last executing test programs:

3m34.293722681s ago: executing program 4 (id=469):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
read(r0, 0x0, 0x2)

3m34.176381068s ago: executing program 4 (id=472):
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)

3m33.896757045s ago: executing program 4 (id=477):
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x6, 0x490420, 0x0, 0x0, 0x0, 0x1}}, 0x50)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xb0bf}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

3m33.636440047s ago: executing program 4 (id=480):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x801, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

3m32.94444824s ago: executing program 4 (id=484):
r0 = syz_open_dev$sndpcmp(&(0x7f0000002000), 0x5d5d, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000000, 0x8031, 0xffffffffffffffff, 0xffffc000)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r0, 0xc2604111, 0x0)

3m32.607767739s ago: executing program 4 (id=489):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000080)="c4c1f9d6b2ed000000b9040400000f320f78590c66ba6100b037ee660f388080162db62e66baf80cb886e39483ef66bafc0c66b83a0066efea001800005e0066ba6100b808000000ef66baf80cb84be71e86ef66bafc0cecb84b24e6b60f23c00f21f835000003000f23f8", 0x6b}], 0x1, 0x11, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18}, 0x18)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000014f000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e27c3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d749cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55bdd46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m32.496716408s ago: executing program 32 (id=489):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000080)="c4c1f9d6b2ed000000b9040400000f320f78590c66ba6100b037ee660f388080162db62e66baf80cb886e39483ef66bafc0c66b83a0066efea001800005e0066ba6100b808000000ef66baf80cb84be71e86ef66bafc0cecb84b24e6b60f23c00f21f835000003000f23f8", 0x6b}], 0x1, 0x11, 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000080)={0x18}, 0x18)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f000014f000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e27c3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d749cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55bdd46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m57.42878499s ago: executing program 0 (id=667):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r1, @ANYBLOB="0400460005003400c4000000080026006c090000380051"], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0xc044)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x300048c1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f0000000100), 0x4)
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
rename(&(0x7f0000000140)='./file0\x00', 0x0)
bind$l2tp6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x20)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa"], 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='exfat\x00', 0x0, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r8, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)

2m56.349070498s ago: executing program 0 (id=672):
socket$nl_netfilter(0x10, 0x3, 0xc)
io_setup(0x401, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x2012, r3, 0x0)

2m53.825202439s ago: executing program 0 (id=676):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000300), 0x206, 0x321082)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f00000001c0)=0x200, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
quotactl$Q_SYNC(0xffffffff80000103, 0x0, 0x0, 0x0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
r6 = memfd_create(&(0x7f0000000380)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xa9\x1fg\xf1\x85z{\x1d<\xe2\x1c7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xedn\x8c<5\xcf\x92;\x85)\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\x05\x831\xd3\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xf6\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xc6(\x19\xf8\xb4?Fv\xac\xc7m\xe1\xf68W\x19\x0f\x87\x84\xafK\x91v\xb5\xe7Cf\xe0L\b9\xe2\x15d~R4\xdf\xbb\xfeiH', 0x3)
ftruncate(r6, 0xffff)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f0000000100)={r6, 0x0, 0x0, 0x1000})
ioctl$DMA_BUF_IOCTL_SYNC(r7, 0x40086200, &(0x7f0000000080)=0x2)
ioctl$DMA_BUF_IOCTL_SYNC(r7, 0xc0086202, &(0x7f0000000180)=0x2)

2m51.702107084s ago: executing program 0 (id=682):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

2m48.367927985s ago: executing program 0 (id=691):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000000100)={0xa9, 0x202, 0x10001, 0xc}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x45)
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffdd9, 0x0}}], 0x40001b6, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
setsockopt$inet_group_source_req(r3, 0x0, 0x2b, &(0x7f0000000240)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
close(r1)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f00000000c0)={0x50}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r4, &(0x7f00000002c0)="b1", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
shutdown(r4, 0x1)

2m47.608705597s ago: executing program 0 (id=694):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
socket(0xa, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f0000000080)={0x5, 0xffffffffffffffff, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0x200, 0x0)
close(r5)
r6 = gettid()
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
read(r7, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}, 0x0, {0x6a, 0x5}})
tkill(r6, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r7, 0xc08c5334, &(0x7f0000000480)={0x1, 0x3, 0x0, 'queue1\x00', 0x8})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="40ffffe2", @ANYRES16=r1, @ANYBLOB="010000000000001000000f00000008000300", @ANYRES32=r9, @ANYBLOB="0500380001000000"], 0x24}, 0x1, 0x0, 0x0, 0xc0400d0}, 0x0)

2m47.001720012s ago: executing program 33 (id=694):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
socket(0xa, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_clone3(&(0x7f00000014c0)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x5c)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r4, 0xc018aec0, &(0x7f0000000080)={0x5, 0xffffffffffffffff, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_init(0x200, 0x0)
close(r5)
r6 = gettid()
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x2000)
read(r7, &(0x7f0000000200)=""/209, 0x128)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0x4040534e, &(0x7f0000000080)={0x335, @time={0x80, 0xff}, 0x0, {0x6a, 0x5}})
tkill(r6, 0x7)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r7, 0xc08c5334, &(0x7f0000000480)={0x1, 0x3, 0x0, 'queue1\x00', 0x8})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b40)=@filter={'filter\x00', 0x4, 0x4, 0x4b8, 0xffffffff, 0x260, 0x260, 0xe8, 0xfeffffff, 0xffffffff, 0x3e8, 0x3e8, 0x3e8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x29}, @private2, [0xffffffff, 0xff000000, 0xff, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], 'hsr0\x00', 'sit0\x00', {}, {}, 0x87, 0x3, 0x4, 0x5}, 0x2f2, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x7}}}}, {{@ipv6={@private2, @empty, [], [0x0, 0x0, 0xff000000], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0x138, 0x178, 0x0, {}, [@common=@srh1={{0x90}, {0x21, 0x12, 0xbe, 0x7, 0x5aa9, @ipv4={'\x00', '\xff\xff', @empty}, @private1, @local, [0xff000000, 0xff000000, 0x0, 0xff], [0xffffff00, 0xff000000, 0xff], [0x0, 0xffffff, 0xffffff00, 0x7fffff7f], 0x3c80}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x5, {0x2000010}}}}, {{@uncond, 0x0, 0x160, 0x188, 0x0, {}, [@common=@unspec=@addrtype1={{0x28}, {0x21, 0x180, 0x5}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x3, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, @private1, [0x0, 0x0, 0xff, 0xff], [0x0, 0xffffff00], [0x0, 0xff000000], 0x843, 0x1400}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x518)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="40ffffe2", @ANYRES16=r1, @ANYBLOB="010000000000001000000f00000008000300", @ANYRES32=r9, @ANYBLOB="0500380001000000"], 0x24}, 0x1, 0x0, 0x0, 0xc0400d0}, 0x0)

1m41.776641961s ago: executing program 2 (id=886):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x36, 0x8b, 0xc7, 0x8, 0xc45, 0x800a, 0x5316, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe7, 0x0, 0x0, 0x82, 0x8d, 0x2c}}]}}]}}, 0x0)
r2 = epoll_create1(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xb, &(0x7f0000000000)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20008000}, {0x85, 0x0, 0x0, 0x72}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x0, 0x10, 0x38, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x10000014})
epoll_wait(r2, &(0x7f0000000540)=[{}], 0x1, 0x7f36be3b)
close(r0)
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000040)={0xf00001, 0x1})

1m38.016812162s ago: executing program 2 (id=900):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x2f, 0x4608, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789c9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000"/1323], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)

1m37.847120375s ago: executing program 2 (id=901):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hpfs\x00', 0x1c443, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000100)={0xa9, 0x202, 0x10001, 0xc}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(0xffffffffffffffff, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x45)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffdd9, 0x0}}], 0x40001b6, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
setsockopt$inet_group_source_req(r2, 0x0, 0x2b, &(0x7f0000000240)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
close(0xffffffffffffffff)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f00000000c0)={0x50}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000180)={0xff}, 0x1)

1m37.203346028s ago: executing program 5 (id=904):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hpfs\x00', 0x1c443, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f0000000100)={0xa9, 0x202, 0x10001, 0xc}, 0x10)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x45)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
close(r2)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f00000000c0)={0x50}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f00000002c0)="b1", 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

1m33.71025371s ago: executing program 2 (id=908):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

1m33.586503093s ago: executing program 5 (id=911):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x2f, 0x4608, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789c9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000"/1323], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)

1m33.522491365s ago: executing program 2 (id=913):
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000003c0), 0x20840, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x210000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x101, @local, 0x9}, {0xa, 0x4e20, 0x8, @private2, 0xf2}, r2, 0x2}}, 0x48)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000400)={0x5})
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x3e0000, 0x3e0000000000}], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000108500000008000000bf08fffff900000055090100000000009500000000ec0000bf916a0000000000b7020000000000008500000000000000b70000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1m33.228934456s ago: executing program 5 (id=916):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = dup(r0)
ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f0000000480)=ANY=[@ANYBLOB="73000000000000008b"]) (fail_nth: 1)

1m33.019238532s ago: executing program 2 (id=918):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x3, 0x8000000003c)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x20, 0xf, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r5 = syz_open_dev$video4linux(&(0x7f0000000900), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r5, 0xc040563e, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x3, {0x20000, 0x3, 0x0, 0x8}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeec, 0x8031, 0xffffffffffffffff, 0x1000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

1m32.464337768s ago: executing program 34 (id=918):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x3, 0x8000000003c)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x20, 0xf, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r5 = syz_open_dev$video4linux(&(0x7f0000000900), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r5, 0xc040563e, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x3, {0x20000, 0x3, 0x0, 0x8}})
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeec, 0x8031, 0xffffffffffffffff, 0x1000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

1m32.461610368s ago: executing program 5 (id=923):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

1m32.328854163s ago: executing program 5 (id=925):
r0 = memfd_secret(0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b863d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e00"/770], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r1, r0, 0x2f, 0x4608, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789c9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a85430600f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffd84, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38)
recvmmsg(r2, &(0x7f0000001c00)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000003c0)=""/179, 0xb3}], 0x1}, 0x80}], 0x1, 0x100, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f0000002fc0))
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)

1m31.38809505s ago: executing program 5 (id=927):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x2f, 0x4608, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789c9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000"/1323], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)

1m31.072288059s ago: executing program 35 (id=927):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000340)={r0, 0xffffffffffffffff, 0x2f, 0x4608, @void}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001180)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789c9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000"/1323], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x303}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "d4e9e1c90d89691c"}, 0x38)
socket$inet6_udplite(0xa, 0x2, 0x88)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
open(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)

1m8.930766808s ago: executing program 6 (id=991):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f04ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x3cc, 0xffffffff, 0x0, 0x0, 0xe4, 0xfeffffff, 0xffffffff, 0x390, 0x390, 0x390, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xe4}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xec, 0x12c, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0xd0, 0xf4, 0x0, {}, [@common=@unspec=@realm={{0x2c}, {0x1, 0xdd8}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x428)
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000002080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0300009078100005e8af70c925f69dd80d19791ad8598fdc7cd1175501195dc1eb11b5fb83dfdd97714594f12b6ad4819c379844a44b171330241585812ab5b257cd1a7481c717d35d6711b9914cf5b3ca07c5cae4fa1bcbe4e7d2272628cfe3a003ec7c0264e038874e354833a294fa05ece7c6a3e07d5cda51c209df496ddbc3d12d22435aaf01ffe7655cbdb0d3b3e7dbae6b3b6e62681c19c8cadc7c1cb32a5075447a36b855440eb68cf96167c3819fa0bbc80b5ba2b66a1f98c2cb7078e32cde0bffd110dce995deecc697f79eafe1ed7f74820739b9e8a277e02cbd85de8561393c18f4b08cae4ab43e703aa28e7c99947448253ce5925f1c410df89718833a73a1cec17f92d077c7f5b06113ba1dc590e5b89183a7003d701e6623f55a863731d7e6365cb499d0551fa23907101bfd7befd87472e67a9a0ac1"], 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

1m8.816519691s ago: executing program 6 (id=992):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e00000040000000ffffff7f0100000020000000", @ANYRES32, @ANYBLOB="0800000000000000000000000000000000000000d97fb2cd641a0cf6a40ee9350845f5d091d6f683b003d3c639b58acaafdfc052fdbc744590903147e3ee60f4abe51d5c069bd22c7532b13fa15e5859e711d97983b530f7823558823a355f3a5fa11adc1978e0aaddab9ba4ed1d9c71f584a17cf28b8addecb1118849600cd79075e9b3cd83a3ca7cc7dade0c75df4d3e6e1e69c7bc444fceed0903d40682c190c7900bdf3b9150cfbfab31e24fac57f5f8fb338f29d3329e669dc13cf15bdf502116ac162d2b7b93bbfb631320b198cacc75635870b1eea3a8a3d8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000001000000000000000600"/28], 0x50)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x49, [0x0, 0x3, 0x403, 0x100001, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa9a4, 0x1], [0x0, 0x0, 0x0, 0x0, 0x2, 0x733, 0x0, 0xedc0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x200089, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x4492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1200000, 0x0, 0x0, 0x800010, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x7368, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000000500)={0x2e, 0x6, 0x0, {0x4, 0x3, 0x5, 0x0, 'syz0\x00'}}, 0x2e)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
ioprio_set$pid(0x1, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000008c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "6fdfa0d2001efbb3e29a4ac275ca11b984ff5def6ed2e4ea9bc0eabdd34c732b", "df23520b57e4c98679c7795a27c7bf3e7d776b600ba8d82d6ba417e219edd86fb708441efcf75fe803412dae374281c2", "5df814aa2e34e4f8a759805b993e2d69a8f476de686861a9850edbe3", {"2cfee9b9d5b0b2b171b51f9174963b0c", "e40ca7e0a7b4bbc4bc9720c876a57954"}}}}}}}, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r0, r1}, 0xc)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x280a03)
pipe2(&(0x7f0000001cc0), 0x800)

1m7.802351237s ago: executing program 6 (id=994):
epoll_create1(0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = creat(0x0, 0x0)
r2 = fanotify_init(0xf00, 0x0)
fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000100)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb535275b725e104757e7dc00c6519a85ef828f711330ff2b0800", "dc5db43f"}, 0x38)

1m6.813212121s ago: executing program 6 (id=995):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

1m6.598733776s ago: executing program 6 (id=996):
syz_emit_vhci(&(0x7f0000000e40)=ANY=[@ANYBLOB="0404"], 0xd)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}}}, 0x14)

1m6.107956186s ago: executing program 6 (id=997):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x3, 0x8000000003c)
r2 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x20, 0xf, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r3 = syz_open_dev$video4linux(&(0x7f0000000900), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x3, {0x20000, 0x3, 0x0, 0x8}})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeec, 0x8031, 0xffffffffffffffff, 0x1000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

1m5.839583547s ago: executing program 36 (id=997):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x5)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
socket$l2tp6(0xa, 0x2, 0x73)
socket$inet6(0xa, 0x3, 0x8000000003c)
r2 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x20, 0xf, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
r3 = syz_open_dev$video4linux(&(0x7f0000000900), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x3, {0x20000, 0x3, 0x0, 0x8}})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeec, 0x8031, 0xffffffffffffffff, 0x1000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)

47.735249274s ago: executing program 9 (id=998):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x400001)
write$qrtrtun(r0, &(0x7f0000000040)="a2ffb09321d557915e73b7b124245226d803a8db32805b9c9c9ed513f29a2b537839793e7a7d4aceeae48dc26509141445486a84bc9d3dcd094810f415dd88d38774069f7c82a567e4d3c609411317b94b92197765d2167584119356d39dede408bae0c8dd02809cef3fef3e7876d8e3d47ab7ee3f87d64afe8d871a684ad73f1b78c2530761ba33450dc9d6a6a84cdd9bdf3a206c700012d361e45589da1d915fde8e8731246c6d81ae320bb7ee3bc7d53f0b", 0xb3)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0xc0040, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0xc8c, 0x4)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f00000001c0)=<r2=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f0000000200)={0x3, 0x8000, {<r3=>0xffffffffffffffff}, {<r4=>0xee01}, 0x8, 0x8})
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@initdev}, 0x0, @in6=@loopback}}, &(0x7f0000000340)=0xe8)
fstat(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x2000)
fsetxattr$system_posix_acl(r1, &(0x7f0000000180)='system.posix_acl_default\x00', &(0x7f00000004c0)={{}, {}, [{0x2, 0x7, r2}, {0x2, 0x0, 0xee00}, {0x2, 0x3, 0xffffffffffffffff}, {0x2, 0x2, r4}, {0x2, 0x1, r5}, {0x2, 0x5044176d723ccd0a, 0xffffffffffffffff}], {0x4, 0x5}, [{0x8, 0x1, r6}, {0x8, 0x6, r7}], {0x10, 0x2}, {0x20, 0x2}}, 0x64, 0x2)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000580)={0x5, &(0x7f0000000540)=[{}, {}, {}, {<r8=>0x0}, {}]})
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f00000005c0)={r8, 0x1})
write$binfmt_misc(r1, &(0x7f0000000600)="910165dac3cc264e7a17e7b785066af8d61165f28c631826c001fc9e26939c97443621a509c8f61c2476606125ba7d492530ece95a81fa3adb1fbb39edd206f9828a33b8535680ae0df531483ee0af7cd54f43db165de3591747e2d7577ad4fa", 0x60)
r9 = syz_init_net_socket$ax25(0x3, 0x2, 0xcf)
setsockopt$sock_int(r9, 0x1, 0x2b, &(0x7f0000000680)=0x8, 0x4)
sched_setscheduler(r3, 0x4, &(0x7f00000006c0)=0x9)
recvmmsg(r1, &(0x7f0000000980)=[{{&(0x7f0000000700)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r10=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private1}}}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000780)=""/217, 0xd9}], 0x1, &(0x7f00000008c0)=""/184, 0xb8}}], 0x1, 0x40, &(0x7f00000009c0))
r11 = dup3(r1, r9, 0x80000)
sendmsg$NFULNL_MSG_CONFIG(r11, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x48, 0x1, 0x4, 0x801, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x4}, @NFULA_CFG_CMD={0x5, 0x1, 0x3}, @NFULA_CFG_MODE={0xa, 0x2, {0xf, 0x2}}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x1}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xd}]}, 0x48}, 0x1, 0x0, 0x0, 0x48014}, 0x8000)
r12 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000b40), 0x8c300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r12, 0x4601, &(0x7f0000000b80)={0x556, 0x384, 0xa00, 0x1000, 0xff, 0x5, 0x4, 0x2, {0xffff0001, 0xffffffff, 0x1}, {0x1, 0x4, 0x1}, {0x87, 0x0, 0x1}, {0x199}, 0x2, 0x0, 0xffff, 0x80000000, 0x0, 0x4, 0x5, 0x3, 0x2, 0x40, 0x4, 0x17ea, 0x24, 0x100, 0x3, 0x6})
r13 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000c40), 0x0, 0x0)
poll(&(0x7f0000000c80)=[{r11, 0x401}, {r10, 0x14}, {r13, 0x2508}], 0x3, 0x9b31)
socket$l2tp6(0xa, 0x2, 0x73)
ioctl$TCFLSH(r1, 0x540b, 0x2)
r14 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000d00), r1)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r11, &(0x7f0000001180)={&(0x7f0000000cc0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001140)={&(0x7f0000000d40)={0x3f4, r14, 0x100, 0xffff, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x4}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x7}, @ETHTOOL_A_LINKMODES_OURS={0x1cc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xe3, 0x5, "4dd049494973ddf8a680e3cf2749ce37eda32d0508e7b4ed0b586fcc6bb3bc0028047cddd58959fbeb7ff454b53f6a231162779a5da5650426721a43d46f02d3d4187c24467d14c0fcf9bb4d958fa9d77c904ec29b47b82b5c6907bcf1674bfac9d9a912307db602ea443aedabb07aa0500feee3e7eaef0376b2761b1c1ab76cebf710f3cb317f3cccd11b20912d6825abed2ab830a708433ae682fb8177c1c506a39e4eb03c8a4b7810083e5dcf77570881f6e3e1b7afe63af7f26574724680d982052938e10c26db2cb1137256c4aa43ea38bd7bd5fbbbdfe8444ca0035b"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xa19}, @ETHTOOL_A_BITSET_MASK={0xdb, 0x5, "2af50071cdd0e0961db166aa77a51299ec3489f4ff10d5a82ed279e7c58b8850189b22371542287a702374d2affdd4bc1adf7ce913065f6990bbc8aee593d5129995bd90c4344003ee26c1fef370488672ec5d65b23f4a0cf7b6b7fae9db188f52bfea1b50fd95dda27b6b194163f9d54c30d558994dca553efd27e3acba326c28333efd4fc949d8b7750102ba1f9e267026ac48530cb11d1a5ef1fdff765935097d0db863918556b3e98d3e041af1a3ab862c6cd6c2c5834155ab8cccad0c2dd821bb9bc78677ccaf62adf1374df33fec99e45c710e4c"}]}, @ETHTOOL_A_LINKMODES_OURS={0x1f4, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x6}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0xbf, 0x5, "5c8f9f5c3b0e196c199edb62b4dc475d394bd6bda9e089d1c5867ff676198e3d900e14aba188f31cbb3c63adf7410bfb63c05086fbe1d9319521cf511a3316486744a86fa0e39605c76ad72e7c909a5d4a54a7430893e92e14d1674d37062dd320d3b2733296c084dcffa370a6bbec677273b277a818cfd806157a3b7fbb665f9b09348f2ef63c5d854a92620f9be7797a35de3f4e3bd6adaec9939768ba5b70a5111486a8c43558accab6422543af88e8c00aeeb911d89035a2c6"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x54, 0x4, "6e3722cdadf26e34fa49c7b38eed22ec48129cf317a8d6068233eb197e886111ea4f59a2b1ee434fda7ccb466012c264d4f11d39e4c671a825a66e1e92436d6135fd032b9e1b6431e515bf46657e4800"}, @ETHTOOL_A_BITSET_VALUE={0x7d, 0x4, "e3eafb87fb1248f55999d903e34f6dcd210f3373efcc5a88c3ea0e21b0d5f4781a8d008cf8319321bc06e3a8942516c576008125c07d6b5cc37f4a130ada89a7f3a558fc49d10b40fc1b4ad77e9fc50e3023d391a18253c9b371eb867749833fa821f06673c24d5046a251eddb05c3d0d30281d31e76b7a867"}, @ETHTOOL_A_BITSET_MASK={0x3b, 0x5, "ccb6c7f56449e59eb7cc92765caf266c7b54f12e36d548c7acb35c19abbd268aabb59ce54d734939c5088f482f8ca286929cee38a2f351"}, @ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x4}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0xb}]}, 0x3f4}, 0x1, 0x0, 0x0, 0x40004}, 0x20040001)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000011c0)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_IOC_READY(r15, 0x9360, 0x10000000200000)

