last executing test programs:

6m51.187087201s ago: executing program 32 (id=126):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f00000000c0)=0x1)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

6m17.195650282s ago: executing program 33 (id=202):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r2, &(0x7f0000000000)={0x1a, 0x337, 0x8, 0x91, 0x0, 0x10, @broadcast}, 0x10)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x7)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
r4 = syz_io_uring_setup(0x204, &(0x7f0000000480)={0x0, 0x507e}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8802, 0x0)
r8 = dup(r7)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x4, r8, 0x0, 0x0, 0x0, 0x80800, 0x1})
io_uring_enter(r4, 0x47ba, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44045}, 0x10)

5m58.085742844s ago: executing program 0 (id=243):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioperm(0x0, 0xbea, 0x4)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000080)={0x6c, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000010c0)=[{&(0x7f0000000000)=""/4096, 0x1000}, {&(0x7f0000001000)=""/146, 0x92}], 0x2, 0x2, 0x5)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='cmdline\x00')
read$FUSE(r2, &(0x7f0000002900)={0x2020}, 0x2020)
bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0xf7, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
syz_emit_ethernet(0xfc1, &(0x7f00000013c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0xfb3, 0x0, 0x0, 0x0, 0x84, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0xe}}, "dd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db77082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d547cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bde854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f82bf5d07210281eaad09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc3"}}}}, 0x0)

5m57.832765722s ago: executing program 0 (id=246):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r2, &(0x7f0000000380)={{0x6, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x2}, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
accept4$netrom(r2, 0x0, 0x0, 0x80000)
accept4(r2, 0x0, 0x0, 0x80800)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x4, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x2, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0xa38b, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000480)={0x2e, 0x1, 0x2, "8eb8a828e93b0ff1dd01da7a41bfeac48048beb159fbba176fb1de260b8c68d9", 0x35315258})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r7 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa4b)
write$FUSE_CREATE_OPEN(r7, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r7, r7, &(0x7f0000000080), 0x7f03)

5m53.575750963s ago: executing program 0 (id=255):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='cachefiles_vol_coherency\x00', r0, 0x0, 0x2}, 0x18)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xa0}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
writev(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
lsetxattr$security_capability(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000480), &(0x7f0000000500)=@v2={0x2000000, [{0x7f, 0x8}, {0x4, 0x7}]}, 0x14, 0x1)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
getpriority(0x0, 0x0)
mq_open(0x0, 0x40, 0x9, &(0x7f0000000440)={0x2000000020, 0x8001, 0x500947db, 0x5})
r4 = creat(&(0x7f00000004c0)='./bus\x00', 0x40)
write$cgroup_int(r4, &(0x7f00000003c0)=0xd9d, 0x12)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

5m51.677183063s ago: executing program 0 (id=259):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x1cd)
fcntl$notify(r0, 0x402, 0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x42)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[@ANYBLOB="28000000100037042bbd70000000000000000000550b43a6b57db8adf99e7673fefe3157db79446d1cebaa955266cb8b878438fa116beab025e412236727b52acdc5006aafe1396bae57c98585e5383ecea7df3d84d157084814510a582b4c101be7adcfe6da8cba4da91a70fcf9927ca24dd0df198bbfebf256b0ab7dae77a2b553c92e39d66926916c8b3985f87e9d27f61d10e2f28374f89d892747a03503e22b5607d3c19b748d0c2597507946938c807fef473a89a4755619123074ae9685a865ccadb41a7a6aa2758ceadb2b1bafd9ab03370c5b8ee98d46747f5fdfdff2c2da3f340e47c2446459c7279f8d383d8dcf940969eb79e11a3615ead44807e77c888fc7861aa9ddd93d4069453e72877838e395b5e77c70742e5da3ae19e4fcbcf0e9ac1261e6cd651d1de09dcd6aaf9702e10c9a0b4a58fe528b966af963f0", @ANYRES32=r2, @ANYBLOB="900900000000000008002900013d0000"], 0x28}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x8}}, 0xe8)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000280)=0x40, 0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000000100)=0x6b2)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002140)=[{&(0x7f0000000080)}], 0x1)
io_setup(0x101, &(0x7f0000000000))

5m48.964819157s ago: executing program 0 (id=266):
r0 = userfaultfd(0x801)
setresgid(0xee00, 0xee01, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r2 = userfaultfd(0x800)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa07, &(0x7f0000000040)={{&(0x7f0000521000/0x4000)=nil, 0x4000}, 0x1})
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={[{@quota}]})
r3 = openat(0xffffffffffffff9c, 0x0, 0x250942, 0x1cd)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000901, 0x0, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
dup3(r3, r5, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000280)={0x48, 0x1, r6, 0x0, 0x6, 0x9})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000540)={0x48, 0x1, r6, 0x0, 0x2, 0x100006dd})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, r6, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000080)={0x28, 0x2, r6, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000200))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000c85000/0x3000)=nil, 0x3000}, 0x2})
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r8 = fcntl$dupfd(r7, 0x0, r7)
write$sndseq(r8, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control={0xd8, 0x3, 0x8}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x14, 0x2, 0xc1db]}}], 0x38)
ioctl$SG_GET_PACK_ID(r7, 0x227c, &(0x7f0000000980))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000005c0))

5m45.479230822s ago: executing program 0 (id=272):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c0000040000001c00018006002000050a0000100004"], 0x34}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b9376", 0x73}], 0x1}], 0x1, 0x40800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)
r3 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0xffffffe1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x10, 0x9, 0x2, 0x0, 0x70082, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xb, 0x1e, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x1}, {}, {}, [@map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9c85}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1, 0xe5, &(0x7f00000005c0)=""/229, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000740)={0x0, 0x8, 0xe7e6, 0xd}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4], &(0x7f0000000880)=[{0x5, 0x3, 0x1, 0x1}, {0x2, 0x1, 0x9, 0x6}, {0x2, 0x5, 0x6, 0x2}, {0x4, 0x3, 0x4}, {0x0, 0x1, 0xb, 0x6}], 0x10, 0x1000, @void, @value}, 0x94)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, 0x0, 0x0, 0x2, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0xc)
r11 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_CONTROL(r11, 0xc0185500, &(0x7f00000003c0)={0x1f, 0xe, 0xfffd, 0x2, 0x0, 0x8000, &(0x7f00000005c0)})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r12=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r12, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x4, 0x2}, 0x10)

5m45.135150235s ago: executing program 34 (id=272):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003d0007010000000000000000047c0000040000001c00018006002000050a0000100004"], 0x34}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b9376", 0x73}], 0x1}], 0x1, 0x40800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="0107000000000000000020"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$selinux_load(r2, &(0x7f0000000340)={0xf97cff8c, 0x8}, 0x2000)
r3 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0xffffffe1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x10, 0x9, 0x2, 0x0, 0x70082, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0xb, 0x1e, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x1}, {}, {}, [@map_val={0x18, 0x1, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x9}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9c85}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000580)='GPL\x00', 0x1, 0xe5, &(0x7f00000005c0)=""/229, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, &(0x7f0000000700)={0x9, 0x3}, 0x8, 0x10, &(0x7f0000000740)={0x0, 0x8, 0xe7e6, 0xd}, 0x10, 0x0, 0xffffffffffffffff, 0x5, &(0x7f0000000840)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r3, r4], &(0x7f0000000880)=[{0x5, 0x3, 0x1, 0x1}, {0x2, 0x1, 0x9, 0x6}, {0x2, 0x5, 0x6, 0x2}, {0x4, 0x3, 0x4}, {0x0, 0x1, 0xb, 0x6}], 0x10, 0x1000, @void, @value}, 0x94)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, 0x0, 0x0, 0x2, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r10}, 0xc)
r11 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_CONTROL(r11, 0xc0185500, &(0x7f00000003c0)={0x1f, 0xe, 0xfffd, 0x2, 0x0, 0x8000, &(0x7f00000005c0)})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={<r12=>0xffffffffffffffff})
setsockopt$TIPC_GROUP_JOIN(r12, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x4, 0x2}, 0x10)

4m35.450694616s ago: executing program 5 (id=427):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x20502, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000080)={@local, @dev, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local, {[@generic={0x7, 0x4, "0403"}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$P9_RGETLOCK(r3, &(0x7f0000000640)=ANY=[], 0x200002e6)
fcntl$setpipe(r3, 0x407, 0x7000000)
fcntl$setpipe(r3, 0x407, 0x100000)
keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000100), 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m33.047736272s ago: executing program 5 (id=434):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000400)={0x0, 0x2b7a, 0x400, 0x2, 0x4}, 0x0, &(0x7f0000000800))
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002d0001000000000000600000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be1278c15e16169583cde01e2431d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c008f26d99df5bf1f9d3e32d15ecb867eaace3270b8eda400854f597a51c7c74343772b41507abecb0e48793d5454185846533ab37452e2f1020d1dd846015eb92b0034190bf096bf4ee0458247b8b269d5e949668e05dc748b179b3e4609850583e7b6a3f0f4ad4b02ebb4054e9c1406401847f721f3064c5f822c57003349dff66a94d8a0497ba5890c5d651995f0edb57a0cec67f4a1d9172cb81ba2863f6e69a047d2e38543db6f092f123435465157e6a19569f817be385f586d11f6cd9b9b2b200dd8188e3000e2af6cefff6b8e907646f8d865804b221d670fc0929190f7d8cdbde945eb673d36d5ab8d390a81bbb5f1a4309dab7e4e8d425b3847e059d712d57c5f86940f8dea2b2241bd3dcf9d2f262f90168a512883b973c9fd461abae31eed33a24243c8e18546d0e0"], 0x114}], 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

4m32.333284767s ago: executing program 5 (id=436):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) (async)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2000002, 0x2010, 0xffffffffffffffff, 0x10000000) (async)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) (async, rerun: 64)
listen(r0, 0x101) (async, rerun: 64)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) (async)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10) (async)
accept$alg(0xffffffffffffffff, 0x0, 0x0) (async)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), r2)
sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="03000000b03f0d96fb1daa9b2c5934106af0a1ef002c10", @ANYRES16=r3, @ANYBLOB="000124bd7000fc0001800000000000000000"], 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x40805) (async, rerun: 64)
r4 = creat(&(0x7f0000000240)='./file0\x00', 0x0) (rerun: 64)
r5 = dup(r4) (async)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r6, 0x6, 0xe, &(0x7f0000000e00)={@in6={{0xa, 0x40, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}}, 0x0, 0x0, 0x1044, 0x0, "e541bd3d3aa6a2bf75e9671e8abcb31c134f3a9db8f52e7300fe6e079f35ac63186c7244fc3b3801e79f15ced9fd7e45d0345bce05c13ed90158fbdeb70322ea3188f81890e30400"}, 0xd8) (async, rerun: 64)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c) (async, rerun: 64)
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)

4m31.37554359s ago: executing program 5 (id=439):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x1cd)
fcntl$notify(r0, 0x402, 0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x42)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[@ANYBLOB="28000000100037042bbd70000000000000000000550b43a6b57db8adf99e7673fefe3157db79446d1cebaa955266cb8b878438fa116beab025e412236727b52acdc5006aafe1396bae57c98585e5383ecea7df3d84d157084814510a582b4c101be7adcfe6da8cba4da91a70fcf9927ca24dd0df198bbfebf256b0ab7dae77a2b553c92e39d66926916c8b3985f87e9d27f61d10e2f28374f89d892747a03503e22b5607d3c19b748d0c2597507946938c807fef473a89a4755619123074ae9685a865ccadb41a7a6aa2758ceadb2b1bafd9ab03370c5b8ee98d46747f5fdfdff2c2da3f340e47c2446459c7279f8d383d8dcf940969eb79e11a3615ead44807e77c888fc7861aa9ddd93d4069453e72877838e395b5e77c70742e5da3ae19e4fcbcf0e9ac1261e6cd651d1de09dcd6aaf9702e10c9a0b4a58fe528b966af963f0", @ANYRES32=r2, @ANYBLOB="900900000000000008002900013d0000"], 0x28}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x8}}, 0xe8)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r5, 0x112, 0xa, &(0x7f0000000280)=0x40, 0x4)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000000100)=0x6b2)
writev(0xffffffffffffffff, &(0x7f0000002140)=[{&(0x7f0000000080)}], 0x1)

4m27.884924021s ago: executing program 5 (id=448):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="826c88feceda", 0x6}], 0x1}}], 0x1, 0x4000c000)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x70)
sendmmsg$inet6(r1, &(0x7f0000004840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="82", 0x1}, {&(0x7f0000000180)='\x00\x00\x00\x00\x00', 0x5}], 0x2}}], 0x1, 0x8080)
sendto$inet6(r1, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)

4m27.159864118s ago: executing program 5 (id=450):
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="24000000070601e800000000000000000700000705000100070000000800064000000007"], 0x24}, 0x1, 0x0, 0x0, 0x20048020}, 0x0)

4m26.207013988s ago: executing program 35 (id=450):
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="24000000070601e800000000000000000700000705000100070000000800064000000007"], 0x24}, 0x1, 0x0, 0x0, 0x20048020}, 0x0)

2m44.706324084s ago: executing program 7 (id=676):
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x4, 0x7ba, 0x9, 0xc07b})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x314c, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000040e000800100"/32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500"/129], 0xfc}}, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x35, &(0x7f0000000040)=0x1, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$unix(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000d80)="bc14", 0x2}], 0x1, 0x0, 0x0, 0x4000010}, 0x20004011)
recvmsg$unix(r3, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40002002)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(0xffffffffffffffff, 0x3b84, &(0x7f0000000100)={0x20, 0x0, 0x1, 0x0, &(0x7f0000000040)=[{}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000000)={0x5})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2m40.788024491s ago: executing program 7 (id=687):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000180)='./file0\x00', 0x1d0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0x1}], 0x1, 0x8, 0x7, 0x4) (fail_nth: 4)

2m40.408057542s ago: executing program 7 (id=688):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x20000804)

2m39.575464967s ago: executing program 7 (id=690):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48850}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r3, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_mmap}]}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x5b81, 0x0, 0x1, 0x9, 0x9, 0x7, 0x0, 0xe0})
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x12, r4, 0x75e7f000)
write$P9_RVERSION(r3, &(0x7f0000000180)={0x13, 0x65, 0xffff, 0xffffff77, 0x6, '9P2000'}, 0x13)
ioctl$SNDCTL_FM_4OP_ENABLE(r0, 0xc0045405, 0xffffffffffffffff)

2m38.919574968s ago: executing program 7 (id=692):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x2, 0x0, 0x8009, 0x9, 0x2, 0x80000001, 0x8, 0x28a27e52, <r2=>0x0}, &(0x7f0000000100)=0x20)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={r2, 0x74, &(0x7f0000000140)=[@in6={0xa, 0x4e21, 0xee6, @private0={0xfc, 0x0, '\x00', 0x1}, 0xf}, @in6={0xa, 0x4e24, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3ff}, @in={0x2, 0x4e22, @loopback}, @in={0x2, 0x4e23, @local}, @in6={0xa, 0x4e22, 0x40, @mcast1, 0x6}]}, &(0x7f0000000240)=0x10)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf25050000003886e1650d0001007564703a73797a31000000000c000380080001"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x100)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a0000040502"], 0x528}}, 0xc000)
r3 = socket$kcm(0x11, 0x2, 0x300)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x1e, &(0x7f00000002c0)=0xd, 0x4)
recvmsg(r3, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

2m37.798311046s ago: executing program 7 (id=696):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000180)='./file0\x00', 0x1d0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0x7fec}], 0x1, 0x8, 0x7, 0x4)

