: 0000200000000080 RSI: 0000000040045612 RDI: 0000000000000003
[  386.652455][T20045] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  386.652462][T20045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.652468][T20045] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  386.652482][T20045]  </TASK>
[  386.652487][T20045] ERROR: Out of memory at tomoyo_realpath_from_path.
[  386.961459][T20055] FAULT_INJECTION: forcing a failure.
[  386.961459][T20055] name failslab, interval 1, probability 0, space 0, times 0
[  386.965429][T20055] CPU: 1 UID: 0 PID: 20055 Comm: syz.7.4577 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  386.965448][T20055] Tainted: [L]=SOFTLOCKUP
[  386.965452][T20055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  386.965460][T20055] Call Trace:
[  386.965465][T20055]  <TASK>
[  386.965470][T20055]  dump_stack_lvl+0x100/0x190
[  386.965492][T20055]  should_fail_ex.cold+0x5/0xa
[  386.965507][T20055]  should_failslab+0xc2/0x120
[  386.965524][T20055]  __kvmalloc_node_noprof+0xfa/0xa00
[  386.965538][T20055]  ? page_pool_create_percpu+0x2e0/0xcd0
[  386.965556][T20055]  page_pool_create_percpu+0x2e0/0xcd0
[  386.965572][T20055]  bpf_test_run_xdp_live+0x192/0x760
[  386.965591][T20055]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  386.965611][T20055]  ? mark_held_locks+0x40/0x70
[  386.965628][T20055]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  386.965649][T20055]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  386.965676][T20055]  ? 0xffffffffa0206480
[  386.965685][T20055]  ? 0xffffffffa0206480
[  386.965694][T20055]  ? 0xffffffffa0206480
[  386.965702][T20055]  ? bpf_dispatcher_change_prog+0x2dc/0xa60
[  386.965724][T20055]  bpf_prog_test_run_xdp+0xd7d/0x1670
[  386.965741][T20055]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  386.965756][T20055]  ? fput+0x79/0x100
[  386.965767][T20055]  ? __bpf_prog_get+0x97/0x2a0
[  386.965782][T20055]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  386.965793][T20055]  __sys_bpf+0x1725/0x4b90
[  386.965806][T20055]  ? __pfx___sys_bpf+0x10/0x10
[  386.965815][T20055]  ? proc_fail_nth_write+0x9f/0x220
[  386.965827][T20055]  ? find_held_lock+0x2b/0x80
[  386.965844][T20055]  ? find_held_lock+0x2b/0x80
[  386.965857][T20055]  ? ksys_write+0x190/0x250
[  386.965876][T20055]  ? __mutex_unlock_slowpath+0x15c/0x790
[  386.965889][T20055]  ? __fget_files+0x215/0x3d0
[  386.965929][T20055]  ? fput+0x79/0x100
[  386.965939][T20055]  ? ksys_write+0x1ac/0x250
[  386.965958][T20055]  ? __pfx_ksys_write+0x10/0x10
[  386.965976][T20055]  __x64_sys_bpf+0x7b/0xc0
[  386.965987][T20055]  ? lockdep_hardirqs_on+0x78/0x100
[  386.965998][T20055]  do_syscall_64+0x106/0xf80
[  386.966009][T20055]  ? clear_bhb_loop+0x40/0x90
[  386.966023][T20055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  386.966035][T20055] RIP: 0033:0x7fddd159bf79
[  386.966046][T20055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  386.966058][T20055] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  386.966069][T20055] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  386.966077][T20055] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  386.966083][T20055] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  386.966090][T20055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.966096][T20055] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  386.966110][T20055]  </TASK>
[  386.966115][T20055] page_pool_create_percpu() gave up with errno -12
[  386.971410][   T10] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  387.196669][   T41] audit: type=1804 audit(2000000434.815:33043): pid=20061 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4579" name="bus" dev="ramfs" ino=92895 res=1 errno=0
[  387.228586][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  387.232930][   T10] usb 7-1: no configurations
[  387.234860][   T10] usb 7-1: can't read configurations, error -22
[  387.502237][T20064] vlan2: entered promiscuous mode
[  387.504354][T20064] bridge0: entered promiscuous mode
[  387.665560][T20074] binder: 20073:20074 ioctl c018620c 200000000040 returned -1
[  387.731119][T20077] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4583'.
[  387.810628][T20084] bridge1: entered promiscuous mode
[  387.837311][T14556] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.845861][T14556] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.855960][T14556] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.863894][T14556] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  388.053954][T20104] binder: 20103:20104 ioctl c018620c 200000000040 returned -1
[  388.103476][T20108] FAULT_INJECTION: forcing a failure.
[  388.103476][T20108] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  388.107605][T20108] CPU: 1 UID: 0 PID: 20108 Comm: syz.2.4593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  388.107623][T20108] Tainted: [L]=SOFTLOCKUP
[  388.107627][T20108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  388.107635][T20108] Call Trace:
[  388.107639][T20108]  <TASK>
[  388.107644][T20108]  dump_stack_lvl+0x100/0x190
[  388.107665][T20108]  should_fail_ex.cold+0x5/0xa
[  388.107681][T20108]  _copy_from_user+0x2e/0xd0
[  388.107699][T20108]  snd_pcm_oss_write2+0x1c2/0x400
[  388.107717][T20108]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  388.107731][T20108]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  388.107753][T20108]  snd_pcm_oss_write+0x729/0xa30
[  388.107770][T20108]  ? security_file_permission+0x76/0x210
[  388.107789][T20108]  vfs_write+0x2aa/0x1070
[  388.107819][T20108]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  388.107836][T20108]  ? __pfx_vfs_write+0x10/0x10
[  388.107850][T20108]  ? find_held_lock+0x2b/0x80
[  388.107864][T20108]  ? __fget_files+0x215/0x3d0
[  388.107881][T20108]  ? __fget_files+0x215/0x3d0
[  388.107900][T20108]  ? __fget_files+0x21f/0x3d0
[  388.107924][T20108]  ksys_write+0x12a/0x250
[  388.107939][T20108]  ? __pfx_ksys_write+0x10/0x10
[  388.107959][T20108]  do_syscall_64+0x106/0xf80
[  388.107970][T20108]  ? clear_bhb_loop+0x40/0x90
[  388.107984][T20108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.107996][T20108] RIP: 0033:0x7fb37079bf79
[  388.108007][T20108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  388.108017][T20108] RSP: 002b:00007fb371724028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  388.108028][T20108] RAX: ffffffffffffffda RBX: 00007fb370a15fa0 RCX: 00007fb37079bf79
[  388.108036][T20108] RDX: 000000000000fc36 RSI: 0000200000000500 RDI: 0000000000000003
[  388.108042][T20108] RBP: 00007fb371724090 R08: 0000000000000000 R09: 0000000000000000
[  388.108049][T20108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  388.108056][T20108] R13: 00007fb370a16038 R14: 00007fb370a15fa0 R15: 00007fffbfc64ff8
[  388.108070][T20108]  </TASK>
[  388.241953][T20112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.247213][T20112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.320649][T20112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.324061][T20112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.381054][ T5929] Bluetooth: hci4: command tx timeout
[  388.396216][T20112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.399517][T20112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.425244][ T8510] usb 13-1: new low-speed USB device number 15 using dummy_hcd
[  388.495086][T20112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.498933][T20112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.612084][ T8510] usb 13-1: unable to get BOS descriptor or descriptor too short
[  388.614579][ T8510] usb 13-1: no configurations
[  388.616076][ T8510] usb 13-1: can't read configurations, error -22
[  388.645756][T14556] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  388.648360][T14556] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  388.658432][T14543] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  388.662537][T14543] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  388.674540][T14543] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  388.677108][T14543] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  388.685546][T14543] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  388.694981][T14543] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  388.841168][T20131] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4601'.
[  388.844104][T20131] nbd: must specify at least one socket
[  389.121551][T20141] FAULT_INJECTION: forcing a failure.