46.727981639s ago: executing program 9 (id=1056):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

45.667671024s ago: executing program 9 (id=1059):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="100000000400000008000000080000", @ANYRESHEX, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x48)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000007000000d7c90000090000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={0x0, &(0x7f0000000500)=""/199, 0x0, 0xc7, 0x1, 0x8001, 0x10000, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x28, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000ffff0000000000000300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70fac55b1b5ef8148d6e2816f58a9208302000014000000b7030000000000008500000083000000bf09000000000000550901000000000095000000000000002c6bfcff000000008510000003000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000001000000850000008200000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000008500000006000000850000006f000000bf91000000000000b7020000020000008500000084000000b700000000"], &(0x7f0000000040)='GPL\x00', 0x3ff, 0x9f, &(0x7f0000000340)=""/159, 0x20680, 0x34, '\x00', 0x0, 0x25, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f0000000640)=[r0, r0, r0], &(0x7f0000000680)=[{0x3, 0x1, 0x8}, {0x0, 0x3, 0xc, 0x7}, {0x2, 0xfffffffd, 0xb, 0x6}, {0x1, 0x2, 0x9, 0x6}], 0x10, 0x6, @void, @value}, 0x94)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r3, &(0x7f0000000100), 0x8)
r4 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x18, 0x1402, 0x1, 0x70bd2a, 0x25dfdc02, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000801}, 0x40810)
iopl(0x3)
io_uring_enter(0xffffffffffffffff, 0xb0d, 0xebdd, 0x12, &(0x7f0000000080)={[0x3]}, 0x8)
write$FUSE_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x16}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
process_vm_writev(0x0, 0x0, 0x0, &(0x7f0000121000)=[{0x0}], 0x1, 0x0)
write(r4, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

44.33190328s ago: executing program 9 (id=1061):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0xffffffffffffffff, 0x7f, 0xb1, 0x2, 0x0, 0x0, @void, @value}, 0x20)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syslog(0x4, &(0x7f0000000140)=""/179, 0xb3)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r1, &(0x7f0000009880)=[{{0x0, 0x0, &(0x7f0000006bc0)=[{&(0x7f0000006b80)="de95", 0x2}], 0x1}}], 0x1, 0x20044840)
ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x4bfb, 0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000100)='./file0\x00', 0x2000000)
r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r3, 0x81785501, &(0x7f0000000080)=""/34)

43.705366939s ago: executing program 37 (id=1061):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[], 0xffffffffffffffff, 0x7f, 0xb1, 0x2, 0x0, 0x0, @void, @value}, 0x20)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x18)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syslog(0x4, &(0x7f0000000140)=""/179, 0xb3)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0x747, 0x3, 0x4, 0xfb, 0x8, 0x101}, 0xc)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
sendmmsg(r1, &(0x7f0000009880)=[{{0x0, 0x0, &(0x7f0000006bc0)=[{&(0x7f0000006b80)="de95", 0x2}], 0x1}}], 0x1, 0x20044840)
ioctl$TIOCL_GETKMSGREDIRECT(0xffffffffffffffff, 0x4bfb, 0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000100)='./file0\x00', 0x2000000)
r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r3, 0x81785501, &(0x7f0000000080)=""/34)

38.240303934s ago: executing program 7 (id=1078):
r0 = fsopen(&(0x7f0000000100)='mqueue\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x2, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000034700)=""/102362, 0x18fda)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
msgctl$IPC_RMID(0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3ff, 0x8, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
clock_getres(0x7c80fe59fa833483, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020}, 0x2020)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0\x00', 0x6c03, 0x8)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, 0x0)
r4 = fsmount(r0, 0x1, 0x0)
fchdir(r4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1610ee7b054b000004000000ff00"/34, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000000000000000000000000000181100004b671903a71a7f91f4f3cd315939ed2ad38f395f19bec8f8a01f085ed8020817b78ebbf672b53d5eee1ef77849ec1fce9e3c108de69c63376dfeaf6ed192a6a85f8a0b79a4e4294fd80a2647177c147ba600773ebc396196fe21a9ce97fc710b7e5b172ce360a9af002159502d396194abc4591b", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000000051105a7400b704000000000000850000005700000095197bde5eccc2c24cd4247deaeb71641d18376547b0eefd84fd484e43ee0880c0b66ade3338d843e74a14463049755ea23dae44a27a622db8fe3e4259147ecb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

36.988329576s ago: executing program 7 (id=1084):
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000080), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_GET_MSRS(r2, 0xc008ae88, 0x0)

36.518169618s ago: executing program 7 (id=1086):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_dev$vbi(0x0, 0x0, 0x2)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000040)=0xa, 0x4)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x7}, 0x18)
ioctl$sock_ifreq(0xffffffffffffffff, 0x89f0, 0x0)
r3 = memfd_secret(0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={0xffffffffffffffff, r3, 0x2e, 0x4608, @void}, 0x10)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000200))

35.96443316s ago: executing program 7 (id=1089):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

34.999915834s ago: executing program 7 (id=1092):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e00000040000000ffffff7f0100000020000000", @ANYRES32, @ANYBLOB="0800000000000000000000000000000000000000d97fb2cd641a0cf6a40ee9350845f5d091d6f683b003d3c639b58acaafdfc052fdbc744590903147e3ee60f4abe51d5c069bd22c7532b13fa15e5859e711d97983b530f7823558823a355f3a5fa11adc1978e0aaddab9ba4ed1d9c71f584a17cf28b8addecb1118849600cd79075e9b3cd83a3ca7cc7dade0c75df4d3e6e1e69c7bc444fceed0903d40682c190c7900bdf3b9150cfbfab31e24fac57f5f8fb338f29d3329e669dc13cf15bdf502116ac162d2b7b93bbfb631320b198cacc75635870b1eea3a8a3d8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000001000000000000000600"/28], 0x50)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x49, [0x0, 0x3, 0x403, 0x100001, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa9a4, 0x1], [0x0, 0x0, 0x0, 0x0, 0x2, 0x733, 0x0, 0xedc0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x200089, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x4492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1200000, 0x0, 0x0, 0x800010, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x7368, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000000500)={0x2e, 0x6, 0x0, {0x4, 0x3, 0x5, 0x0, 'syz0\x00'}}, 0x2e)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
ioprio_set$pid(0x1, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000008c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "6fdfa0d2001efbb3e29a4ac275ca11b984ff5def6ed2e4ea9bc0eabdd34c732b", "df23520b57e4c98679c7795a27c7bf3e7d776b600ba8d82d6ba417e219edd86fb708441efcf75fe803412dae374281c2", "5df814aa2e34e4f8a759805b993e2d69a8f476de686861a9850edbe3", {"2cfee9b9d5b0b2b171b51f9174963b0c", "e40ca7e0a7b4bbc4bc9720c876a57954"}}}}}}}, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r0, r1}, 0xc)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0x280a03)
pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x800)
ioctl$DRM_IOCTL_GET_MAGIC(r9, 0x80046402, &(0x7f0000000140)=0x7ff)

32.683523495s ago: executing program 7 (id=1094):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1f, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
sendmsg$unix(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000001c0)={0x7d8, 0x6, 0x1, 0x8006, 0x8e, "25a2581fffffef00"})
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, 0x0)
r6 = syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_ENUMINPUT(r6, 0xc050561a, &(0x7f0000000100)={0x2, "0042f9b2daa2b389d2d1c77dd95414201cf9dbbeea00", 0x2, 0x5, 0x5, 0x40, 0x0, 0x8})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240)=0xff)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x2e}, {0x3, [{@any, 0x80, 0x0, 0xc, "d56ab1", 0x0, 0x6}, {@none, 0x8, 0x0, 0x7f, "e0bc57", 0xfffa, 0x2}, {@none, 0x4, 0x7, 0x7, "514ba2", 0xb, 0x3}]}}}, 0x31)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

32.375925632s ago: executing program 38 (id=1094):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1f, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
sendmsg$unix(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000001c0)={0x7d8, 0x6, 0x1, 0x8006, 0x8e, "25a2581fffffef00"})
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, 0x0)
r6 = syz_open_dev$vbi(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_ENUMINPUT(r6, 0xc050561a, &(0x7f0000000100)={0x2, "0042f9b2daa2b389d2d1c77dd95414201cf9dbbeea00", 0x2, 0x5, 0x5, 0x40, 0x0, 0x8})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240)=0xff)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi_and_pscan_mode={{0x22, 0x2e}, {0x3, [{@any, 0x80, 0x0, 0xc, "d56ab1", 0x0, 0x6}, {@none, 0x8, 0x0, 0x7f, "e0bc57", 0xfffa, 0x2}, {@none, 0x4, 0x7, 0x7, "514ba2", 0xb, 0x3}]}}}, 0x31)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)

21.877398613s ago: executing program 8 (id=1120):
r0 = io_uring_setup(0x7029, &(0x7f0000000040)={0x0, 0xcb8a, 0x2000, 0x1, 0x39})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000340)={&(0x7f0000000100)={0x2, 0x4e21, @private=0xa010101}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x18, 0x0, 0x7, {[@ssrr={0x89, 0x7, 0x4, [@remote]}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x9}}], 0x30}, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000280)={0x3c, @loopback, 0x4e22, 0x0, 'dh\x00', 0x2, 0x80000000, 0x12}, 0x2c)
sendto$inet(r1, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x20, &(0x7f0000000040), 0x4)
ioctl$int_in(r1, 0x5452, &(0x7f00000001c0)=0x3)
ppoll(&(0x7f0000000080)=[{r1, 0x2488}], 0x1, 0x0, 0x0, 0x0)
kcmp(0x0, 0xffffffffffffffff, 0x1, r0, r1)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
setsockopt$sock_attach_bpf(r3, 0x6, 0x3, &(0x7f00000000c0), 0x4)
sendmsg(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="6aef", 0x2}], 0x1}, 0x40008c5)
sendmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000001c0)="fd", 0x1}], 0x1, &(0x7f0000000d00)=ANY=[], 0x218}, 0x0)
close(r3)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24501, 0x8)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={'ipvlan0\x00', {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}})

21.686777845s ago: executing program 3 (id=1121):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f04ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x3cc, 0xffffffff, 0x0, 0x0, 0xe4, 0xfeffffff, 0xffffffff, 0x390, 0x390, 0x390, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xe4}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xec, 0x12c, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0xd0, 0xf4, 0x0, {}, [@common=@unspec=@realm={{0x2c}, {0x1, 0xdd8}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x428)
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xffff, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x10009, 0x52}]}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000002080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

20.951470719s ago: executing program 3 (id=1124):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0x0)
lgetxattr(0x0, &(0x7f0000000080)=@random={'user.', 'user.syz\x00'}, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x3)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000002940), 0x100, 0x0)
ioctl$TCSETSF2(r2, 0x402c542d, &(0x7f0000000200)={0x80, 0x183, 0x53c0, 0x5, 0x81, "f0dcc957fa5ecce5497ef3634dae14d5eb6f76", 0xfffffffb, 0x18})

20.437859515s ago: executing program 8 (id=1125):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18.623549086s ago: executing program 8 (id=1127):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000001640)=0xc, 0x45)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000940)=ANY=[@ANYBLOB="020000000000000002000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000002000000e00000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000064010102000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0x310)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f00000000c0)={0x50}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000180)={0xff}, 0x1)

18.585016044s ago: executing program 1 (id=1128):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

17.609364296s ago: executing program 1 (id=1129):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d000110000000090400"], 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c90000cf47"], 0x1004)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$netrom_NETROM_T4(0xffffffffffffffff, 0x103, 0x6, &(0x7f0000000000)=0x2, 0x4)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(0xffffffffffffffff, 0x3b72, &(0x7f0000000440)={0x18, 0x2, 0x6, 0x3})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

17.048306933s ago: executing program 3 (id=1130):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0xf0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff], [], 'wg1\x00', 'gre0\x00', {}, {0xff}}, 0x0, 0x258, 0x2a0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x563e4515, 0x0, 0x7, 0x3fc, 0x20}}}, @common=@inet=@hashlimit3={{0x158}, {'veth0_vlan\x00', {0x3, 0x0, 0x48, 0x0, 0x15ab, 0x1000, 0x6, 0x5}}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0) (fail_nth: 1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x2b0, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00', {}, {}, 0x2f, 0x0, 0x3}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@local, 'nicvf0\x00', {0x3f66}}}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3d}}, [0xffffffff, 0x0, 0xff000000], [], 'wg1\x00', 'gre0\x00', {}, {0xff}, 0x29}, 0x0, 0xa8, 0xf0}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x2, 0x5, {0x6}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x310)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000004000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x1c, 0x0, 0xc4fc9e906872338b, 0x0, 0x0, {{0x5}, {@val={0x8}, @void}}}, 0x1c}}, 0x800)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8923, &(0x7f0000000040)={'bond0\x00', 0x1001})

14.343983596s ago: executing program 1 (id=1131):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e00000040000000ffffff7f0100000020000000", @ANYRES32, @ANYBLOB="0800000000000000000000000000000000000000d97fb2cd641a0cf6a40ee9350845f5d091d6f683b003d3c639b58acaafdfc052fdbc744590903147e3ee60f4abe51d5c069bd22c7532b13fa15e5859e711d97983b530f7823558823a355f3a5fa11adc1978e0aaddab9ba4ed1d9c71f584a17cf28b8addecb1118849600cd79075e9b3cd83a3ca7cc7dade0c75df4d3e6e1e69c7bc444fceed0903d40682c190c7900bdf3b9150cfbfab31e24fac57f5f8fb338f29d3329e669dc13cf15bdf502116ac162d2b7b93bbfb631320b198cacc75635870b1eea3a8a3d8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200000001000000000000000600"/28], 0x50)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x49, [0x0, 0x3, 0x403, 0x100001, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa9a4, 0x1], [0x0, 0x0, 0x0, 0x0, 0x2, 0x733, 0x0, 0xedc0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x200089, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x4492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1200000, 0x0, 0x0, 0x800010, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
r2 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r2, 0x7368, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r5 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000000500)={0x2e, 0x6, 0x0, {0x4, 0x3, 0x5, 0x0, 'syz0\x00'}}, 0x2e)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
rt_sigaction(0x8, 0x0, 0x0, 0x8, &(0x7f0000000300))
ioprio_set$pid(0x1, 0x0, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000008c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @local}, {0x0, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "6fdfa0d2001efbb3e29a4ac275ca11b984ff5def6ed2e4ea9bc0eabdd34c732b", "df23520b57e4c98679c7795a27c7bf3e7d776b600ba8d82d6ba417e219edd86fb708441efcf75fe803412dae374281c2", "5df814aa2e34e4f8a759805b993e2d69a8f476de686861a9850edbe3", {"2cfee9b9d5b0b2b171b51f9174963b0c", "e40ca7e0a7b4bbc4bc9720c876a57954"}}}}}}}, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
ioctl$TIOCVHANGUP(r7, 0x5437, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000180)={r0, r1}, 0xc)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

13.526566985s ago: executing program 8 (id=1132):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xb635773f04ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ff5000/0x3000)=nil)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@filter={'filter\x00', 0x4, 0x4, 0x3cc, 0xffffffff, 0x0, 0x0, 0xe4, 0xfeffffff, 0xffffffff, 0x390, 0x390, 0x390, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xa4, 0xe4}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@ipv6={@private2, @empty, [], [], 'sit0\x00', 'batadv_slave_1\x00'}, 0x0, 0xec, 0x12c, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x2, 0x57, {0x2000000}}}}, {{@ipv6={@empty, @mcast1, [], [], 'ip6tnl0\x00', 'dvmrp0\x00'}, 0x0, 0xd0, 0xf4, 0x0, {}, [@common=@unspec=@realm={{0x2c}, {0x1, 0xdd8}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x428)
r3 = syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xffff, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x10009, 0x52}]}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000002080045000028000000000006907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB], 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r3, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x7, 0x19ef, 0x3, 0x6, 0x27ff, 0x2800, 0x2, 0xbb6, 0x0, 0x8, {0x8, 0xffffffff}, 0xd0, 0x9}})

13.501313816s ago: executing program 3 (id=1133):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = syz_io_uring_setup(0x1f87, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x803}, &(0x7f0000000080), &(0x7f00000000c0))
io_uring_enter(r1, 0x0, 0x3, 0x7, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r4, 0x8b05, &(0x7f0000000000)={'wlan1\x00', @broadcast})
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_REINJECT_CONTROL(r2, 0xae71, &(0x7f00000003c0)={0xf6})

12.411375045s ago: executing program 8 (id=1134):
syz_open_dev$vim2m(&(0x7f0000000080), 0x3fa, 0x2)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x4e20, @multicast1}, 0x2, 0x3, 0x0, 0x3}}, 0x2e)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r4=>r0, {0x1000}}, './file0\x00'})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000100)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYRESDEC=r0, @ANYRES16=r5, @ANYRESDEC=r2, @ANYRES32=0x0, @ANYBLOB="08000c000000000030005a802c0000800a0001000302016c05480000140005000700060001043500566f400007000200050007000000000008000c00050000000e00240096048585a404099b1b920000aeecdc10ae5af6daebb413110cdf34943072a7368ebdc939c7a269ab3745d7237065cd88266751904c1409cee3e7a3826f2b4f7d8356af243f1a9bda93b34bac5c992f497c6f1cae82be0c5764d3dead360859949d9c7b4ea90aa37bbaf560dc73947d101fe1c7df108371b58d26630eea58400c72670d20773f0696447d53fbaf40897a759ccfe885ab57026fda2c0d7dae140ad0ba79a87700"/243], 0x6c}, 0x1, 0x0, 0x0, 0x40815}, 0x40000)
r6 = getpid()
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0xd, 0x10, &(0x7f0000000680)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @map_val={0x18, 0x4, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x6d}], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa080006000100000043c0484826fc99c580bf95b56e4590ce8aa41cc29d42fbad71c911e4fa9cd1198ca02deb8dcc0e7ec636aa0e856c8c688d0b057b12cccbf6c9764e62ec7ca1c32b5095a908cd18a20b053c34d77373424ed0aae24429ba1d64281f8c0b7c0d3f89d4236729884e2de1cb3b9b70f00c028c51859b593001227782addae07087adf53cd56082a36d2ff0099f8a394ce405dfeb9ad1b3c36c817cb414f663b0e8999dff1bfa7fe031b864ed81494094cdc2244dd6"], 0x38}}, 0x0)