2m26.571728295s ago: executing program 3 (id=727):
syz_io_uring_setup(0x800110, 0x0, &(0x7f0000001200)=<r0=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008001}, 0x880)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e89"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r3, &(0x7f0000000080)='3', 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x20007fffffff}, 0x18)
quotactl$Q_SETQUOTA(0xffffffff80000802, 0x0, 0xee00, &(0x7f0000000240)={0xa3e6, 0x3, 0xeb9c, 0xb4d, 0x800, 0xca0, 0x10, 0x6, 0x5d})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc058560f, 0x0)
socket$kcm(0x10, 0x2, 0x0)
setresgid(0xee00, 0xee01, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000340)={0x2020}, 0xcb0a)
syslog(0x3, &(0x7f0000002e00)=""/165, 0xa5)
socket$nl_netfilter(0x10, 0x3, 0xc)

2m22.719232945s ago: executing program 36 (id=696):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000180)='./file0\x00', 0x1d0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0x7fec}], 0x1, 0x8, 0x7, 0x4)

2m22.68175283s ago: executing program 3 (id=737):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r3, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
r5 = syz_io_uring_setup(0x204, &(0x7f0000000480)={0x0, 0x507e}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140), 0x8802, 0x0)
r9 = dup(r8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0x0, 0x4, r9, 0x0, 0x0, 0x0, 0x80800, 0x1})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44045}, 0x10)

2m21.59099772s ago: executing program 3 (id=739):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x68040200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x3c, 0x24, 0xf0b, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x9}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8, 0x11, 0x10}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240448d0}, 0x20000c14)
r4 = syz_clone(0x307f00, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x8, r4)
wait4(0x0, 0x0, 0x80000000, 0x0)
setpgid(0x0, r4)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x3000000)

2m20.535695987s ago: executing program 3 (id=740):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x1cd)
fcntl$notify(r0, 0x402, 0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x42)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[@ANYBLOB="28000000100037042bbd70000000000000000000550b43a6b57db8adf99e7673fefe3157db79446d1cebaa955266cb8b878438fa116beab025e412236727b52acdc5006aafe1396bae57c98585e5383ecea7df3d84d157084814510a582b4c101be7adcfe6da8cba4da91a70fcf9927ca24dd0df198bbfebf256b0ab7dae77a2b553c92e39d66926916c8b3985f87e9d27f61d10e2f28374f89d892747a03503e22b5607d3c19b748d0c2597507946938c807fef473a89a4755619123074ae9685a865ccadb41a7a6aa2758ceadb2b1bafd9ab03370c5b8ee98d46747f5fdfdff2c2da3f340e47c2446459c7279f8d383d8dcf940969eb79e11a3615ead44807e77c888fc7861aa9ddd93d4069453e72877838e395b5e77c70742e5da3ae19e4fcbcf0e9ac1261e6cd651d1de09dcd6aaf9702e10c9a0b4a58fe528b966af963f0", @ANYRES32=r2, @ANYBLOB="900900000000000008002900013d0000"], 0x28}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x8}}, 0xe8)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000280)=0x40, 0x4)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002140)=[{&(0x7f0000000080)}], 0x1)

2m19.73081136s ago: executing program 3 (id=742):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x5, 0x4, 0x9fc9})

2m17.918424172s ago: executing program 3 (id=746):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_elf32(r3, &(0x7f0000001ac0)=ANY=[@ANYBLOB="7f454c4607020002040000000000000002003e00fcffffff9401000038000000fb01000000080000040020000400000044006a5b00000000000000600b000000050000004000000005000000f3ffffff100000000100000003000000fcffffff018000000600000001000000080000007d56660ca91f000001000060070000000300000004000000060000000400000004000000040000000700000007000000de040000ffffffff080000000600000003000000570800003f491130be9b35140d771b47e81bd7a501253ef9b3f66596ab4a19893ea69029a36a2b5331d5659bbc666e6c1c1488516b94ce7239bccb73e43fd5cad30ba2e3c8ada905e71b9088824620ec9d53942e84213df72735aa993b4ef313e1d0054b189276001836fec136dab0682d7fac1cec95775e78049570f4070200b0aa2cdfb886bd9a70655f61ddd2ce557437c58790e1c96a5f201fc383798a68e73e5afa5936915a600cc0279fb08d31c24ac31940e57fc64b0a22f3f61227462cffd8f626b749fda5ab1f087de040fa883a88f75af34c8a0b83d55b9a7b95797001c49b8d3dccfbb9ef1babe01da8c3fb0a3d5d79b2ff11c1acdff38bc88c1fcc00ff9ce70f6657572e757fffa603bee95d7493b46a4d00817f91eb07a91d62246c4be22c73472e082e6336f1"], 0x2ff)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
sched_setscheduler(0x0, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$IOMMU_VFIO_SET_IOMMU(r4, 0x3b66, 0x1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000deffffff6a0a00ff00000000850000002b000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c5c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d26b5069f8a98f7dc8f772fd0e17c9b9101644f8c06b74635fc9f9de9ca3c0ec0cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583f76e412dff048f0000000000000000b2728a0481e9f0da43bb6cfb851cd364ff19002cc93c1c13ca67fdc6c238342033070000004a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13a"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xffff0000, 0xe, 0x0, &(0x7f00000003c0)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002d0001000000000000600000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be1278c15e16169583cde01e2431d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c008f26d99df5bf1f9d3e32d15ecb867eaace3270b8eda400854f597a51c7c74343772b41507abecb0e48793d5454185846533ab37452e2f1020d1dd846015eb92b0034190bf096bf4ee0458247b8b269d5e949668e05dc748b179b3e4609850583e7b6a3f0f4ad4b02ebb4054e9c1406401847f721f3064c5f822c57003349dff66a94d8a0497ba5890c5d651995f0edb57a0cec67f4a1d9172cb81ba2863f6e69a047d2e38543db6f092f123435465157e6a19569f817be385f586d11f6cd9b9b2b200dd8188e3000e2af6cefff6b8e907646f8d865804b221d670fc0929190f7d8cdbde945eb673d36d5ab8d390a81bbb5f1a4309dab7e4e8d425b3847e059d712d57c5f86940f8dea2b2241bd3dcf9d2f262f90168a512883b973c9fd461abae31eed33a24243c8e18546d0e0"], 0x114}], 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44040})

2m16.923297612s ago: executing program 37 (id=746):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_elf32(r3, &(0x7f0000001ac0)=ANY=[@ANYBLOB="7f454c4607020002040000000000000002003e00fcffffff9401000038000000fb01000000080000040020000400000044006a5b00000000000000600b000000050000004000000005000000f3ffffff100000000100000003000000fcffffff018000000600000001000000080000007d56660ca91f000001000060070000000300000004000000060000000400000004000000040000000700000007000000de040000ffffffff080000000600000003000000570800003f491130be9b35140d771b47e81bd7a501253ef9b3f66596ab4a19893ea69029a36a2b5331d5659bbc666e6c1c1488516b94ce7239bccb73e43fd5cad30ba2e3c8ada905e71b9088824620ec9d53942e84213df72735aa993b4ef313e1d0054b189276001836fec136dab0682d7fac1cec95775e78049570f4070200b0aa2cdfb886bd9a70655f61ddd2ce557437c58790e1c96a5f201fc383798a68e73e5afa5936915a600cc0279fb08d31c24ac31940e57fc64b0a22f3f61227462cffd8f626b749fda5ab1f087de040fa883a88f75af34c8a0b83d55b9a7b95797001c49b8d3dccfbb9ef1babe01da8c3fb0a3d5d79b2ff11c1acdff38bc88c1fcc00ff9ce70f6657572e757fffa603bee95d7493b46a4d00817f91eb07a91d62246c4be22c73472e082e6336f1"], 0x2ff)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc5e3ed1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
sched_setscheduler(0x0, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$IOMMU_VFIO_SET_IOMMU(r4, 0x3b66, 0x1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000deffffff6a0a00ff00000000850000002b000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2f01806fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872971c5c77f0979b34e1ad837ff0d10b97163c1d6d0e196bf02f46c7953ab1abda45cbe8d0d26b5069f8a98f7dc8f772fd0e17c9b9101644f8c06b74635fc9f9de9ca3c0ec0cb9bf4e418d076df4c7df0a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346b1004006000000e1ffff8816326d7d25c32aac1c7d5b5be399f6609876b5887437a172fbc02a74135b29194e533583f76e412dff048f0000000000000000b2728a0481e9f0da43bb6cfb851cd364ff19002cc93c1c13ca67fdc6c238342033070000004a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13a"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xffff0000, 0xe, 0x0, &(0x7f00000003c0)="2b206d074843b397737ea49da2aa", 0x0, 0xf000, 0x720e, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000480)=ANY=[@ANYBLOB="140100002d0001000000000000600000030100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be1278c15e16169583cde01e2431d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c008f26d99df5bf1f9d3e32d15ecb867eaace3270b8eda400854f597a51c7c74343772b41507abecb0e48793d5454185846533ab37452e2f1020d1dd846015eb92b0034190bf096bf4ee0458247b8b269d5e949668e05dc748b179b3e4609850583e7b6a3f0f4ad4b02ebb4054e9c1406401847f721f3064c5f822c57003349dff66a94d8a0497ba5890c5d651995f0edb57a0cec67f4a1d9172cb81ba2863f6e69a047d2e38543db6f092f123435465157e6a19569f817be385f586d11f6cd9b9b2b200dd8188e3000e2af6cefff6b8e907646f8d865804b221d670fc0929190f7d8cdbde945eb673d36d5ab8d390a81bbb5f1a4309dab7e4e8d425b3847e059d712d57c5f86940f8dea2b2241bd3dcf9d2f262f90168a512883b973c9fd461abae31eed33a24243c8e18546d0e0"], 0x114}], 0x1}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44040})

2m16.879766446s ago: executing program 2 (id=751):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfffffffc, 0x0, 0x10000000, 0x1000000}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x6b}]}, {0x4}, {0xc}, {0xc, 0x4, {0x2}}}}]}]}, 0x70}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x2, 0x1000000000000, &(0x7f0000000080), 0x6, &(0x7f0000000100)}], 0x492492492492642, 0x0)
r2 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES16=r2], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r3, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
r7 = epoll_create1(0x80000)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r8, &(0x7f0000000b00)=""/182, 0xb6)
ppoll(&(0x7f0000000780)=[{r7}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/mdstat\x00', 0x0, 0x0)
io_setup(0x9, &(0x7f0000002340)=<r9=>0x0)
io_submit(r9, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r10, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
sendto$inet6(r10, 0x0, 0x0, 0x840, 0x0, 0x0)
r11 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r11, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)

2m15.612085586s ago: executing program 2 (id=755):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000140)={0x5, 0x4, 0x9fc9})

2m15.071759396s ago: executing program 2 (id=756):
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = socket$caif_stream(0x25, 0x1, 0x2)
recvmmsg(r1, &(0x7f0000003800)=[{{&(0x7f0000000080)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x80, &(0x7f0000000a80)=[{&(0x7f00000002c0)=""/204, 0xcc}, {&(0x7f00000003c0)=""/106, 0x6a}, {&(0x7f0000000440)=""/254, 0xfe}, {&(0x7f0000000540)=""/174, 0xae}, {&(0x7f0000000680)=""/229, 0xe5}, {&(0x7f00000007c0)=""/193, 0xc1}, {&(0x7f00000008c0)=""/226, 0xe2}], 0x7, &(0x7f0000000b00)=""/99, 0x63}, 0x6}, {{&(0x7f0000000b80)=@ax25={{}, [@rose, @null, @netrom, @rose, @null, @remote, @default, @null]}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000c00)=""/212, 0xd4}, {&(0x7f0000000100)=""/4, 0x4}, {&(0x7f0000000d00)=""/157, 0x9d}], 0x3, &(0x7f0000000dc0)=""/152, 0x98}, 0x8}, {{&(0x7f0000000e80)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, &(0x7f00000022c0)=[{&(0x7f0000000f00)=""/68, 0x44}, {&(0x7f0000000f80)=""/183, 0xb7}, {&(0x7f0000001040)=""/192, 0xc0}, {&(0x7f0000000200)=""/59, 0x3b}, {&(0x7f0000001100)=""/94, 0x5e}, {&(0x7f0000001180)=""/189, 0xbd}, {&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f0000002240)=""/92, 0x5c}, {&(0x7f0000000600)=""/4, 0x4}], 0x9, &(0x7f0000002380)=""/74, 0x4a}, 0x3000}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000002400)=""/122, 0x7a}, {&(0x7f0000002480)=""/252, 0xfc}, {&(0x7f0000002580)=""/84, 0x54}], 0x3, &(0x7f0000002600)=""/19, 0x13}, 0x5}, {{&(0x7f0000002640)=@xdp, 0x80, &(0x7f00000027c0)=[{&(0x7f00000026c0)=""/237, 0xed}], 0x1, &(0x7f0000002800)=""/4096, 0x1000}, 0x9}], 0x5, 0x0, &(0x7f0000003940))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x89ffc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
write$P9_RVERSION(r5, 0x0, 0x15)
ioctl$SNAPSHOT_FREE(r5, 0x3305)
r6 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffb000/0x4000)=nil)
shmctl$SHM_LOCK(r6, 0xb)
shmctl$SHM_LOCK(r6, 0xb)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x6c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x403, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}, @TCA_TBF_PRATE64={0xc, 0x5, 0xafa8d36186c14c7d}]}}]}, 0x6c}}, 0x44080)

2m12.452021695s ago: executing program 2 (id=762):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x0, 0x1cd)
fcntl$notify(r0, 0x402, 0x4)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
creat(&(0x7f00000001c0)='./file0\x00', 0x42)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000740)=ANY=[@ANYBLOB="28000000100037042bbd70000000000000000000550b43a6b57db8adf99e7673fefe3157db79446d1cebaa955266cb8b878438fa116beab025e412236727b52acdc5006aafe1396bae57c98585e5383ecea7df3d84d157084814510a582b4c101be7adcfe6da8cba4da91a70fcf9927ca24dd0df198bbfebf256b0ab7dae77a2b553c92e39d66926916c8b3985f87e9d27f61d10e2f28374f89d892747a03503e22b5607d3c19b748d0c2597507946938c807fef473a89a4755619123074ae9685a865ccadb41a7a6aa2758ceadb2b1bafd9ab03370c5b8ee98d46747f5fdfdff2c2da3f340e47c2446459c7279f8d383d8dcf940969eb79e11a3615ead44807e77c888fc7861aa9ddd93d4069453e72877838e395b5e77c70742e5da3ae19e4fcbcf0e9ac1261e6cd651d1de09dcd6aaf9702e10c9a0b4a58fe528b966af963f0", @ANYRES32=r2, @ANYBLOB="900900000000000008002900013d0000"], 0x28}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x3}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x0, 0x0, 0x0, 0xfd, 0x8}}, 0xe8)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r4, 0x112, 0xa, &(0x7f0000000280)=0x40, 0x4)
sendmsg$TIPC_NL_MON_PEER_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000002140)=[{&(0x7f0000000080)}], 0x1)