[  389.121551][T20141] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  389.125975][T20141] CPU: 3 UID: 0 PID: 20141 Comm: syz.2.4605 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  389.125994][T20141] Tainted: [L]=SOFTLOCKUP
[  389.125998][T20141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  389.126004][T20141] Call Trace:
[  389.126008][T20141]  <TASK>
[  389.126013][T20141]  dump_stack_lvl+0x100/0x190
[  389.126047][T20141]  should_fail_ex.cold+0x5/0xa
[  389.126060][T20141]  ? prepare_alloc_pages+0x16d/0x5f0
[  389.126079][T20141]  should_fail_alloc_page+0xeb/0x140
[  389.126097][T20141]  prepare_alloc_pages+0x1f0/0x5f0
[  389.126117][T20141]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  389.126132][T20141]  ? rcu_is_watching+0x12/0xc0
[  389.126147][T20141]  ? __lock_acquire+0x4a5/0x2630
[  389.126169][T20141]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  389.126185][T20141]  ? do_raw_spin_lock+0x128/0x260
[  389.126197][T20141]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  389.126209][T20141]  ? find_held_lock+0x2b/0x80
[  389.126227][T20141]  ? __lock_acquire+0x4a5/0x2630
[  389.126245][T20141]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  389.126261][T20141]  ? policy_nodemask+0xed/0x4f0
[  389.126279][T20141]  alloc_pages_mpol+0x1fb/0x550
[  389.126297][T20141]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  389.126313][T20141]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  389.126332][T20141]  folio_alloc_mpol_noprof+0x36/0x340
[  389.126352][T20141]  shmem_alloc_folio+0x135/0x160
[  389.126364][T20141]  shmem_alloc_and_add_folio+0x371/0xd40
[  389.126382][T20141]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  389.126398][T20141]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  389.126415][T20141]  shmem_get_folio_gfp+0x6ab/0x1900
[  389.126433][T20141]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  389.126448][T20141]  ? filemap_map_pages+0x9e0/0x2170
[  389.126465][T20141]  shmem_fault+0x1f9/0xa20
[  389.126478][T20141]  ? __lock_acquire+0x4a5/0x2630
[  389.126496][T20141]  ? __pfx_shmem_fault+0x10/0x10
[  389.126513][T20141]  ? __pfx_filemap_map_pages+0x10/0x10
[  389.126531][T20141]  __do_fault+0x10d/0x550
[  389.126548][T20141]  do_fault+0xaf9/0x1a00
[  389.126568][T20141]  __handle_mm_fault+0x180f/0x2b60
[  389.126585][T20141]  ? __pfx___handle_mm_fault+0x10/0x10
[  389.126598][T20141]  ? pte_offset_map_lock+0x174/0x320
[  389.126614][T20141]  ? find_held_lock+0x2b/0x80
[  389.126632][T20141]  ? follow_page_pte+0x5b3/0x1400
[  389.126653][T20141]  handle_mm_fault+0x36d/0xa20
[  389.126668][T20141]  __get_user_pages+0xf9c/0x34d0
[  389.126691][T20141]  ? __pfx___get_user_pages+0x10/0x10
[  389.126712][T20141]  populate_vma_page_range+0x267/0x3f0
[  389.126732][T20141]  ? __pfx_populate_vma_page_range+0x10/0x10
[  389.126750][T20141]  ? __pfx_find_vma_intersection+0x10/0x10
[  389.126768][T20141]  ? do_mmap+0x93f/0x12f0
[  389.126786][T20141]  __mm_populate+0x107/0x3a0
[  389.126805][T20141]  ? __pfx___mm_populate+0x10/0x10
[  389.126824][T20141]  ? up_write+0x290/0x4f0
[  389.126837][T20141]  vm_mmap_pgoff+0x37f/0x470
[  389.126856][T20141]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  389.126874][T20141]  ? __fget_files+0x21f/0x3d0
[  389.126896][T20141]  ksys_mmap_pgoff+0x7d/0x5b0
[  389.126912][T20141]  ? __pfx_ksys_write+0x10/0x10
[  389.126930][T20141]  __x64_sys_mmap+0x125/0x190
[  389.126947][T20141]  do_syscall_64+0x106/0xf80
[  389.126959][T20141]  ? clear_bhb_loop+0x40/0x90
[  389.126972][T20141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.126984][T20141] RIP: 0033:0x7fb37079bf79
[  389.126994][T20141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  389.127005][T20141] RSP: 002b:00007fb371724028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  389.127016][T20141] RAX: ffffffffffffffda RBX: 00007fb370a15fa0 RCX: 00007fb37079bf79
[  389.127023][T20141] RDX: 0000000003000001 RSI: 0000000000b36000 RDI: 0000200000000000
[  389.127029][T20141] RBP: 00007fb371724090 R08: ffffffffffffffff R09: 000000007fda8000
[  389.127036][T20141] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[  389.127042][T20141] R13: 00007fb370a16038 R14: 00007fb370a15fa0 R15: 00007fffbfc64ff8
[  389.127057][T20141]  </TASK>
[  389.206790][   T41] audit: type=1400 audit(2000000436.805:33044): avc:  denied  { connect } for  pid=20143 comm="syz.8.4606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  389.349186][T20147] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.352690][T20147] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.405340][T20147] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.408476][T20147] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.484370][T20147] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.487448][T20147] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.545651][T20147] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.548732][T20147] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.423980][T20171] binder: 20170:20171 ioctl c018620c 200000000040 returned -22
[  390.495211][T20176] netlink: 212376 bytes leftover after parsing attributes in process `syz.8.4618'.
[  390.581158][   T41] audit: type=1400 audit(2000000438.195:33045): avc:  denied  { listen } for  pid=20179 comm="syz.8.4620" path=2F31372F66696C6530202864656C6574656429 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  390.626518][T20184] vlan2: entered promiscuous mode
[  390.628243][T20184] bridge0: entered promiscuous mode
[  390.641472][   T39] usb 12-1: new low-speed USB device number 13 using dummy_hcd
[  390.665343][   T41] audit: type=1804 audit(2000000438.285:33046): pid=20186 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.8.4623" name="bus" dev="ramfs" ino=92085 res=1 errno=0
[  390.675554][   T41] audit: type=1804 audit(2000000438.295:33047): pid=20186 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.8.4623" name="bus" dev="ramfs" ino=92085 res=1 errno=0
[  390.727576][T20187] FAULT_INJECTION: forcing a failure.
[  390.727576][T20187] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  390.732248][T20187] CPU: 2 UID: 0 PID: 20187 Comm: syz.8.4623 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  390.732266][T20187] Tainted: [L]=SOFTLOCKUP
[  390.732271][T20187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  390.732277][T20187] Call Trace:
[  390.732281][T20187]  <TASK>
[  390.732286][T20187]  dump_stack_lvl+0x100/0x190
[  390.732307][T20187]  should_fail_ex.cold+0x5/0xa
[  390.732320][T20187]  ? prepare_alloc_pages+0x16d/0x5f0
[  390.732339][T20187]  should_fail_alloc_page+0xeb/0x140
[  390.732357][T20187]  prepare_alloc_pages+0x1f0/0x5f0
[  390.732377][T20187]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  390.732393][T20187]  ? __lock_acquire+0x4a5/0x2630
[  390.732416][T20187]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  390.732432][T20187]  ? find_held_lock+0x2b/0x80
[  390.732445][T20187]  ? is_bpf_text_address+0x8a/0x1a0
[  390.732460][T20187]  ? is_bpf_text_address+0x8a/0x1a0
[  390.732475][T20187]  ? bpf_ksym_find+0x128/0x1c0
[  390.732495][T20187]  ? __lock_acquire+0x4a5/0x2630
[  390.732513][T20187]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  390.732528][T20187]  ? policy_nodemask+0xed/0x4f0
[  390.732545][T20187]  alloc_pages_mpol+0x1fb/0x550
[  390.732563][T20187]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  390.732578][T20187]  ? find_held_lock+0x2b/0x80
[  390.732591][T20187]  ? filemap_get_read_batch+0x30a/0xa60
[  390.732606][T20187]  ? filemap_get_read_batch+0x30a/0xa60
[  390.732622][T20187]  folio_alloc_noprof+0x22/0x330
[  390.732633][T20187]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  390.732654][T20187]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  390.732674][T20187]  ? page_cache_sync_ra+0x1bb/0xb10
[  390.732690][T20187]  filemap_get_pages+0x898/0x2050
[  390.732707][T20187]  ? folios_put_refs+0x66d/0x840
[  390.732722][T20187]  ? __pfx_filemap_get_pages+0x10/0x10
[  390.732739][T20187]  ? __pfx___might_resched+0x10/0x10
[  390.732754][T20187]  filemap_splice_read+0x46e/0xc80
[  390.732775][T20187]  ? __pfx_filemap_splice_read+0x10/0x10
[  390.732804][T20187]  ? find_held_lock+0x2b/0x80
[  390.732820][T20187]  ? __pfx_filemap_splice_read+0x10/0x10
[  390.732835][T20187]  do_splice_read+0x285/0x370
[  390.732854][T20187]  splice_direct_to_actor+0x2a1/0xa30
[  390.732873][T20187]  ? __pfx_direct_splice_actor+0x10/0x10
[  390.732893][T20187]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  390.732914][T20187]  do_splice_direct+0x174/0x240
[  390.732931][T20187]  ? __pfx_do_splice_direct+0x10/0x10
[  390.732948][T20187]  ? avc_policy_seqno+0x9/0x20
[  390.732965][T20187]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  390.732984][T20187]  ? rw_verify_area+0xce/0x6d0
[  390.732999][T20187]  do_sendfile+0xadc/0xe20
[  390.733016][T20187]  ? __pfx_do_sendfile+0x10/0x10
[  390.733030][T20187]  ? __fget_files+0x21f/0x3d0
[  390.733051][T20187]  __x64_sys_sendfile64+0x1d8/0x220
[  390.733069][T20187]  ? ksys_write+0x1ac/0x250
[  390.733083][T20187]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  390.733106][T20187]  do_syscall_64+0x106/0xf80
[  390.733117][T20187]  ? clear_bhb_loop+0x40/0x90
[  390.733131][T20187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.733143][T20187] RIP: 0033:0x7faba1b9bf79
[  390.733154][T20187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  390.733168][T20187] RSP: 002b:00007faba2a20028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  390.733179][T20187] RAX: ffffffffffffffda RBX: 00007faba1e16090 RCX: 00007faba1b9bf79
[  390.733187][T20187] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  390.733193][T20187] RBP: 00007faba2a20090 R08: 0000000000000000 R09: 0000000000000000
[  390.733200][T20187] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000002
[  390.733206][T20187] R13: 00007faba1e16128 R14: 00007faba1e16090 R15: 00007ffcb91682c8
[  390.733220][T20187]  </TASK>
[  390.909419][   T39] usb 12-1: unable to get BOS descriptor or descriptor too short
[  390.912223][   T39] usb 12-1: no configurations
[  390.913727][   T39] usb 12-1: can't read configurations, error -22
[  391.604989][T20196] netlink: 207952 bytes leftover after parsing attributes in process `syz.8.4625'.