6.150974547s ago: executing program 1 (id=1135):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socket$inet6(0xa, 0x40000080806, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff85000000040000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x2, 0xffffffffffffffff, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c0000002c00010026bd7000fedbdf25040000020820fe8004009f8016172857e8f83caa278797e23b08dba4a8e28575c28bfbe6488c37341835a36a1169df18d17a02b2fefd93443440ffb79d4feac94161745afeec2128906258483a04b104c7f0aae9af6557e2af71ad7013bb4776b8c8ae94ebc7ea3ff70c9ba2520228f4fbe817f3149384c83c3ae35abc3cafafef6095c744627d50"], 0x1c}, 0x1, 0x0, 0x0, 0x404000d}, 0x20000000)
read$fb(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r9, 0xc08c5332, &(0x7f0000000180)={0x8, 0x10000000, 0x0, 'queue0\x00'})
write$sndseq(r9, &(0x7f0000000000)=[{0x22, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x95ffffff]}}], 0xffc8)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r10 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000040))

2.838128524s ago: executing program 3 (id=1136):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = memfd_create(&(0x7f0000000580)='\xff\x00l\x1e\xa0</\x00\x8e._\x14zC\x9a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-\xe2\x043\xe6M^\x98\x85x\x14\t\xe9Q1\x1dK\x9a\x045\xd3\x17\xb22\x00D(\xd2\xdd\xa0\xff\x1f\x00\x00\n\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xe36g\xfd\xd2\xd4\xe3\x1f\xa6\xc6\xe2\xa6!\x9aE<2`]<\xf2R?8\xb8\xa3\xbf\xc3\x18s\xf7!~0\xc7y\xe2\xb2VP\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yxm\x96\xbfS\x97\x9c/\x1f5i\xc6\x861\x8a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd26<Z|U6\r\xd7\x18\xad\x1d`\x06\xcfN\a\xf9\xd7 \x1a\xd8\xef\xb6\x9e8Z\t:#r\xa2\xb1h\xc0\xc0a\xa9\xc46A\x01\xac\xe6\xbf !5I\xc9<\x19{)\xa4\xad\v\x923\b\x9d\xbd>,\xc1\x8d\\Rxt\'\xb6\xbf\xc8*\n\xaf\x1b\xec\xfd\xbbY\x99\xb3\x06c\xd6\xf6\xb0\xcd=\xf3\x03`\x93\xd9\xb5\x00\x00$\x00\xeaw\xd9\x10\x0f\x1d\x888\x8cS\x12?R\x99\xda7\xce)\x8f\xcc\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd32J\xd7\x9f\xea:=\xcc\x17(|L\xda\xc3\x1ca\xe8s\xb6\xebw\xc7\xab\x00\xd7pB\xd2\xa1\xcf\xae\x1f2\x9f\x98\xa80\r\x85\xb4\x86\xbc\xd0\xea\xbf\xb1Z\xb7e$\xcf<\ra\x9b\xa5\xdc\v\x1e\xfd\xc7\x91\xf22\xcf\x96\x99\xc1\xbb\xa1j\xe5\xa8\x7f\a\xa9\xa7G\xad\xa3\x8b\xf1\xdb\\]R\x8cf\xac1\xd7V\xaf\xb5\x8e\x10\x95\x9f=2\xd0-\xe1K:\xc3b\x89\x15OS\xa5\x98Ky\x12\xe7Qt#\xeb\x99\a\x10\x1c\xb3N\x85\xeb\x80\x05\x82_\x15\xdc\xbc\xf93\xdd\xf5g\x98\xd4\x8az\xe4`\xa5\x00\x00\x00\x00\xcd\x13\xfc+\xac\xe5\x8bI\f\xd6\x89\xc7HY\xcf\x00O\x88\xe6\x8b\x8bF/\x82u\xffCnG\x02\x82\xfc\xe9Od\x92\x06\xdeg@y\xa6=4\xb1}\xa8Yr\xad9\xb9b)\xec}\x87=\x91:IV\xab\xdf\xa2\xba+6D\x1fuf\xdeJYw$L\xa1\x83NH\xe3\xf2\x91\x8cW\xb7\b\x04\x12\x8b\x8bV\x19\xf1\r\xcb\x94\xa3\xf4\xe4\x97$\x99c\rG\xd7#\xe2\xfd\x80\xadR\x83\xdc\xb8d\x15|\xac\xb8g$\x0f@\xca3\x9f\xb1\xea\xc6vQ\x1b\xdb#\xa3\"\x9f\x9e\xd8\xba\x13d\x9bx\x9a\xbf\xee\xf2kQ\xe0\xc4/~7\xcd\xd1\x06\xe5\x17\x9b\bW|\xbc\x86D\x05\xaf<\xdfy,I2f\xa7G\xe3Qp<\'6 x\n\x94f\xf8\xa2\xea\xf4\xa5\x9eY\xf80C\x91\x7f\x16u\x8c(Xl\x90\xd2\x9f\xa9\xb9kJy[\x93\xfe{\xe5\x1a\xe9\xb7T\x19;\xb9\t\xe7\x0ei\xfaZ\xfbS:\x9b\xc1r\xcbM.\xf8\xb8wR\xb3p~b\xcb\v1-\a-\x8a#\xaa1\xa9\x9a\x88\a\xc5\xb9*\xd3?\xac\n\x9c\xcd\xe2\xc9\xbd\xeb\xb3\xf65\xbdaP\t\xd6\x06\x1c\xeeNg\x92>\x92>\xaf\b3\x05\xfdM\xd2F\v\xbd\xeb\x83 \x9d\x90S\x11w\xefg\\\xca\xe2\xfc~w\xbe\xefh#\x96\xa5h\xec\xbfr\xc8Bi\x90\"(\xf2\xc6\xcc\xfbX\x14{\x9e5\x87\x91\xe2\x9b\xd4\xc6\x00\x00\x00\x00+\x0f\x82\xca\xc1@\xcb~P\xe4\x18\xf9E\'\xab\xc7z\xd7\x05V{\xa1X\xa3\x10\x13.]tlz\x12\xde\xf2\xa43\xee#\x92J~\xda \x9b\xc4\xc0V\xb3\x9dCO\x1fu\x1c4\x1d\v}\x1b\xe5>w\xfbsm\xa3\fI|\x96-p\x86\xd3O\xfa\x9a\x8f\xb2\x8e\x88qGEGG\x97&\xef\x8e!}a\xff\xff\x00\x00\x90\xd7;\x12lE\x0es\xb7\xe9$=\xe0\x98E\xdc\x01\x9f\xb7\x10\xe8\x94\xa8\x9c>\x87\xfd\x864\xfaT!\xdb\x98\xaa\xb1\x8b\x99\x8b\x1e\xd2\xcb\xfduaO\x18\xc6\xc0\xb3hv%\v\x941\xdeL\x92-\xba\x10\x96eA\x11\x1a\x11\xf7q\b]\xe7v\'\xcf\xb9b%\xff\xa8\x99L\xa23N*\x1ag\x99\x8e@\x80-E&\x99\b\xebW\x19WG\xb3\x88\x1e<\\g\x1959\xc9\xfb\x91\xa3\xe0bp', 0x4)
fallocate(r0, 0x3, 0x8dc, 0xfffffffb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, 0x0)
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x64)
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140), 0x6000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
fsopen(&(0x7f00000000c0)='vfat\x00', 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0xe000)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000200)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x20) (fail_nth: 1)
accept4(r4, 0x0, 0x0, 0x0)

2.680631881s ago: executing program 1 (id=1137):
syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001740)=""/102400, 0x19000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ptrace$pokeuser(0x6, r2, 0x358, 0x0)

894.695052ms ago: executing program 1 (id=1138):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x20, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x20}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x42, 0x0, 0x8}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00')
preadv(r2, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0xa3, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x20, 0x80, 0x1c, {0x6, 0x8, 0xff8, 0x800, 0xff70, 0x9, 0xc20, 0x5, 0x40, 0x7000, 0x6, 0xd}}, 0x0, &(0x7f0000000440)={0x20, 0x83, 0x2}, 0x0, 0x0})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000000640)=<r5=>0x0)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r6, 0x0, &(0x7f0000000540)={0x1c, &(0x7f0000000380)={0x40, 0xc}, 0x0, 0x0})
syz_usb_control_io$hid(r6, &(0x7f00000009c0)={0x24, &(0x7f0000000840)={0x0, 0x3, 0x9e, {0x9e, 0x2, "c9153a11cb88caf43e66f25a75c27e00402dba486c2d6605d4822941bf79df7e7de0df0f77b8d020f5f3021513cbb0a9483b0916d41bd019197ddb9c99012507ec9021c6fb7f00056285129177ea1cd3383e6de8a7ff59d6f6c5adca629d9fdc8c8bedb65922a99aded07a81788b23b0ac22222fdc4368ed444f2fa3730d9f6ffb331ab28f408f8ec206db4abb15744627df7db39c904142f457a290"}}, &(0x7f0000000900)={0x0, 0x3, 0x53, @string={0x53, 0x3, "648254db208f0e0461d19a6cb14b2d679c9fd19c13b867290c0d26416b444aabc4b177ca579c8fecb952bcc225b40189b33f889169c436bb1ae96dd96e93c811824a856ff044308d4be08eff0a45514454"}}, &(0x7f00000007c0)={0x0, 0x22, 0xd, {[@global=@item_012={0x2, 0x1, 0x9, "9ec1"}, @main=@item_012={0x2, 0x0, 0xc, "ed08"}, @local=@item_012={0x1, 0x2, 0x9, 's'}, @local=@item_4={0x3, 0x2, 0x0, "5c964cef"}]}}, &(0x7f0000000980)={0x0, 0x21, 0x9, {0x9, 0x21, 0x7, 0x4, 0x1, {0x22, 0x6f7}}}}, &(0x7f0000000b80)={0x2c, &(0x7f0000000a00)={0x20, 0xf, 0xa3, "3e7f7f8d7ebb783d52954e27e511cb96758a0125a02785bfc661fbeae67f28140b32a8f8480a3d58448848daba0e30ccdb95d360855f02c4321f97d9fad1e7de4d5b4b204f8b9a27d46ef093f609f9900eb7d93e479fa279f30d8a3271077e55a607c8a7b6b46621171afbefad6664141ea832de205f963c57c53af805337d4dc734ec47308e7febfde52e09a276daa89563fed60f11f724920d618f5f23f43ebd1747"}, &(0x7f0000000ac0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000b00)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000c00)={0x20, 0x1, 0x94, "c958f815c0f975c319a8d66dd542b3591b7238fe128a113c66d051f358947220bde8657428e27fa191f735cae7d4ec0ef786f43d6a266ac176710844d62d5e8c871a8ef4f303e6c9349c6a6c8c17cec1b3d0d51598ddac8d8fbb940f131b020f5fd5468e5269f6266bbd85acfbc000531660b2f30d89ba9f61dc40f5ea930b72d5b290776bbe495dcb04fccdaaab5a13b34095d7"}, &(0x7f0000000b40)={0x20, 0x3, 0x1, 0xa}})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r7 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x3a6}, &(0x7f0000000000)=<r8=>0x0, &(0x7f0000000200)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x48, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181, 0x4000, 0x12345})
io_uring_enter(r7, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(r4, r5, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f00000004c0)={0x48})
syz_usb_control_io(r0, 0x0, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)={[{@huge_always}]})
chdir(&(0x7f0000000140)='./file0\x00')
r11 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r11, 0x0)
fallocate(r11, 0x0, 0x0, 0x475a)

894.138611ms ago: executing program 8 (id=1139):
socket(0xa, 0x3, 0x3a)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
clock_settime(0xbcd1940b87aad64b, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
get_robust_list(0x0, 0x0, 0x0)

0s ago: executing program 3 (id=1140):
epoll_create1(0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = fanotify_init(0xf00, 0x0)
fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000100)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb535275b725e104757e7dc00c6519a85ef828f711330ff2b0800", "dc5db43f"}, 0x38)

kernel console output (not intermixed with test programs):