2m10.924453958s ago: executing program 2 (id=766):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x37)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)={0x18, 0x24, 0x301, 0x0, 0x0, {0x1}, [@nested={0x4, 0xae}]}, 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r2)
recvmmsg(r2, &(0x7f00000015c0)=[{{0x0, 0x0, 0x0}, 0x1000001}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000004c0)=""/77, 0x4d}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001740)=""/4096, 0x1000}], 0x3}, 0xacd2}], 0x2, 0x40010000, 0x0)
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "6455d828effa4c0c3424baf0d6794fd0781b48181698edab65235ff0507da48343d4974364d8864ce4ae8becb5ef51be56009bd6fb"}, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000280)="ca1c808bb35bdabb49f35c09d456591f0c15a08769bcd5107053eafff74feb44c4ad", 0x22)
write$UHID_INPUT(r0, &(0x7f0000001300)={0x8, {"af0014920c989bde943127351c7e048fe805d44569c987d51286ac5e80b0961cfe3629729c82e28c53b31e3ecbb8722bff9c0906027d5cb6fbd929cb4b5e657cc88a443809e6a720828c27b6519e7c18904d67528373733934aa5240afd60544d489e1ec3779ac45095c12c6c5f13c086306dfbbd31926b74150ff2c87db2be1d995e9b3a16fb7360de12618b05d94c291acfcdab84c919de60133f54a0a18d2517c1d0de417ae39fec1c9fa306573205051a9880da1f213b9a27c22b72d42d92b7b260b41bcc1868a0404936774ea5209f02929ec3eef4298818ddb708de6c0e1fda05436037d7d4042d2de3adebc8a62f58ec6ccb4160435c4393ba913250b56ec2fce544a01a5a3ce4363fd497fb256910f31e9416f5b719d64f931bd6d71b54787841b3e49e01fe6ac9598ddb5ef1aeb3d1cabb75845d46806a494b6cf89ec9c8203b92dd0dadc5a3c02545cd005b5f26b7d2b848cb684cb58245d591472d5109e7fbe1175656d729fdd689af57802b33d7d53d427aa57eb0af7a63d9f73be83cd9c12bd06463083b4cc853aad416e9faf484fa069d3b7599b6fc6d94152811403201b91da2547ff6721b0ea237c37464b47b3b4f37384e50ba5773a63356991a5abef659e089cc95e5c3b6d8428115efcf9e89e2743b167d7b9824392d868c159fd1264bea8b9b8b26769d15a27df3af350e2a6e9e37b35c153bf980e8ad15de3b0f3add5f98eb2cbc03eeb2b04e6fb032991d7a88b14c7d2cf2959fc4ed27c4c93c13f5760d0803f10afb91effb45967b4793c58e4bc2e4348c93b4e59f1544a01e89530f6056cda3f972050ae79d9297af71cce0d82c764db2422967f05c9847715c66321e8ab0075a361e8fd78a956074945e687ec1ad01f8dfeb7f3ae2c25daff35617a5d752ad5b019689f10c789d0196f73011f5a4e002aebb676ccb2d8b92ff6c1eb60de10ed0d42f2d19fe96786938eca0fd09a3f16f7b52ef806183282c05ff9fccf96abd096b442c73c494c78c4161ce0599bf6e637664f5dbefa129e69a0d53525d77f871716052385649c1249a402a4a9ecadfd7182a4aba3fc48d76890dfe8a5442ff1b833b95fdb7ae5f052e5c18e9b0ad482ed80c4567f0d0645e6525e3390195b3a4314ab063ffca639d2b181efe15d5bb09e967900fd55ad9db7f6ba99268e0d7e2785c5b14f801b16b6fe9966bb3fa88352bc2ca79aa9a77ec5f9c271dcc62b6124a4d5ed1014fa6eb98521d4be4ca4323311d39e44002e71469326056d98af69fd42eed1dfec48d191587b35e2641abe8c80a2553b92cb43feea49505b5b5ca35dfaf06c693730033ebcad45b6b8026d4722b5c7e13d69269808f438816f77a7b1ed2d31ab44968657e70a51e8d98e520e3628014a09e55f36ca5c4c630d687b20e5a7bdfd6d43613fd3738c8ec1464561586987388885b7a424c949a3110e5de795ffdcf1ef43fb8b5b0364cdb0e9a62c1c6922f08125d456f0ee5d58fa670ff071a8d5b57c06efe30d960f9a67d3dd7dd6ec13c799f9b89d90593ba794c5c582f8bd583af0a59043a1da36cee8e2cc173610960e33300ec48cf7281887ffe66e7ec113a29ed339556d84d638ae9554bb20f2a7695da8bcad10e5f155fe5d54eb511087f7abb4a8ae9e78e233b1e079a44c9cdf2529ed3166c24f80a2bda3b2dfdd2e1c2f650cc35fccf8cb17c03681c6f379f535eeaf46caa1dd95f0b72ea6cf301f2d713844b36c7e90e052528f04a668e1dc5ed11e95bbb86268c712af3f6c77d538c9d3dafeceaacc7ba6b20d9266d75c7470d627725700bfd36a9faf5488532a0871a00e18466f3499e3e3270513168d05f52472045b8558d3fb7880805b6fe3a56b3df9eaea72d147f94ee09e763fcf66d0c71b708fb842bbe619eeeaf483fa717864ab435ca03503285591364727a3615582c80d2023897f7bfdda9b00d095ec11f42482f3851a9232ed09ec6733d54020a9e3b98cb3a014f094e9d968672632a30f967a6d2f00c64fb0aefbeb64510edca5496c9f69379f71412f08fe6afeeb604040a42f00290bc04a40f66f0b84c9c6d7e4d1bc213ed49142215b259be08a0a305c68cbec769ce195ea62b7a2ce632da0a98b469284fd7802bb8c47943ac1c8a7a2b0ee36ed45cde2d13cc00ecc11ca9516d9e917fa28d703566b8d5743c5aba0da662f0446768c6d0df6773d1b0c46dac6a6213aa7b5095a8bd9f34048394a8baac9ec65d740ad8acb8eb683702eaf509c30b547bf355561ca00841efdccd413295a430344d17d2d5f4f435d0a33fafe1b4f6826e9d91436b379cc46039551997e54692487562f65a406b769f2856d37c87a73e2e3738c9afdfa5e0f088bbd2799c7c722c23a7cc37266af557beecb9cc8340bc76ba85a147530f3a9bd8cfe82358c0d799f0687540d463e0f010d1e914f043027284292bf31af75301e27689910393e41f877832797dd7c184249e7b2ec0a79b0decb9a3eead5b3c82ac60fe1485829bf75b8af597b5fd9e47460ebb6d809733eb790027094b019ef2bfb76d75876a5e1e312e80e841c5e074c78b35be6a4070c99372dbb13dc27966a8d448b8e3225b11af907985f3142d41da70a682166814fce9e535cca37058bbb3a02894f6ada82c266e763f431d7e1926da2fc86805b02d6af712c82e7a36e667bd3091661be9cc0cdbd3b3cc690594cf8bac39dd9dac1f883cfb0e500759b0e5dc36721b3ed452addc26d39733a2d76d852d897298009dea9546bae66e9aac7f35277e025d440ca93fdec4bbd58970a130fc79056af96f81b0461ef0e16d4fb12014313438a4bb95b2f9cac98e24a713ed14b539ceddf55e90b6c000044a24be6597e2c5a397a772d7c493ad53a05d6076b584ee7c1615ee7f9de627ac9d7d0d4a12b5a080a9c4977da436704bc9eb9f1d25ba91498e4b575550a69aab83e9157a910c4b2907ea97bcc171dcb7ff6fa982dee16d5c5aaaf93fcc225a6c67c96e54ead190f9c6f949b8025988a46d29c86cf18623882d5aa996a3ece81881ba63e0e7d62b585a179631c7e22f924be7aad5699af389c6651c92848153007d9929683648c8a3fb102a50d9a3e9c83e6cabeae5f97d7faad7a803f8c6dbd9237fa4bec7b33db2cc4db5cd7b3baf1c4f4ddc1f16ec6484cbd1adecab06617045b2d5bac8d1bf97a37ed2780a967a678095a6849cabd87256dbe46f52c960ba8ead52e666a131abfb019d2ac7dd2b055bf91168322b23821a522d241f27a2e7ef892d589a0e55b606167e53b0725a089cae5ef65f02f8a2f32dedb370bf2dc34dac5218be294e755915b399cece7e5c3fa887909961a3d626e4a43bab7edd193a9bc0a7a764640943a635fec7722ff8b3add819b26b78c4e54ff970c15d6b27971cd135d288f081a66e792a8ee5b2d89d5945a99f4216ac21fd9a61e305b4a908f4cbe38e5ccd5eab65f5962877a570524809dffa4ca0ed90d505601d7d244273f20cc47feca7259bd1362e334be459e25a59d4873fc8ede03744c88599a5e5f2a6fb0ca08d085e40c8bd71a0777f7715153e71f4a67f6bb73bbbcd766a9dd4287671dcf6b7daacc4f4b81b32ea0d0381fc32807fe9393249e596d3d5ae4bc5a1cb3e48d63478679eb381fbe8cafd2c6890ba29c1af695f2597c6b472a163b7584dde7327933b9d5e88e0d77e3a3d526a619966dde7f82c7ab7a67a59ded2c880ee0e2f736f054b7d99cc68df48c28d76ab12762c85d07a1f3215d3d4ef2ebd65b0f7eacf62ec12997ccdada731992513263a06e063c27eccfdb3c9d1199136c1a2c3d6b5ea6b2e96c9aa6be3bfbda408b2779ad4eba91809a495c1b872e40d49b0acf4b19b4677e6ea8d07b9a621816c4c5f0e5aa364d4803567da0b2b646604563b31aaa298130576690cbab52bf1ddad7c64a7a416ceb36d6b3202f377ed003e8d74cabd4a6a7be18c95716022cc30c45157d6743785746cf8b0e21ec3208336ab0a43ad9c058fffa3021f84ca8b037dea55254ab944493ca03d025a4b42df3e5b830b81471cddf81fd14aed18e45cfed27b1ef015827942f833a0eee4cc0fcd57f0180f83f32e17d27e4784e42eb1a256404aa6e12f9daabddb907230b20693f3bc74723be6808d95c6463ef7bb6bc4a756fdc805ef4077303e5cd504e6c1754ee8303ee92b94808782984f75c0df49436d3859c092133b0545dac0d8f84fc95a1f0f38e4ecbe3f935d33e86b97bb11ca6f502a602bc7e05b4e6514ddc8ae4d8231874b350b32f96ff6cfbe03f1bf5a0fda73c15eca00afe85c026f5e34e699910ab16502b224b8f383a9a863ca351a1e87c17baadb3f7141aa1295a2a6be4d88d1347da9c356ba9b3bfcc678b58add1b224a0c9b7c3cc4c828abc56acd320e8a8ad22da90a0cf6ae40a471c150581da040297aed0e4889c5963bd8c1415acecbd932f9acda87315e3b2dade276b8324dc7d95141cdd8c4fba82c834a95f9efeb2c74c31e7fd32f96a6a68d9e9942c0bdc55bedd1617e47420877b9f640094a37ceea39656468215ebe789a277f585adc1cc0285b53e33afae1616b0806aeed78b6cc4da54e3bdfa3d49ead4e4fa3623f86a4dfa3042ed403684c62a5d148a30c99c24c3cf9a8858e02800e49e0eed84472a559c9f208f6c3310050e4c5948320b5b4eeefe583bb0bcc0bc01356e76e3465f66a7d0c56ca7abc069db5bd7ad20ec01307f391b5bc890b5034271ee31d5bd374a9422a08ce949667512c8d0bb60eb5d4d22fa0e2a5d172edc7b7386abe63222ef8fc5c676828a1441c5ed19ed5827b0d73d568efc51f46f65ea4f205ac26924d6a7f11477fe23049e0de65bd534c81756556c1cd8bc70b3ce71e4e13d44500773e0767bc735c98f0e1d06dc79e43b946a2faaf698e188cf5909e433edbc546beffcbdea76064ff9d5d56273ca05af42c541b896bc5a942665599c9a8f52db36dbd6d42e8f9bb3446df5f44e3971eb408d0c63381b4aa5997441e01a5eff9fa51d82b7d60d8c3ead784e50b562db074b19e855e8290896b808611c40ed7e0691f758103208900d69cd4c86310318d339eeb473b4bea27be94622560cf35416eea7333bb72110afe202dfcc55c755ed32ea9b4851378b554546b52ebd71b90828733ac3040daf1e3d23bfcadd20bb9248731ab11155aebd259b7e693ebad5d43e6a85f14ea317f31eca905634f9e8d5b1ff73dc5dbd2bbeef6c2965932c885969e00e1939685b472c097b4504c9e6f273e1038045e5ac4010ac232288b77de7d3433a143292f145465b6d1f9020aa4f8405bda4310059b82ad8fd41e698a7824456e11f44e577dc5d5a0eb93b98421a2867c3d40627f9061c1d5689205915c7a91da42348ad3bd12038d84175bddaee423b73c93aebf873c850ef44d66324a80ad0cf268998d71fac6988cb0b1879ebcb6c4c3bce2c45daf73db246bc55fb8221341ef760f5f5264113a437e03cbcf03bb276cdc4100138afc6a1eeb9d90e7f43ce8abbd8be6b9c5b54920f76f07d1557167292feb4c970da3f582d40c0661af8f043e01db8016e2600f655175fa7d705bda3a14d1733ccf6603b7f8709b71f2046211468460791330234fa21f417e6a68cdb1d4496808923a87d02f0ebfb09e102a7c9f7c870c082d6993d10e0de2dbe119ac811848661ab30ab8d7a528acf262bf7d21c2f235e5638be58171b61bed99ac3fef801562aabcf3feff77fe9498d09de3e9c3cf18914392433030595aa31d9c79abc29350a2a2a1d0c2f311246", 0x1000}}, 0x1006)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)

2m8.84086879s ago: executing program 2 (id=770):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x8000)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'geneve1\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f00000002c0)="fb149d84f90000000000000088a8704b88a8", 0x12, 0x0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000014000000080016000000000018000180140002006e657464657673696d3000000000000008001500170000000800130000170000080014"], 0x4c}}, 0x0)

2m8.447955435s ago: executing program 38 (id=770):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x8000)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'geneve1\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f00000002c0)="fb149d84f90000000000000088a8704b88a8", 0x12, 0x0, &(0x7f0000000080)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000014000000080016000000000018000180140002006e657464657673696d3000000000000008001500170000000800130000170000080014"], 0x4c}}, 0x0)

11.236975035s ago: executing program 1 (id=1075):
socket$nl_route(0x10, 0x3, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000015c0)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0xffffffffffffffff}, 0x0, 0x0) (fail_nth: 3)

10.16645551s ago: executing program 8 (id=1078):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x6a)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='vegas\x00', 0x6)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1c}}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1, 0x0, 0x0, 0x4000}, 0x0)
recvmsg(r3, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1, 0x0, 0x2000000000000}, 0x700)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

7.367344571s ago: executing program 1 (id=1081):
mkdir(&(0x7f00000001c0)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x1018, r2}, './file1\x00'})

7.120332343s ago: executing program 9 (id=1084):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000600)={0x0, 0x0, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x1, [<r3=>0x0], [], [0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0xf, 0x8]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={r3, 0x0, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000200)={0x0, 0x0, r4}) (fail_nth: 5)