[  391.608973][T20197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8192 sclass=netlink_route_socket pid=20197 comm=syz.8.4625
[  391.739135][T20210] FAULT_INJECTION: forcing a failure.
[  391.739135][T20210] name failslab, interval 1, probability 0, space 0, times 0
[  391.745226][T20210] CPU: 1 UID: 0 PID: 20210 Comm: syz.8.4631 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  391.745245][T20210] Tainted: [L]=SOFTLOCKUP
[  391.745250][T20210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  391.745257][T20210] Call Trace:
[  391.745261][T20210]  <TASK>
[  391.745266][T20210]  dump_stack_lvl+0x100/0x190
[  391.745288][T20210]  should_fail_ex.cold+0x5/0xa
[  391.745303][T20210]  ? tomoyo_encode2+0xfb/0x3c0
[  391.745316][T20210]  should_failslab+0xc2/0x120
[  391.745334][T20210]  __kmalloc_noprof+0xe0/0x850
[  391.745347][T20210]  ? d_absolute_path+0x136/0x1b0
[  391.745365][T20210]  tomoyo_encode2+0xfb/0x3c0
[  391.745381][T20210]  tomoyo_encode+0x29/0x50
[  391.745395][T20210]  tomoyo_realpath_from_path+0x18c/0x690
[  391.745413][T20210]  tomoyo_path_number_perm+0x23c/0x580
[  391.745425][T20210]  ? tomoyo_path_number_perm+0x22e/0x580
[  391.745438][T20210]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  391.745464][T20210]  ? find_held_lock+0x2b/0x80
[  391.745479][T20210]  ? __fget_files+0x215/0x3d0
[  391.745496][T20210]  ? hook_file_ioctl_common+0x146/0x410
[  391.745516][T20210]  ? __fget_files+0x21f/0x3d0
[  391.745535][T20210]  security_file_ioctl+0xd3/0x230
[  391.745550][T20210]  __x64_sys_ioctl+0xb7/0x210
[  391.745565][T20210]  do_syscall_64+0x106/0xf80
[  391.745577][T20210]  ? clear_bhb_loop+0x40/0x90
[  391.745591][T20210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.745603][T20210] RIP: 0033:0x7faba1b9bf79
[  391.745613][T20210] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  391.745624][T20210] RSP: 002b:00007faba2a41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  391.745635][T20210] RAX: ffffffffffffffda RBX: 00007faba1e15fa0 RCX: 00007faba1b9bf79
[  391.745642][T20210] RDX: 0000200000000080 RSI: 0000000040045612 RDI: 0000000000000003
[  391.745649][T20210] RBP: 00007faba2a41090 R08: 0000000000000000 R09: 0000000000000000
[  391.745655][T20210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.745662][T20210] R13: 00007faba1e16038 R14: 00007faba1e15fa0 R15: 00007ffcb91682c8
[  391.745676][T20210]  </TASK>
[  391.745686][T20210] ERROR: Out of memory at tomoyo_realpath_from_path.
[  391.817301][T20210] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  391.860110][T20212] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  391.906394][T20216] comedi comedi0: comedi_config --init_data is deprecated
[  391.981341][T20218] FAULT_INJECTION: forcing a failure.
[  391.981341][T20218] name failslab, interval 1, probability 0, space 0, times 0
[  391.988916][T20218] CPU: 0 UID: 0 PID: 20218 Comm: syz.7.4634 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  391.988936][T20218] Tainted: [L]=SOFTLOCKUP
[  391.988941][T20218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  391.988948][T20218] Call Trace:
[  391.988952][T20218]  <TASK>
[  391.988957][T20218]  dump_stack_lvl+0x100/0x190
[  391.988980][T20218]  should_fail_ex.cold+0x5/0xa
[  391.988994][T20218]  should_failslab+0xc2/0x120
[  391.989011][T20218]  __kmalloc_cache_noprof+0x7a/0x6f0
[  391.989023][T20218]  ? __xdp_reg_mem_model+0x134/0x690
[  391.989039][T20218]  __xdp_reg_mem_model+0x134/0x690
[  391.989052][T20218]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[  391.989064][T20218]  ? page_pool_list+0x223/0x2a0
[  391.989082][T20218]  xdp_reg_mem_model+0x22/0x70
[  391.989094][T20218]  bpf_test_run_xdp_live+0x1cb/0x760
[  391.989114][T20218]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  391.989133][T20218]  ? mark_held_locks+0x40/0x70
[  391.989156][T20218]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  391.989177][T20218]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  391.989204][T20218]  ? 0xffffffffa0206480
[  391.989213][T20218]  ? 0xffffffffa0206480
[  391.989222][T20218]  ? 0xffffffffa0206480
[  391.989230][T20218]  ? bpf_dispatcher_change_prog+0x2dc/0xa60
[  391.989253][T20218]  bpf_prog_test_run_xdp+0xd7d/0x1670
[  391.989270][T20218]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  391.989286][T20218]  ? fput+0x79/0x100
[  391.989296][T20218]  ? __bpf_prog_get+0x97/0x2a0
[  391.989311][T20218]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  391.989323][T20218]  __sys_bpf+0x1725/0x4b90
[  391.989336][T20218]  ? __pfx___sys_bpf+0x10/0x10
[  391.989345][T20218]  ? proc_fail_nth_write+0x9f/0x220
[  391.989357][T20218]  ? find_held_lock+0x2b/0x80
[  391.989373][T20218]  ? find_held_lock+0x2b/0x80
[  391.989386][T20218]  ? ksys_write+0x190/0x250
[  391.989405][T20218]  ? __mutex_unlock_slowpath+0x15c/0x790
[  391.989417][T20218]  ? __fget_files+0x215/0x3d0
[  391.989441][T20218]  ? fput+0x79/0x100
[  391.989451][T20218]  ? ksys_write+0x1ac/0x250
[  391.989466][T20218]  ? __pfx_ksys_write+0x10/0x10
[  391.989484][T20218]  __x64_sys_bpf+0x7b/0xc0
[  391.989495][T20218]  ? lockdep_hardirqs_on+0x78/0x100
[  391.989506][T20218]  do_syscall_64+0x106/0xf80
[  391.989517][T20218]  ? clear_bhb_loop+0x40/0x90
[  391.989531][T20218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.989543][T20218] RIP: 0033:0x7fddd159bf79
[  391.989553][T20218] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  391.989564][T20218] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  391.989576][T20218] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  391.989583][T20218] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  391.989590][T20218] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  391.989597][T20218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  391.989603][T20218] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  391.989617][T20218]  </TASK>
[  392.091058][ T6019] usb 13-1: new low-speed USB device number 17 using dummy_hcd
[  392.253818][T20230] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4636'.
[  392.256519][T20230] netlink: 48 bytes leftover after parsing attributes in process `syz.7.4636'.
[  392.274098][   T41] audit: type=1804 audit(2000000439.895:33048): pid=20230 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4636" name="bus" dev="ramfs" ino=93012 res=1 errno=0
[  392.281837][ T6019] usb 13-1: unable to get BOS descriptor or descriptor too short
[  392.284088][ T6019] usb 13-1: no configurations
[  392.285461][ T6019] usb 13-1: can't read configurations, error -22
[  392.388938][T20235] netlink: 'syz.7.4637': attribute type 1 has an invalid length.