0.544070][ T5863] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  150.569305][ T7410] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  150.573008][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.623782][ T7410] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  150.638602][ T5863] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input14
[  150.750642][ T7410] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  150.801437][ T7410] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  150.840246][   T30] audit: type=1400 audit(1742365899.689:323): avc:  denied  { write } for  pid=7457 comm="syz.0.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  150.857637][ T5866] usb 2-1: USB disconnect, device number 8
[  150.860722][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  150.875282][ T5866] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  150.959899][   T30] audit: type=1400 audit(1742365899.689:324): avc:  denied  { nlmsg_read } for  pid=7457 comm="syz.0.511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  151.017703][ T7410] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.022223][   T30] audit: type=1400 audit(1742365899.739:325): avc:  denied  { append } for  pid=7428 comm="syz.1.497" name="event4" dev="devtmpfs" ino=2839 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  151.064004][ T7410] 8021q: adding VLAN 0 to HW filter on device team0
[  151.081966][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.090435][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  151.129966][ T6133] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.137128][ T6133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  151.313705][ T5827] Bluetooth: hci1: command tx timeout
[  151.430007][   T30] audit: type=1400 audit(1742365900.289:326): avc:  denied  { mount } for  pid=7472 comm="syz.3.519" name="/" dev="ramfs" ino=17449 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  152.102289][   T30] audit: type=1400 audit(1742365900.969:327): avc:  denied  { ioctl } for  pid=7484 comm="syz.1.521" path="/dev/ptp0" dev="devtmpfs" ino=1265 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  152.224632][ T7410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  152.572670][   T30] audit: type=1400 audit(1742365901.439:328): avc:  denied  { setopt } for  pid=7497 comm="syz.2.525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  152.659744][ T7502] usb usb1: usbfs: process 7502 (syz.1.527) did not claim interface 0 before use
[  152.781318][ T7410] veth0_vlan: entered promiscuous mode
[  152.840830][ T7410] veth1_vlan: entered promiscuous mode
[  152.890933][ T7410] veth0_macvtap: entered promiscuous mode
[  152.919809][ T7410] veth1_macvtap: entered promiscuous mode
[  152.949184][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  152.976977][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.006718][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.027005][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.049074][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.081287][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.111834][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.142423][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.162256][ T5904] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  153.190229][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  153.201248][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.213164][ T7410] batman_adv: batadv0: Interface activated: batadv_slave_0
[  153.341240][   T30] audit: type=1400 audit(1742365902.209:329): avc:  denied  { watch watch_reads } for  pid=7518 comm="syz.0.534" path="/proc/303/personality" dev="proc" ino=17104 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  153.350438][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.377204][ T5827] Bluetooth: hci1: command tx timeout
[  153.386818][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.396887][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.407917][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.418072][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.428864][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.442372][ T5904] usb 2-1: Using ep0 maxpacket: 32
[  153.444739][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.459188][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.470341][ T7410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  153.481333][ T7410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  153.481410][ T5904] usb 2-1: unable to get BOS descriptor or descriptor too short
[  153.493640][ T7410] batman_adv: batadv0: Interface activated: batadv_slave_1
[  153.533964][ T7410] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.549424][ T5904] usb 2-1: config 7 has an invalid interface number: 128 but max is 0
[  153.566557][ T5904] usb 2-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[  153.588083][ T5904] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  153.607374][ T7410] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.609381][ T5904] usb 2-1: config 7 has no interface number 0
[  153.630915][ T7410] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.638012][ T5904] usb 2-1: config 7 interface 128 altsetting 2 has an endpoint descriptor with address 0x17, changing to 0x7
[  153.657863][ T7410] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.670230][ T5904] usb 2-1: config 7 interface 128 altsetting 2 bulk endpoint 0x7 has invalid maxpacket 32
[  153.686364][ T5904] usb 2-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11
[  153.698535][ T5904] usb 2-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  153.728200][ T5904] usb 2-1: config 7 interface 128 has no altsetting 0
[  153.778163][ T5904] usb 2-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13
[  153.801500][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.859737][ T5904] usb 2-1: Product: syz
[  153.873768][ T5904] usb 2-1: Manufacturer: syz
[  153.907115][ T5904] usb 2-1: SerialNumber: syz
[  153.955489][ T5928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.969770][ T7510] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  153.981190][ T5928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.147887][   T30] audit: type=1400 audit(1742365903.019:330): avc:  denied  { bind } for  pid=7533 comm="syz.0.538" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  154.154964][ T6110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.186630][ T6110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  154.227505][ T5904] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  154.248800][ T5904] usb 2-1: MIDIStreaming interface descriptor not found
[  154.267912][   T30] audit: type=1400 audit(1742365903.139:331): avc:  denied  { mount } for  pid=7410 comm="syz-executor" name="/" dev="gadgetfs" ino=6634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  154.331936][ T5904] usb 2-1: USB disconnect, device number 9
[  154.357452][   T30] audit: type=1400 audit(1742365903.189:332): avc:  denied  { node_bind } for  pid=7537 comm="syz.0.540" saddr=172.20.20.170 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  154.537530][   T30] audit: type=1400 audit(1742365903.409:333): avc:  denied  { mounton } for  pid=7544 comm="syz.0.542" path="/proc/312/task" dev="proc" ino=17305 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  155.080442][ T6782] udevd[6782]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:7.128/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  155.432297][ T5827] Bluetooth: hci1: command tx timeout
[  156.112180][ T5863] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  156.287471][ T5863] usb 1-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  156.310488][ T5863] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.330411][ T5863] usb 1-1: Product: syz
[  156.338041][ T5863] usb 1-1: Manufacturer: syz
[  156.347171][ T5863] usb 1-1: SerialNumber: syz
[  156.374773][ T5863] usb 1-1: config 0 descriptor??
[  157.044280][ T5863] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  157.059984][ T5863] asix 1-1:0.0: probe with driver asix failed with error -61
[  157.512818][ T5827] Bluetooth: hci1: command tx timeout
[  159.286865][ T7644] syzkaller0: entered promiscuous mode
[  159.303634][ T5863] usb 1-1: USB disconnect, device number 10
[  159.310795][ T7644] syzkaller0: entered allmulticast mode
[  159.427737][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.585'.
[  160.461122][   T30] audit: type=1400 audit(1742365909.309:334): avc:  denied  { mount } for  pid=7672 comm="syz.1.591" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  160.546225][   T30] audit: type=1400 audit(1742365909.419:335): avc:  denied  { setattr } for  pid=7674 comm="syz.1.592" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  163.483777][ T7656] bridge_slave_1: left allmulticast mode
[  163.502680][ T7656] bridge_slave_1: left promiscuous mode
[  163.508456][ T7656] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.520321][ T7656] bridge_slave_0: left allmulticast mode
[  163.540204][ T7656] bridge_slave_0: left promiscuous mode
[  163.551388][ T7656] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.678164][ T7717] xt_CT: No such helper "pptp"
[  163.802196][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  163.962199][   T30] audit: type=1400 audit(1742365912.829:336): avc:  denied  { setopt } for  pid=7726 comm="syz.2.613" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  163.985161][    T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  164.009973][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.070714][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  164.092146][    T9] usb 6-1: New USB device found, idVendor=056a, idProduct=0301, bcdDevice= 0.00
[  164.110123][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.142267][    T9] usb 6-1: config 0 descriptor??
[  164.930884][    T9] usbhid 6-1:0.0: can't add hid device: -71
[  164.980183][    T9] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  165.142020][    T9] usb 6-1: USB disconnect, device number 2
[  165.546743][ T7747] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  167.416312][ T7754] x_tables: duplicate underflow at hook 2
[  167.552373][ T5863] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  167.855685][ T5863] usb 2-1: Using ep0 maxpacket: 32
[  167.870193][ T5863] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  167.882628][ T5863] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  167.916089][ T5863] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  167.947651][ T5863] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  167.994806][ T5863] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  168.042133][ T5863] usb 2-1: config 0 interface 0 has no altsetting 0
[  168.054331][ T5863] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  168.067113][ T5863] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  168.076158][ T5863] usb 2-1: Product: syz
[  168.080370][ T5863] usb 2-1: Manufacturer: syz
[  168.085301][ T5863] usb 2-1: SerialNumber: syz
[  168.090999][ T5863] usb 2-1: config 0 descriptor??
[  168.099209][ T5822] Bluetooth: hci1: command 0x0405 tx timeout
[  168.290096][ T5863] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  168.303456][ T5863] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  169.685964][ T7798] ubi31: detaching mtd0
[  170.344313][ T7798] ubi31: mtd0 is detached
[  171.876287][ T5904] usb 2-1: USB disconnect, device number 10
[  171.901057][ T5904] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  180.958705][ T5825] Bluetooth: hci3: command 0x0406 tx timeout
[  180.965589][ T5832] Bluetooth: hci0: command 0x0406 tx timeout
[  181.832321][ T5822] Bluetooth: hci2: command 0x0406 tx timeout
[  183.812242][  T972] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  183.982155][  T972] usb 3-1: Using ep0 maxpacket: 8
[  183.989843][  T972] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  184.002698][  T972] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  184.022484][  T972] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  184.038413][  T972] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  184.367008][  T972] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  184.396592][  T972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.647089][  T972] usb 3-1: GET_CAPABILITIES returned 0
[  184.663019][  T972] usbtmc 3-1:16.0: can't read capabilities
[  184.823545][ T7924] syz.0.667: attempt to access beyond end of device
[  184.823545][ T7924] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  184.836919][ T7924] exFAT-fs (nbd0): unable to read boot sector
[  184.843114][ T7924] exFAT-fs (nbd0): failed to read boot sector
[  184.849219][ T7924] exFAT-fs (nbd0): failed to recognize exfat type
[  185.010846][   T30] audit: type=1400 audit(1742365933.619:337): avc:  denied  { create } for  pid=7918 comm="syz.0.667" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  185.014193][  T972] usb 3-1: USB disconnect, device number 10
[  185.695660][ T7939] netlink: 8 bytes leftover after parsing attributes in process `syz.5.670'.
[  189.749669][ T7965] netlink: 'syz.2.679': attribute type 1 has an invalid length.
[  189.758072][ T7965] netlink: 'syz.2.679': attribute type 2 has an invalid length.
[  191.495072][ T7980] overlayfs: overlapping lowerdir path
[  194.156693][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  194.168391][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  197.723127][ T5827] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  197.738007][ T5827] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  197.751644][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  197.767801][ T5827] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  197.785618][ T5827] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  197.799297][ T5827] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  197.932758][ T8023] x_tables: duplicate underflow at hook 2
[  198.168648][ T8037] chnl_net:caif_netlink_parms(): no params data found
[  199.587000][ T8037] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.598312][ T8037] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.086092][ T8037] bridge_slave_0: entered allmulticast mode
[  200.107953][ T5822] Bluetooth: hci2: command tx timeout
[  200.123298][ T8037] bridge_slave_0: entered promiscuous mode
[  200.132673][ T8037] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.140845][ T8037] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.373370][ T8037] bridge_slave_1: entered allmulticast mode
[  200.527420][ T8037] bridge_slave_1: entered promiscuous mode
[  200.800673][   T30] audit: type=1400 audit(1742365949.669:338): avc:  denied  { write } for  pid=8084 comm="syz.5.718" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  201.078737][ T8037] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  201.380661][ T8037] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.210656][ T5822] Bluetooth: hci2: command tx timeout
[  203.875650][ T8037] team0: Port device team_slave_0 added
[  203.946206][ T8037] team0: Port device team_slave_1 added
[  204.157155][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.170477][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.197482][ T8037] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.210019][ T8037] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.217347][ T8037] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.248607][ T5822] Bluetooth: hci2: command tx timeout
[  204.274783][ T8037] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.928683][ T8037] hsr_slave_0: entered promiscuous mode
[  204.977276][ T8037] hsr_slave_1: entered promiscuous mode
[  205.004555][ T8037] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  205.015695][ T8037] Cannot create hsr debugfs directory
[  205.633626][ T8037] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  205.665303][ T8037] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  205.696610][ T8037] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  205.959517][ T8037] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  206.307706][ T8037] 8021q: adding VLAN 0 to HW filter on device bond0
[  206.340265][ T8037] 8021q: adding VLAN 0 to HW filter on device team0
[  206.362691][ T6110] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.369810][ T6110] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.382763][ T5822] Bluetooth: hci2: command tx timeout
[  206.421120][ T8037] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  206.433422][ T8037] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  206.447228][ T6110] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.454457][ T6110] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.670384][ T8037] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.498708][ T8037] veth0_vlan: entered promiscuous mode
[  208.516137][ T8037] veth1_vlan: entered promiscuous mode
[  208.573508][ T8037] veth0_macvtap: entered promiscuous mode
[  208.581555][ T8037] veth1_macvtap: entered promiscuous mode
[  208.596673][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  208.608267][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  208.667526][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  208.710925][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.524136][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.552124][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.568393][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.580704][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.619070][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.655984][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.676034][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.698105][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.721612][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.768387][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.834948][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.849779][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.870558][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.891952][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  209.919814][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.961323][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.022324][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.077803][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.126482][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.170500][ T8037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.237991][ T8037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.368847][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.388740][ T8037] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.401598][ T8037] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.417101][ T8037] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.430019][ T8037] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  210.610457][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.619603][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  210.686253][   T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  210.709212][   T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.642954][ T5925] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  212.842388][ T5925] usb 3-1: Using ep0 maxpacket: 8
[  212.880392][ T5925] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  213.011514][ T5925] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  213.066037][ T5925] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  213.277960][ T5925] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  213.327718][ T5925] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  213.337508][ T5925] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.324913][ T5925] usb 3-1: GET_CAPABILITIES returned 0
[  214.337390][ T5925] usbtmc 3-1:16.0: can't read capabilities
[  214.508701][  T972] usb 3-1: USB disconnect, device number 11
[  214.582164][ T5904] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  214.762113][ T5904] usb 7-1: Using ep0 maxpacket: 32
[  214.788035][ T5904] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[  214.856236][ T5904] usb 7-1: config 0 has no interface number 0
[  214.912187][ T5904] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  215.020319][ T5904] usb 7-1: config 0 interface 85 has no altsetting 0
[  215.146731][ T5904] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  215.256868][ T5904] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.388826][ T5904] usb 7-1: Product: syz
[  215.456006][ T5904] usb 7-1: Manufacturer: syz
[  215.510322][ T5904] usb 7-1: SerialNumber: syz
[  215.637736][ T5904] usb 7-1: config 0 descriptor??
[  216.851816][ T5904] appletouch 7-1:0.85: Geyser mode initialized.
[  216.859227][ T5904] input: appletouch as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.85/input/input16
[  218.056131][ T8212] netlink: zone id is out of range
[  218.077632][ T8212] netlink: zone id is out of range
[  218.090155][ T8212] netlink: zone id is out of range
[  218.361245][ T8212] netlink: zone id is out of range
[  218.405359][ T8212] netlink: zone id is out of range
[  218.442636][ T8212] netlink: zone id is out of range
[  218.447884][ T8212] netlink: zone id is out of range
[  218.454169][ T8212] netlink: del zone limit has 4 unknown bytes
[  218.470140][ T5904] usb 7-1: USB disconnect, device number 2
[  218.544586][ T5904] appletouch 7-1:0.85: input: appletouch disconnected
[  219.462225][ T5862] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  219.612160][ T5862] usb 4-1: Using ep0 maxpacket: 8
[  219.788173][ T5862] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  219.798235][ T5862] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  219.820686][ T5862] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  219.841165][ T5862] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  219.855716][ T5862] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  219.882131][ T5862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.229688][ T5862] usb 4-1: usb_control_msg returned -71
[  220.550339][ T5862] usbtmc 4-1:16.0: can't read capabilities
[  220.563362][ T5862] usb 4-1: USB disconnect, device number 5
[  224.419140][ T8326] netlink: 8 bytes leftover after parsing attributes in process `syz.5.779'.
[  226.459801][ T8325] netlink: 28 bytes leftover after parsing attributes in process `syz.6.780'.
[  229.939520][ T8363] FAULT_INJECTION: forcing a failure.
[  229.939520][ T8363] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  229.960819][ T8363] CPU: 0 UID: 0 PID: 8363 Comm: syz.2.789 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  229.960849][ T8363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.960859][ T8363] Call Trace:
[  229.960864][ T8363]  <TASK>
[  229.960870][ T8363]  dump_stack_lvl+0x16c/0x1f0
[  229.960899][ T8363]  should_fail_ex+0x50a/0x650
[  229.960931][ T8363]  _copy_to_user+0x32/0xd0
[  229.960951][ T8363]  simple_read_from_buffer+0xd0/0x160
[  229.960978][ T8363]  proc_fail_nth_read+0x198/0x270
[  229.960999][ T8363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.961021][ T8363]  ? rw_verify_area+0xcf/0x680
[  229.961041][ T8363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  229.961061][ T8363]  vfs_read+0x1df/0xbf0
[  229.961082][ T8363]  ? __fget_files+0x1fc/0x3a0
[  229.961097][ T8363]  ? __pfx___mutex_lock+0x10/0x10
[  229.961119][ T8363]  ? __pfx_vfs_read+0x10/0x10
[  229.961145][ T8363]  ? __fget_files+0x206/0x3a0
[  229.961171][ T8363]  ksys_read+0x12b/0x250
[  229.961192][ T8363]  ? __pfx_ksys_read+0x10/0x10
[  229.961220][ T8363]  do_syscall_64+0xcd/0x250
[  229.961245][ T8363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.961267][ T8363] RIP: 0033:0x7fa781d8bb7c
[  229.961280][ T8363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  229.961295][ T8363] RSP: 002b:00007fa782b01030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  229.961313][ T8363] RAX: ffffffffffffffda RBX: 00007fa781fa5fa0 RCX: 00007fa781d8bb7c
[  229.961323][ T8363] RDX: 000000000000000f RSI: 00007fa782b010a0 RDI: 0000000000000003
[  229.961332][ T8363] RBP: 00007fa782b01090 R08: 0000000000000000 R09: 0000000000000000
[  229.961340][ T8363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.961349][ T8363] R13: 0000000000000000 R14: 00007fa781fa5fa0 R15: 00007fff1a432238
[  229.961367][ T8363]  </TASK>
[  230.258524][   T30] audit: type=1400 audit(1742365979.099:339): avc:  denied  { bind } for  pid=8364 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  230.304529][ T8373] overlayfs: overlapping lowerdir path