7.023553523s ago: executing program 8 (id=1085):
syz_io_uring_setup(0x800110, 0x0, &(0x7f0000001200)=<r0=>0x0, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008001}, 0x880)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0xa)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e89"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x0, 0x20007fffffff}, 0x18)
quotactl$Q_SETQUOTA(0xffffffff80000802, 0x0, 0xee00, &(0x7f0000000240)={0xa3e6, 0x3, 0xeb9c, 0xb4d, 0x800, 0xca0, 0x10, 0x6, 0x5d})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc058560f, 0x0)
socket$kcm(0x10, 0x2, 0x0)
setresgid(0xee00, 0xee01, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000340)={0x2020}, 0xcb0a)
syslog(0x3, &(0x7f0000002e00)=""/165, 0xa5)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.863877805s ago: executing program 1 (id=1086):
r0 = socket$key(0xf, 0x3, 0x2)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
bind$rds(r0, &(0x7f0000000540)={0x2, 0x4e22, @broadcast}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'macvlan1\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r5, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
write$tun(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb8100400008004526005c60b48d32887688dbce94e010012ea7235e2207a26598bbafb9741c0048907803000020050049865d35186fcc0000cf0000"], 0x6e)
sendmsg$key(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00008feff0)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x0, &(0x7f00008feff0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020d0000100000002f3144e8edffffff03000600ff18000002004909000100000000000000001e0e080012000200010000d200000000000030006c540203009f7eae02000000adb20200000000f52c000000cdff00000001020014bb000001000000002300001300030005000020000002"], 0x80}}, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmmsg(r6, &(0x7f00000000c0), 0x2c8, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

6.731743951s ago: executing program 9 (id=1087):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
syz_open_dev$video4linux(&(0x7f0000002d80), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x22}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{0x1}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, &(0x7f0000000300), &(0x7f0000000380)}, 0x20)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0xf, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000680)='status\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0xd, &(0x7f00000005c0)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}], &(0x7f0000000640)='syzkaller\x00', 0x9, 0xe7, &(0x7f0000000780)=""/231, 0x40f00, 0x44, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f00000006c0)={0x3, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000880)=[{0x3, 0x1, 0xf, 0x6}, {0x2, 0x2, 0x9, 0x3}], 0x10, 0x8001, @void, @value}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/key-users\x00', 0x0, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_GET_MSRS(r8, 0xc048aeca, &(0x7f0000000200))
setsockopt$RDS_GET_MR_FOR_DEST(r5, 0x114, 0x7, &(0x7f0000000500)={@pppoe={0x18, 0x0, {0x4, @remote, 'syz_tun\x00'}}, {&(0x7f0000000480)=""/67, 0x43}, &(0x7f0000000180), 0x5}, 0xa0)

5.532795875s ago: executing program 4 (id=1090):
mount$tmpfs(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@nr_inodes}]})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="020001"], 0xf)
syz_open_dev$sg(&(0x7f0000000240), 0x1, 0x105000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000001c0)={0x2710, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = socket$l2tp6(0xa, 0x2, 0x73)
shutdown(r2, 0x1)
sendmsg$inet6(r2, &(0x7f0000003b80)={&(0x7f0000003a80)={0xa, 0x4e24, 0x3, @local}, 0x1c, 0x0}, 0x20004)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, 0x0}], 0x1, 0x13, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, &(0x7f00000002c0)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa66b9e408000066b81f6269e766ba000000000f309c0c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0xa4}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.187737402s ago: executing program 1 (id=1091):
keyctl$get_persistent(0x16, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000))
r0 = socket$pppoe(0x18, 0x1, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008814}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000800)={<r1=>0x0, "381087e4ee6ee5bcfdd4109df5350e18"})
ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f0000004680)={0x0, 0x6, @start={r1, 0x0, "02946fc3e484604bdc79a15b34e90c8570939028d98ffbb3d6a35290f1321158eb10338e75b0a19baed79103aeb34efc8a17efb9794dafe417a78da8826346e5550fdade8ca4e70d6f12bb2acd8c9f6fcaaa71946d76787265da34ba3dcbd972a637f6adfc6ad9bd646f88cc29c039212f37c7bb4b4dc99135f3c0da2ac8448dee968924a13967ae4aff4be24a5be39853b005a00b549088c3f75a979bda4665b7df1fff394d7c5d26d12aafcc2a28640822418fea729e401a8d09952c46e72660dac4718179da939eee60f152bb5725acf5665de8857e617b1d7d6601a8ff74de61c0e9aa23236e15e86fa559675209d2274faadffb31ac6fd6d0c78e223373d6edbce563df82eabcbbc68738d6807dfade15ac46618dd5e75d22ec19791a5b6237f495dfcfad0e252fbd1028bdb001918ee127e89518313e6a7b97a06bab576d7ddbf2a4f5b17b301b56e6f4fc2a9c5e98083e88620108ecaacabaf00af04e635b092411431eba1dbba687a9e99dcb986b7a10ad11e864f6dff6793799de174f82d032eb799f933f9f10f1eaa1ec0a6623f228191507e50b6f66691fa1dd86051c89c05b3d66bbbcd1f6a3268595c8ba67efa53c2a8db76c3f184c3563aac9b97c016945dd5e73bab46a840a8b463268ebf4b21015cc2b9e4ada4cd2908afd9c7396c199b9c1c30086a46fe0684cf197f2fdaf3608144ecd0870f332f6282a4367545f6e25617d2088afa3e570f12a0e91a70ff73c4c1c2540410d14af73d7c76651ef9537fd3730074ebe0dff898523e7f2345343edc2a9531e3a2f7e2809c0073d417f20a69f152cd961549d40bbf563b3ea0a536152ce611606fe8fb92d30ce5bedc2e9aedd828e05fea3fc8f60e2f384e2b40df6f45d704b97babb4189dbcbfaf0c04eac973c87e3a42c8595692f3f3b497f9b5db63bcc4893553187411941017fcd012376f7c79a33f5be10a73176b1f737d4afcb95f08c336ffff83b00b115eb1015e8f126f40c420c6e84da0081384cb60f6e93677a8f954c4e1834c8f21096eb78c4172ae92c25a8b529deada113a115294285ba5b1d404a26cd03d0b6f237fdb2653a20f7b73d1e5a5a304d85f73ed20d667b0a2a1ddce9cd975205d2032888d1cfea0b863294c96bd41fcd2dc43a7414987955ae6e4f670d7367e6e4d19d5776b202aa18f977a28188fa3110b11c3cb1cc1575e6f36783871116a9b14816ca8c3d1e0d94e84fdd7f0cb40c457aa14e50be953ba57a1f77be58f298d78963b1611b1c241b8074546bbcd317bdf3e285d880ea01b71e8310d8dc03e70b32e03f31168dd191b33c8f80cde6da217f8ae2ce0a1020c1818a3de50d74033b9bc33a568ecd863b78361d0dcb91a77ac1c2fcf879ded11d6d44dbeb86d45cd1b324c555a2ae33786c793738587f58bb1a29abf35dd08790534cc6853c2efa", "de7ce4fe57b1fe44c6e0ef886bbf5c2e628a69d17a3943eda0c82414ad4eee3c1b3081203075ae276730ff003df985143e55fd6d34e6d204255369709363ee5df436d79900f91e4fb8b3fe0a5ae49307a56cc57f0b1a0b2b6ecaabcb62856f20429d2eed9e2589d9d875b11fa851c1405316a9635f4fa2fdfe5056d41b5d340fd84c88ef9d8963881e00437cda8a0bdca69f24c56f4356b0f27d747dda55fe73032c779517da1972205094d2669af53c33a183e5eee798b2cb49adfdb4360e427390ac8c9e26c02587cd46ef67871e4fd0314bec3dd2d332f15e96a75da16a8111a98fb565b4c19ac97154b513981b32c0230cde7a7b0bc1aabe7a71c0593be72bcf69559721c4490ad72d6ea5ab2e99438e477aefe3e46d44bf1bef3a80aa6c434a7c90c6867b505b25a22595e59ba54b89c4e89bbf0afb768064c8f24e90708c026c2757610b7aba4e311611a605048736bc92f41e3a687585b7cfc14c1c90ba0aa7e677c3582986c8faf95159c3412ea9193918bb0172a670c8b6f2ab7949122200b4e992e36c69d2702301df97a92371c5dd9d0bd9cb9692682a60ab27635359a1cedd68baf8317b77a68d8c723a24d041ec7b0a429df932673e83afb1bfc971bf9079d7377631d8fdb9422fd85d923225e731194638e4e0c0dec6f1ebd0b0ec4d6f08be46289eae31ae645084f05a9193916d8438d173a6743bc145795a64d7b1dd6f2eb79b4177a455933fe41db635e08a1719ac022e184b30a9406e69efd25bceb66819017a1050c36afb42a765bd284dad34ca573ce2f9fff6480a60faee37f76107394233ceffbc840d783c63ead2f4b8abadd200f77d2c4d7316e4806c351443f3620049640e228f1d7a7e1b24dc211fbbb0f8f2aadda8473f96de72afc94aaec7e369a2a67006b077c0b89f0f90359abc9709bfd2430387f03d8bdffb0ac5d6bb5b917e949dc20ef4b2cdcf18d8ade9e99428c3dd47d92bfdadb4d853bde01204e41b13ab510f8f44ef04d673d41fdf1cd535c788ac1816773fb1a91a21c37195a26438275c9a68d2cd926fd4b1bdb35f6e39a5122b0c0363c4871cd126aa6c87f659220778dbd6b682acfce7bca0c508e082e4ef75598ba18157ae63c27eb1d73f33cf7507b3b8c88f3e9b3abf99a0899b0b6011b7ae64d57d5350f4738e026ece94c991970c98127bca8407ccb2726dc8e300ae40bf16bff5a30bcd406a157cf4b8a92d6522d77c0c5972c8e625f82860a7bf655448a23a89bec898b4a2a89b0c0c1d95cf728ee2e4e1683698640ab9c259e9076e635440e74dba0b36e897a6375157f1e954aa8df4c5c29c8dfee31124d01735645e0e2a856dd776fe4f7041131bf1bed69833ee3fdb5df28cd69c14778a8bdb6243bb098e0127d628beb1c3883e0838acadf8ae2063226ef7becf4b6038f7a152bc45903520eb"}, [0x3, 0x0, 0x6, 0x8001, 0x37f9, 0x9, 0x4, 0x3, 0x3, 0xffffffffffffffff, 0x9, 0x400, 0x1, 0x1, 0xb86b, 0x50, 0x3, 0x2, 0x7, 0xf, 0x9, 0xff, 0xd7cf, 0x3, 0x6, 0x6, 0x8, 0x8, 0x1800000, 0x9, 0x9, 0x6, 0x0, 0x6, 0x77ee806f, 0x4, 0x6, 0x4, 0x39, 0x2, 0x4, 0x85e, 0x1e, 0x0, 0x4a3, 0x6, 0x261, 0xfffffffffffffffb, 0x1600000000000000, 0x1ff, 0x6226, 0x9c, 0xdc46, 0x7, 0x3a1, 0x3, 0x0, 0x4aa7b786, 0x3, 0x8000000000000000, 0x0, 0x9000000000000, 0x0, 0xffffffff]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002000000085000000a0a900009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000300)="e02742e8680d85ff978276fcf294", 0x0, 0x4002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x7, 0x8, 0x101, 0x14}}}]}, 0x78}}, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'dummy0\x00', 0x3}, 0x18)
syz_open_dev$vim2m(&(0x7f0000000080), 0x80020001, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000430007010000000000000000047c000008"], 0x1c}}, 0x48844)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x52, 0x0, &(0x7f0000000080))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_KEY(r8, 0x0, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
read$FUSE(r9, &(0x7f0000001f40)={0x2020}, 0x2020)

4.777146596s ago: executing program 9 (id=1092):
keyctl$get_persistent(0x16, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000))
r0 = socket$pppoe(0x18, 0x1, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008814}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000800)={<r1=>0x0, "381087e4ee6ee5bcfdd4109df5350e18"})
ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f0000004680)={0x0, 0x6, @start={r1, 0x0, "02946fc3e484604bdc79a15b34e90c8570939028d98ffbb3d6a35290f1321158eb10338e75b0a19baed79103aeb34efc8a17efb9794dafe417a78da8826346e5550fdade8ca4e70d6f12bb2acd8c9f6fcaaa71946d76787265da34ba3dcbd972a637f6adfc6ad9bd646f88cc29c039212f37c7bb4b4dc99135f3c0da2ac8448dee968924a13967ae4aff4be24a5be39853b005a00b549088c3f75a979bda4665b7df1fff394d7c5d26d12aafcc2a28640822418fea729e401a8d09952c46e72660dac4718179da939eee60f152bb5725acf5665de8857e617b1d7d6601a8ff74de61c0e9aa23236e15e86fa559675209d2274faadffb31ac6fd6d0c78e223373d6edbce563df82eabcbbc68738d6807dfade15ac46618dd5e75d22ec19791a5b6237f495dfcfad0e252fbd1028bdb001918ee127e89518313e6a7b97a06bab576d7ddbf2a4f5b17b301b56e6f4fc2a9c5e98083e88620108ecaacabaf00af04e635b092411431eba1dbba687a9e99dcb986b7a10ad11e864f6dff6793799de174f82d032eb799f933f9f10f1eaa1ec0a6623f228191507e50b6f66691fa1dd86051c89c05b3d66bbbcd1f6a3268595c8ba67efa53c2a8db76c3f184c3563aac9b97c016945dd5e73bab46a840a8b463268ebf4b21015cc2b9e4ada4cd2908afd9c7396c199b9c1c30086a46fe0684cf197f2fdaf3608144ecd0870f332f6282a4367545f6e25617d2088afa3e570f12a0e91a70ff73c4c1c2540410d14af73d7c76651ef9537fd3730074ebe0dff898523e7f2345343edc2a9531e3a2f7e2809c0073d417f20a69f152cd961549d40bbf563b3ea0a536152ce611606fe8fb92d30ce5bedc2e9aedd828e05fea3fc8f60e2f384e2b40df6f45d704b97babb4189dbcbfaf0c04eac973c87e3a42c8595692f3f3b497f9b5db63bcc4893553187411941017fcd012376f7c79a33f5be10a73176b1f737d4afcb95f08c336ffff83b00b115eb1015e8f126f40c420c6e84da0081384cb60f6e93677a8f954c4e1834c8f21096eb78c4172ae92c25a8b529deada113a115294285ba5b1d404a26cd03d0b6f237fdb2653a20f7b73d1e5a5a304d85f73ed20d667b0a2a1ddce9cd975205d2032888d1cfea0b863294c96bd41fcd2dc43a7414987955ae6e4f670d7367e6e4d19d5776b202aa18f977a28188fa3110b11c3cb1cc1575e6f36783871116a9b14816ca8c3d1e0d94e84fdd7f0cb40c457aa14e50be953ba57a1f77be58f298d78963b1611b1c241b8074546bbcd317bdf3e285d880ea01b71e8310d8dc03e70b32e03f31168dd191b33c8f80cde6da217f8ae2ce0a1020c1818a3de50d74033b9bc33a568ecd863b78361d0dcb91a77ac1c2fcf879ded11d6d44dbeb86d45cd1b324c555a2ae33786c793738587f58bb1a29abf35dd08790534cc6853c2efa", "de7ce4fe57b1fe44c6e0ef886bbf5c2e628a69d17a3943eda0c82414ad4eee3c1b3081203075ae276730ff003df985143e55fd6d34e6d204255369709363ee5df436d79900f91e4fb8b3fe0a5ae49307a56cc57f0b1a0b2b6ecaabcb62856f20429d2eed9e2589d9d875b11fa851c1405316a9635f4fa2fdfe5056d41b5d340fd84c88ef9d8963881e00437cda8a0bdca69f24c56f4356b0f27d747dda55fe73032c779517da1972205094d2669af53c33a183e5eee798b2cb49adfdb4360e427390ac8c9e26c02587cd46ef67871e4fd0314bec3dd2d332f15e96a75da16a8111a98fb565b4c19ac97154b513981b32c0230cde7a7b0bc1aabe7a71c0593be72bcf69559721c4490ad72d6ea5ab2e99438e477aefe3e46d44bf1bef3a80aa6c434a7c90c6867b505b25a22595e59ba54b89c4e89bbf0afb768064c8f24e90708c026c2757610b7aba4e311611a605048736bc92f41e3a687585b7cfc14c1c90ba0aa7e677c3582986c8faf95159c3412ea9193918bb0172a670c8b6f2ab7949122200b4e992e36c69d2702301df97a92371c5dd9d0bd9cb9692682a60ab27635359a1cedd68baf8317b77a68d8c723a24d041ec7b0a429df932673e83afb1bfc971bf9079d7377631d8fdb9422fd85d923225e731194638e4e0c0dec6f1ebd0b0ec4d6f08be46289eae31ae645084f05a9193916d8438d173a6743bc145795a64d7b1dd6f2eb79b4177a455933fe41db635e08a1719ac022e184b30a9406e69efd25bceb66819017a1050c36afb42a765bd284dad34ca573ce2f9fff6480a60faee37f76107394233ceffbc840d783c63ead2f4b8abadd200f77d2c4d7316e4806c351443f3620049640e228f1d7a7e1b24dc211fbbb0f8f2aadda8473f96de72afc94aaec7e369a2a67006b077c0b89f0f90359abc9709bfd2430387f03d8bdffb0ac5d6bb5b917e949dc20ef4b2cdcf18d8ade9e99428c3dd47d92bfdadb4d853bde01204e41b13ab510f8f44ef04d673d41fdf1cd535c788ac1816773fb1a91a21c37195a26438275c9a68d2cd926fd4b1bdb35f6e39a5122b0c0363c4871cd126aa6c87f659220778dbd6b682acfce7bca0c508e082e4ef75598ba18157ae63c27eb1d73f33cf7507b3b8c88f3e9b3abf99a0899b0b6011b7ae64d57d5350f4738e026ece94c991970c98127bca8407ccb2726dc8e300ae40bf16bff5a30bcd406a157cf4b8a92d6522d77c0c5972c8e625f82860a7bf655448a23a89bec898b4a2a89b0c0c1d95cf728ee2e4e1683698640ab9c259e9076e635440e74dba0b36e897a6375157f1e954aa8df4c5c29c8dfee31124d01735645e0e2a856dd776fe4f7041131bf1bed69833ee3fdb5df28cd69c14778a8bdb6243bb098e0127d628beb1c3883e0838acadf8ae2063226ef7becf4b6038f7a152bc45903520eb"}, [0x3, 0x0, 0x6, 0x8001, 0x37f9, 0x9, 0x4, 0x3, 0x3, 0xffffffffffffffff, 0x9, 0x400, 0x1, 0x1, 0xb86b, 0x50, 0x3, 0x2, 0x7, 0xf, 0x9, 0xff, 0xd7cf, 0x3, 0x6, 0x6, 0x8, 0x8, 0x1800000, 0x9, 0x9, 0x6, 0x0, 0x6, 0x77ee806f, 0x4, 0x6, 0x4, 0x39, 0x2, 0x4, 0x85e, 0x1e, 0x0, 0x4a3, 0x6, 0x261, 0xfffffffffffffffb, 0x1600000000000000, 0x1ff, 0x6226, 0x9c, 0xdc46, 0x7, 0x3a1, 0x3, 0x0, 0x4aa7b786, 0x3, 0x8000000000000000, 0x0, 0x9000000000000, 0x0, 0xffffffff]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002000000085000000a0a900009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000300)="e02742e8680d85ff978276fcf294", 0x0, 0x4002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x7, 0x8, 0x101, 0x14}}}]}, 0x78}}, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'dummy0\x00', 0x3}, 0x18)
syz_open_dev$vim2m(&(0x7f0000000080), 0x80020001, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000430007010000000000000000047c000008"], 0x1c}}, 0x48844)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x52, 0x0, &(0x7f0000000080))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_NEW_KEY(r8, 0x0, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
read$FUSE(r9, &(0x7f0000001f40)={0x2020}, 0x2020)