[  392.431179][T14549] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  392.433824][T14549] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  392.439903][T14549] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  392.443865][T14549] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  392.459691][T14549] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  392.462480][T14549] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  392.470964][T14549] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  392.473541][T14549] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  392.602936][   T41] audit: type=1400 audit(2000000440.225:33049): avc:  denied  { mount } for  pid=20251 comm="syz.2.4645" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  392.610504][   T41] audit: type=1400 audit(2000000440.225:33050): avc:  denied  { mounton } for  pid=20251 comm="syz.2.4645" path="/34/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  392.647596][T20253] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  392.648079][T20252] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  392.774924][   T41] audit: type=1400 audit(2000000440.395:33051): avc:  denied  { unmount } for  pid=19544 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  392.867831][T20267] FAULT_INJECTION: forcing a failure.
[  392.867831][T20267] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.880044][T20267] CPU: 2 UID: 0 PID: 20267 Comm: syz.8.4647 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  392.880065][T20267] Tainted: [L]=SOFTLOCKUP
[  392.880069][T20267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  392.880076][T20267] Call Trace:
[  392.880080][T20267]  <TASK>
[  392.880085][T20267]  dump_stack_lvl+0x100/0x190
[  392.880107][T20267]  should_fail_ex.cold+0x5/0xa
[  392.880122][T20267]  _copy_from_user+0x2e/0xd0
[  392.880140][T20267]  snd_pcm_oss_write2+0x1c2/0x400
[  392.880157][T20267]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  392.880171][T20267]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  392.880194][T20267]  snd_pcm_oss_write+0x729/0xa30
[  392.880210][T20267]  ? security_file_permission+0x76/0x210
[  392.880228][T20267]  vfs_write+0x2aa/0x1070
[  392.880244][T20267]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  392.880261][T20267]  ? __pfx_vfs_write+0x10/0x10
[  392.880275][T20267]  ? find_held_lock+0x2b/0x80
[  392.880289][T20267]  ? __fget_files+0x215/0x3d0
[  392.880306][T20267]  ? __fget_files+0x215/0x3d0
[  392.880325][T20267]  ? __fget_files+0x21f/0x3d0
[  392.880345][T20267]  ksys_write+0x12a/0x250
[  392.880361][T20267]  ? __pfx_ksys_write+0x10/0x10
[  392.880380][T20267]  do_syscall_64+0x106/0xf80
[  392.880391][T20267]  ? clear_bhb_loop+0x40/0x90
[  392.880405][T20267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.880417][T20267] RIP: 0033:0x7faba1b9bf79
[  392.880428][T20267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  392.880438][T20267] RSP: 002b:00007faba2a41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  392.880450][T20267] RAX: ffffffffffffffda RBX: 00007faba1e15fa0 RCX: 00007faba1b9bf79
[  392.880457][T20267] RDX: 000000000000fc36 RSI: 0000200000000500 RDI: 0000000000000003
[  392.880464][T20267] RBP: 00007faba2a41090 R08: 0000000000000000 R09: 0000000000000000
[  392.880470][T20267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  392.880477][T20267] R13: 00007faba1e16038 R14: 00007faba1e15fa0 R15: 00007ffcb91682c8
[  392.880491][T20267]  </TASK>
[  392.992742][T20275] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.027085][ T5939] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  393.032625][ T5939] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  393.035518][ T5939] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  393.038306][ T5939] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  393.041161][ T5939] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  393.116884][T20275] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.199828][T20275] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.210483][   T41] audit: type=1400 audit(2000000440.825:33052): avc:  denied  { accept } for  pid=20281 comm="syz.8.4653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  393.218535][T20282] netlink: 'syz.8.4653': attribute type 5 has an invalid length.
[  393.237403][T20284] chnl_net:caif_netlink_parms(): no params data found
[  393.301572][T20275] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.332649][T20284] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.335150][T20284] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.337521][T20284] bridge_slave_0: entered allmulticast mode
[  393.340336][T20284] bridge_slave_0: entered promiscuous mode
[  393.344730][T20284] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.347113][T20284] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.349471][T20284] bridge_slave_1: entered allmulticast mode
[  393.352454][T20284] bridge_slave_1: entered promiscuous mode
[  393.371173][T20284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.375636][T20284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.391254][T20284] team0: Port device team_slave_0 added
[  393.394526][T20284] team0: Port device team_slave_1 added
[  393.408123][T20284] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.410419][T20284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  393.418559][T20284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.422879][T20284] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.425086][T20284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  393.433079][T20284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.454858][T20284] hsr_slave_0: entered promiscuous mode
[  393.457138][T20284] hsr_slave_1: entered promiscuous mode
[  393.459243][T20284] debugfs: 'hsr0' already exists in 'hsr'
[  393.461262][T20284] Cannot create hsr debugfs directory
[  393.734701][T14548] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.753627][T14556] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  393.767742][T14550] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  393.808803][T14548] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  393.815876][T14543] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  393.818574][T14543] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  393.920131][T14548] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.009691][T14548] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  394.044242][  T841] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  394.090068][T20342] FAULT_INJECTION: forcing a failure.
[  394.090068][T20342] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  394.094364][T20342] CPU: 3 UID: 0 PID: 20342 Comm: syz.8.4659 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  394.094383][T20342] Tainted: [L]=SOFTLOCKUP
[  394.094387][T20342] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  394.094394][T20342] Call Trace:
[  394.094398][T20342]  <TASK>
[  394.094403][T20342]  dump_stack_lvl+0x100/0x190
[  394.094435][T20342]  should_fail_ex.cold+0x5/0xa
[  394.094450][T20342]  ? prepare_alloc_pages+0x16d/0x5f0
[  394.094469][T20342]  should_fail_alloc_page+0xeb/0x140
[  394.094487][T20342]  prepare_alloc_pages+0x1f0/0x5f0
[  394.094507][T20342]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  394.094522][T20342]  ? rcu_is_watching+0x12/0xc0
[  394.094549][T20342]  ? __lock_acquire+0x4a5/0x2630
[  394.094571][T20342]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  394.094587][T20342]  ? do_raw_spin_lock+0x128/0x260
[  394.094599][T20342]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  394.094612][T20342]  ? find_held_lock+0x2b/0x80
[  394.094629][T20342]  ? __lock_acquire+0x4a5/0x2630
[  394.094646][T20342]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  394.094662][T20342]  ? policy_nodemask+0xed/0x4f0
[  394.094680][T20342]  alloc_pages_mpol+0x1fb/0x550
[  394.094697][T20342]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  394.094714][T20342]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  394.094732][T20342]  folio_alloc_mpol_noprof+0x36/0x340
[  394.094752][T20342]  shmem_alloc_folio+0x135/0x160
[  394.094764][T20342]  shmem_alloc_and_add_folio+0x371/0xd40
[  394.094782][T20342]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  394.094798][T20342]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  394.094816][T20342]  shmem_get_folio_gfp+0x6ab/0x1900
[  394.094833][T20342]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  394.094848][T20342]  ? filemap_map_pages+0x9e0/0x2170
[  394.094865][T20342]  shmem_fault+0x1f9/0xa20