[  230.362196][   T30] audit: type=1400 audit(1742365979.099:340): avc:  denied  { name_bind } for  pid=8364 comm="syz.3.791" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  230.465987][   T30] audit: type=1400 audit(1742365979.099:341): avc:  denied  { node_bind } for  pid=8364 comm="syz.3.791" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  231.160927][   T30] audit: type=1400 audit(1742365979.099:342): avc:  denied  { listen } for  pid=8364 comm="syz.3.791" lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  231.272224][   T30] audit: type=1400 audit(1742365979.099:343): avc:  denied  { bind } for  pid=8364 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  231.762482][   T30] audit: type=1400 audit(1742365979.099:344): avc:  denied  { setopt } for  pid=8364 comm="syz.3.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  231.844864][   T30] audit: type=1400 audit(1742365980.629:345): avc:  denied  { create } for  pid=8380 comm="syz.6.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  232.354786][   T30] audit: type=1400 audit(1742365980.659:346): avc:  denied  { setopt } for  pid=8380 comm="syz.6.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  234.892281][   T30] audit: type=1400 audit(1742365983.709:347): avc:  denied  { bind } for  pid=8399 comm="syz.2.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  235.743641][ T8418] netlink: 12 bytes leftover after parsing attributes in process `syz.5.806'.
[  236.790288][ T8441] overlayfs: overlapping lowerdir path
[  238.412673][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  240.013848][   T30] audit: type=1400 audit(1742365988.839:348): avc:  denied  { nlmsg_read } for  pid=8477 comm="syz.1.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  240.935024][ T5863] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  241.520408][ T5863] usb 2-1: Using ep0 maxpacket: 8
[  241.546613][ T5863] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  241.580113][ T5863] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  241.631377][ T5863] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.759523][ T5925] usb 2-1: USB disconnect, device number 11
[  243.782258][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  244.457289][   T30] audit: type=1400 audit(1742365993.319:349): avc:  denied  { mount } for  pid=8525 comm="syz.3.836" name="/" dev="ocfs2_dlmfs" ino=23884 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  245.592143][ T5862] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  245.802388][ T5862] usb 4-1: device descriptor read/64, error -71
[  245.917759][   T30] audit: type=1400 audit(1742365994.749:350): avc:  denied  { setopt } for  pid=8540 comm="syz.6.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  246.137309][ T5822] Bluetooth: hci2: link tx timeout
[  246.144217][ T5822] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  246.264505][ T5862] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  246.472665][ T5862] usb 4-1: device descriptor read/64, error -71
[  246.677314][ T8550] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  246.689851][ T5862] usb usb4-port1: attempt power cycle
[  247.082218][ T5862] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  247.107668][   T30] audit: type=1400 audit(1742365995.979:351): avc:  denied  { ioctl } for  pid=8562 comm="syz.6.848" path="socket:[23957]" dev="sockfs" ino=23957 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  247.306376][ T5862] usb 4-1: device not accepting address 8, error -71
[  247.439757][   T30] audit: type=1400 audit(1742365996.309:352): avc:  denied  { search } for  pid=8564 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  247.509401][   T30] audit: type=1400 audit(1742365996.379:353): avc:  denied  { read } for  pid=8570 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  247.602323][   T30] audit: type=1400 audit(1742365996.409:354): avc:  denied  { open } for  pid=8570 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  248.033150][   T30] audit: type=1400 audit(1742365996.409:355): avc:  denied  { getattr } for  pid=8570 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  248.058686][   T30] audit: type=1400 audit(1742365996.409:356): avc:  denied  { getattr } for  pid=8570 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1748 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  248.233212][ T5822] Bluetooth: hci2: command 0x0405 tx timeout
[  248.367616][   T30] audit: type=1400 audit(1742365997.069:357): avc:  denied  { read } for  pid=8576 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=1748 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  248.483343][   T30] audit: type=1400 audit(1742365997.069:358): avc:  denied  { open } for  pid=8576 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=1748 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  249.359707][ T8599] netlink: 8 bytes leftover after parsing attributes in process `syz.6.856'.
[  250.076491][   T30] audit: type=1400 audit(1742365998.949:359): avc:  denied  { write } for  pid=8564 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  251.650165][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  251.650180][   T30] audit: type=1400 audit(1742366000.519:364): avc:  denied  { remove_name } for  pid=8616 comm="rm" name="resolv.conf.lapb0.link" dev="tmpfs" ino=4874 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  251.747720][ T8624] netlink: 8 bytes leftover after parsing attributes in process `syz.1.861'.
[  252.223879][   T30] audit: type=1400 audit(1742366000.519:365): avc:  denied  { unlink } for  pid=8616 comm="rm" name="resolv.conf.lapb0.link" dev="tmpfs" ino=4874 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  252.252171][ T5822] Bluetooth: hci2: command 0x0405 tx timeout
[  252.272621][ T6133] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.857619][   T30] audit: type=1400 audit(1742366001.709:366): avc:  denied  { create } for  pid=8632 comm="syz.6.865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  252.929404][ T8644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.864'.
[  253.021023][ T6133] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.465436][ T6133] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  253.655116][ T6133] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.587004][ T6133] bridge_slave_1: left allmulticast mode
[  255.594814][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  255.601282][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  255.612917][ T6133] bridge_slave_1: left promiscuous mode
[  255.663651][ T6133] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.819622][ T6133] bridge_slave_0: left allmulticast mode
[  255.852788][ T6133] bridge_slave_0: left promiscuous mode
[  255.860974][ T6133] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.300367][ T8723] overlayfs: overlapping lowerdir path
[  258.812888][ T3073] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  259.017490][ T3073] usb 7-1: unable to get BOS descriptor or descriptor too short
[  259.036943][ T3073] usb 7-1: not running at top speed; connect to a high speed hub
[  259.053860][ T3073] usb 7-1: config 1 interface 0 altsetting 6 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  259.078042][ T3073] usb 7-1: config 1 interface 0 has no altsetting 0
[  259.140388][ T3073] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  259.156199][ T3073] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.175792][ T3073] usb 7-1: Product: syz
[  259.180011][ T3073] usb 7-1: Manufacturer: syz
[  259.194377][ T3073] usb 7-1: SerialNumber: syz
[  259.218402][ T8725] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  259.289546][ T6133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.371601][ T6133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.438746][ T6133] bond0 (unregistering): Released all slaves
[  259.582430][ T3073] usblp 7-1:1.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 6 proto 2 vid 0x0525 pid 0xA4A8
[  259.616790][ T3073] usb 7-1: USB disconnect, device number 3
[  259.660115][ T3073] usblp0: removed
[  260.104191][ T8748] FAULT_INJECTION: forcing a failure.
[  260.104191][ T8748] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.132810][ T5862] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  260.137925][ T8748] CPU: 1 UID: 0 PID: 8748 Comm: syz.1.887 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  260.137949][ T8748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  260.137958][ T8748] Call Trace:
[  260.137963][ T8748]  <TASK>
[  260.137968][ T8748]  dump_stack_lvl+0x16c/0x1f0
[  260.137996][ T8748]  should_fail_ex+0x50a/0x650
[  260.138024][ T8748]  _copy_from_user+0x2e/0xd0
[  260.138041][ T8748]  __sys_bpf+0x21c/0x49c0
[  260.138058][ T8748]  ? __pfx_lock_release+0x10/0x10
[  260.138081][ T8748]  ? __pfx___sys_bpf+0x10/0x10
[  260.138096][ T8748]  ? vfs_write+0x306/0x1150
[  260.138121][ T8748]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  260.138153][ T8748]  ? fput+0x67/0x440
[  260.138170][ T8748]  ? ksys_write+0x1ba/0x250
[  260.138183][ T8748]  ? __pfx_ksys_write+0x10/0x10
[  260.138200][ T8748]  __x64_sys_bpf+0x78/0xc0
[  260.138215][ T8748]  ? lockdep_hardirqs_on+0x7c/0x110
[  260.138234][ T8748]  do_syscall_64+0xcd/0x250
[  260.138255][ T8748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.138276][ T8748] RIP: 0033:0x7f73c5f8d169
[  260.138288][ T8748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.138302][ T8748] RSP: 002b:00007f73c6dec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  260.138317][ T8748] RAX: ffffffffffffffda RBX: 00007f73c61a5fa0 RCX: 00007f73c5f8d169
[  260.138334][ T8748] RDX: 0000000000000048 RSI: 0000400000000180 RDI: 0000000000000000
[  260.138343][ T8748] RBP: 00007f73c6dec090 R08: 0000000000000000 R09: 0000000000000000
[  260.138351][ T8748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.138360][ T8748] R13: 0000000000000000 R14: 00007f73c61a5fa0 R15: 00007ffc21a66fd8
[  260.138379][ T8748]  </TASK>
[  260.411391][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  260.712513][ T5862] usb 3-1: Using ep0 maxpacket: 8
[  261.071072][ T5862] usb 3-1: config 0 has an invalid interface number: 231 but max is 0
[  261.094941][ T5862] usb 3-1: config 0 has no interface number 0
[  261.115308][ T5862] usb 3-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=53.16
[  261.141047][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.179009][ T5862] usb 3-1: Product: syz
[  261.192720][ T5862] usb 3-1: Manufacturer: syz
[  261.218140][ T5862] usb 3-1: SerialNumber: syz
[  261.249847][ T5862] usb 3-1: config 0 descriptor??
[  261.271045][ T5862] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  261.914692][ T5862] gspca_sn9c2028: read1 error -71
[  261.925087][ T5862] gspca_sn9c2028: read1 error -71
[  261.946628][ T5862] gspca_sn9c2028: read1 error -71
[  261.962126][ T5862] sn9c2028 3-1:0.231: probe with driver sn9c2028 failed with error -71
[  262.005175][ T5862] usb 3-1: USB disconnect, device number 12
[  262.364254][ T8780] netlink: zone id is out of range
[  262.370057][ T8780] netlink: zone id is out of range
[  262.379810][ T8780] netlink: zone id is out of range
[  262.386318][ T8780] netlink: del zone limit has 4 unknown bytes
[  262.450652][ T8784] netlink: 8 bytes leftover after parsing attributes in process `syz.3.894'.
[  262.941555][ T5822] Bluetooth: hci4: command 0x0406 tx timeout
[  263.088917][ T6133] hsr_slave_0: left promiscuous mode
[  263.253036][ T6133] hsr_slave_1: left promiscuous mode
[  263.258969][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.282581][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  263.299115][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  263.319342][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  263.396772][ T6133] veth1_macvtap: left promiscuous mode
[  263.469634][ T6133] veth0_macvtap: left promiscuous mode
[  263.500985][ T6133] veth1_vlan: left promiscuous mode
[  263.545368][ T6133] veth0_vlan: left promiscuous mode
[  267.103658][ T8843] netlink: zone id is out of range
[  267.110358][ T8843] netlink: zone id is out of range
[  267.122670][ T8843] netlink: zone id is out of range
[  267.129923][ T8843] netlink: del zone limit has 4 unknown bytes
[  267.141327][ T6133] team0 (unregistering): Port device team_slave_1 removed
[  267.186524][ T6133] team0 (unregistering): Port device team_slave_0 removed
[  268.193286][ T8864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.917'.
[  268.237700][ T8866] FAULT_INJECTION: forcing a failure.
[  268.237700][ T8866] name failslab, interval 1, probability 0, space 0, times 0
[  268.251419][ T8864] netlink: 920 bytes leftover after parsing attributes in process `syz.3.917'.
[  268.316871][ T8864] netlink: 16 bytes leftover after parsing attributes in process `syz.3.917'.
[  268.352417][ T8866] CPU: 1 UID: 0 PID: 8866 Comm: syz.5.916 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  268.352445][ T8866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.352455][ T8866] Call Trace:
[  268.352460][ T8866]  <TASK>
[  268.352467][ T8866]  dump_stack_lvl+0x16c/0x1f0
[  268.352495][ T8866]  should_fail_ex+0x50a/0x650
[  268.352520][ T8866]  ? fs_reclaim_acquire+0xae/0x150
[  268.352545][ T8866]  ? tomoyo_realpath_from_path+0xb9/0x720
[  268.352570][ T8866]  should_failslab+0xc2/0x120
[  268.352590][ T8866]  __kmalloc_noprof+0xcb/0x510
[  268.352608][ T8866]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  268.352638][ T8866]  tomoyo_realpath_from_path+0xb9/0x720
[  268.352662][ T8866]  ? tomoyo_path_number_perm+0x235/0x590
[  268.352685][ T8866]  ? tomoyo_path_number_perm+0x235/0x590
[  268.352709][ T8866]  tomoyo_path_number_perm+0x248/0x590
[  268.352730][ T8866]  ? tomoyo_path_number_perm+0x235/0x590
[  268.352753][ T8866]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  268.352797][ T8866]  ? __pfx_lock_release+0x10/0x10
[  268.352818][ T8866]  ? trace_lock_acquire+0x14e/0x1f0
[  268.352840][ T8866]  ? lock_acquire+0x2f/0xb0
[  268.352861][ T8866]  ? __fget_files+0x40/0x3a0
[  268.352881][ T8866]  ? __fget_files+0x206/0x3a0
[  268.352900][ T8866]  security_file_ioctl+0x9b/0x240
[  268.352925][ T8866]  __x64_sys_ioctl+0xb7/0x200
[  268.352960][ T8866]  do_syscall_64+0xcd/0x250
[  268.352984][ T8866]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.353007][ T8866] RIP: 0033:0x7efcb9f8d169
[  268.353020][ T8866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.353036][ T8866] RSP: 002b:00007efcbaead038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.353053][ T8866] RAX: ffffffffffffffda RBX: 00007efcba1a5fa0 RCX: 00007efcb9f8d169
[  268.353065][ T8866] RDX: 0000400000000480 RSI: 00000000c008ae88 RDI: 0000000000000004
[  268.353075][ T8866] RBP: 00007efcbaead090 R08: 0000000000000000 R09: 0000000000000000
[  268.353086][ T8866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.353096][ T8866] R13: 0000000000000000 R14: 00007efcba1a5fa0 R15: 00007fffbd898c38
[  268.353117][ T8866]  </TASK>
[  268.353125][ T8866] ERROR: Out of memory at tomoyo_realpath_from_path.
[  268.990705][ T8890] FAULT_INJECTION: forcing a failure.
[  268.990705][ T8890] name failslab, interval 1, probability 0, space 0, times 0
[  269.063378][ T8890] CPU: 1 UID: 0 PID: 8890 Comm: syz.6.924 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  269.063409][ T8890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.063419][ T8890] Call Trace:
[  269.063425][ T8890]  <TASK>
[  269.063432][ T8890]  dump_stack_lvl+0x16c/0x1f0
[  269.063463][ T8890]  should_fail_ex+0x50a/0x650
[  269.063491][ T8890]  ? fs_reclaim_acquire+0xae/0x150
[  269.063518][ T8890]  ? tomoyo_realpath_from_path+0xb9/0x720
[  269.063544][ T8890]  should_failslab+0xc2/0x120
[  269.063564][ T8890]  __kmalloc_noprof+0xcb/0x510
[  269.063582][ T8890]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  269.063613][ T8890]  tomoyo_realpath_from_path+0xb9/0x720
[  269.063638][ T8890]  ? tomoyo_path_number_perm+0x235/0x590
[  269.063661][ T8890]  ? tomoyo_path_number_perm+0x235/0x590
[  269.063686][ T8890]  tomoyo_path_number_perm+0x248/0x590
[  269.063707][ T8890]  ? tomoyo_path_number_perm+0x235/0x590
[  269.063731][ T8890]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  269.063754][ T8890]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  269.063803][ T8890]  ? ksys_unshare+0x57f/0xa40
[  269.063835][ T8890]  security_file_ioctl+0x9b/0x240
[  269.063862][ T8890]  __x64_sys_ioctl+0xb7/0x200
[  269.063888][ T8890]  do_syscall_64+0xcd/0x250
[  269.063915][ T8890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.063939][ T8890] RIP: 0033:0x7f073a18d169
[  269.063954][ T8890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.063971][ T8890] RSP: 002b:00007f073af50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.063990][ T8890] RAX: ffffffffffffffda RBX: 00007f073a3a5fa0 RCX: 00007f073a18d169
[  269.064002][ T8890] RDX: 0000000000000000 RSI: 000040000000af01 RDI: 0000000000000003
[  269.064013][ T8890] RBP: 00007f073af50090 R08: 0000000000000000 R09: 0000000000000000
[  269.064023][ T8890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.064032][ T8890] R13: 0000000000000000 R14: 00007f073a3a5fa0 R15: 00007fff6eff8168
[  269.064050][ T8890]  </TASK>
[  269.064057][ T8890] ERROR: Out of memory at tomoyo_realpath_from_path.
[  269.309178][   T30] audit: type=1400 audit(1742366018.169:367): avc:  denied  { ioctl } for  pid=8889 comm="syz.6.924" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  269.387348][ T8884] can0: slcan on ttyS3.
[  269.656101][ T5822] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  269.667009][ T5822] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  269.679549][ T5822] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  269.691543][ T5822] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  269.700063][ T5822] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  269.710080][ T5822] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  270.142133][ T6133] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.323813][ T8892] can0 (unregistered): slcan off ttyS3.
[  270.461936][ T6133] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.010417][ T6133] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.257435][ T5827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  271.271097][ T5827] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  271.284463][ T5827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  271.342854][ T5827] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  271.355890][ T5827] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  271.372233][ T5827] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  271.457847][   T30] audit: type=1326 audit(1742366020.319:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  271.487246][ T8928] vxcan1: tx address claim with dest, not broadcast
[  271.507168][ T6133] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  271.532973][   T30] audit: type=1326 audit(1742366020.319:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  271.593400][   T30] audit: type=1400 audit(1742366020.359:370): avc:  denied  { ioctl } for  pid=8925 comm="syz.3.933" path="socket:[25149]" dev="sockfs" ino=25149 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  271.772857][   T30] audit: type=1400 audit(1742366020.359:371): avc:  denied  { write } for  pid=8925 comm="syz.3.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  271.833459][ T5827] Bluetooth: hci1: command tx timeout
[  271.864291][   T30] audit: type=1326 audit(1742366020.369:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  271.888271][   T30] audit: type=1326 audit(1742366020.369:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  271.914016][   T30] audit: type=1326 audit(1742366020.369:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  272.045381][ T8927] evm: overlay not supported
[  272.087727][   T30] audit: type=1326 audit(1742366020.369:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  272.247353][   T30] audit: type=1326 audit(1742366020.449:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8926 comm="syz.1.934" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c5f8d169 code=0x7ffc0000
[  273.100034][ T6133] bond1 (unregistering): (slave gretap1): Releasing backup interface
[  273.458553][ T5827] Bluetooth: hci4: command tx timeout
[  273.636487][ T6133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.652691][ T6133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.693610][ T6133] bond0 (unregistering): Released all slaves
[  273.729594][ T6133] bond1 (unregistering): Released all slaves
[  273.739372][ T8968] FAULT_INJECTION: forcing a failure.
[  273.739372][ T8968] name failslab, interval 1, probability 0, space 0, times 0
[  273.805688][ T8968] CPU: 1 UID: 0 PID: 8968 Comm: syz.6.941 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  273.805718][ T8968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  273.805728][ T8968] Call Trace:
[  273.805733][ T8968]  <TASK>
[  273.805740][ T8968]  dump_stack_lvl+0x16c/0x1f0
[  273.805774][ T8968]  should_fail_ex+0x50a/0x650
[  273.805801][ T8968]  ? fs_reclaim_acquire+0xae/0x150
[  273.805829][ T8968]  ? tomoyo_realpath_from_path+0xb9/0x720
[  273.805854][ T8968]  should_failslab+0xc2/0x120
[  273.805874][ T8968]  __kmalloc_noprof+0xcb/0x510
[  273.805891][ T8968]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  273.805921][ T8968]  tomoyo_realpath_from_path+0xb9/0x720
[  273.805945][ T8968]  ? tomoyo_path_number_perm+0x235/0x590
[  273.805968][ T8968]  ? tomoyo_path_number_perm+0x235/0x590
[  273.805992][ T8968]  tomoyo_path_number_perm+0x248/0x590
[  273.806012][ T8968]  ? tomoyo_path_number_perm+0x235/0x590
[  273.806035][ T8968]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  273.806079][ T8968]  ? __pfx_lock_release+0x10/0x10
[  273.806101][ T8968]  ? trace_lock_acquire+0x14e/0x1f0
[  273.806123][ T8968]  ? lock_acquire+0x2f/0xb0
[  273.806144][ T8968]  ? __fget_files+0x40/0x3a0
[  273.806169][ T8968]  ? __fget_files+0x206/0x3a0
[  273.806189][ T8968]  security_file_ioctl+0x9b/0x240
[  273.806213][ T8968]  __x64_sys_ioctl+0xb7/0x200
[  273.806236][ T8968]  do_syscall_64+0xcd/0x250
[  273.806258][ T8968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.806280][ T8968] RIP: 0033:0x7f073a18d169
[  273.806293][ T8968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.806307][ T8968] RSP: 002b:00007f073af50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  273.806323][ T8968] RAX: ffffffffffffffda RBX: 00007f073a3a5fa0 RCX: 00007f073a18d169
[  273.806333][ T8968] RDX: 0000400000000000 RSI: 000000000000541b RDI: 0000000000000004
[  273.806342][ T8968] RBP: 00007f073af50090 R08: 0000000000000000 R09: 0000000000000000
[  273.806351][ T8968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.806360][ T8968] R13: 0000000000000000 R14: 00007f073a3a5fa0 R15: 00007fff6eff8168
[  273.806378][ T8968]  </TASK>
[  273.806407][ T8968] ERROR: Out of memory at tomoyo_realpath_from_path.
[  273.850381][ T8900] chnl_net:caif_netlink_parms(): no params data found
[  273.945527][ T5827] Bluetooth: hci1: command tx timeout
[  274.561968][ T8900] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.576978][ T8900] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.584406][ T8900] bridge_slave_0: entered allmulticast mode
[  274.591922][ T8900] bridge_slave_0: entered promiscuous mode
[  274.599173][ T8900] bridge0: port 2(bridge_slave_1) entered blocking state
[  274.606996][ T8900] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.614454][ T8900] bridge_slave_1: entered allmulticast mode
[  274.621652][ T8900] bridge_slave_1: entered promiscuous mode
[  275.086871][ T8900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.137718][ T8900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.457994][ T8990] SELinux: syz.1.946 (8990) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  275.512812][ T5827] Bluetooth: hci4: command tx timeout
[  275.727974][ T6133] hsr_slave_0: left promiscuous mode
[  275.769402][ T6133] hsr_slave_1: left promiscuous mode
[  275.777943][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.794202][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_0
[  275.826261][ T6133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.848666][ T6133] batman_adv: batadv0: Removing interface: batadv_slave_1
[  276.074943][ T5827] Bluetooth: hci1: command tx timeout
[  276.231153][ T6133] veth1_macvtap: left promiscuous mode
[  276.240103][ T6133] veth0_macvtap: left promiscuous mode
[  276.245800][ T6133] veth1_vlan: left promiscuous mode
[  276.252681][ T6133] veth0_vlan: left promiscuous mode
[  276.356084][ T9014] netlink: 'syz.1.950': attribute type 1 has an invalid length.
[  276.557050][ T9022] nfs4: Unknown parameter 'rdma´Eü¯W5—Šâ§îŠ'
[  277.191150][ T9029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.954'.
[  277.597733][ T5827] Bluetooth: hci4: command tx timeout
[  278.156328][ T5827] Bluetooth: hci1: command tx timeout
[  278.166482][ T6133] team0 (unregistering): Port device team_slave_1 removed
[  278.227074][ T6133] team0 (unregistering): Port device team_slave_0 removed
[  279.120454][ T8900] team0: Port device team_slave_0 added
[  279.155208][ T8900] team0: Port device team_slave_1 added
[  279.448350][ T9014] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  279.482551][ T8922] chnl_net:caif_netlink_parms(): no params data found