4.573219311s ago: executing program 6 (id=1093):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x102)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000600)={0x0, 0x0, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x1, [<r3=>0x0], [], [0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0xf, 0x8]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={r3, 0x0, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f0000000200)={0x0, 0x3f, r4})

4.537855535s ago: executing program 1 (id=1094):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRESHEX=r0, @ANYRES32=r1, @ANYBLOB="0980", @ANYRESHEX=r1, @ANYRES16], 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="700000000001010400000000000000000200000a2400018014000180080001000000000008000200e00000010c0002800527eac0f500000024000280140001800800010000000000080002007f0000010c000280050001000000000008000740000000000c00068008000100e0000001"], 0x70}}, 0x4000010)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000280)={0x41}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYRESDEC=r5], &(0x7f00000002c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x8, 0x3, 0xa08, 0x100, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x970, 0xffffffff, 0xffffffff, 0x970, 0xffffffff, 0x3, 0x0, {[{{@ip={@broadcast, @private, 0x0, 0x0, 'batadv0\x00', 'batadv_slave_0\x00', {}, {}, 0x21}, 0x6, 0xa0, 0x100, 0x0, {}, [@common=@inet=@dccp={{0x30}}]}, @common=@SET={0x60}}, {{@ip={@loopback, @dev, 0x0, 0x0, 'veth0_virt_wifi\x00', 'bond_slave_0\x00'}, 0x0, 0x850, 0x870, 0x0, {}, [@common=@unspec=@u32={{0x7e0}, {[{}, {[{0x0, 0x2}]}, {[{}, {}, {}, {}, {}, {0x1ff}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7fff}]}]}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xa68)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r8}, 0x18)
pause()
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r10 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r11 = dup2(r10, r10)
ioctl$BLKTRACESTOP(r11, 0x1275, 0x0)
ioctl$RTC_PIE_OFF(r11, 0x7006)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000006000000000000000000000d00000000000000000000000d04000000000000000000000200000000040000000000000f03000000000000006100baceb551b10339e6cb3d0d2ba43ea66173652686dc6d2835c3b4b4bdd2a192152b8035b63767f4773575b42aefd1ca6a1bd4a6f6f0cce20ccb6b4ca73e671bc2c581c816a9b8"], 0x0, 0x4e, 0x0, 0x1, 0x8, 0x0, @void, @value}, 0x28)

4.101548101s ago: executing program 8 (id=1095):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='fdC', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r5, 0x0, 0x0)
write$FUSE_NOTIFY_DELETE(r2, &(0x7f0000000240)=ANY=[@ANYBLOB="2a00080006000000000449b7e0b853000000985040c1a5e460a22b7b20000000010000000000000000000000002000"], 0x2a)
syz_fuse_handle_req(r2, &(0x7f00000083c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b0100afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098943bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcae581dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be50f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000062aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c25f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="b00000000000000000000000000094250d27187d305e5d25e8da50b24c935200000020000000000000000000000000010000000000020000000000000000000000000000000000000061230000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000087c3ed5d83053e", @ANYRES32=r4, @ANYRESOCT=r1, @ANYBLOB="002000000000000000000000000066000000000000000000000000000000000327571281bfed9cdf5c2442198aea5f9753459cfd7fb3706f1125a43b7134323449bb86a8c6f9f301afd2de8210ea3455cc32d213de2384f8a17b12440bbb497b5bbee6c0f0ed8162c7c4047ee12c44a9bff1730b38a6cc5a41a10f14806f7319a652cb7fd8373af689b69bf32c2ce0f22da6e3c7f2f2a50621879dc2851d6f5b06da9b50c3110de6611c2f905090a80e2bedbaf6884f44309bed2fc3b4fc1e5e42a4852d355b"], 0x0, 0x0, 0x0})
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$kcm(0x29, 0x2, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r11 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r11, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
ioctl$sock_kcm_SIOCKCMATTACH(r9, 0x89e0, &(0x7f0000000040)={r11, r10})
setsockopt$sock_int(r11, 0x1, 0x20, &(0x7f0000000440)=0x9, 0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0xb, 0x8, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)

4.04387809s ago: executing program 4 (id=1096):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x3f, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x5, 0x7}, {}, {0xa, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200c0e9}, 0x20000004)

3.278457119s ago: executing program 6 (id=1097):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="59528d1f5911dbb718877a83e86011324c69d8b96661b0bea718508867f40d3258e1d1f2cb4cbd7a2c3764f9ea886da530ba63c5c746374f6295c9b574dd158e37d9d7c6a746a34ccfcbef374823a8b527d4db9d9a8a514f528147b50c27cb2d01940830fe1adb2ee915344a11d7a62b7fb592652da92d68c2ae2c75a8aa1511e71c056118d289d79257eacb8b2803d89dfc8ab5d1185c9188f6d43e6d421774c8a37b7df0c7d52201942a66bd45e2d999791ae431fd7771776788e66a19a33602132afce66d2d1c5c93dd8b150c0d9c123c6c2ddf22f88a2007a861816d4032e27ed444113caef83f", 0xe9)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0xc}, {}, {0x7}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0x1000}]}}]}, 0x38}}, 0x0)

3.232319802s ago: executing program 1 (id=1098):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x403, 0x6030, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x2}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0xba, 0x0, &(0x7f0000000080))
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000000daadd20001000004080000000000000002000000200000000000000000000009030000000000000000000004000000000000801d7017f7b58771289375f6bdd00b7b714bc256ee3d658874e05b8eabfe2d1df12f4c65acc74a1baffe5b6fa335b8198aeb6be881ae562f36240969ee10e289e07e6bcd01848db39f440ef0af93d01e57c95116f4739c313aa55d599c4a7220"], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xb, &(0x7f0000000500)=ANY=[@ANYRES32=r2], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback=0x10, r2, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
r3 = syz_usb_connect(0x0, 0x44, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000010b86b20d112391400000102030109023200010000100009041b00007fb1fd000a24010700020201020c24020103020604000007090b2408048000fc751065a3ba27a02a6a504973f1cd5407a5ac38867b2c6ba20e875f7a6bb82cc6eb2d12c26fdfcd7a601ea2dad6c4a54453fe9d2ebc28cc5f29"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x3, 0x84, &(0x7f0000000580)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x72, 0x2, 0x1, 0x2, 0xc8, 0x4f, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "8b8577cf84"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x3, 0x4, 0x4, 0x6}, {0x6, 0x24, 0x1a, 0x6, 0x34}, [@dmm={0x7, 0x24, 0x14, 0xf, 0x3ff}, @country_functional={0xa, 0x24, 0x7, 0x9, 0x4, [0x101, 0x4]}]}, {{0x9, 0x5, 0x81, 0x3, 0x200, 0x5, 0x5, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x0, 0x8, 0xf9}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x5, 0x8, 0x8}}}}}}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x110, 0x64, 0x3, 0x3, 0x8, 0x7}, 0x52, &(0x7f0000000680)={0x5, 0xf, 0x52, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x4, 0xeb, 0x6, 0x12ef}, @ss_container_id={0x14, 0x10, 0x4, 0xf2, "54d4bdc631bdfd166c8640c3696ec96b"}, @ext_cap={0x7, 0x10, 0x2, 0xe, 0x9, 0x6, 0x40}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "e90672d83edae7dcc746242f07b14da3"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x40, 0x28, 0x9}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x3, 0xfb, 0x9, 0x9}]}, 0x2, [{0x77, &(0x7f0000000700)=@string={0x77, 0x3, "ebbb9b01cc1c2352a8f46143e23f68c8e6c597a1eb842043737e62e3d263d0f9e3f110b0afa2c169635c2e2d9deff9568d3469fde4c98d846f83824b811ba2c4e0f140c861f9d79376967af1781af2b2c06191c0ffb1eec6e70c8b0768c23dba96d88e374727887213342bd6a4cdfdab2b5adaea63"}}, {0x90, &(0x7f0000000780)=@string={0x90, 0x3, "f9f7a68fd1d47419dd5cc54011b14a733ff312a1ec3a784975f361fa9b61ef38746747bded8eef6129116f3ea9072c89597ea9284add08a429a241657833f683a4d554056dee25fc832bc12bb45275247a4130e4721958d0e0d77eab42522c679940600f90a7721925664704865cdf6b6d1c3290fc9ac9cb6b9996eaa082a8246c3ed5f6fe8111dcf3c2814a394d"}}]})
syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000500)={0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="001304"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x1000006, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r7=>0x0})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', r7, @cgroup_device, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f0000000380)={0x1c, &(0x7f0000001100)=ANY=[@ANYBLOB="201812000000e440877e1aeff9a181975b9cc2a535b966cdde68b7ed362d84a37133a7d7078be4d3df2d0c83b97cb140ef15b2db09b069a42a0cbeb4626f452c0689ab1eb70020ba1200f81bfdf9b3ccc74e67486d1678b6743a885060ace541e3732d6e1cddd1503e9228682347d73b2836ec2189c420b516f5e215961ee12cbd6b1be290770b4d063414b6cc7e6b5dc1a1e421ba09cf4631c5ba3ab4b8a46768a3184b30153e9676c6a6eb89615379940575805a8cd8ee2bcbd8ec8e8dea733d5bdf84ec4540df16e125a27ebd0729a1ea77f364dff79b938cf87b267a"], 0x0, 0x0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00220200bb7f014b84e92d157915ae8952e0556fbfcb426baedfae66d8af0000000000003557e9c73aa54eaa3aebaad89c6147efa879644e335673eefbd4"], 0x0}, 0x0)

3.071399178s ago: executing program 9 (id=1099):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x0, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r1, 0x71, 0x8000000, r2, 0x0)
fanotify_mark(r1, 0x12, 0x8000001, r0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = fanotify_init(0x4, 0x101000)
r6 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r5, 0x641, 0x1019, r6, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r7, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r7, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_clone3(&(0x7f0000000340)={0xa04000, &(0x7f00000000c0), &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000140), {0x24}, &(0x7f0000000180)=""/62, 0x3e, &(0x7f0000000280)=""/170, &(0x7f00000001c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x7, {r7}}, 0x58)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
timer_getoverrun(0x0)
sched_setaffinity(r9, 0x8, &(0x7f0000000200)=0x80000001)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x9, 0xcc, 0x1, 0x4, 0x81, 0x1, 0x1, 0xff, 0x5, 0x4, 0x1, 0x9, 0xa, 0x2, 0xd, 0x5}})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8001], 0x1, 0x3c4210})
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2.943870102s ago: executing program 4 (id=1100):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x7800, 0x1, 0x5, 0xfffffffd, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @broadcast}}}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f00000000c0), 0x4)
r1 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, 0x0, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x4)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, &(0x7f0000000000), 0x4)
r2 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_CROP(r2, 0x4014563c, &(0x7f0000000100)={0x9, {0xa2, 0x4, 0x1, 0x80000001}})
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
listen(r3, 0x20000005)
r4 = socket$inet(0x2, 0x6, 0x0)
connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)

2.905916324s ago: executing program 6 (id=1101):
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r0, 0x0, 0x0)