[  394.094878][T20342]  ? __lock_acquire+0x4a5/0x2630
[  394.094896][T20342]  ? __pfx_shmem_fault+0x10/0x10
[  394.094912][T20342]  ? __pfx_filemap_map_pages+0x10/0x10
[  394.094934][T20342]  __do_fault+0x10d/0x550
[  394.094952][T20342]  do_fault+0xaf9/0x1a00
[  394.094971][T20342]  __handle_mm_fault+0x180f/0x2b60
[  394.094988][T20342]  ? __pfx___handle_mm_fault+0x10/0x10
[  394.095001][T20342]  ? pte_offset_map_lock+0x174/0x320
[  394.095017][T20342]  ? find_held_lock+0x2b/0x80
[  394.095035][T20342]  ? follow_page_pte+0x5b3/0x1400
[  394.095055][T20342]  handle_mm_fault+0x36d/0xa20
[  394.095070][T20342]  __get_user_pages+0xf9c/0x34d0
[  394.095093][T20342]  ? __pfx___get_user_pages+0x10/0x10
[  394.095114][T20342]  populate_vma_page_range+0x267/0x3f0
[  394.095133][T20342]  ? __pfx_populate_vma_page_range+0x10/0x10
[  394.095151][T20342]  ? __pfx_find_vma_intersection+0x10/0x10
[  394.095169][T20342]  ? do_mmap+0x93f/0x12f0
[  394.095187][T20342]  __mm_populate+0x107/0x3a0
[  394.095206][T20342]  ? __pfx___mm_populate+0x10/0x10
[  394.095225][T20342]  ? up_write+0x290/0x4f0
[  394.095237][T20342]  vm_mmap_pgoff+0x37f/0x470
[  394.095256][T20342]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  394.095275][T20342]  ? __fget_files+0x21f/0x3d0
[  394.095296][T20342]  ksys_mmap_pgoff+0x7d/0x5b0
[  394.095313][T20342]  ? __pfx_ksys_write+0x10/0x10
[  394.095330][T20342]  __x64_sys_mmap+0x125/0x190
[  394.095342][T20342]  do_syscall_64+0x106/0xf80
[  394.095354][T20342]  ? clear_bhb_loop+0x40/0x90
[  394.095368][T20342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.095380][T20342] RIP: 0033:0x7faba1b9bf79
[  394.095390][T20342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  394.095401][T20342] RSP: 002b:00007faba2a41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  394.095413][T20342] RAX: ffffffffffffffda RBX: 00007faba1e15fa0 RCX: 00007faba1b9bf79
[  394.095420][T20342] RDX: 0000000003000001 RSI: 0000000000b36000 RDI: 0000200000000000
[  394.095427][T20342] RBP: 00007faba2a41090 R08: ffffffffffffffff R09: 000000007fda8000
[  394.095434][T20342] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[  394.095440][T20342] R13: 00007faba1e16038 R14: 00007faba1e15fa0 R15: 00007ffcb91682c8
[  394.095455][T20342]  </TASK>
[  394.276091][  T841] usb 7-1: unable to get BOS descriptor or descriptor too short
[  394.285337][  T841] usb 7-1: no configurations
[  394.287307][  T841] usb 7-1: can't read configurations, error -22
[  394.358426][T14548] bridge_slave_1: left allmulticast mode
[  394.360275][T14548] bridge_slave_1: left promiscuous mode
[  394.362569][T14548] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.366218][T14548] bridge_slave_0: left allmulticast mode
[  394.368099][T14548] bridge_slave_0: left promiscuous mode
[  394.370002][T14548] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.432652][T20364] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  394.543195][ T1459] usb 12-1: new high-speed USB device number 15 using dummy_hcd
[  394.577235][T14548] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.612437][T14548] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.631934][T14548] bond0 (unregistering): Released all slaves
[  394.703528][ T1459] usb 12-1: Using ep0 maxpacket: 32
[  394.706418][ T1459] usb 12-1: config 0 has an invalid interface number: 183 but max is 0
[  394.709016][ T1459] usb 12-1: config 0 has no interface number 0
[  394.716247][ T1459] usb 12-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8
[  394.719014][ T1459] usb 12-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.731462][ T1459] usb 12-1: Product: syz
[  394.732868][ T1459] usb 12-1: Manufacturer: syz
[  394.734391][ T1459] usb 12-1: SerialNumber: syz
[  394.752159][ T1459] usb 12-1: config 0 descriptor??
[  394.761966][ T1459] net1080 12-1:0.183: probe with driver net1080 failed with error -22
[  394.782569][T20284] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  394.809520][T20378] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  395.094251][ T5939] Bluetooth: hci3: command tx timeout
[  395.287268][T20284] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  395.311846][T20381] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  395.314917][T20381] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.342377][T20284] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  395.437695][T20284] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  395.446522][T20381] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  395.450238][T20381] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  395.541134][T20284] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.549170][T20284] 8021q: adding VLAN 0 to HW filter on device team0
[  395.554651][T14550] bridge0: port 1(bridge_slave_0) entered blocking state
[  395.556998][T14550] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.566516][T20381] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  395.581039][T20381] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  396.189643][T20381] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  396.196215][T20381] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  396.206951][T14544] bridge0: port 2(bridge_slave_1) entered blocking state
[  396.209570][T14544] bridge0: port 2(bridge_slave_1) entered forwarding state
[  396.277862][T14548] hsr_slave_0: left promiscuous mode
[  396.283145][T14548] hsr_slave_1: left promiscuous mode
[  396.285211][T14548] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  396.291003][T14548] batman_adv: batadv0: Removing interface: batadv_slave_0
[  396.293894][T14548] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  396.296224][T14548] batman_adv: batadv0: Removing interface: batadv_slave_1
[  396.309158][T14548] veth1_macvtap: left promiscuous mode
[  396.312180][T14548] veth0_macvtap: left promiscuous mode
[  396.313988][T14548] veth1_vlan: left promiscuous mode
[  396.315661][T14548] veth0_vlan: left promiscuous mode
[  396.426697][T14548] team0 (unregistering): Port device team_slave_1 removed
[  396.434342][T14548] team0 (unregistering): Port device team_slave_0 removed
[  396.561047][   T71] usb 13-1: new low-speed USB device number 19 using dummy_hcd
[  396.601843][T14543] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  396.605311][T14543] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  396.630460][T14562] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  396.635680][T14562] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.646381][T14544] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  396.649961][T14544] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.658467][T20284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  396.666100][T14562] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  396.668651][T14562] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.708162][T20284] veth0_vlan: entered promiscuous mode
[  396.715934][T20284] veth1_vlan: entered promiscuous mode
[  396.734903][T20284] veth0_macvtap: entered promiscuous mode
[  396.743873][T20284] veth1_macvtap: entered promiscuous mode
[  396.753696][T20284] batman_adv: batadv0: Interface activated: batadv_slave_0
[  396.759086][   T71] usb 13-1: unable to get BOS descriptor or descriptor too short
[  396.759789][T20284] batman_adv: batadv0: Interface activated: batadv_slave_1
[  396.762106][   T71] usb 13-1: no configurations
[  396.766488][   T71] usb 13-1: can't read configurations, error -22
[  396.768543][T14562] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  396.774677][T14562] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  396.777435][T14562] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  396.784223][T14562] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  396.828818][T20458] binder: 20457:20458 ioctl c018620c 200000000040 returned -22
[  396.841102][T14543] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.844219][T14543] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.859740][T14562] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  396.863099][T14562] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  396.908061][T19286] usb 12-1: USB disconnect, device number 15
[  396.988797][   T41] audit: type=1804 audit(2000000444.605:33053): pid=20476 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4677" name="bus" dev="ramfs" ino=95077 res=1 errno=0
[  396.996198][   T41] audit: type=1804 audit(2000000444.605:33054): pid=20476 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.4677" name="bus" dev="ramfs" ino=95077 res=1 errno=0
[  397.046674][T20484] FAULT_INJECTION: forcing a failure.