[  279.565529][ T8900] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.598030][ T8900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.724617][ T5827] Bluetooth: hci4: command tx timeout
[  279.989666][ T9052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.958'.
[  280.358819][ T8900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  280.415972][ T8900] batman_adv: batadv0: Adding interface: batadv_slave_1
[  280.542721][ T8900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  280.702108][ T8900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.951791][ T8922] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.981270][ T8922] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.988968][ T5827] Bluetooth: hci2: Ignoring HCI_Sync_Conn_Complete event for existing connection
[  281.001120][ T8922] bridge_slave_0: entered allmulticast mode
[  281.013537][ T8922] bridge_slave_0: entered promiscuous mode
[  281.072754][ T8922] bridge0: port 2(bridge_slave_1) entered blocking state
[  281.079957][ T8922] bridge0: port 2(bridge_slave_1) entered disabled state
[  281.090497][ T8922] bridge_slave_1: entered allmulticast mode
[  281.116809][ T8922] bridge_slave_1: entered promiscuous mode
[  281.151241][ T8900] hsr_slave_0: entered promiscuous mode
[  281.160593][ T8900] hsr_slave_1: entered promiscuous mode
[  281.173335][ T8900] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  281.618105][ T8900] Cannot create hsr debugfs directory
[  282.367840][ T8922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.431054][ T8922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.535057][ T9087] netlink: 'syz.1.966': attribute type 1 has an invalid length.
[  282.686780][ T9088] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  282.726991][ T8922] team0: Port device team_slave_0 added
[  282.776544][ T8922] team0: Port device team_slave_1 added
[  282.980131][ T8922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  282.988342][ T8922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.017754][ T8922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  283.033966][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  283.044260][ T8922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  283.060951][ T8922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.099274][ T8922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  283.313726][ T8922] hsr_slave_0: entered promiscuous mode
[  283.335814][ T8922] hsr_slave_1: entered promiscuous mode
[  283.349106][ T8922] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  283.366805][ T8922] Cannot create hsr debugfs directory
[  283.644341][ T8900] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  284.104565][ T8900] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  284.237375][ T5827] Bluetooth: hci2: Ignoring HCI_Sync_Conn_Complete event for existing connection
[  284.262056][ T8900] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  284.775945][ T8900] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  284.812796][ T9126] overlayfs: overlapping lowerdir path
[  284.876916][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  284.876933][   T30] audit: type=1400 audit(1742366033.749:412): avc:  denied  { setrlimit } for  pid=9127 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  286.232206][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  286.348742][ T8922] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  286.538497][ T8922] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  286.588528][ T8922] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  286.650133][ T8900] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.671264][ T8922] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  286.714705][ T8900] 8021q: adding VLAN 0 to HW filter on device team0
[  286.767439][ T6133] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.774580][ T6133] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.298208][ T6104] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.305368][ T6104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.407308][ T9148] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  288.326752][ T8922] 8021q: adding VLAN 0 to HW filter on device bond0
[  288.345907][ T9166] overlayfs: overlapping lowerdir path
[  288.396490][ T8922] 8021q: adding VLAN 0 to HW filter on device team0
[  288.721423][ T6130] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.728648][ T6130] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.016579][ T8922] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  289.097006][ T9177] netlink: 8 bytes leftover after parsing attributes in process `syz.1.977'.
[  289.122111][ T5827] Bluetooth: hci2: Ignoring HCI_Sync_Conn_Complete event for existing connection
[  289.617288][ T8922] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  289.651674][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.658815][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.165683][ T8900] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.042077][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  291.102218][   T30] audit: type=1400 audit(1742366039.969:413): avc:  denied  { listen } for  pid=9191 comm="syz.3.984" lport=45954 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  291.519979][ T5827] Bluetooth: hci2: Ignoring HCI_Sync_Conn_Complete event for existing connection
[  291.562712][   T30] audit: type=1400 audit(1742366039.969:414): avc:  denied  { accept } for  pid=9191 comm="syz.3.984" lport=45954 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  291.593285][ T8922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.689818][   T30] audit: type=1400 audit(1742366039.979:415): avc:  denied  { read } for  pid=9191 comm="syz.3.984" lport=45954 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  291.803376][   T30] audit: type=1400 audit(1742366040.219:416): avc:  denied  { setopt } for  pid=9191 comm="syz.3.984" lport=45954 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  291.843607][ T9214] __vm_enough_memory: pid: 9214, comm: syz.6.988, bytes: 21199869636608 not enough memory for the allocation
[  291.902879][ T8900] veth0_vlan: entered promiscuous mode
[  291.960281][   T30] audit: type=1326 audit(1742366040.829:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9212 comm="syz.6.988" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f073a18d169 code=0x0
[  292.292668][ T8900] veth1_vlan: entered promiscuous mode
[  292.436836][ T8900] veth0_macvtap: entered promiscuous mode
[  292.484303][ T8900] veth1_macvtap: entered promiscuous mode
[  292.571267][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.602675][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.628250][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.649182][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.677897][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.707727][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.729830][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.782122][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.824992][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  292.923740][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  292.958597][ T5862] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  292.959127][ T8900] batman_adv: batadv0: Interface activated: batadv_slave_0
[  292.975347][ T5866] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  293.277479][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.301278][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.313860][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.326718][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.340816][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.352166][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.366319][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.380701][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.392162][ T5866] usb 2-1: device descriptor read/64, error -71
[  293.394813][ T5862] usb 4-1: Using ep0 maxpacket: 32
[  293.479834][ T8900] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.496403][ T5862] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  293.505945][ T8900] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.521185][ T5862] usb 4-1: config 0 has no interface number 0
[  293.527949][ T5862] usb 4-1: config 0 interface 85 has no altsetting 0
[  293.547352][ T8900] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.564149][ T5862] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  293.592896][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  293.606887][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.622603][ T8900] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.631347][ T8900] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.645075][ T5862] usb 4-1: Product: syz
[  293.648220][ T8900] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.649269][ T5862] usb 4-1: Manufacturer: syz
[  293.649287][ T5862] usb 4-1: SerialNumber: syz
[  293.664232][ T8900] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.676009][ T5862] usb 4-1: config 0 descriptor??
[  293.678092][ T5862] appletouch 4-1:0.85: Could not find int-in endpoint
[  293.681438][ T5866] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  293.708391][ T8922] veth0_vlan: entered promiscuous mode
[  293.714329][ T5862] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  293.729688][ T8922] veth1_vlan: entered promiscuous mode
[  293.843000][ T5866] usb 2-1: device descriptor read/64, error -71
[  293.904426][ T5862] usbhid 4-1:0.85: couldn't find an input interrupt endpoint
[  293.940820][ T8922] veth0_macvtap: entered promiscuous mode
[  294.044948][ T5866] usb usb2-port1: attempt power cycle
[  294.191734][ T8922] veth1_macvtap: entered promiscuous mode
[  294.339193][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.382849][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.427049][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.441684][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.453657][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.465851][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.486760][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.497659][ T5866] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  294.512097][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.529879][ T5866] usb 2-1: device descriptor read/8, error -71
[  294.546433][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.570351][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.601026][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.629811][ T9264] netlink: zone id is out of range
[  294.632110][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.647572][ T9264] netlink: zone id is out of range
[  294.659975][ T9264] netlink: zone id is out of range
[  294.672370][ T8922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.676591][ T9264] netlink: zone id is out of range
[  294.691116][ T5928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.715186][ T5928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.723648][ T9264] netlink: zone id is out of range
[  294.730887][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.745268][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.747251][ T9264] netlink: zone id is out of range
[  294.760340][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.760363][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.760376][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.776206][ T9264] netlink: del zone limit has 4 unknown bytes
[  294.790392][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.808281][ T5866] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  294.820813][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.833374][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.849872][ T5866] usb 2-1: device descriptor read/8, error -71
[  294.851583][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.867482][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.877781][ T8922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.888288][ T8922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.969552][ T8922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  295.006752][ T5866] usb usb2-port1: unable to enumerate USB device
[  295.066809][ T6130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.078801][ T6130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.091137][ T8922] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.103059][ T8922] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.113719][ T8922] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.123580][ T8922] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.343086][ T6094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.373897][ T6094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.417908][ T5928] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.432789][ T5928] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.995467][ T3073] usb 4-1: USB disconnect, device number 10
[  296.041124][ T9304] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1000'.
[  296.216757][ T5822] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  296.227883][ T5822] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  296.238162][ T5822] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  296.246259][ T5822] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  296.254601][ T5822] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  296.257109][ T9310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1001'.
[  296.270736][ T5822] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  296.361865][ T9296] mmap: syz.7.920 (9296) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  296.375957][   T30] audit: type=1400 audit(1742366045.229:418): avc:  denied  { getopt } for  pid=9288 comm="syz.7.920" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  296.607510][   T30] audit: type=1400 audit(1742366045.469:419): avc:  denied  { read write } for  pid=9288 comm="syz.7.920" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  296.698160][   T30] audit: type=1400 audit(1742366045.469:420): avc:  denied  { open } for  pid=9288 comm="syz.7.920" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  296.942826][ T5925] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  297.251421][ T5925] usb 9-1: Using ep0 maxpacket: 8
[  297.267355][ T5925] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  297.291098][ T5925] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  297.312909][ T5925] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.500851][ T9308] chnl_net:caif_netlink_parms(): no params data found
[  297.578415][ T9339] process 'syz.1.1006' launched './file0' with NULL argv: empty string added
[  297.602409][   T30] audit: type=1400 audit(1742366046.469:421): avc:  denied  { execute_no_trans } for  pid=9332 comm="syz.1.1006" path="/237/file0" dev="tmpfs" ino=1264 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  298.053268][ T9308] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.177834][ T9308] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.257274][ T9308] bridge_slave_0: entered allmulticast mode
[  298.341463][ T5822] Bluetooth: hci2: command tx timeout
[  298.445201][ T9308] bridge_slave_0: entered promiscuous mode
[  298.592219][ T9308] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.610641][ T9308] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.635096][ T9308] bridge_slave_1: entered allmulticast mode
[  298.643794][ T9308] bridge_slave_1: entered promiscuous mode
[  298.707703][ T9308] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  298.728238][ T9308] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  298.740112][ T9354] FAULT_INJECTION: forcing a failure.
[  298.740112][ T9354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.776674][ T9354] CPU: 1 UID: 0 PID: 9354 Comm: syz.3.1009 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  298.776699][ T9354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  298.776708][ T9354] Call Trace:
[  298.776713][ T9354]  <TASK>
[  298.776718][ T9354]  dump_stack_lvl+0x16c/0x1f0
[  298.776748][ T9354]  should_fail_ex+0x50a/0x650
[  298.776776][ T9354]  _copy_from_user+0x2e/0xd0
[  298.776793][ T9354]  __sys_bpf+0x21c/0x49c0
[  298.776811][ T9354]  ? __pfx_lock_release+0x10/0x10
[  298.776837][ T9354]  ? __pfx___sys_bpf+0x10/0x10
[  298.776853][ T9354]  ? vfs_write+0x306/0x1150
[  298.776883][ T9354]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  298.776919][ T9354]  ? fput+0x67/0x440
[  298.776939][ T9354]  ? ksys_write+0x1ba/0x250
[  298.776953][ T9354]  ? __pfx_ksys_write+0x10/0x10
[  298.776971][ T9354]  __x64_sys_bpf+0x78/0xc0
[  298.776989][ T9354]  ? lockdep_hardirqs_on+0x7c/0x110
[  298.777010][ T9354]  do_syscall_64+0xcd/0x250
[  298.777034][ T9354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.777054][ T9354] RIP: 0033:0x7f7abd18d169
[  298.777068][ T9354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.777092][ T9354] RSP: 002b:00007f7abaff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  298.777108][ T9354] RAX: ffffffffffffffda RBX: 00007f7abd3a5fa0 RCX: 00007f7abd18d169
[  298.777119][ T9354] RDX: 0000000000000010 RSI: 0000400000000980 RDI: 0000000000000011
[  298.777129][ T9354] RBP: 00007f7abaff6090 R08: 0000000000000000 R09: 0000000000000000
[  298.777139][ T9354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.777148][ T9354] R13: 0000000000000000 R14: 00007f7abd3a5fa0 R15: 00007ffebf53ea88
[  298.777171][ T9354]  </TASK>
[  298.998435][   T30] audit: type=1400 audit(1742366047.869:422): avc:  denied  { read write } for  pid=9358 comm="syz.7.1010" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  299.023894][ T9359] UHID_CREATE from different security context by process 9 (syz.7.1010), this is not allowed.
[  299.060735][ T9308] team0: Port device team_slave_0 added
[  299.092694][ T9308] team0: Port device team_slave_1 added
[  299.133107][   T30] audit: type=1400 audit(1742366047.869:423): avc:  denied  { open } for  pid=9358 comm="syz.7.1010" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  299.199448][ T9361] FAULT_INJECTION: forcing a failure.
[  299.199448][ T9361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.319988][ T9361] CPU: 1 UID: 0 PID: 9361 Comm: syz.3.1011 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  299.320016][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  299.320026][ T9361] Call Trace:
[  299.320032][ T9361]  <TASK>
[  299.320039][ T9361]  dump_stack_lvl+0x16c/0x1f0
[  299.320075][ T9361]  should_fail_ex+0x50a/0x650
[  299.320107][ T9361]  _copy_from_user+0x2e/0xd0
[  299.320126][ T9361]  uhid_char_write+0x190/0x10b0
[  299.320156][ T9361]  ? __pfx_uhid_char_write+0x10/0x10
[  299.320180][ T9361]  vfs_write+0x24c/0x1150
[  299.320211][ T9361]  ? __fget_files+0x1fc/0x3a0
[  299.320228][ T9361]  ? __pfx_lock_release+0x10/0x10
[  299.320253][ T9361]  ? __pfx_vfs_write+0x10/0x10
[  299.320281][ T9361]  ? lock_acquire+0x2f/0xb0
[  299.320302][ T9361]  ? __fget_files+0x40/0x3a0
[  299.320322][ T9361]  ? __fget_files+0x206/0x3a0
[  299.320346][ T9361]  ksys_write+0x207/0x250
[  299.320361][ T9361]  ? __pfx_ksys_write+0x10/0x10
[  299.320391][ T9361]  do_syscall_64+0xcd/0x250
[  299.320418][ T9361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.320442][ T9361] RIP: 0033:0x7f7abd18d169
[  299.320457][ T9361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.320474][ T9361] RSP: 002b:00007f7abaff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  299.320492][ T9361] RAX: ffffffffffffffda RBX: 00007f7abd3a5fa0 RCX: 00007f7abd18d169
[  299.320503][ T9361] RDX: 000000000000011c RSI: 00004000000002c0 RDI: 0000000000000003
[  299.320514][ T9361] RBP: 00007f7abaff6090 R08: 0000000000000000 R09: 0000000000000000
[  299.320523][ T9361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.320534][ T9361] R13: 0000000000000000 R14: 00007f7abd3a5fa0 R15: 00007ffebf53ea88
[  299.320557][ T9361]  </TASK>
[  299.692602][ T5863] usb 9-1: USB disconnect, device number 2
[  300.393337][ T5822] Bluetooth: hci2: command tx timeout
[  300.446705][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_0
[  300.580405][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  300.768235][ T9308] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  301.333051][ T9308] batman_adv: batadv0: Adding interface: batadv_slave_1
[  301.362278][ T9308] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  301.468960][ T9308] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  302.403379][ T9308] hsr_slave_0: entered promiscuous mode
[  302.409225][   T30] audit: type=1400 audit(1742366051.269:424): avc:  denied  { mounton } for  pid=9401 comm="syz.7.1018" path="/3/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  302.409829][ T9308] hsr_slave_1: entered promiscuous mode
[  302.472172][ T5822] Bluetooth: hci2: command tx timeout
[  302.514995][   T30] audit: type=1400 audit(1742366051.379:425): avc:  denied  { sys_chroot } for  pid=9404 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  302.529031][ T9308] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  302.580237][ T9406] netlink: 'syz.1.1019': attribute type 2 has an invalid length.
[  302.593083][   T30] audit: type=1400 audit(1742366051.379:426): avc:  denied  { setgid } for  pid=9404 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  302.617630][ T9308] Cannot create hsr debugfs directory
[  302.781830][   T30] audit: type=1400 audit(1742366051.499:427): avc:  denied  { read } for  pid=9401 comm="syz.7.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  302.819217][ T9410] overlayfs: overlapping lowerdir path
[  303.638416][   T30] audit: type=1400 audit(1742366052.509:428): avc:  denied  { unmount } for  pid=8900 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  303.934337][ T9308] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  303.981771][ T9308] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  304.010631][ T9308] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  304.034373][ T9439] overlayfs: overlapping lowerdir path
[  304.055612][ T9308] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  304.398644][ T9444] dvmrp0: entered allmulticast mode
[  304.821899][ T5822] Bluetooth: hci2: command tx timeout
[  304.882104][   T30] audit: type=1326 audit(1742366053.199:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9437 comm="syz.7.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f163e18d169 code=0x7ffc0000
[  305.129757][   T30] audit: type=1326 audit(1742366053.199:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9437 comm="syz.7.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f163e18d169 code=0x7ffc0000
[  305.348429][   T30] audit: type=1326 audit(1742366053.199:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9437 comm="syz.7.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f163e18d169 code=0x7ffc0000
[  305.432252][   T30] audit: type=1326 audit(1742366053.209:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9437 comm="syz.7.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f163e18d169 code=0x7ffc0000
[  305.465209][ T9308] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.878635][ T9308] 8021q: adding VLAN 0 to HW filter on device team0
[  305.921935][   T30] audit: type=1326 audit(1742366053.209:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9437 comm="syz.7.1026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f163e18d169 code=0x7ffc0000
[  306.138117][ T6104] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.145226][ T6104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.200696][ T6104] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.207865][ T6104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.111708][ T5905] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  307.292816][ T9308] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  307.303330][ T9308] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  307.375447][ T5905] usb 9-1: Using ep0 maxpacket: 32
[  307.397706][ T5905] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  307.420933][ T5905] usb 9-1: config 0 has no interface number 0
[  307.472139][ T5905] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  307.514479][ T5905] usb 9-1: config 0 interface 85 has no altsetting 0
[  307.568371][ T5905] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  307.599283][ T5905] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.630631][ T5905] usb 9-1: Product: syz
[  307.641535][ T5905] usb 9-1: Manufacturer: syz
[  307.647682][ T5905] usb 9-1: SerialNumber: syz
[  307.658039][ T5905] usb 9-1: config 0 descriptor??
[  307.968592][ T5905] appletouch 9-1:0.85: Failed to read mode from device.
[  307.986362][ T5905] appletouch 9-1:0.85: probe with driver appletouch failed with error -5
[  308.351226][ T9308] 8021q: adding VLAN 0 to HW filter on device batadv0
[  308.371376][ T9461] netlink: zone id is out of range
[  308.390904][ T9461] netlink: zone id is out of range