2.828504967s ago: executing program 4 (id=1102):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
open(&(0x7f0000000100)='./file0\x00', 0x880ff, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200"/47], 0x0, 0x37, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r4 = userfaultfd(0x1)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
syz_io_uring_setup(0x95, &(0x7f0000000140)={0x0, 0x2, 0x4c00, 0xfffffffc, 0x22d}, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x3, 0x0, 0x0, 0x8, 0x2, 0x0, 0x0, 0x0, 0xdf, 0x0, 0x8000000000000001}, {0x2000, 0x0, 0x0, 0x0, 0x0, 0xea, 0x0, 0x8, 0xfc, 0x0, 0x0, 0x0, 0x800000100000000}, {0x1, 0x5, 0x76, 0x24, 0x0, 0x40, 0x4, 0x0, 0x1, 0xff, 0x0, 0x0, 0x8}]})
read$FUSE(r2, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0xffffffffffffffda, r5, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0xfffc}}, 0x50)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000000000003f00000008000300", @ANYRESDEC=r3, @ANYBLOB="1c005e80080007004501fffa0800060007000000080005"], 0x38}, 0x1, 0x0, 0x0, 0x40041}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b40200000000000061116900000000008500c782c91900009500000200000000"], &(0x7f0000000380)='GPL\x00', 0x5, 0xff92, &(0x7f00000003c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x36c, 0x10, &(0x7f0000000000), 0x26, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r7, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000440)=ANY=[@ANYBLOB="100000000114"], 0x10}}, 0x0)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[], 0x5c}, 0x1, 0x0, 0x0, 0x20008040}, 0x0)

2.690799398s ago: executing program 6 (id=1103):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000951c0000000000003d29b65d60dc9ecf9a498a1b59"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close_range(r3, 0xffffffffffffffff, 0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="b75f33b71800"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000a20500007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r6, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$igmp6(0xa, 0x3, 0x2)
r7 = socket(0x10, 0x3, 0x0)
write(r7, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r9, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYRES32=r1, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="64c200e10000000000000000", @ANYRESHEX=r0], 0x0)
recvmmsg(r7, &(0x7f0000006340)=[{{0x0, 0x47, 0x0, 0x0, &(0x7f0000001740)=""/17, 0x11}, 0x80}], 0x1, 0x0, 0x0)

2.687725416s ago: executing program 9 (id=1104):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0))
read$dsp(r0, &(0x7f00000002c0)=""/59, 0x17d)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$kcm(0x29, 0x7, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0900000081000000040000000380000016000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000002408d3cacef7fda0000000000"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
setsockopt$inet_udp_int(r2, 0x11, 0x1, &(0x7f00000006c0), 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002940)={0x2c, r1, 0x8, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0xcb}]}, 0x2c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r7, 0x0, 0x9}, 0x18)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="a1ab0000000000000e003200000008001701"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000700)={0x3a8, r10, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME={0x382, 0x33, @reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x6}, @device_b, @device_a, @random="2852580fe82e", {0x9, 0xc4d}, @value=@ver_80211n={0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0x10, 0x9, @device_a, {0x0, 0x6, @default_ap_ssid}, @void, @void, [{0xdd, 0xc0, "e34a380161606af90586c639ddf740deb5b6edde1a57c514121d8ef11f7125cb2b301d61f1707f6c84c2fcce675d22f4d1d136f54d80fb02551a729516644b1d0cb9c85c84195b9dc70596d68cafc8bf9fa07d665afa3e0fea2f23359699e59c6501b1876f5763e62dea8224d5f90422c266fecf340d2392aba006ecc7aeee2905bdfe6163d92ca002acc4b9a2ad67359afab4204bd3304aa9aa268b6a19e93a218665561d6ef6a33d676a0aa4c1bb579fa77dfe611c908fcc7ff0b324f2f027"}, {0xdd, 0xa5, "a8a3da63ce2563253d8c5d5266c26bc7d802876e3ccb60cf70b137823f92343a080849fdeda4c0dd18b1067b83c47bb03652e6090b547ee376d8f26d9c58a976caf068323b48f850fa1ceb963957b4b4239158e367d33b9827eab49c1d56c198e3cf5f945f1f5a990a7c653db9d784a5ef8c0abaddecf72a7cb6108d9d42cb2bff0dcd65f776186cd84b1fea2bd69ea43f31dc5dd1e7be5fd17e7f52b0c33e21c959c34673"}, {0xdd, 0x8a, "1623ebeab7bd36c96a9bdf1bdd8e2249d5f1b2275a1a0fab0f678b1951b594a6e0b77050d286814245b45651637d82fb489c5eed3cbc337535f1fb12ee1317c837252ee737c975a9106d95e390c46fb226cb4a7ee17014e619442ffa95bad2b7efd887cc9597536ce3694d464fbb7a4f83131d3358f381e1698dbe9b3f13584f2a4a64881691dadda000"}, {0xdd, 0x6b, "4284d3f3814dec677f85ccf36db808198cbb2f6eb78916b761a8c0e07b41e5f559c11f8618e4a1088a68054a8103ff9bfae9153625ad9f7320835f414ef0fdee83ef960e9e014de9bc1712e29b7b8a944b1f1b6f63fb5856c68af37e571cb69417d3bb3d36f372cd750e9f"}, {0xdd, 0x98, "d66358aef83cc8be5e0866b11d3c211ed75990ae719d8749b716e8da98badb1a4ba09f8af0b03214a7f92c5105f88f628d6e6c282abc45028d5c8c4fdec65f0ff31868135987f7651e8ddc3a99d0302f0bfc1e364d5ed10bca4d387bfd1968d07c107b4793881fd06c40486ee41b2767c2a536c1bf7f9ec7b0d15395b4d0bd95ed49fc7f34f1307a53ce52a8a12c3dbd0844e939e4b94333"}, {0xdd, 0x52, "f731fb0ef7c749f3ac8f77b43ca48b0ffd832d10fe47d4997d6f5361a8b0a7138b5164badf0f0b597efface36a4a6374514008d2ef40cafbca5ac76da7ec31a85b8b678a4bdda1af600847151a8511656c4e"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)

2.091736083s ago: executing program 6 (id=1105):
io_uring_setup(0xdac, &(0x7f0000000180))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x803})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000001280)=0x15)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1, <r5=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000200)={@loopback, @empty}, &(0x7f0000000240)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1e00000078450000060000000000000000a10000", @ANYRES32=r5, @ANYBLOB="8100"/20, @ANYRES64=0x0, @ANYRES32, @ANYBLOB="030000000100"/20, @ANYRES32, @ANYBLOB='\x00'], 0x50)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000002c0)=0x7e)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r6}, 0x10)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000b40)="d80000002f0081024e81f782db44b904021d080005000000e8fe55a1180015000600142603600e120900210000000401a8001600a4000140060000090000000000000000000021d67f5194007134cf6ee08000a0e408e8d8ef52298516277ce06bbace8017cbec4c2ee5a7cef4091b14d6ba30dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809f6e1cace81ed0bffece0b42a9ecfee5de6ccd40dd6e4edef3d93452a92954b4337f97d1d713e0de0932133b9290858", 0xd8}], 0x1}, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x7e)
r8 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000000)={'vcan0\x00'})

2.078460228s ago: executing program 8 (id=1106):
keyctl$get_persistent(0x16, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000))
r0 = socket$pppoe(0x18, 0x1, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008814}, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r0, 0xd000941e, &(0x7f0000000800)={<r1=>0x0, "381087e4ee6ee5bcfdd4109df5350e18"})
ioctl$BTRFS_IOC_DEV_REPLACE(0xffffffffffffffff, 0xca289435, &(0x7f0000004680)={0x0, 0x6, @start={r1, 0x0, "02946fc3e484604bdc79a15b34e90c8570939028d98ffbb3d6a35290f1321158eb10338e75b0a19baed79103aeb34efc8a17efb9794dafe417a78da8826346e5550fdade8ca4e70d6f12bb2acd8c9f6fcaaa71946d76787265da34ba3dcbd972a637f6adfc6ad9bd646f88cc29c039212f37c7bb4b4dc99135f3c0da2ac8448dee968924a13967ae4aff4be24a5be39853b005a00b549088c3f75a979bda4665b7df1fff394d7c5d26d12aafcc2a28640822418fea729e401a8d09952c46e72660dac4718179da939eee60f152bb5725acf5665de8857e617b1d7d6601a8ff74de61c0e9aa23236e15e86fa559675209d2274faadffb31ac6fd6d0c78e223373d6edbce563df82eabcbbc68738d6807dfade15ac46618dd5e75d22ec19791a5b6237f495dfcfad0e252fbd1028bdb001918ee127e89518313e6a7b97a06bab576d7ddbf2a4f5b17b301b56e6f4fc2a9c5e98083e88620108ecaacabaf00af04e635b092411431eba1dbba687a9e99dcb986b7a10ad11e864f6dff6793799de174f82d032eb799f933f9f10f1eaa1ec0a6623f228191507e50b6f66691fa1dd86051c89c05b3d66bbbcd1f6a3268595c8ba67efa53c2a8db76c3f184c3563aac9b97c016945dd5e73bab46a840a8b463268ebf4b21015cc2b9e4ada4cd2908afd9c7396c199b9c1c30086a46fe0684cf197f2fdaf3608144ecd0870f332f6282a4367545f6e25617d2088afa3e570f12a0e91a70ff73c4c1c2540410d14af73d7c76651ef9537fd3730074ebe0dff898523e7f2345343edc2a9531e3a2f7e2809c0073d417f20a69f152cd961549d40bbf563b3ea0a536152ce611606fe8fb92d30ce5bedc2e9aedd828e05fea3fc8f60e2f384e2b40df6f45d704b97babb4189dbcbfaf0c04eac973c87e3a42c8595692f3f3b497f9b5db63bcc4893553187411941017fcd012376f7c79a33f5be10a73176b1f737d4afcb95f08c336ffff83b00b115eb1015e8f126f40c420c6e84da0081384cb60f6e93677a8f954c4e1834c8f21096eb78c4172ae92c25a8b529deada113a115294285ba5b1d404a26cd03d0b6f237fdb2653a20f7b73d1e5a5a304d85f73ed20d667b0a2a1ddce9cd975205d2032888d1cfea0b863294c96bd41fcd2dc43a7414987955ae6e4f670d7367e6e4d19d5776b202aa18f977a28188fa3110b11c3cb1cc1575e6f36783871116a9b14816ca8c3d1e0d94e84fdd7f0cb40c457aa14e50be953ba57a1f77be58f298d78963b1611b1c241b8074546bbcd317bdf3e285d880ea01b71e8310d8dc03e70b32e03f31168dd191b33c8f80cde6da217f8ae2ce0a1020c1818a3de50d74033b9bc33a568ecd863b78361d0dcb91a77ac1c2fcf879ded11d6d44dbeb86d45cd1b324c555a2ae33786c793738587f58bb1a29abf35dd08790534cc6853c2efa", "de7ce4fe57b1fe44c6e0ef886bbf5c2e628a69d17a3943eda0c82414ad4eee3c1b3081203075ae276730ff003df985143e55fd6d34e6d204255369709363ee5df436d79900f91e4fb8b3fe0a5ae49307a56cc57f0b1a0b2b6ecaabcb62856f20429d2eed9e2589d9d875b11fa851c1405316a9635f4fa2fdfe5056d41b5d340fd84c88ef9d8963881e00437cda8a0bdca69f24c56f4356b0f27d747dda55fe73032c779517da1972205094d2669af53c33a183e5eee798b2cb49adfdb4360e427390ac8c9e26c02587cd46ef67871e4fd0314bec3dd2d332f15e96a75da16a8111a98fb565b4c19ac97154b513981b32c0230cde7a7b0bc1aabe7a71c0593be72bcf69559721c4490ad72d6ea5ab2e99438e477aefe3e46d44bf1bef3a80aa6c434a7c90c6867b505b25a22595e59ba54b89c4e89bbf0afb768064c8f24e90708c026c2757610b7aba4e311611a605048736bc92f41e3a687585b7cfc14c1c90ba0aa7e677c3582986c8faf95159c3412ea9193918bb0172a670c8b6f2ab7949122200b4e992e36c69d2702301df97a92371c5dd9d0bd9cb9692682a60ab27635359a1cedd68baf8317b77a68d8c723a24d041ec7b0a429df932673e83afb1bfc971bf9079d7377631d8fdb9422fd85d923225e731194638e4e0c0dec6f1ebd0b0ec4d6f08be46289eae31ae645084f05a9193916d8438d173a6743bc145795a64d7b1dd6f2eb79b4177a455933fe41db635e08a1719ac022e184b30a9406e69efd25bceb66819017a1050c36afb42a765bd284dad34ca573ce2f9fff6480a60faee37f76107394233ceffbc840d783c63ead2f4b8abadd200f77d2c4d7316e4806c351443f3620049640e228f1d7a7e1b24dc211fbbb0f8f2aadda8473f96de72afc94aaec7e369a2a67006b077c0b89f0f90359abc9709bfd2430387f03d8bdffb0ac5d6bb5b917e949dc20ef4b2cdcf18d8ade9e99428c3dd47d92bfdadb4d853bde01204e41b13ab510f8f44ef04d673d41fdf1cd535c788ac1816773fb1a91a21c37195a26438275c9a68d2cd926fd4b1bdb35f6e39a5122b0c0363c4871cd126aa6c87f659220778dbd6b682acfce7bca0c508e082e4ef75598ba18157ae63c27eb1d73f33cf7507b3b8c88f3e9b3abf99a0899b0b6011b7ae64d57d5350f4738e026ece94c991970c98127bca8407ccb2726dc8e300ae40bf16bff5a30bcd406a157cf4b8a92d6522d77c0c5972c8e625f82860a7bf655448a23a89bec898b4a2a89b0c0c1d95cf728ee2e4e1683698640ab9c259e9076e635440e74dba0b36e897a6375157f1e954aa8df4c5c29c8dfee31124d01735645e0e2a856dd776fe4f7041131bf1bed69833ee3fdb5df28cd69c14778a8bdb6243bb098e0127d628beb1c3883e0838acadf8ae2063226ef7becf4b6038f7a152bc45903520eb"}, [0x3, 0x0, 0x6, 0x8001, 0x37f9, 0x9, 0x4, 0x3, 0x3, 0xffffffffffffffff, 0x9, 0x400, 0x1, 0x1, 0xb86b, 0x50, 0x3, 0x2, 0x7, 0xf, 0x9, 0xff, 0xd7cf, 0x3, 0x6, 0x6, 0x8, 0x8, 0x1800000, 0x9, 0x9, 0x6, 0x0, 0x6, 0x77ee806f, 0x4, 0x6, 0x4, 0x39, 0x2, 0x4, 0x85e, 0x1e, 0x0, 0x4a3, 0x6, 0x261, 0xfffffffffffffffb, 0x1600000000000000, 0x1ff, 0x6226, 0x9c, 0xdc46, 0x7, 0x3a1, 0x3, 0x0, 0x4aa7b786, 0x3, 0x8000000000000000, 0x0, 0x9000000000000, 0x0, 0xffffffff]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002000000085000000a0a900009500000000000000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0x0, &(0x7f0000000300)="e02742e8680d85ff978276fcf294", 0x0, 0x4002, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x0, 0x7, 0x8, 0x101, 0x14}}}]}, 0x78}}, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r4, 0x0, 0x48b, &(0x7f0000000000)={0x2, 'dummy0\x00', 0x3}, 0x18)
syz_open_dev$vim2m(&(0x7f0000000080), 0x80020001, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000430007010000000000000000047c000008"], 0x1c}}, 0x48844)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x52, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000dc0800000000000000001a00"/24], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = syz_open_procfs(0x0, &(0x7f0000000440)='fdinfo/4\x00')
read$FUSE(r8, &(0x7f0000001f40)={0x2020}, 0x2020)