[  397.046674][T20484] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  397.050842][T20484] CPU: 3 UID: 0 PID: 20484 Comm: syz.3.4677 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  397.050860][T20484] Tainted: [L]=SOFTLOCKUP
[  397.050868][T20484] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  397.050875][T20484] Call Trace:
[  397.050879][T20484]  <TASK>
[  397.050884][T20484]  dump_stack_lvl+0x100/0x190
[  397.050918][T20484]  should_fail_ex.cold+0x5/0xa
[  397.050931][T20484]  ? prepare_alloc_pages+0x16d/0x5f0
[  397.050950][T20484]  should_fail_alloc_page+0xeb/0x140
[  397.050968][T20484]  prepare_alloc_pages+0x1f0/0x5f0
[  397.050986][T20484]  ? bpf_ksym_find+0x128/0x1c0
[  397.051005][T20484]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  397.051021][T20484]  ? __lock_acquire+0x4a5/0x2630
[  397.051039][T20484]  ? arch_stack_walk+0xa6/0xf0
[  397.051056][T20484]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  397.051070][T20484]  ? do_raw_spin_lock+0x128/0x260
[  397.051084][T20484]  ? debug_check_no_obj_freed+0x31f/0x630
[  397.051105][T20484]  ? __lock_acquire+0x4a5/0x2630
[  397.051123][T20484]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  397.051139][T20484]  ? policy_nodemask+0xed/0x4f0
[  397.051157][T20484]  alloc_pages_mpol+0x1fb/0x550
[  397.051174][T20484]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  397.051190][T20484]  ? find_held_lock+0x2b/0x80
[  397.051204][T20484]  ? filemap_get_read_batch+0x30a/0xa60
[  397.051218][T20484]  ? filemap_get_read_batch+0x30a/0xa60
[  397.051235][T20484]  folio_alloc_noprof+0x22/0x330
[  397.051246][T20484]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  397.051268][T20484]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  397.051287][T20484]  ? page_cache_sync_ra+0x1bb/0xb10
[  397.051303][T20484]  filemap_get_pages+0x898/0x2050
[  397.051321][T20484]  ? folios_put_refs+0x66d/0x840
[  397.051336][T20484]  ? __pfx_filemap_get_pages+0x10/0x10
[  397.051353][T20484]  ? __pfx___might_resched+0x10/0x10
[  397.051368][T20484]  filemap_splice_read+0x46e/0xc80
[  397.051389][T20484]  ? __pfx_filemap_splice_read+0x10/0x10
[  397.051419][T20484]  ? find_held_lock+0x2b/0x80
[  397.051435][T20484]  ? __pfx_filemap_splice_read+0x10/0x10
[  397.051451][T20484]  do_splice_read+0x285/0x370
[  397.051470][T20484]  splice_direct_to_actor+0x2a1/0xa30
[  397.051488][T20484]  ? __pfx_direct_splice_actor+0x10/0x10
[  397.051508][T20484]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  397.051530][T20484]  do_splice_direct+0x174/0x240
[  397.051547][T20484]  ? __pfx_do_splice_direct+0x10/0x10
[  397.051564][T20484]  ? avc_policy_seqno+0x9/0x20
[  397.051581][T20484]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  397.051601][T20484]  ? rw_verify_area+0xce/0x6d0
[  397.051616][T20484]  do_sendfile+0xadc/0xe20
[  397.051633][T20484]  ? __pfx_do_sendfile+0x10/0x10
[  397.051647][T20484]  ? __fget_files+0x21f/0x3d0
[  397.051668][T20484]  __x64_sys_sendfile64+0x1d8/0x220
[  397.051686][T20484]  ? ksys_write+0x1ac/0x250
[  397.051701][T20484]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  397.051723][T20484]  do_syscall_64+0x106/0xf80
[  397.051735][T20484]  ? clear_bhb_loop+0x40/0x90
[  397.051749][T20484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.051761][T20484] RIP: 0033:0x7f35db39bf79
[  397.051771][T20484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.051793][T20484] RSP: 002b:00007f35dc266028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  397.051805][T20484] RAX: ffffffffffffffda RBX: 00007f35db616090 RCX: 00007f35db39bf79
[  397.051812][T20484] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  397.051819][T20484] RBP: 00007f35dc266090 R08: 0000000000000000 R09: 0000000000000000
[  397.051825][T20484] R10: 0001000000201005 R11: 0000000000000246 R12: 0000000000000002
[  397.051832][T20484] R13: 00007f35db616128 R14: 00007f35db616090 R15: 00007ffc1c41aad8
[  397.051846][T20484]  </TASK>
[  397.115443][T20480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4678'.
[  397.172973][T20480] netlink: 'syz.2.4678': attribute type 1 has an invalid length.
[  397.181044][ T5939] Bluetooth: hci3: command tx timeout
[  397.184173][T20480] 8021q: adding VLAN 0 to HW filter on device bond1
[  397.188396][T20480] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4678'.
[  397.197674][T20480] bond1: (slave bridge2): making interface the new active one
[  397.202580][T20480] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  397.301931][T20500] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.327060][T20507] i2c i2c-1: dtv_property_process_set: SET cmd 0x00000000 undefined
[  397.356937][T20504] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  397.380643][T20512] FAULT_INJECTION: forcing a failure.
[  397.380643][T20512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  397.390492][T20512] CPU: 3 UID: 0 PID: 20512 Comm: syz.2.4683 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  397.390512][T20512] Tainted: [L]=SOFTLOCKUP
[  397.390516][T20512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  397.390523][T20512] Call Trace:
[  397.390528][T20512]  <TASK>
[  397.390532][T20512]  dump_stack_lvl+0x100/0x190
[  397.390554][T20512]  should_fail_ex.cold+0x5/0xa
[  397.390570][T20512]  _copy_from_user+0x2e/0xd0
[  397.390588][T20512]  video_usercopy+0xe71/0x1740
[  397.390601][T20512]  ? __pfx___video_do_ioctl+0x10/0x10
[  397.390620][T20512]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  397.390636][T20512]  ? __pfx_video_usercopy+0x10/0x10
[  397.390656][T20512]  v4l2_ioctl+0x1bd/0x250
[  397.390667][T20512]  ? __pfx_v4l2_ioctl+0x10/0x10
[  397.390680][T20512]  __x64_sys_ioctl+0x18e/0x210
[  397.390696][T20512]  do_syscall_64+0x106/0xf80
[  397.390707][T20512]  ? clear_bhb_loop+0x40/0x90
[  397.390720][T20512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.390732][T20512] RIP: 0033:0x7fb37079bf79
[  397.390742][T20512] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.390753][T20512] RSP: 002b:00007fb371724028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.390765][T20512] RAX: ffffffffffffffda RBX: 00007fb370a15fa0 RCX: 00007fb37079bf79
[  397.390773][T20512] RDX: 0000200000000080 RSI: 0000000040045612 RDI: 0000000000000003
[  397.390779][T20512] RBP: 00007fb371724090 R08: 0000000000000000 R09: 0000000000000000
[  397.390786][T20512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.390793][T20512] R13: 00007fb370a16038 R14: 00007fb370a15fa0 R15: 00007fffbfc64ff8
[  397.390807][T20512]  </TASK>
[  397.463965][T20500] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.608993][T20500] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.657128][   T41] audit: type=1804 audit(2000000445.275:33055): pid=20535 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4688" name="bus" dev="ramfs" ino=95111 res=1 errno=0
[  397.664201][   T41] audit: type=1804 audit(2000000445.285:33056): pid=20535 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.2.4688" name="bus" dev="ramfs" ino=95111 res=1 errno=0
[  397.765799][T20500] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  397.914345][T14543] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.925788][T14562] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.934880][T14562] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.940387][T20554] vlan2: entered promiscuous mode
[  397.942919][T20554] bridge0: entered promiscuous mode
[  397.950213][T14543] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.023751][ T5997] usb 13-1: new low-speed USB device number 21 using dummy_hcd
[  398.064754][T20561] sch_fq: defrate 0 ignored.
[  398.103081][T20570] fuse: Bad value for 'group_id'
[  398.104699][T20570] fuse: Bad value for 'group_id'
[  398.107189][T20570] atomic_op ffff888037bdb198 conn xmit_atomic 0000000000000000
[  398.192879][ T5997] usb 13-1: unable to get BOS descriptor or descriptor too short
[  398.195370][ T5997] usb 13-1: no configurations
[  398.196866][ T5997] usb 13-1: can't read configurations, error -22
[  398.347516][T20588] FAULT_INJECTION: forcing a failure.
[  398.347516][T20588] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.352974][    T9] usb 8-1: new low-speed USB device number 21 using dummy_hcd
[  398.355516][T20588] CPU: 0 UID: 0 PID: 20588 Comm: syz.7.4699 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  398.355534][T20588] Tainted: [L]=SOFTLOCKUP
[  398.355538][T20588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  398.355545][T20588] Call Trace:
[  398.355549][T20588]  <TASK>
[  398.355554][T20588]  dump_stack_lvl+0x100/0x190
[  398.355588][T20588]  should_fail_ex.cold+0x5/0xa
[  398.355603][T20588]  _copy_from_user+0x2e/0xd0
[  398.355621][T20588]  snd_pcm_oss_write2+0x1c2/0x400
[  398.355638][T20588]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  398.355652][T20588]  ? snd_pcm_kernel_ioctl+0x14a/0x2e0
[  398.355674][T20588]  snd_pcm_oss_write+0x729/0xa30
[  398.355690][T20588]  ? security_file_permission+0x76/0x210
[  398.355708][T20588]  vfs_write+0x2aa/0x1070
[  398.355725][T20588]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  398.355741][T20588]  ? __pfx_vfs_write+0x10/0x10
[  398.355755][T20588]  ? find_held_lock+0x2b/0x80
[  398.355769][T20588]  ? __fget_files+0x215/0x3d0
[  398.355798][T20588]  ? __fget_files+0x215/0x3d0
[  398.355819][T20588]  ? __fget_files+0x21f/0x3d0
[  398.355839][T20588]  ksys_write+0x12a/0x250
[  398.355855][T20588]  ? __pfx_ksys_write+0x10/0x10
[  398.355874][T20588]  do_syscall_64+0x106/0xf80
[  398.355886][T20588]  ? clear_bhb_loop+0x40/0x90
[  398.355900][T20588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.355912][T20588] RIP: 0033:0x7fddd159bf79
[  398.355923][T20588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  398.355934][T20588] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  398.355945][T20588] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  398.355953][T20588] RDX: 000000000000fc36 RSI: 0000200000000500 RDI: 0000000000000003
[  398.355960][T20588] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  398.355966][T20588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  398.355973][T20588] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  398.355987][T20588]  </TASK>
[  398.512498][    T9] usb 8-1: config 1 has an invalid descriptor of length 128, skipping remainder of the config
[  398.515723][    T9] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2
[  398.518583][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  398.522513][    T9] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 10496, setting to 8
[  398.525851][    T9] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  398.528737][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.538147][T20570] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  398.542436][    T9] hub 8-1:1.0: bad descriptor, ignoring hub
[  398.544341][    T9] hub 8-1:1.0: probe with driver hub failed with error -5
[  398.546788][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  398.548586][    T9] cdc_wdm 8-1:1.0: skipping garbage
[  398.554090][    T9] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device
[  398.556043][    T9] cdc_wdm 8-1:1.0: Unknown control protocol
[  398.703275][T20611] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  398.706963][T20611] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.761930][T20611] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  398.764976][T20611] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.809621][T20620] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4704'.