[  308.410978][ T9461] netlink: zone id is out of range
[  308.429503][ T9461] netlink: zone id is out of range
[  308.456537][ T9461] netlink: zone id is out of range
[  308.468072][ T9461] netlink: zone id is out of range
[  308.483634][ T9461] netlink: del zone limit has 4 unknown bytes
[  308.608928][ T5827] Bluetooth: hci3: connection err: -111
[  308.651111][ T5905] usb 9-1: USB disconnect, device number 3
[  309.170105][ T9308] veth0_vlan: entered promiscuous mode
[  309.539673][ T9308] veth1_vlan: entered promiscuous mode
[  309.613680][ T9308] veth0_macvtap: entered promiscuous mode
[  309.708405][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  310.163902][ T9308] veth1_macvtap: entered promiscuous mode
[  310.281238][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.312289][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.380497][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.538652][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.548681][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.559367][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.569569][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.592123][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  310.666335][ T5925] libceph: connect (1)[c::]:6789 error -101
[  310.965658][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  310.968241][ T5925] libceph: mon0 (1)[c::]:6789 connect error
[  311.003427][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.029617][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.042320][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.052759][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.063334][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.073925][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.111242][ T9554] ceph: No mds server is up or the cluster is laggy
[  311.119200][ T5925] libceph: connect (1)[c::]:6789 error -101
[  311.125531][ T5925] libceph: mon0 (1)[c::]:6789 connect error
[  311.139978][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.154285][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.182305][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.193056][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.212519][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.249194][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.259848][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.312155][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.322200][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.334544][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.344465][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.389735][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.432508][ T9308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.443292][ T9308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.456306][ T9308] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.484562][ T9308] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.496947][ T9308] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.525001][ T9308] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.542221][ T9308] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.824058][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1049'.
[  312.642422][ T5827] Bluetooth: hci2: command 0x0405 tx timeout
[  312.935413][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.950900][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.027665][ T6104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  313.103408][ T6104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.192585][ T3073] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  313.662728][ T3073] usb 2-1: Using ep0 maxpacket: 32
[  313.696702][ T3073] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  313.732120][ T3073] usb 2-1: config 0 has no interface number 0
[  313.738299][ T3073] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  314.422169][ T3073] usb 2-1: config 0 interface 85 has no altsetting 0
[  314.454530][ T3073] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  314.469367][ T3073] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.481291][ T3073] usb 2-1: Product: syz
[  314.486412][ T3073] usb 2-1: Manufacturer: syz
[  314.491046][ T3073] usb 2-1: SerialNumber: syz
[  314.508842][ T3073] usb 2-1: config 0 descriptor??
[  314.518512][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  314.518528][   T30] audit: type=1400 audit(1742366063.369:465): avc:  denied  { create } for  pid=9595 comm="syz.9.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  314.650626][   T30] audit: type=1400 audit(1742366063.429:466): avc:  denied  { setopt } for  pid=9595 comm="syz.9.998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  314.826255][   T30] audit: type=1400 audit(1742366063.429:467): avc:  denied  { read write } for  pid=9595 comm="syz.9.998" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  314.851314][   T30] audit: type=1400 audit(1742366063.429:468): avc:  denied  { open } for  pid=9595 comm="syz.9.998" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  314.880022][ T3073] appletouch 2-1:0.85: Failed to read mode from device.
[  315.442977][ T9609] netlink: zone id is out of range
[  315.454729][ T3073] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  315.572757][ T9609] netlink: zone id is out of range
[  315.577920][ T9609] netlink: zone id is out of range
[  315.634395][ T9609] netlink: zone id is out of range
[  315.639596][ T9609] netlink: zone id is out of range
[  315.699388][ T9609] netlink: zone id is out of range
[  315.925243][ T9609] netlink: del zone limit has 4 unknown bytes
[  316.040640][ T3073] usb 2-1: USB disconnect, device number 16
[  316.307784][ T9620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1060'.
[  316.848874][   T30] audit: type=1400 audit(1742366065.719:469): avc:  denied  { write } for  pid=5175 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  317.043369][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  317.049736][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  317.083060][   T30] audit: type=1400 audit(1742366065.719:470): avc:  denied  { remove_name } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  317.366143][   T30] audit: type=1400 audit(1742366065.719:471): avc:  denied  { add_name } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  317.534766][ T9623] FAULT_INJECTION: forcing a failure.
[  317.534766][ T9623] name failslab, interval 1, probability 0, space 0, times 0
[  317.589132][ T9623] CPU: 0 UID: 0 PID: 9623 Comm: syz.3.1062 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  317.589163][ T9623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  317.589173][ T9623] Call Trace:
[  317.589179][ T9623]  <TASK>
[  317.589186][ T9623]  dump_stack_lvl+0x16c/0x1f0
[  317.589218][ T9623]  should_fail_ex+0x50a/0x650
[  317.589243][ T9623]  ? fs_reclaim_acquire+0xae/0x150
[  317.589271][ T9623]  should_failslab+0xc2/0x120
[  317.589291][ T9623]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  317.589307][ T9623]  ? fput+0x67/0x440
[  317.589326][ T9623]  ? getname_flags.part.0+0x4c/0x550
[  317.589353][ T9623]  getname_flags.part.0+0x4c/0x550
[  317.589378][ T9623]  __x64_sys_unlink+0xb0/0x110
[  317.589396][ T9623]  do_syscall_64+0xcd/0x250
[  317.589421][ T9623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.589445][ T9623] RIP: 0033:0x7f7abd18d169
[  317.589460][ T9623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.589476][ T9623] RSP: 002b:00007f7abaff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  317.589493][ T9623] RAX: ffffffffffffffda RBX: 00007f7abd3a5fa0 RCX: 00007f7abd18d169
[  317.589504][ T9623] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000280
[  317.589514][ T9623] RBP: 00007f7abaff6090 R08: 0000000000000000 R09: 0000000000000000
[  317.589524][ T9623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.589534][ T9623] R13: 0000000000000000 R14: 00007f7abd3a5fa0 R15: 00007ffebf53ea88
[  317.589556][ T9623]  </TASK>
[  317.785294][ T3455] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.004590][ T3455] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.623836][ T3455] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.940867][ T5827] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  319.951044][ T5827] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  319.960741][ T5827] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  319.972324][ T5827] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  319.985394][ T5827] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  319.993559][ T5827] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  320.677125][ T3455] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.571024][ T3455] bridge_slave_1: left allmulticast mode
[  321.611023][ T3455] bridge_slave_1: left promiscuous mode
[  321.636847][ T3455] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.675306][ T3455] bridge_slave_0: left allmulticast mode
[  321.697299][ T3455] bridge_slave_0: left promiscuous mode
[  321.719024][ T3455] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.942863][   T46] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  322.072252][ T5822] Bluetooth: hci2: command tx timeout
[  322.146504][   T46] usb 9-1: Using ep0 maxpacket: 32
[  322.207765][   T46] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  322.221465][   T46] usb 9-1: config 0 has no interface number 0
[  322.260878][   T46] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  322.322337][   T46] usb 9-1: config 0 interface 85 has no altsetting 0
[  322.345394][   T46] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  322.362113][   T46] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.383880][   T46] usb 9-1: Product: syz
[  322.388213][   T46] usb 9-1: Manufacturer: syz
[  322.398160][   T46] usb 9-1: SerialNumber: syz
[  322.423805][   T46] usb 9-1: config 0 descriptor??
[  322.656534][   T46] appletouch 9-1:0.85: Failed to read mode from device.
[  322.719425][ T5822] Bluetooth: hci4: command tx timeout
[  322.989261][   T46] appletouch 9-1:0.85: probe with driver appletouch failed with error -5
[  323.048886][   T46] usb 9-1: USB disconnect, device number 4
[  323.179864][ T3455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.301217][ T3455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.334842][ T3455] bond0 (unregistering): Released all slaves
[  323.393434][ T9656] chnl_net:caif_netlink_parms(): no params data found
[  324.165322][ T5822] Bluetooth: hci2: command 0x041b tx timeout
[  324.293353][ T9724] [U] .úíøÃ
[  324.412387][ T9656] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.427556][ T9656] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.448350][ T9656] bridge_slave_0: entered allmulticast mode
[  324.465717][ T9656] bridge_slave_0: entered promiscuous mode
[  324.617162][ T9656] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.643477][ T9656] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.836111][ T9656] bridge_slave_1: entered allmulticast mode
[  325.032384][ T9656] bridge_slave_1: entered promiscuous mode
[  325.184892][ T3455] hsr_slave_0: left promiscuous mode
[  325.190591][ T3455] hsr_slave_1: left promiscuous mode
[  325.208796][ T3455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.239802][ T3455] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.219523][ T3455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.234972][ T5822] Bluetooth: hci2: command 0x041b tx timeout
[  326.253242][ T3455] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.331225][ T3455] veth1_macvtap: left promiscuous mode
[  326.337180][ T3455] veth0_macvtap: left promiscuous mode
[  326.359052][ T3455] veth1_vlan: left promiscuous mode
[  326.376329][ T3455] veth0_vlan: left promiscuous mode
[  326.512228][ T5862] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  326.534373][ T5822] Bluetooth: hci0: command 0x0406 tx timeout
[  326.747424][ T9780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1091'.
[  327.259038][ T5862] usb 2-1: Using ep0 maxpacket: 32
[  327.270251][ T5862] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  327.292629][ T5862] usb 2-1: config 0 has no interface number 0
[  327.298790][ T5862] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  327.360444][ T5862] usb 2-1: config 0 interface 85 has no altsetting 0
[  327.374792][ T5862] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  327.402085][ T5862] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.410107][ T5862] usb 2-1: Product: syz
[  327.414731][ T5862] usb 2-1: Manufacturer: syz
[  327.427190][ T5862] usb 2-1: SerialNumber: syz
[  327.453750][ T5862] usb 2-1: config 0 descriptor??
[  327.673889][ T5862] appletouch 2-1:0.85: Failed to read mode from device.
[  327.680927][ T5862] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  327.812845][ T9786] netlink: zone id is out of range
[  327.818115][ T9786] netlink: zone id is out of range
[  327.823778][ T9786] netlink: zone id is out of range
[  327.829434][ T9786] netlink: zone id is out of range
[  327.834964][ T9786] netlink: zone id is out of range
[  327.845483][ T3455] team0 (unregistering): Port device team_slave_1 removed
[  327.850369][ T9786] netlink: zone id is out of range
[  327.865895][ T9786] netlink: del zone limit has 4 unknown bytes
[  327.896427][ T3455] team0 (unregistering): Port device team_slave_0 removed
[  328.312261][ T5822] Bluetooth: hci2: command 0x041b tx timeout
[  328.448185][ T9656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  328.461149][ T9656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.603984][ T5862] usb 2-1: USB disconnect, device number 17
[  328.676384][ T9656] team0: Port device team_slave_0 added
[  328.686217][ T9656] team0: Port device team_slave_1 added
[  328.775159][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  328.812270][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.897345][ T9656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.001174][ T9656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.025097][ T9656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.097518][ T9656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.295684][ T9656] hsr_slave_0: entered promiscuous mode
[  329.321180][ T9656] hsr_slave_1: entered promiscuous mode
[  329.340887][ T9656] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  329.364840][ T9656] Cannot create hsr debugfs directory
[  330.030518][ T5132] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  330.040408][ T5132] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  330.078004][ T5132] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  330.154764][ T5132] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  330.213286][ T5132] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  330.226808][ T5132] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  330.405807][ T5827] Bluetooth: hci2: command 0x041b tx timeout
[  330.657151][ T3455] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.951254][ T3455] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  331.069265][ T9830] FAULT_INJECTION: forcing a failure.
[  331.069265][ T9830] name failslab, interval 1, probability 0, space 0, times 0
[  331.100605][ T9830] CPU: 1 UID: 0 PID: 9830 Comm: syz.1.1102 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  331.100635][ T9830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  331.100645][ T9830] Call Trace:
[  331.100651][ T9830]  <TASK>
[  331.100658][ T9830]  dump_stack_lvl+0x16c/0x1f0
[  331.100691][ T9830]  should_fail_ex+0x50a/0x650
[  331.100718][ T9830]  ? fs_reclaim_acquire+0xae/0x150
[  331.100744][ T9830]  ? tomoyo_realpath_from_path+0xb9/0x720
[  331.100769][ T9830]  should_failslab+0xc2/0x120
[  331.100791][ T9830]  __kmalloc_noprof+0xcb/0x510
[  331.100809][ T9830]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  331.100837][ T9830]  tomoyo_realpath_from_path+0xb9/0x720
[  331.100862][ T9830]  ? tomoyo_path_number_perm+0x235/0x590
[  331.100885][ T9830]  ? tomoyo_path_number_perm+0x235/0x590
[  331.100909][ T9830]  tomoyo_path_number_perm+0x248/0x590
[  331.100930][ T9830]  ? tomoyo_path_number_perm+0x235/0x590
[  331.100954][ T9830]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  331.100998][ T9830]  ? __pfx_lock_release+0x10/0x10
[  331.101021][ T9830]  ? trace_lock_acquire+0x14e/0x1f0
[  331.101052][ T9830]  ? lock_acquire+0x2f/0xb0
[  331.101073][ T9830]  ? __fget_files+0x40/0x3a0
[  331.101093][ T9830]  ? __fget_files+0x206/0x3a0
[  331.101114][ T9830]  security_file_ioctl+0x9b/0x240
[  331.101140][ T9830]  __x64_sys_ioctl+0xb7/0x200
[  331.101166][ T9830]  do_syscall_64+0xcd/0x250
[  331.101192][ T9830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.101215][ T9830] RIP: 0033:0x7f73c5f8d169
[  331.101230][ T9830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.101247][ T9830] RSP: 002b:00007f73c6dec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  331.101263][ T9830] RAX: ffffffffffffffda RBX: 00007f73c61a5fa0 RCX: 00007f73c5f8d169
[  331.101275][ T9830] RDX: 00004000000000c0 RSI: 0000000040383d0c RDI: 0000000000000003
[  331.101285][ T9830] RBP: 00007f73c6dec090 R08: 0000000000000000 R09: 0000000000000000
[  331.101294][ T9830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.101303][ T9830] R13: 0000000000000000 R14: 00007f73c61a5fa0 R15: 00007ffc21a66fd8
[  331.101326][ T9830]  </TASK>
[  331.101334][ T9830] ERROR: Out of memory at tomoyo_realpath_from_path.
[  331.641729][ T3455] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.194270][ T3455] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.477431][ T5827] Bluetooth: hci1: command tx timeout
[  332.484492][ T5822] Bluetooth: hci2: command 0x041b tx timeout
[  332.501115][ T9848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1105'.
[  333.315272][ T9811] chnl_net:caif_netlink_parms(): no params data found
[  333.408437][ T5862] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  333.562041][ T5862] usb 9-1: Using ep0 maxpacket: 8
[  333.731545][ T5862] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  333.905691][ T5862] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  334.060735][ T5862] usb 9-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  334.087819][ T5862] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.143489][ T5862] usb 9-1: Product: syz
[  334.151080][ T5862] usb 9-1: Manufacturer: syz
[  334.162470][ T5862] usb 9-1: SerialNumber: syz
[  334.193691][ T5862] usb 9-1: config 0 descriptor??
[  334.562505][ T5822] Bluetooth: hci2: command 0x041b tx timeout
[  334.562514][ T5827] Bluetooth: hci1: command tx timeout
[  334.754136][ T5862] usb 9-1: USB disconnect, device number 5
[  334.895589][ T9811] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.089339][ T9811] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.107324][ T9811] bridge_slave_0: entered allmulticast mode
[  335.139479][ T9811] bridge_slave_0: entered promiscuous mode
[  335.158843][ T9811] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.178179][ T9811] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.424112][ T9811] bridge_slave_1: entered allmulticast mode
[  335.446291][ T9811] bridge_slave_1: entered promiscuous mode
[  336.632793][ T5822] Bluetooth: hci1: command tx timeout
[  336.760889][ T3455] bridge_slave_1: left allmulticast mode
[  336.775085][ T3455] bridge_slave_1: left promiscuous mode
[  336.810582][ T3455] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.830679][   T30] audit: type=1400 audit(1742366085.699:472): avc:  denied  { create } for  pid=9905 comm="syz.3.1117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  336.881440][ T3455] bridge_slave_0: left allmulticast mode
[  336.896436][ T3455] bridge_slave_0: left promiscuous mode
[  336.906415][ T3455] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.116483][ T5821] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  337.282159][ T5821] usb 4-1: Using ep0 maxpacket: 8
[  337.315047][ T5821] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  337.330801][ T5821] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  337.360942][ T5821] usb 4-1: config 0 has no interface number 0
[  337.379882][ T5821] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  337.420537][ T5821] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  337.486097][ T5821] usb 4-1: config 0 interface 52 has no altsetting 0
[  337.516731][ T5821] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  337.556803][ T5821] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  337.577088][ T5821] usb 4-1: Manufacturer: syz
[  337.619116][ T5821] usb 4-1: config 0 descriptor??
[  337.758484][ T3455] dvmrp0 (unregistering): left allmulticast mode
[  337.921784][ T5821] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input21
[  338.336864][ T9906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.400532][ T9906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.482456][ T9906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.516794][ T9906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.566854][ T5822] Bluetooth: hci3: unexpected subevent 0x04 length: 232 > 11
[  338.584350][   T30] audit: type=1400 audit(1742366087.459:473): avc:  denied  { create } for  pid=9905 comm="syz.3.1117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  338.676306][   T30] audit: type=1400 audit(1742366087.549:474): avc:  denied  { sys_admin } for  pid=9905 comm="syz.3.1117" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  338.718687][ T5822] Bluetooth: hci1: command tx timeout
[  338.915657][   T30] audit: type=1400 audit(1742366087.789:475): avc:  denied  { setopt } for  pid=9905 comm="syz.3.1117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  338.967638][ T3455] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.990975][ T3455] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  339.013964][ T3455] bond0 (unregistering): Released all slaves
[  339.040465][ T9811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  339.122927][ T9811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  339.713354][ T9929] IPVS: set_ctl: invalid protocol: 60 127.0.0.1:20002
[  339.778116][ T9811] team0: Port device team_slave_0 added
[  339.839098][ T9811] team0: Port device team_slave_1 added
[  341.272155][ T3455] hsr_slave_0: left promiscuous mode
[  341.320360][ T3455] hsr_slave_1: left promiscuous mode
[  341.576429][ T3455] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  341.616958][ T3455] batman_adv: batadv0: Removing interface: batadv_slave_0
[  341.679904][ T3455] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  341.953835][ T3455] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.414233][ T3455] veth1_macvtap: left promiscuous mode
[  342.446184][ T3455] veth0_macvtap: left promiscuous mode
[  342.472383][ T3455] veth1_vlan: left promiscuous mode
[  342.501099][ T3455] veth0_vlan: left promiscuous mode
[  344.156321][ T5821] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  344.362210][ T5821] usb 2-1: Using ep0 maxpacket: 8
[  344.407559][ T5821] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  344.428667][ T5821] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  344.451547][ T5821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.511947][ T9957] FAULT_INJECTION: forcing a failure.
[  344.511947][ T9957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  344.541548][ T9957] CPU: 1 UID: 0 PID: 9957 Comm: syz.3.1130 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  344.541577][ T9957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  344.541588][ T9957] Call Trace:
[  344.541593][ T9957]  <TASK>
[  344.541600][ T9957]  dump_stack_lvl+0x16c/0x1f0
[  344.541630][ T9957]  should_fail_ex+0x50a/0x650
[  344.541659][ T9957]  _copy_from_user+0x2e/0xd0
[  344.541678][ T9957]  do_ipv6_setsockopt+0x956/0x4520
[  344.541707][ T9957]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  344.541734][ T9957]  ? trace_lock_acquire+0x14e/0x1f0
[  344.541756][ T9957]  ? lock_acquire+0x2f/0xb0
[  344.541778][ T9957]  ? avc_has_perm_noaudit+0x61/0x3a0
[  344.541800][ T9957]  ? avc_has_perm_noaudit+0x143/0x3a0
[  344.541821][ T9957]  ? avc_has_perm+0x11b/0x1c0
[  344.541839][ T9957]  ? __pfx_avc_has_perm+0x10/0x10
[  344.541860][ T9957]  ? hlock_class+0x4e/0x130
[  344.541881][ T9957]  ? sock_has_perm+0x25a/0x2f0
[  344.541905][ T9957]  ? ipv6_setsockopt+0xcb/0x170
[  344.541926][ T9957]  ipv6_setsockopt+0xcb/0x170
[  344.541950][ T9957]  rawv6_setsockopt+0xd7/0x680
[  344.541970][ T9957]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  344.541991][ T9957]  ? selinux_socket_setsockopt+0x6a/0x80
[  344.542009][ T9957]  ? sock_common_setsockopt+0x2e/0xf0
[  344.542029][ T9957]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  344.542048][ T9957]  do_sock_setsockopt+0x222/0x480
[  344.542067][ T9957]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  344.542086][ T9957]  ? lock_acquire+0x2f/0xb0
[  344.542119][ T9957]  __sys_setsockopt+0x1a0/0x230
[  344.542147][ T9957]  __x64_sys_setsockopt+0xbd/0x160