2.021360471s ago: executing program 9 (id=1107):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x10, 0x4, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000000100000000000000000000007112bf000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
setsockopt$ax25_int(r0, 0x101, 0x9, &(0x7f0000000800)=0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
iopl(0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7, 0x4})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYBLOB="1801000000050000000000000000ea0485000000d000000095"], &(0x7f0000000a00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000000), &(0x7f0000000080)=r4}, 0x20)
sendmsg$inet(r5, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x40)
r6 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f0000000040)={0x8})

1.532397433s ago: executing program 4 (id=1108):
r0 = dup(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$qrtr(0xffffffffffffffff, &(0x7f00000000c0)={0x2a, 0x4}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mremap(&(0x7f00005e1000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mount(0x0, 0x0, &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
mremap(&(0x7f0000ce8000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f00007ce000/0x2000)=nil)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x5412, &(0x7f00000006c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xf, 0x3, &(0x7f0000000180)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x4c, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc34d, @void, @value}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup\x00', 0x200000, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff010}, {0x6, 0x1}]}, 0x10)

1.46935887s ago: executing program 8 (id=1109):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x400000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e2b, @local}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r1, &(0x7f0000000080)=[{0x0}], 0x1, 0x2f, 0x0)

130.683194ms ago: executing program 8 (id=1110):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000000)=ANY=[], 0x8)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000180)="8f470239b8ddb515367e91f1e5b7085990000000000000e5", 0x18, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000040)={@private1}, &(0x7f0000000100)=0x14)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x1407, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x10}, 0x1, 0x0, 0x0, 0x4001}, 0x800)

43.517645ms ago: executing program 6 (id=1111):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x4000000, 0x0, 0xfffffffc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x400], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffc]}, 0x45c)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'})
r2 = fanotify_init(0x10, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x28)
fanotify_mark(r2, 0x455, 0x40001000, r3, 0x0)
fanotify_mark(r2, 0x80, 0x22, r3, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000580)={0xb, {'syz1\x00', 'syz0\x00', 'syz1\x00', 0xae, 0x970, 0x2, 0x0, 0x80000001, 0xd2, "0b2381dfaa479e597882b3d2e75001bb875d970e494344948fa0b21b5b03bbcee588b820f955f4c4b179bfc2a60ad47b1eb95486d77302f5f9c3f706e00490d309c98e1a3d098cbdd19d196e724e03d1d913f9ef066e612691ef689014af2f7f5f54b9b9b8aaa29b6015714f621d4c011b59bf23da381c755e32f4eb8f4f83abfe09e01a94af7fca06a9a5a2cff2a02c920a2e6dfd1f5ef49a2f76a5272d1a2bb7a80e8d74e3bdbfebd78a2d1cf5"}}, 0x1c6)
write$input_event(0xffffffffffffffff, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)