[  398.813420][T20620] nbd: must specify at least one socket
[  398.840140][T20611] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  398.848882][T20611] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  398.895300][T20624] FAULT_INJECTION: forcing a failure.
[  398.895300][T20624] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  398.899526][T20624] CPU: 0 UID: 0 PID: 20624 Comm: syz.8.4705 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  398.899544][T20624] Tainted: [L]=SOFTLOCKUP
[  398.899549][T20624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  398.899556][T20624] Call Trace:
[  398.899560][T20624]  <TASK>
[  398.899565][T20624]  dump_stack_lvl+0x100/0x190
[  398.899587][T20624]  should_fail_ex.cold+0x5/0xa
[  398.899614][T20624]  ? prepare_alloc_pages+0x16d/0x5f0
[  398.899634][T20624]  should_fail_alloc_page+0xeb/0x140
[  398.899652][T20624]  prepare_alloc_pages+0x1f0/0x5f0
[  398.899672][T20624]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  398.899687][T20624]  ? rcu_is_watching+0x12/0xc0
[  398.899702][T20624]  ? __lock_acquire+0x4a5/0x2630
[  398.899724][T20624]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  398.899740][T20624]  ? do_raw_spin_lock+0x128/0x260
[  398.899752][T20624]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  398.899764][T20624]  ? find_held_lock+0x2b/0x80
[  398.899782][T20624]  ? __lock_acquire+0x4a5/0x2630
[  398.899804][T20624]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  398.899820][T20624]  ? policy_nodemask+0xed/0x4f0
[  398.899838][T20624]  alloc_pages_mpol+0x1fb/0x550
[  398.899855][T20624]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  398.899872][T20624]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  398.899890][T20624]  folio_alloc_mpol_noprof+0x36/0x340
[  398.899910][T20624]  shmem_alloc_folio+0x135/0x160
[  398.899922][T20624]  shmem_alloc_and_add_folio+0x371/0xd40
[  398.899940][T20624]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  398.899956][T20624]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  398.899974][T20624]  shmem_get_folio_gfp+0x6ab/0x1900
[  398.899991][T20624]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  398.900007][T20624]  ? filemap_map_pages+0x9e0/0x2170
[  398.900023][T20624]  shmem_fault+0x1f9/0xa20
[  398.900037][T20624]  ? __lock_acquire+0x4a5/0x2630
[  398.900054][T20624]  ? __pfx_shmem_fault+0x10/0x10
[  398.900071][T20624]  ? __pfx_filemap_map_pages+0x10/0x10
[  398.900089][T20624]  __do_fault+0x10d/0x550
[  398.900106][T20624]  do_fault+0xaf9/0x1a00
[  398.900126][T20624]  __handle_mm_fault+0x180f/0x2b60
[  398.900143][T20624]  ? __pfx___handle_mm_fault+0x10/0x10
[  398.900156][T20624]  ? pte_offset_map_lock+0x174/0x320
[  398.900172][T20624]  ? find_held_lock+0x2b/0x80
[  398.900190][T20624]  ? follow_page_pte+0x5b3/0x1400
[  398.900211][T20624]  handle_mm_fault+0x36d/0xa20
[  398.900226][T20624]  __get_user_pages+0xf9c/0x34d0
[  398.900249][T20624]  ? __pfx___get_user_pages+0x10/0x10
[  398.900270][T20624]  populate_vma_page_range+0x267/0x3f0
[  398.900290][T20624]  ? __pfx_populate_vma_page_range+0x10/0x10
[  398.900308][T20624]  ? __pfx_find_vma_intersection+0x10/0x10
[  398.900325][T20624]  ? do_mmap+0x93f/0x12f0
[  398.900344][T20624]  __mm_populate+0x107/0x3a0
[  398.900362][T20624]  ? __pfx___mm_populate+0x10/0x10
[  398.900382][T20624]  ? up_write+0x290/0x4f0
[  398.900395][T20624]  vm_mmap_pgoff+0x37f/0x470
[  398.900414][T20624]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  398.900433][T20624]  ? __fget_files+0x21f/0x3d0
[  398.900454][T20624]  ksys_mmap_pgoff+0x7d/0x5b0
[  398.900471][T20624]  ? __pfx_ksys_write+0x10/0x10
[  398.900488][T20624]  __x64_sys_mmap+0x125/0x190
[  398.900501][T20624]  do_syscall_64+0x106/0xf80
[  398.900511][T20624]  ? clear_bhb_loop+0x40/0x90
[  398.900526][T20624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.900537][T20624] RIP: 0033:0x7faba1b9bf79
[  398.900547][T20624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  398.900557][T20624] RSP: 002b:00007faba2a41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  398.900568][T20624] RAX: ffffffffffffffda RBX: 00007faba1e15fa0 RCX: 00007faba1b9bf79
[  398.900575][T20624] RDX: 0000000003000001 RSI: 0000000000b36000 RDI: 0000200000000000
[  398.900582][T20624] RBP: 00007faba2a41090 R08: ffffffffffffffff R09: 000000007fda8000
[  398.900589][T20624] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[  398.900595][T20624] R13: 00007faba1e16038 R14: 00007faba1e15fa0 R15: 00007ffcb91682c8
[  398.900610][T20624]  </TASK>
[  399.041667][T20611] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  399.044759][T20611] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  399.251399][ T5939] Bluetooth: hci3: command tx timeout
[  399.326159][T20570] usb 8-1: reset low-speed USB device number 21 using dummy_hcd
[  399.331811][T20640] FAULT_INJECTION: forcing a failure.
[  399.331811][T20640] name failslab, interval 1, probability 0, space 0, times 0
[  399.336165][T20640] CPU: 1 UID: 0 PID: 20640 Comm: syz.7.4708 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  399.336184][T20640] Tainted: [L]=SOFTLOCKUP
[  399.336188][T20640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  399.336196][T20640] Call Trace:
[  399.336201][T20640]  <TASK>
[  399.336206][T20640]  dump_stack_lvl+0x100/0x190
[  399.336229][T20640]  should_fail_ex.cold+0x5/0xa
[  399.336245][T20640]  ? tomoyo_realpath_from_path+0xb6/0x690
[  399.336261][T20640]  should_failslab+0xc2/0x120
[  399.336280][T20640]  __kmalloc_noprof+0xe0/0x850
[  399.336298][T20640]  tomoyo_realpath_from_path+0xb6/0x690
[  399.336317][T20640]  tomoyo_path_number_perm+0x23c/0x580
[  399.336330][T20640]  ? tomoyo_path_number_perm+0x22e/0x580
[  399.336344][T20640]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  399.336372][T20640]  ? find_held_lock+0x2b/0x80
[  399.336387][T20640]  ? __fget_files+0x215/0x3d0
[  399.336405][T20640]  ? hook_file_ioctl_common+0x146/0x410
[  399.336426][T20640]  ? __fget_files+0x21f/0x3d0
[  399.336446][T20640]  security_file_ioctl+0xd3/0x230
[  399.336462][T20640]  __x64_sys_ioctl+0xb7/0x210
[  399.336479][T20640]  do_syscall_64+0x106/0xf80
[  399.336492][T20640]  ? clear_bhb_loop+0x40/0x90
[  399.336507][T20640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.336519][T20640] RIP: 0033:0x7fddd159bf79
[  399.336529][T20640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  399.336540][T20640] RSP: 002b:00007fddd2488028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  399.336552][T20640] RAX: ffffffffffffffda RBX: 00007fddd1815fa0 RCX: 00007fddd159bf79
[  399.336560][T20640] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000004
[  399.336567][T20640] RBP: 00007fddd2488090 R08: 0000000000000000 R09: 0000000000000000
[  399.336574][T20640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.336581][T20640] R13: 00007fddd1816038 R14: 00007fddd1815fa0 R15: 00007ffd983bd9c8
[  399.336597][T20640]  </TASK>
[  399.336602][T20640] ERROR: Out of memory at tomoyo_realpath_from_path.