[  344.542169][ T9957]  ? do_syscall_64+0x91/0x250
[  344.542192][ T9957]  ? lockdep_hardirqs_on+0x7c/0x110
[  344.542213][ T9957]  do_syscall_64+0xcd/0x250
[  344.542244][ T9957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  344.542267][ T9957] RIP: 0033:0x7f7abd18d169
[  344.542281][ T9957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  344.542296][ T9957] RSP: 002b:00007f7abaff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  344.542314][ T9957] RAX: ffffffffffffffda RBX: 00007f7abd3a5fa0 RCX: 00007f7abd18d169
[  344.542325][ T9957] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  344.542334][ T9957] RBP: 00007f7abaff6090 R08: 00000000000004c0 R09: 0000000000000000
[  344.542345][ T9957] R10: 00004000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  344.542354][ T9957] R13: 0000000000000000 R14: 00007f7abd3a5fa0 R15: 00007ffebf53ea88
[  344.542376][ T9957]  </TASK>
[  345.168910][   T30] audit: type=1400 audit(1742366094.039:476): avc:  denied  { ioctl } for  pid=9956 comm="syz.3.1130" path="socket:[31892]" dev="sockfs" ino=31892 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  345.841618][ T3455] team0 (unregistering): Port device team_slave_1 removed
[  345.978082][ T5821] usb 4-1: USB disconnect, device number 11
[  345.984121][    C1] synaptics_usb 4-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  346.020213][ T3455] team0 (unregistering): Port device team_slave_0 removed
[  346.919639][ T9811] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.932101][ T9811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.968168][ T9811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.250547][  T972] usb 2-1: USB disconnect, device number 18
[  347.698447][ T9957] 
: renamed from bond0 (while UP)
[  347.815870][ T9811] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.834974][ T9811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.337617][ T9811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.866252][ T9811] hsr_slave_0: entered promiscuous mode
[  355.921277][ T9811] hsr_slave_1: entered promiscuous mode
[  356.178560][ T9811] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  356.301981][    C0] sched: DL replenish lagged too much
[  356.846208][ T9974] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1135'.
[  357.166773][ T9811] Cannot create hsr debugfs directory
[  358.181456][ T9656] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  358.218388][ T9656] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  358.353321][ T9656] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  358.422591][ T9656] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  358.759499][ T9978] overlayfs: missing 'lowerdir'
[  358.936560][ T9981] FAULT_INJECTION: forcing a failure.
[  358.936560][ T9981] name failslab, interval 1, probability 0, space 0, times 0
[  358.950124][ T9981] CPU: 1 UID: 0 PID: 9981 Comm: syz.3.1136 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  358.950148][ T9981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  358.950158][ T9981] Call Trace:
[  358.950164][ T9981]  <TASK>
[  358.950171][ T9981]  dump_stack_lvl+0x16c/0x1f0
[  358.950203][ T9981]  should_fail_ex+0x50a/0x650
[  358.950228][ T9981]  ? fs_reclaim_acquire+0xae/0x150
[  358.950255][ T9981]  ? sock_kmalloc+0x111/0x170
[  358.950272][ T9981]  should_failslab+0xc2/0x120
[  358.950293][ T9981]  __kmalloc_noprof+0xcb/0x510
[  358.950313][ T9981]  ? mark_held_locks+0x9f/0xe0
[  358.950339][ T9981]  sock_kmalloc+0x111/0x170
[  358.950358][ T9981]  alg_setsockopt+0x401/0xee0
[  358.950386][ T9981]  ? __pfx_alg_setsockopt+0x10/0x10
[  358.950414][ T9981]  ? selinux_socket_setsockopt+0x6a/0x80
[  358.950438][ T9981]  ? __pfx_alg_setsockopt+0x10/0x10
[  358.950463][ T9981]  do_sock_setsockopt+0x222/0x480
[  358.950482][ T9981]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  358.950501][ T9981]  ? lock_acquire+0x2f/0xb0
[  358.950535][ T9981]  __sys_setsockopt+0x1a0/0x230
[  358.950564][ T9981]  __x64_sys_setsockopt+0xbd/0x160
[  358.950587][ T9981]  ? do_syscall_64+0x91/0x250
[  358.950610][ T9981]  ? lockdep_hardirqs_on+0x7c/0x110
[  358.950632][ T9981]  do_syscall_64+0xcd/0x250
[  358.950656][ T9981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.950679][ T9981] RIP: 0033:0x7f7abd18d169
[  358.950694][ T9981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.950710][ T9981] RSP: 002b:00007f7abafd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  358.950727][ T9981] RAX: ffffffffffffffda RBX: 00007f7abd3a6080 RCX: 00007f7abd18d169
[  358.950738][ T9981] RDX: 0000000000000001 RSI: 0000000000000117 RDI: 0000000000000007
[  358.950747][ T9981] RBP: 00007f7abafd5090 R08: 0000000000000020 R09: 0000000000000000
[  358.950757][ T9981] R10: 0000400000000300 R11: 0000000000000246 R12: 0000000000000001
[  358.950767][ T9981] R13: 0000000000000000 R14: 00007f7abd3a6080 R15: 00007ffebf53ea88
[  358.950789][ T9981]  </TASK>
[  361.808188][ T9811] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  362.436484][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  378.603956][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  378.613920][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  440.012203][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  501.281922][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  501.288928][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P2/1:b..l P5182/1:b..l
[  501.298290][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=30805, q=239 ncpus=2)
[  501.306019][    C0] task:klogd           state:R  running task     stack:24240 pid:5182  tgid:5182  ppid:1      task_flags:0x400100 flags:0x00000002
[  501.320906][    C0] Call Trace:
[  501.324209][    C0]  <TASK>
[  501.327148][    C0]  __schedule+0xf43/0x5890
[  501.331583][    C0]  ? __pfx_mark_lock+0x10/0x10
[  501.336372][    C0]  ? __pfx___schedule+0x10/0x10
[  501.341238][    C0]  ? hlock_class+0x4e/0x130
[  501.345747][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  501.350792][    C0]  ? mark_held_locks+0x9f/0xe0
[  501.355574][    C0]  preempt_schedule_irq+0x51/0x90
[  501.360604][    C0]  irqentry_exit+0x36/0x90
[  501.365029][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  501.371041][    C0] RIP: 0010:stack_trace_consume_entry+0xf7/0x170
[  501.377382][    C0] Code: 89 ea 48 c1 ea 03 80 3c 02 00 75 64 48 89 75 00 8b 43 08 39 43 10 0f 92 c0 48 83 c4 08 5b 5d c3 cc cc cc cc 83 e8 01 89 43 0c <48> 83 c4 08 b8 01 00 00 00 5b 5d c3 cc cc cc cc 48 89 34 24 e8 a0
[  501.397006][    C0] RSP: 0018:ffffc900046574a0 EFLAGS: 00000202
[  501.403088][    C0] RAX: 0000000000000002 RBX: ffffc90004657580 RCX: ffffc90004657558
[  501.411067][    C0] RDX: 0000000000000000 RSI: ffffffff81a5b155 RDI: ffffc9000465758c
[  501.419055][    C0] RBP: 0000000000000000 R08: ffffc900046574f4 R09: ffffffff90f48f4a
[  501.427040][    C0] R10: ffffc900046574c0 R11: 000000000000606d R12: ffffffff81a5adc0
[  501.435027][    C0] R13: ffffc90004657580 R14: 0000000000000000 R15: ffff88807a97c880
[  501.443008][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  501.449177][    C0]  ? stack_trace_save+0x95/0xd0
[  501.454041][    C0]  ? unwind_get_return_address+0x59/0xa0
[  501.459714][    C0]  arch_stack_walk+0x86/0x100
[  501.464402][    C0]  ? stack_trace_save+0x95/0xd0
[  501.469262][    C0]  stack_trace_save+0x95/0xd0
[  501.473946][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  501.479333][    C0]  save_stack+0x162/0x1f0
[  501.483688][    C0]  ? __pfx_save_stack+0x10/0x10
[  501.488554][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  501.494217][    C0]  __reset_page_owner+0x8d/0x400
[  501.499172][    C0]  free_frozen_pages+0x6db/0xfb0
[  501.504128][    C0]  __put_partials+0x14c/0x170
[  501.508823][    C0]  qlist_free_all+0x4e/0x120
[  501.513427][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[  501.518898][    C0]  __kasan_kmalloc+0x8a/0xb0
[  501.523527][    C0]  __kmalloc_node_track_caller_noprof+0x222/0x510
[  501.529952][    C0]  ? rcu_watching_snap_stopped_since+0xe1/0x110
[  501.536231][    C0]  ? __alloc_skb+0x164/0x380
[  501.540837][    C0]  kmalloc_reserve+0xef/0x2c0
[  501.545526][    C0]  __alloc_skb+0x164/0x380
[  501.549960][    C0]  ? __pfx___alloc_skb+0x10/0x10
[  501.554997][    C0]  ? find_held_lock+0x2d/0x110
[  501.559769][    C0]  alloc_skb_with_frags+0xe4/0x850
[  501.564886][    C0]  ? __pfx_lock_release+0x10/0x10
[  501.569930][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  501.575138][    C0]  sock_alloc_send_pskb+0x7f1/0x980
[  501.580364][    C0]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  501.586094][    C0]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  501.592438][    C0]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  501.599131][    C0]  ? kasan_quarantine_put+0x10a/0x240
[  501.604528][    C0]  unix_dgram_sendmsg+0x45e/0x1880
[  501.609735][    C0]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  501.616509][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  501.621719][    C0]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  501.627283][    C0]  __sys_sendto+0x488/0x4f0
[  501.631798][    C0]  ? __pfx___sys_sendto+0x10/0x10
[  501.636840][    C0]  ? rcu_is_watching+0x12/0xc0
[  501.641618][    C0]  ? xfd_validate_state+0x5d/0x180
[  501.646739][    C0]  ? rcu_is_watching+0x12/0xc0
[  501.651512][    C0]  __x64_sys_sendto+0xe0/0x1c0
[  501.656288][    C0]  ? do_syscall_64+0x91/0x250
[  501.660993][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  501.666197][    C0]  do_syscall_64+0xcd/0x250
[  501.670713][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.676616][    C0] RIP: 0033:0x7fdd565439b5
[  501.681033][    C0] RSP: 002b:00007ffd337f4308 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  501.689458][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdd565439b5
[  501.697434][    C0] RDX: 000000000000005f RSI: 00005640e38ee770 RDI: 0000000000000003
[  501.705410][    C0] RBP: 00005640e38e62c0 R08: 0000000000000000 R09: 0000000000000000
[  501.713388][    C0] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013
[  501.721363][    C0] R13: 00007fdd566d1212 R14: 00007ffd337f4408 R15: 0000000000000000
[  501.729358][    C0]  </TASK>
[  501.732382][    C0] task:kthreadd        state:R  running task     stack:26400 pid:2     tgid:2     ppid:0      task_flags:0x208040 flags:0x00004000
[  501.745893][    C0] Call Trace:
[  501.749174][    C0]  <TASK>
[  501.752109][    C0]  __schedule+0xf43/0x5890
[  501.756536][    C0]  ? __pfx_mark_lock+0x10/0x10
[  501.761318][    C0]  ? __pfx___schedule+0x10/0x10
[  501.766176][    C0]  ? hlock_class+0x4e/0x130
[  501.770704][    C0]  ? irqentry_exit+0x3b/0x90
[  501.775323][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  501.780531][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[  501.785914][    C0]  preempt_schedule_common+0x44/0xc0
[  501.791223][    C0]  preempt_schedule_thunk+0x1a/0x30
[  501.796532][    C0]  unwind_next_frame+0x1776/0x20c0
[  501.801955][    C0]  ? __put_partials+0x14c/0x170
[  501.806849][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  501.813016][    C0]  arch_stack_walk+0x95/0x100
[  501.817723][    C0]  ? qlist_free_all+0x4e/0x120
[  501.822515][    C0]  stack_trace_save+0x95/0xd0
[  501.827207][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  501.832600][    C0]  save_stack+0x162/0x1f0
[  501.836945][    C0]  ? __pfx_save_stack+0x10/0x10
[  501.841812][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  501.847482][    C0]  ? free_frozen_pages+0x6db/0xfb0
[  501.852595][    C0]  ? __put_partials+0x14c/0x170
[  501.857471][    C0]  __reset_page_owner+0x8d/0x400
[  501.862423][    C0]  free_frozen_pages+0x6db/0xfb0
[  501.867394][    C0]  __put_partials+0x14c/0x170
[  501.872094][    C0]  qlist_free_all+0x4e/0x120
[  501.876704][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[  501.882196][    C0]  __kasan_slab_alloc+0x69/0x90
[  501.887054][    C0]  kmem_cache_alloc_noprof+0x226/0x3d0
[  501.892517][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  501.897894][    C0]  ? copy_sighand+0x43/0x2c0
[  501.902504][    C0]  copy_sighand+0x43/0x2c0
[  501.906938][    C0]  copy_process+0x272c/0x8c50
[  501.911646][    C0]  ? hlock_class+0x4e/0x130
[  501.916679][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  501.921727][    C0]  ? __pfx_copy_process+0x10/0x10
[  501.926760][    C0]  ? hlock_class+0x4e/0x130
[  501.931275][    C0]  ? mark_lock+0xb5/0xc60
[  501.935615][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  501.940852][    C0]  ? __pfx_mark_lock+0x10/0x10
[  501.945637][    C0]  ? find_held_lock+0x2d/0x110
[  501.950416][    C0]  ? __pfx_lock_release+0x10/0x10
[  501.955457][    C0]  ? rcu_is_watching+0x12/0xc0
[  501.960234][    C0]  kernel_clone+0xfd/0x960
[  501.964659][    C0]  ? hlock_class+0x4e/0x130
[  501.969167][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  501.974201][    C0]  ? __pfx_kernel_clone+0x10/0x10
[  501.979236][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  501.984441][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  501.989659][    C0]  ? lockdep_hardirqs_on_prepare+0x391/0x420
[  501.995665][    C0]  ? __pfx_kthread+0x10/0x10
[  502.000267][    C0]  kernel_thread+0xd5/0x120
[  502.004779][    C0]  ? __pfx_kernel_thread+0x10/0x10
[  502.009892][    C0]  ? lock_acquire.part.0+0x11b/0x380
[  502.015196][    C0]  ? __pfx_kthread+0x10/0x10
[  502.019806][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  502.025192][    C0]  ? lock_acquire+0x2f/0xb0
[  502.029706][    C0]  ? kthreadd+0x382/0x7d0
[  502.034050][    C0]  kthreadd+0x4ef/0x7d0
[  502.038213][    C0]  ? __pfx_kthreadd+0x10/0x10
[  502.042899][    C0]  ret_from_fork+0x45/0x80
[  502.047350][    C0]  ? __pfx_kthreadd+0x10/0x10
[  502.052038][    C0]  ret_from_fork_asm+0x1a/0x30
[  502.056818][    C0]  </TASK>
[  502.059845][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g30805 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  502.071051][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  502.081034][    C0] rcu: RCU grace-period kthread stack dump:
[  502.086927][    C0] task:rcu_preempt     state:R  running task     stack:27072 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00004000
[  502.100430][    C0] Call Trace:
[  502.103735][    C0]  <TASK>
[  502.106678][    C0]  __schedule+0xf43/0x5890
[  502.111105][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  502.116340][    C0]  ? __pfx___schedule+0x10/0x10
[  502.121219][    C0]  ? schedule+0x298/0x350
[  502.125590][    C0]  ? __pfx_lock_release+0x10/0x10
[  502.130634][    C0]  ? lock_acquire+0x2f/0xb0
[  502.135165][    C0]  ? schedule+0x1fd/0x350
[  502.139511][    C0]  schedule+0xe7/0x350
[  502.143596][    C0]  schedule_timeout+0x124/0x280
[  502.148452][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  502.153867][    C0]  ? __pfx_process_timeout+0x10/0x10
[  502.159165][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  502.164989][    C0]  ? prepare_to_swait_event+0xf3/0x470
[  502.170498][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[  502.175280][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  502.180576][    C0]  ? rcu_gp_init+0xc82/0x1630
[  502.185263][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  502.190474][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  502.196300][    C0]  rcu_gp_kthread+0x271/0x380
[  502.200990][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  502.206198][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  502.211409][    C0]  ? __kthread_parkme+0x148/0x220
[  502.216914][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  502.222130][    C0]  kthread+0x3af/0x750
[  502.226231][    C0]  ? __pfx_kthread+0x10/0x10
[  502.230835][    C0]  ? __pfx_kthread+0x10/0x10
[  502.235459][    C0]  ret_from_fork+0x45/0x80
[  502.239883][    C0]  ? __pfx_kthread+0x10/0x10
[  502.244486][    C0]  ret_from_fork_asm+0x1a/0x30
[  502.249267][    C0]  </TASK>
[  502.252287][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  502.258611][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0
[  502.268939][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  502.279000][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[  502.285428][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 a6 ac 3c f6 48 89 df e8 fe 2b 3d f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 45 01 2e f6 65 8b 05 06 d3 a9 74 85 c0 74 16 5b
[  502.305049][    C0] RSP: 0018:ffffc90000006dd8 EFLAGS: 00000246
[  502.311126][    C0] RAX: 0000000000000006 RBX: ffff8880b86404c8 RCX: 1ffffffff20c44d1
[  502.319113][    C0] RDX: 0000000000000000 RSI: ffffffff8b6cfc80 RDI: ffffffff8bd369a0
[  502.327093][    C0] RBP: 0000000000000246 R08: 0000000000000001 R09: 0000000000000001
[  502.335072][    C0] R10: ffffffff90626a17 R11: 0000000000000005 R12: ffff888226887c80
[  502.343052][    C0] R13: ffff8880b86404c0 R14: ffff8880b86404b0 R15: 0000000000000001
[  502.351031][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  502.359973][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  502.366567][    C0] CR2: 00007fb062781a0a CR3: 0000000077e14000 CR4: 00000000003526f0
[  502.374552][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  502.382527][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  502.390504][    C0] Call Trace:
[  502.393787][    C0]  <IRQ>
[  502.396642][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  502.402981][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  502.408181][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[  502.413655][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  502.419295][    C0]  ? find_held_lock+0x2d/0x110
[  502.424070][    C0]  ? rcu_is_watching+0x12/0xc0
[  502.428840][    C0]  ? update_process_times+0x178/0x2d0
[  502.434223][    C0]  ? __pfx_update_process_times+0x10/0x10
[  502.439960][    C0]  ? read_tsc+0x9/0x20
[  502.444034][    C0]  ? ktime_get+0x1a7/0x310
[  502.448458][    C0]  ? tick_nohz_handler+0x376/0x530
[  502.453578][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  502.459038][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[  502.464419][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  502.470137][    C0]  ? read_tsc+0x9/0x20
[  502.474217][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[  502.479340][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  502.485506][    C0]  ? sysvec_apic_timer_interrupt+0x52/0xc0
[  502.491319][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  502.497514][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x80
[  502.503332][    C0]  enqueue_to_backlog+0x373/0xe60
[  502.508360][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  502.514277][    C0]  netif_rx_internal+0x108/0x5f0
[  502.519221][    C0]  ? __pfx_netif_rx_internal+0x10/0x10
[  502.524680][    C0]  ? eth_type_trans+0x336/0x7a0
[  502.529551][    C0]  ? __pfx_eth_type_trans+0x10/0x10
[  502.534766][    C0]  ? save_trace+0x940/0xb60
[  502.539286][    C0]  ? rcu_is_watching+0x12/0xc0
[  502.544064][    C0]  __netif_rx+0x88/0xb0
[  502.548241][    C0]  loopback_xmit+0x284/0x700
[  502.552852][    C0]  dev_hard_start_xmit+0x9a/0x7b0
[  502.557897][    C0]  __dev_queue_xmit+0x7f0/0x43e0
[  502.562850][    C0]  ? hlock_class+0x4e/0x130
[  502.567360][    C0]  ? __lock_acquire+0x15a9/0x3c40
[  502.572398][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  502.577787][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  502.583010][    C0]  ? find_held_lock+0x2d/0x110
[  502.587782][    C0]  ? ip6_finish_output+0x3f9/0x1360
[  502.592999][    C0]  ? __pfx_lock_release+0x10/0x10
[  502.598045][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  502.603248][    C0]  ? ip6_finish_output+0x3f9/0x1360
[  502.608460][    C0]  ip6_finish_output2+0xed9/0x20a0
[  502.613587][    C0]  ip6_finish_output+0x3f9/0x1360
[  502.618642][    C0]  ip6_output+0x1f8/0x540
[  502.622988][    C0]  ? __pfx_ip6_output+0x10/0x10
[  502.627849][    C0]  ip6_local_out+0xcd/0x4a0
[  502.632358][    C0]  synproxy_send_tcp_ipv6+0x5a5/0x690
[  502.637746][    C0]  ? __pfx_cookie_hash.isra.0+0x10/0x10
[  502.643301][    C0]  ? __pfx_synproxy_send_tcp_ipv6+0x10/0x10
[  502.649216][    C0]  ? __cookie_v6_init_sequence+0x2d3/0x3c0
[  502.655054][    C0]  synproxy_send_client_synack_ipv6+0x636/0x7e0
[  502.661311][    C0]  ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10
[  502.668112][    C0]  nft_synproxy_do_eval+0x923/0xd60
[  502.673324][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  502.679062][    C0]  ? hlock_class+0x4e/0x130
[  502.683572][    C0]  ? mark_lock+0xb5/0xc60
[  502.687914][    C0]  ? __pfx_nft_synproxy_eval+0x10/0x10
[  502.693386][    C0]  nft_do_chain+0x2e6/0x18f0
[  502.697987][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  502.703201][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  502.708250][    C0]  ? __pfx_nf_nat_ipv6_fn+0x10/0x10
[  502.713458][    C0]  nft_do_chain_inet+0x18b/0x350
[  502.718407][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  502.723878][    C0]  ? nf_nat_ipv6_local_in+0x3aa/0x690
[  502.729258][    C0]  ? rcu_is_watching+0x12/0xc0
[  502.734027][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  502.739246][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  502.744731][    C0]  nf_hook_slow+0xbb/0x200
[  502.749171][    C0]  nf_hook.constprop.0+0x42e/0x750
[  502.754306][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[  502.759699][    C0]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  502.765352][    C0]  ? rcu_is_watching+0x12/0xc0
[  502.770135][    C0]  ? __pfx_ip6_input_finish+0x10/0x10
[  502.775527][    C0]  ? ip6_input+0x34/0x2f0
[  502.779961][    C0]  ip6_input+0xe0/0x2f0
[  502.784129][    C0]  ? __pfx_ip6_input+0x10/0x10
[  502.788989][    C0]  ipv6_rcv+0x265/0x680
[  502.793178][    C0]  ? __pfx_ipv6_rcv+0x10/0x10
[  502.797889][    C0]  __netif_receive_skb_one_core+0x12e/0x1e0
[  502.803796][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  502.810231][    C0]  ? rcu_is_watching+0x12/0xc0
[  502.815010][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  502.820388][    C0]  ? process_backlog+0x3f1/0x15f0
[  502.825430][    C0]  ? process_backlog+0x3f1/0x15f0
[  502.830473][    C0]  __netif_receive_skb+0x1d/0x160
[  502.835509][    C0]  process_backlog+0x443/0x15f0
[  502.840374][    C0]  __napi_poll.constprop.0+0xb7/0x550
[  502.845758][    C0]  net_rx_action+0xa94/0x1010
[  502.850477][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  502.855607][    C0]  ? sched_balance_domains+0x285/0xec0
[  502.861095][    C0]  handle_softirqs+0x213/0x8f0
[  502.865875][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  502.871176][    C0]  __irq_exit_rcu+0x109/0x170
[  502.875865][    C0]  irq_exit_rcu+0x9/0x30
[  502.880114][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  502.885753][    C0]  </IRQ>
[  502.888682][    C0]  <TASK>
[  502.891613][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  502.897603][    C0] RIP: 0010:acpi_safe_halt+0x1a/0x20
[  502.902902][    C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 65 48 8b 05 08 38 ac 74 48 8b 00 a8 08 75 0c 66 90 0f 00 2d f8 1b 87 00 fb f4 <fa> c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  502.922524][    C0] RSP: 0018:ffffffff8de07d70 EFLAGS: 00000246
[  502.928602][    C0] RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff8b578469
[  502.936599][    C0] RDX: 0000000000000001 RSI: ffff888141693000 RDI: ffff888141693064
[  502.944577][    C0] RBP: ffff888141693064 R08: 0000000000000001 R09: ffffed10170c6f85
[  502.952568][    C0] R10: ffff8880b8637c2b R11: 0000000000000000 R12: ffff88801e73b800
[  502.960557][    C0] R13: ffffffff8ee2eba0 R14: 0000000000000000 R15: 0000000000000000
[  502.968552][    C0]  ? ct_kernel_exit+0x139/0x190
[  502.973427][    C0]  acpi_idle_enter+0xc5/0x160
[  502.978144][    C0]  cpuidle_enter_state+0xaa/0x4f0
[  502.983195][    C0]  ? __pfx_tsc_verify_tsc_adjust+0x10/0x10
[  502.989023][    C0]  cpuidle_enter+0x4e/0xa0
[  502.993453][    C0]  do_idle+0x310/0x3f0
[  502.997533][    C0]  ? __pfx_do_idle+0x10/0x10
[  503.002138][    C0]  ? do_idle+0x8/0x3f0
[  503.006226][    C0]  cpu_startup_entry+0x4f/0x60
[  503.011003][    C0]  rest_init+0x16b/0x2b0
[  503.015254][    C0]  ? acpi_subsystem_init+0x133/0x180
[  503.020553][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  503.026108][    C0]  start_kernel+0x3e9/0x4d0
[  503.030621][    C0]  x86_64_start_reservations+0x18/0x30
[  503.036085][    C0]  x86_64_start_kernel+0xb2/0xc0
[  503.041026][    C0]  common_startup_64+0x13e/0x148
[  503.045986][    C0]  </TASK>
[  503.986096][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  506.635153][ T5827] Bluetooth: hci4: command 0x0406 tx timeout
[  506.641212][ T5827] Bluetooth: hci2: command 0x041b tx timeout
[  506.651878][ T5827] Bluetooth: hci1: command 0x0406 tx timeout
[  508.104016][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  508.114168][ T1291] ieee802154 phy1 wpan1: encryption failed: -22