[  399.397640][   T41] audit: type=1400 audit(2000000447.015:33057): avc:  denied  { watch watch_reads } for  pid=20643 comm="syz.8.4710" path="/proc/132" dev="proc" ino=95983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  399.666555][T20621] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  399.933808][   T24] usb 8-1: USB disconnect, device number 21
[  400.057026][T20660] 9pnet_virtio: no channels available for device syz
[  400.365712][T20671] binder: 20670:20671 ioctl c018620c 200000000040 returned -22
[  400.390204][T20673] sg_write: data in/out 63015/14 bytes for SCSI command 0x0-- guessing data in;
[  400.390204][T20673]    program syz.8.4719 not setting count and/or reply_len properly
[  400.401268][   T12] ------------[ cut here ]------------
[  400.403307][   T12] time_after(jiffies, timeout)
[  400.403315][   T12] WARNING: io_uring/io_uring.c:2341 at io_ring_exit_work+0x42d/0xcdb, CPU#2: kworker/u32:0/12
[  400.408032][   T12] Modules linked in:
[  400.409544][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  400.413327][   T12] Tainted: [L]=SOFTLOCKUP
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  400.415370][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  400.418545][   T12] Workqueue: iou_exit io_ring_exit_work
[  400.420339][   T12] RIP: 0010:io_ring_exit_work+0x42d/0xcdb
[  400.421011][   T41] audit: type=1400 audit(2000000448.035:33058): avc:  denied  { write } for  pid=5911 comm="syz-executor" path="pipe:[5856]" dev="pipefs" ino=5856 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  400.422480][   T12] Code: 8e e8 b7 8e 3f 01 48 8b 05 f0 cb 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 fe 3c d3 00 4d 85 ed 79 12 e8 14 42 d3 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 02 42 d3 00 48 8b 74 24 38
[  400.436684][   T12] RSP: 0018:ffffc900000f7ab0 EFLAGS: 00010293
[  400.439000][   T12] RAX: 0000000000000000 RBX: ffff888059416778 RCX: ffffffff813546a2
[  400.441875][   T12] RDX: ffff88801e2b4900 RSI: ffffffff813546ac RDI: ffff88801e2b4900
[  400.445038][   T12] RBP: ffffc900000f7c38 R08: 0000000000000007 R09: 0000000000000000
[  400.447769][   T12] R10: fffffffffffffffd R11: 0000000000000000 R12: ffff888059416000
[  400.450703][   T12] R13: fffffffffffffffd R14: dffffc0000000000 R15: 0000000000000000
[  400.453671][   T12] FS:  0000000000000000(0000) GS:ffff8880d6558000(0000) knlGS:0000000000000000
[  400.456498][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  400.458601][   T12] CR2: 00007faba1c4e661 CR3: 00000000323ec000 CR4: 0000000000352ef0
[  400.461248][   T12] Call Trace:
[  400.462349][   T12]  <TASK>
[  400.463342][   T12]  ? __pfx_io_ring_exit_work+0x10/0x10
[  400.465072][   T12]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  400.466980][   T12]  ? debug_object_deactivate+0x2e4/0x3b0
[  400.468765][   T12]  ? rcu_is_watching+0x12/0xc0
[  400.470284][   T12]  process_one_work+0x9d7/0x1920
[  400.472030][   T12]  ? __pfx_process_one_work+0x10/0x10
[  400.473741][   T12]  ? __pfx_io_ring_exit_work+0x10/0x10
[  400.475489][   T12]  worker_thread+0x5da/0xe40
[  400.477171][   T12]  ? kthread+0x13a/0x450
[  400.478743][   T12]  ? __pfx_worker_thread+0x10/0x10
[  400.480373][   T12]  kthread+0x370/0x450
[  400.481976][   T12]  ? __pfx_kthread+0x10/0x10
[  400.483527][   T12]  ret_from_fork+0x754/0xd80
[  400.485052][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  400.486688][   T12]  ? __switch_to+0x7b4/0x1120
[  400.488189][   T12]  ? __pfx_kthread+0x10/0x10
[  400.489670][   T12]  ret_from_fork_asm+0x1a/0x30
[  400.491306][   T12]  </TASK>
[  400.492311][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  400.494599][   T12] CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  400.497984][   T12] Tainted: [L]=SOFTLOCKUP
[  400.499357][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  400.502522][   T12] Workqueue: iou_exit io_ring_exit_work
[  400.504273][   T12] Call Trace:
[  400.505341][   T12]  <TASK>
[  400.506301][   T12]  dump_stack_lvl+0x100/0x190
[  400.507804][   T12]  vpanic+0x552/0x970
[  400.509082][   T12]  ? __pfx_vpanic+0x10/0x10
[  400.510544][   T12]  panic+0xd1/0xe0
[  400.511801][   T12]  ? __pfx_panic+0x10/0x10
[  400.513228][   T12]  ? check_panic_on_warn+0x1f/0x90
[  400.514873][   T12]  check_panic_on_warn.cold+0x19/0x34
[  400.516566][   T12]  ? io_ring_exit_work+0x42d/0xcdb
[  400.518208][   T12]  __warn.cold+0x191/0x348
[  400.519634][   T12]  __report_bug+0x296/0x3d0
[  400.521099][   T12]  ? io_ring_exit_work+0x42d/0xcdb
[  400.522743][   T12]  ? __pfx___report_bug+0x10/0x10
[  400.524348][   T12]  ? trace_contention_end+0x140/0x180
[  400.526057][   T12]  ? __mutex_lock+0x26a/0x1b90
[  400.527577][   T12]  ? find_held_lock+0x2b/0x80
[  400.529078][   T12]  ? io_req_caches_free+0x49/0x60
[  400.530690][   T12]  ? io_req_caches_free+0x49/0x60
[  400.532294][   T12]  ? io_ring_exit_work+0x42d/0xcdb
[  400.533927][   T12]  report_bug+0xb2/0x220
[  400.535293][   T12]  ? io_ring_exit_work+0x42d/0xcdb
[  400.536920][   T12]  handle_bug+0x166/0x2a0
[  400.538338][   T12]  exc_invalid_op+0x17/0x50
[  400.539780][   T12]  asm_exc_invalid_op+0x1a/0x20
[  400.541324][   T12] RIP: 0010:io_ring_exit_work+0x42d/0xcdb
[  400.543145][   T12] Code: 8e e8 b7 8e 3f 01 48 8b 05 f0 cb 0b 0d 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 fe 3c d3 00 4d 85 ed 79 12 e8 14 42 d3 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 02 42 d3 00 48 8b 74 24 38
[  400.549197][   T12] RSP: 0018:ffffc900000f7ab0 EFLAGS: 00010293
[  400.551169][   T12] RAX: 0000000000000000 RBX: ffff888059416778 RCX: ffffffff813546a2
[  400.553638][   T12] RDX: ffff88801e2b4900 RSI: ffffffff813546ac RDI: ffff88801e2b4900
[  400.556129][   T12] RBP: ffffc900000f7c38 R08: 0000000000000007 R09: 0000000000000000
[  400.558683][   T12] R10: fffffffffffffffd R11: 0000000000000000 R12: ffff888059416000
[  400.561165][   T12] R13: fffffffffffffffd R14: dffffc0000000000 R15: 0000000000000000
[  400.563662][   T12]  ? io_ring_exit_work+0x422/0xcdb
[  400.565291][   T12]  ? io_ring_exit_work+0x42c/0xcdb
[  400.566929][   T12]  ? __pfx_io_ring_exit_work+0x10/0x10
[  400.568660][   T12]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  400.570514][   T12]  ? debug_object_deactivate+0x2e4/0x3b0
[  400.572290][   T12]  ? rcu_is_watching+0x12/0xc0
[  400.573825][   T12]  process_one_work+0x9d7/0x1920
[  400.575405][   T12]  ? __pfx_process_one_work+0x10/0x10
[  400.577110][   T12]  ? __pfx_io_ring_exit_work+0x10/0x10
[  400.578844][   T12]  worker_thread+0x5da/0xe40
[  400.580342][   T12]  ? kthread+0x13a/0x450
[  400.581702][   T12]  ? __pfx_worker_thread+0x10/0x10
[  400.583325][   T12]  kthread+0x370/0x450
[  400.584626][   T12]  ? __pfx_kthread+0x10/0x10
[  400.586104][   T12]  ret_from_fork+0x754/0xd80
[  400.587574][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  400.589195][   T12]  ? __switch_to+0x7b4/0x1120
[  400.590699][   T12]  ? __pfx_kthread+0x10/0x10
[  400.592200][   T12]  ret_from_fork_asm+0x1a/0x30
[  400.593725][   T12]  </TASK>
[  400.595471][   T12] Kernel Offset: disabled
[  400.596848][   T12] Rebooting in 86400 seconds..