0s ago: executing program 4 (id=1112):
r0 = socket(0x25, 0x1, 0x0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6, 0x10000, 0x1000000}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x81}})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r6 = dup(r5)
bind$bt_l2cap(r6, &(0x7f0000000300)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
listen(r6, 0x0)
open(&(0x7f00000003c0)='./file0\x00', 0x208000, 0x27)
mount$9p_fd(0x0, &(0x7f0000000540)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
write$FUSE_NOTIFY_RETRIEVE(r6, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2f, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000002"], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x1, 0x0, &(0x7f0000000000)='\x00', 0x0, 0x6}, 0x50)
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000040)={0x0, 0x1, 0x3, 0x2, 0x3, [0x0, <r9=>0x0, <r10=>0x0], [0x5fb6, 0x5229, 0x10, 0x6a9], [0x91, 0x80000001, 0x8, 0x5], [0x8, 0x806, 0xe8a, 0x1]})
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f00000000c0)={0x0, 0xc1e, 0x9eb, 0x1, 0x0, [0x0, <r11=>0x0], [0x5, 0x2, 0x6, 0xfffffffe], [0x30ee, 0x2, 0x7f], [0x4, 0x7, 0x1, 0x6]})
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f00000001c0)={0x0, 0x6a2c58a5, 0x2, 0x9, 0x0, [0x0, 0x0, <r12=>0x0], [0x401, 0x984, 0x1, 0x417], [0x5, 0xffff, 0x9, 0xc], [0x2, 0x2abc2b59, 0x5b6d, 0x9]})
ioctl$DRM_IOCTL_GEM_FLINK(r6, 0xc008640a, &(0x7f0000000440)={r9, <r13=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000400)={r13, <r14=>0x0})
ioctl$DRM_IOCTL_MODE_ADDFB2(r6, 0xc06864b8, &(0x7f0000000340)={0x0, 0x773, 0x63, 0x2, 0x3, [r10, r11, r12, r14], [0x1, 0x1000, 0x2, 0x2], [0x5, 0xfe7d, 0x6, 0x4], [0x8896de8, 0x1, 0x18, 0xfffffffffffffffd]})
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ank_simulate: vblank timer overrun
[  420.715826][T10347] 9pnet_fd: Insufficient options for proto=fd
[  420.827693][   T46] usb 7-1: USB disconnect, device number 7
[  420.845856][   T29] audit: type=1400 audit(1741195317.105:2773): avc:  denied  { bind } for  pid=10352 comm="syz.9.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  420.921705][   T29] audit: type=1400 audit(1741195317.105:2774): avc:  denied  { node_bind } for  pid=10352 comm="syz.9.813" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  421.230668][ T5817] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  421.456537][   T29] audit: type=1400 audit(1741195317.105:2775): avc:  denied  { write } for  pid=10352 comm="syz.9.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  421.538397][ T5817] usb 5-1: device descriptor read/64, error -71
[  421.646017][   T29] audit: type=1400 audit(1741195317.105:2776): avc:  denied  { read } for  pid=10352 comm="syz.9.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  421.869745][   T29] audit: type=1400 audit(1741195317.105:2777): avc:  denied  { create } for  pid=10352 comm="syz.9.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  421.931267][ T5817] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  422.145060][ T5817] usb 5-1: device descriptor read/64, error -71
[  422.159470][T10366] FAULT_INJECTION: forcing a failure.
[  422.159470][T10366] name failslab, interval 1, probability 0, space 0, times 0
[  422.172237][T10366] CPU: 1 UID: 0 PID: 10366 Comm: syz.8.816 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  422.172261][T10366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  422.172271][T10366] Call Trace:
[  422.172275][T10366]  <TASK>
[  422.172282][T10366]  dump_stack_lvl+0x16c/0x1f0
[  422.172308][T10366]  should_fail_ex+0x50a/0x650
[  422.172332][T10366]  ? fs_reclaim_acquire+0xae/0x150
[  422.172356][T10366]  ? alloc_pipe_info+0x10e/0x590
[  422.172380][T10366]  should_failslab+0xc2/0x120
[  422.172400][T10366]  __kmalloc_cache_noprof+0x68/0x410
[  422.172432][T10366]  alloc_pipe_info+0x10e/0x590
[  422.172451][T10366]  splice_direct_to_actor+0x793/0xa40
[  422.172477][T10366]  ? __pfx_direct_splice_actor+0x10/0x10
[  422.172508][T10366]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  422.172534][T10366]  ? __pfx___might_resched+0x10/0x10
[  422.172565][T10366]  do_splice_direct+0x178/0x250
[  422.172590][T10366]  ? __pfx_do_splice_direct+0x10/0x10
[  422.172617][T10366]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  422.172642][T10366]  ? bpf_lsm_file_permission+0x9/0x10
[  422.172660][T10366]  ? security_file_permission+0x71/0x210
[  422.172686][T10366]  ? rw_verify_area+0xcf/0x680
[  422.172712][T10366]  do_sendfile+0xafb/0xe40
[  422.172739][T10366]  ? __pfx_do_sendfile+0x10/0x10
[  422.172763][T10366]  ? __fget_files+0x206/0x3a0
[  422.172787][T10366]  __x64_sys_sendfile64+0x1da/0x220
[  422.172804][T10366]  ? ksys_write+0x1ba/0x250
[  422.172828][T10366]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  422.172853][T10366]  do_syscall_64+0xcd/0x250
[  422.172877][T10366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.172900][T10366] RIP: 0033:0x7fd047d8d169
[  422.172914][T10366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.172931][T10366] RSP: 002b:00007fd048b60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  422.172948][T10366] RAX: ffffffffffffffda RBX: 00007fd047fa6080 RCX: 00007fd047d8d169
[  422.172960][T10366] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000008
[  422.172970][T10366] RBP: 00007fd048b60090 R08: 0000000000000000 R09: 0000000000000000
[  422.172980][T10366] R10: 00000000558410e9 R11: 0000000000000246 R12: 0000000000000001
[  422.172990][T10366] R13: 0000000000000000 R14: 00007fd047fa6080 R15: 00007ffdb0618ae8
[  422.173013][T10366]  </TASK>
[  422.409499][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.687268][ T5817] usb usb5-port1: attempt power cycle
[  423.150776][ T5817] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  423.183670][ T5817] usb 5-1: device descriptor read/8, error -71
[  423.293672][T10392] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  423.420721][ T5817] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  423.452100][ T5817] usb 5-1: device descriptor read/8, error -71
[  423.719053][ T5817] usb usb5-port1: unable to enumerate USB device
[  424.366907][ T5817] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  424.448961][T10408] netlink: 28 bytes leftover after parsing attributes in process `syz.6.824'.
[  424.458004][T10408] netlink: 28 bytes leftover after parsing attributes in process `syz.6.824'.
[  424.483641][T10408] erspan0: entered promiscuous mode
[  424.630370][ T5817] usb 5-1: Using ep0 maxpacket: 8
[  424.689427][ T5817] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 56832, setting to 1024
[  424.724769][T10408] erspan0: left promiscuous mode
[  424.910361][ T5817] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  424.940498][ T5817] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  424.970213][ T5817] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  425.060358][ T5817] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  425.086883][   T29] kauditd_printk_skb: 65 callbacks suppressed
[  425.086899][   T29] audit: type=1400 audit(1741195321.415:2843): avc:  denied  { name_bind } for  pid=10413 comm="syz.6.826" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  425.116461][ T5817] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.166512][   T29] audit: type=1400 audit(1741195321.415:2844): avc:  denied  { node_bind } for  pid=10413 comm="syz.6.826" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  425.382065][ T5817] usb 5-1: GET_CAPABILITIES returned 0
[  425.387606][ T5817] usbtmc 5-1:16.0: can't read capabilities
[  425.668860][   T29] audit: type=1400 audit(1741195321.995:2845): avc:  denied  { write } for  pid=10393 comm="syz.4.823" name="usbtmc0" dev="devtmpfs" ino=2924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  426.339238][   T29] audit: type=1400 audit(1741195322.025:2846): avc:  denied  { block_suspend } for  pid=10393 comm="syz.4.823" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  426.361332][   T29] audit: type=1400 audit(1741195322.495:2847): avc:  denied  { read } for  pid=10428 comm="syz.9.828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  426.381997][   T29] audit: type=1400 audit(1741195322.635:2848): avc:  denied  { ioctl } for  pid=10428 comm="syz.9.828" path="socket:[26932]" dev="sockfs" ino=26932 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  426.408719][    T9] usb 5-1: USB disconnect, device number 18
[  426.409201][   T29] audit: type=1400 audit(1741195322.665:2849): avc:  denied  { create } for  pid=10401 comm="syz.8.825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  426.478395][   T29] audit: type=1400 audit(1741195322.665:2850): avc:  denied  { setopt } for  pid=10401 comm="syz.8.825" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  426.524238][   T29] audit: type=1400 audit(1741195322.845:2851): avc:  denied  { read write } for  pid=10433 comm="syz.1.829" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  426.558733][   T29] audit: type=1400 audit(1741195322.845:2852): avc:  denied  { open } for  pid=10433 comm="syz.1.829" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  426.881150][ T5817] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  427.306237][ T5817] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  427.546917][ T5817] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  427.562556][ T5817] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  427.573841][ T5817] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[  427.585031][ T5817] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 253
[  427.599965][ T5817] usb 10-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  427.637535][ T5817] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.652793][ T5817] usb 10-1: config 0 descriptor??
[  427.658828][T10430] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  427.738272][T10455] nfs: Unknown parameter 'ntext'
[  427.784217][T10430] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  428.200444][T10454] netlink: 'syz.4.831': attribute type 1 has an invalid length.
[  428.209383][T10454] netlink: 224 bytes leftover after parsing attributes in process `syz.4.831'.
[  428.420381][    T9] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  428.602332][    T9] usb 7-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  428.621997][ T5817] usbhid 10-1:0.0: can't add hid device: -71
[  428.628095][ T5817] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  428.630286][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.674543][    T9] usb 7-1: config 0 descriptor??
[  428.678790][ T5817] usb 10-1: USB disconnect, device number 3
[  430.417778][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  430.417815][   T29] audit: type=1400 audit(1741195326.705:2866): avc:  denied  { unlink } for  pid=10490 comm="syz.8.835" name="#51" dev="tmpfs" ino=484 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  430.455239][T10146] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  431.050772][    T9] usbhid 7-1:0.0: can't add hid device: -71
[  431.056784][    T9] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  431.074612][   T29] audit: type=1400 audit(1741195326.715:2867): avc:  denied  { mount } for  pid=10490 comm="syz.8.835" name="/" dev="overlay" ino=479 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  431.097114][   T29] audit: type=1400 audit(1741195327.375:2868): avc:  denied  { unmount } for  pid=8297 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  431.169790][   T29] audit: type=1400 audit(1741195327.495:2869): avc:  denied  { ioctl } for  pid=10497 comm="syz.9.836" path="socket:[27718]" dev="sockfs" ino=27718 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  431.173288][    T9] usb 7-1: USB disconnect, device number 8
[  431.219351][T10146] usb 2-1: device descriptor read/64, error -71
[  431.344125][T10502] FAULT_INJECTION: forcing a failure.
[  431.344125][T10502] name failslab, interval 1, probability 0, space 0, times 0
[  431.350503][   T29] audit: type=1400 audit(1741195327.675:2870): avc:  denied  { create } for  pid=10501 comm="syz.6.838" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  431.414963][T10502] CPU: 0 UID: 0 PID: 10502 Comm: syz.6.838 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  431.414990][T10502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  431.415000][T10502] Call Trace:
[  431.415006][T10502]  <TASK>
[  431.415013][T10502]  dump_stack_lvl+0x16c/0x1f0
[  431.415043][T10502]  should_fail_ex+0x50a/0x650
[  431.415070][T10502]  ? fs_reclaim_acquire+0xae/0x150
[  431.415098][T10502]  ? tomoyo_encode2+0x100/0x3e0
[  431.415122][T10502]  should_failslab+0xc2/0x120
[  431.415143][T10502]  __kmalloc_noprof+0xcb/0x510
[  431.415164][T10502]  ? rcu_is_watching+0x12/0xc0
[  431.415187][T10502]  tomoyo_encode2+0x100/0x3e0
[  431.415216][T10502]  tomoyo_encode+0x29/0x50
[  431.415240][T10502]  tomoyo_realpath_from_path+0x19d/0x720
[  431.415268][T10502]  ? tomoyo_path_number_perm+0x235/0x590
[  431.415295][T10502]  tomoyo_path_number_perm+0x248/0x590
[  431.415316][T10502]  ? tomoyo_path_number_perm+0x235/0x590
[  431.415342][T10502]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  431.415391][T10502]  ? __pfx_lock_release+0x10/0x10
[  431.415415][T10502]  ? trace_lock_acquire+0x14e/0x1f0
[  431.415439][T10502]  ? lock_acquire+0x2f/0xb0
[  431.415467][T10502]  ? __fget_files+0x40/0x3a0
[  431.415489][T10502]  ? __fget_files+0x206/0x3a0
[  431.415510][T10502]  security_file_ioctl+0x9b/0x240
[  431.415538][T10502]  __x64_sys_ioctl+0xb7/0x200
[  431.415565][T10502]  do_syscall_64+0xcd/0x250
[  431.415590][T10502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.415615][T10502] RIP: 0033:0x7f61ac58d169
[  431.415630][T10502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.415648][T10502] RSP: 002b:00007f61ad43b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.415667][T10502] RAX: ffffffffffffffda RBX: 00007f61ac7a5fa0 RCX: 00007f61ac58d169
[  431.415679][T10502] RDX: 0000400000000080 RSI: 0000000040047459 RDI: 0000000000000003
[  431.415690][T10502] RBP: 00007f61ad43b090 R08: 0000000000000000 R09: 0000000000000000
[  431.415700][T10502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.415712][T10502] R13: 0000000000000000 R14: 00007f61ac7a5fa0 R15: 00007ffd7c3410f8
[  431.415736][T10502]  </TASK>
[  431.415751][T10502] ERROR: Out of memory at tomoyo_realpath_from_path.
[  431.712138][   T29] audit: type=1400 audit(1741195328.045:2871): avc:  denied  { ioctl } for  pid=10501 comm="syz.6.838" path="socket:[27058]" dev="sockfs" ino=27058 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  431.740591][T10146] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  432.543806][T10510] nfs: Unknown parameter 'ntext'
[  432.900364][ T5865] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  432.937600][   T29] audit: type=1400 audit(1741195329.265:2872): avc:  denied  { create } for  pid=10512 comm="syz.6.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  432.988615][   T29] audit: type=1400 audit(1741195329.315:2873): avc:  denied  { create } for  pid=10514 comm="syz.8.840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  433.180794][ T5865] usb 10-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  433.272768][T10517] netlink: 8 bytes leftover after parsing attributes in process `syz.6.841'.
[  433.311279][T10517] Cannot find add_set index 0 as target
[  433.733404][ T5865] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.750483][   T29] audit: type=1400 audit(1741195329.355:2874): avc:  denied  { setopt } for  pid=10514 comm="syz.8.840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  433.800868][ T5865] usb 10-1: config 0 descriptor??
[  433.922995][   T29] audit: type=1400 audit(1741195329.585:2875): avc:  denied  { create } for  pid=10512 comm="syz.6.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  434.064610][T10523] netlink: 8 bytes leftover after parsing attributes in process `syz.6.842'.
[  434.479306][T10535] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  435.047554][T10539] sp0: Synchronizing with TNC
[  435.680375][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  435.680393][   T29] audit: type=1400 audit(1741195331.335:2887): avc:  denied  { create } for  pid=10529 comm="syz.4.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  435.723976][   T29] audit: type=1400 audit(1741195331.345:2888): avc:  denied  { bind } for  pid=10529 comm="syz.4.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  435.770342][ T5865] usbhid 10-1:0.0: can't add hid device: -71
[  435.782308][T10541] netlink: 84 bytes leftover after parsing attributes in process `syz.6.845'.
[  435.882604][ T5865] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  436.142344][T10547] sp0: Synchronizing with TNC
[  436.671765][T10548] netlink: 12 bytes leftover after parsing attributes in process `syz.8.846'.
[  436.774801][   T29] audit: type=1400 audit(1741195332.995:2889): avc:  denied  { create } for  pid=10540 comm="syz.8.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  436.990305][ T5865] usb 10-1: USB disconnect, device number 4
[  437.116997][   T29] audit: type=1400 audit(1741195332.995:2890): avc:  denied  { write } for  pid=10540 comm="syz.8.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  437.182036][T10552] FAULT_INJECTION: forcing a failure.
[  437.182036][T10552] name failslab, interval 1, probability 0, space 0, times 0
[  437.216716][   T29] audit: type=1400 audit(1741195333.005:2891): avc:  denied  { nlmsg_write } for  pid=10540 comm="syz.8.846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  437.270488][T10552] CPU: 0 UID: 0 PID: 10552 Comm: syz.1.847 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  437.270514][T10552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  437.270524][T10552] Call Trace:
[  437.270529][T10552]  <TASK>
[  437.270536][T10552]  dump_stack_lvl+0x16c/0x1f0
[  437.270560][T10552]  should_fail_ex+0x50a/0x650
[  437.270578][T10552]  ? fs_reclaim_acquire+0xae/0x150
[  437.270596][T10552]  should_failslab+0xc2/0x120
[  437.270609][T10552]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  437.270621][T10552]  ? __alloc_skb+0x2b1/0x380
[  437.270638][T10552]  __alloc_skb+0x2b1/0x380
[  437.270652][T10552]  ? __pfx___alloc_skb+0x10/0x10
[  437.270666][T10552]  ? selinux_socket_getpeersec_dgram+0x1a5/0x370
[  437.270681][T10552]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  437.270700][T10552]  netlink_alloc_large_skb+0x69/0x130
[  437.270717][T10552]  netlink_sendmsg+0x689/0xd70
[  437.270733][T10552]  ? __pfx_netlink_sendmsg+0x10/0x10
[  437.270753][T10552]  ____sys_sendmsg+0xaaf/0xc90
[  437.270764][T10552]  ? copy_msghdr_from_user+0x10b/0x160
[  437.270780][T10552]  ? __pfx_____sys_sendmsg+0x10/0x10
[  437.270797][T10552]  ___sys_sendmsg+0x135/0x1e0
[  437.270813][T10552]  ? __pfx____sys_sendmsg+0x10/0x10
[  437.270834][T10552]  ? __pfx_lock_release+0x10/0x10
[  437.270850][T10552]  ? trace_lock_acquire+0x14e/0x1f0
[  437.270867][T10552]  ? __fget_files+0x206/0x3a0
[  437.270881][T10552]  __sys_sendmsg+0x16e/0x220
[  437.270896][T10552]  ? __pfx___sys_sendmsg+0x10/0x10
[  437.270920][T10552]  do_syscall_64+0xcd/0x250
[  437.270936][T10552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.270951][T10552] RIP: 0033:0x7f1481f8d169
[  437.270961][T10552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.270972][T10552] RSP: 002b:00007f1482d46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  437.270983][T10552] RAX: ffffffffffffffda RBX: 00007f14821a5fa0 RCX: 00007f1481f8d169
[  437.270990][T10552] RDX: 0000000020000000 RSI: 0000400000006040 RDI: 0000000000000004
[  437.270997][T10552] RBP: 00007f1482d46090 R08: 0000000000000000 R09: 0000000000000000
[  437.271003][T10552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  437.271010][T10552] R13: 0000000000000000 R14: 00007f14821a5fa0 R15: 00007ffd1a39b1b8
[  437.271022][T10552]  </TASK>
[  437.508987][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.535542][   T29] audit: type=1400 audit(1741195333.595:2892): avc:  denied  { create } for  pid=10554 comm="syz.9.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  437.555436][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.561698][T10559] netlink: 12 bytes leftover after parsing attributes in process `syz.6.851'.
[  437.585311][   T29] audit: type=1400 audit(1741195333.915:2893): avc:  denied  { module_request } for  pid=10557 comm="syz.6.851" kmod="nfnetlink-subsys-0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  437.607620][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.727800][   T29] audit: type=1400 audit(1741195334.055:2894): avc:  denied  { create } for  pid=10563 comm="syz.8.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  438.574807][   T29] audit: type=1400 audit(1741195334.905:2895): avc:  denied  { write } for  pid=10554 comm="syz.9.850" path="socket:[27123]" dev="sockfs" ino=27123 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  438.602549][ T5950] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  438.884908][T10146] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  438.970334][ T5950] usb 5-1: Using ep0 maxpacket: 32
[  438.989455][ T5950] usb 5-1: config 0 has an invalid interface number: 89 but max is 0
[  439.050571][T10146] usb 2-1: Using ep0 maxpacket: 32
[  439.081543][T10146] usb 2-1: config 0 has an invalid interface number: 209 but max is 0
[  439.183101][ T5950] usb 5-1: config 0 has no interface number 0
[  439.262782][T10146] usb 2-1: config 0 has no interface number 0
[  439.300483][ T5950] usb 5-1: config 0 interface 89 has no altsetting 0
[  439.352983][T10146] usb 2-1: config 0 interface 209 has no altsetting 0
[  439.431017][ T5950] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  439.489568][T10146] usb 2-1: New USB device found, idVendor=0c45, idProduct=62bc, bcdDevice=15.e3
[  439.506085][ T5950] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.620795][T10146] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.629248][T10146] usb 2-1: Product: syz
[  439.654486][ T5950] usb 5-1: Product: syz
[  439.658693][ T5950] usb 5-1: Manufacturer: syz
[  439.663649][T10146] usb 2-1: Manufacturer: syz
[  439.668263][T10146] usb 2-1: SerialNumber: syz
[  439.672946][ T5950] usb 5-1: SerialNumber: syz
[  439.691048][ T5950] usb 5-1: config 0 descriptor??
[  439.701242][T10146] usb 2-1: config 0 descriptor??
[  439.711346][ T5950] em28xx 5-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  439.722715][T10146] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:62bc
[  439.740577][ T5950] em28xx 5-1:0.89: Video interface 89 found: bulk
[  440.013267][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  440.130368][T10607] 9pnet_fd: Insufficient options for proto=fd
[  440.171180][   T29] audit: type=1400 audit(1741195336.425:2896): avc:  denied  { map_read map_write } for  pid=10596 comm="syz.6.859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  440.277547][T10146] gspca_sn9c20x: Write register 1000 failed -110
[  440.367573][ T5950] em28xx 5-1:0.89: unknown em28xx chip ID (0)
[  440.397269][T10146] gspca_sn9c20x: Device initialization failed
[  440.520290][T10146] gspca_sn9c20x 2-1:0.209: probe with driver gspca_sn9c20x failed with error -110
[  440.558791][T10146] usb 2-1: USB disconnect, device number 11
[  440.770264][   T29] audit: type=1400 audit(1741195337.095:2897): avc:  denied  { setopt } for  pid=10611 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  440.931206][   T29] audit: type=1400 audit(1741195337.175:2898): avc:  denied  { create } for  pid=10614 comm="syz.6.861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  441.075620][   T29] audit: type=1400 audit(1741195337.375:2899): avc:  denied  { setopt } for  pid=10614 comm="syz.6.861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  441.196788][ T5867] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  441.264269][ T5950] em28xx 5-1:0.89: board has no eeprom
[  441.383632][   T29] audit: type=1400 audit(1741195337.515:2900): avc:  denied  { bind } for  pid=10614 comm="syz.6.861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  441.594611][ T5867] usb 10-1: device descriptor read/64, error -71
[  441.639666][   T29] audit: type=1400 audit(1741195337.515:2901): avc:  denied  { name_bind } for  pid=10614 comm="syz.6.861" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  441.770730][   T29] audit: type=1400 audit(1741195337.515:2902): avc:  denied  { node_bind } for  pid=10614 comm="syz.6.861" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  441.897532][ T5950] em28xx 5-1:0.89: Identified as Terratec Grabby (card=67)
[  441.929801][ T5950] em28xx 5-1:0.89: analog set to bulk mode.
[  441.966867][ T5916] em28xx 5-1:0.89: Registering V4L2 extension
[  441.970453][ T5867] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  441.995022][ T5950] usb 5-1: USB disconnect, device number 19
[  442.028529][ T5950] em28xx 5-1:0.89: Disconnecting em28xx
[  442.034473][   T29] audit: type=1400 audit(1741195337.515:2903): avc:  denied  { listen } for  pid=10614 comm="syz.6.861" laddr=::1 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  442.334872][ T5916] em28xx 5-1:0.89: Config register raw data: 0xffffffed
[  442.438453][ T5916] em28xx 5-1:0.89: AC97 chip type couldn't be determined
[  442.521620][ T5916] em28xx 5-1:0.89: No AC97 audio processor
[  442.631347][ T5916] usb 5-1: Decoder not found
[  442.648135][ T5916] em28xx 5-1:0.89: failed to create media graph
[  442.686002][ T5916] em28xx 5-1:0.89: V4L2 device video103 deregistered
[  442.743113][ T5916] em28xx 5-1:0.89: Registering snapshot button...
[  442.833131][ T5916] input: em28xx snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.89/input/input14
[  443.076301][T10645] netlink: 8 bytes leftover after parsing attributes in process `syz.6.864'.
[  443.087127][T10645] Cannot find add_set index 0 as target
[  444.005428][T10646] netlink: 64 bytes leftover after parsing attributes in process `syz.9.866'.
[  444.257205][   T29] audit: type=1400 audit(1741195340.315:2904): avc:  denied  { setopt } for  pid=10641 comm="syz.9.866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  444.301401][ T5916] em28xx 5-1:0.89: Remote control support is not available for this card.
[  444.311410][ T5950] em28xx 5-1:0.89: Closing input extension
[  444.318751][ T5950] em28xx 5-1:0.89: Deregistering snapshot button
[  444.492462][T10652] nfs: Unknown parameter 'ntext'
[  444.846227][   T29] audit: type=1400 audit(1741195340.335:2905): avc:  denied  { accept } for  pid=10641 comm="syz.9.866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  445.059458][   T29] audit: type=1400 audit(1741195340.625:2906): avc:  denied  { read } for  pid=5178 comm="acpid" name="event4" dev="devtmpfs" ino=2942 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  445.065819][ T5950] em28xx 5-1:0.89: Freeing device
[  445.440255][ T5950] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  445.640708][ T5950] usb 5-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  445.681726][ T5950] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  445.734319][ T5950] usb 5-1: config 0 descriptor??
[  446.011671][T10673] netlink: 12 bytes leftover after parsing attributes in process `syz.8.870'.
[  446.170569][ T5950] usbhid 5-1:0.0: can't add hid device: -71
[  446.187885][ T5950] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  446.280698][ T5950] usb 5-1: USB disconnect, device number 20
[  447.764379][T10695] capability: warning: `syz.4.873' uses 32-bit capabilities (legacy support in use)
[  447.805202][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  447.805317][   T29] audit: type=1400 audit(1741195344.015:2913): avc:  denied  { connect } for  pid=10686 comm="syz.4.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  448.222664][   T29] audit: type=1400 audit(1741195344.015:2914): avc:  denied  { name_connect } for  pid=10686 comm="syz.4.873" dest=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  448.443322][T10701] tipc: Started in network mode
[  448.461558][T10701] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  448.520020][T10701] tipc: Enabled bearer <udp:syz0>, priority 10
[  448.645906][   T29] audit: type=1400 audit(1741195344.975:2915): avc:  denied  { ioctl } for  pid=10707 comm="syz.8.878" path="socket:[27311]" dev="sockfs" ino=27311 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  449.250263][   T29] audit: type=1400 audit(1741195345.565:2916): avc:  denied  { write } for  pid=10711 comm="syz.1.879" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  449.343691][   T29] audit: type=1400 audit(1741195345.635:2917): avc:  denied  { create } for  pid=10714 comm="syz.9.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  449.437823][   T29] audit: type=1400 audit(1741195345.675:2918): avc:  denied  { execute } for  pid=10714 comm="syz.9.880" path="/18/cpu.stat" dev="tmpfs" ino=122 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  449.462075][   T29] audit: type=1400 audit(1741195345.675:2919): avc:  denied  { setopt } for  pid=10714 comm="syz.9.880" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  449.500950][T10727] netlink: 68 bytes leftover after parsing attributes in process `syz.9.883'.
[  449.520044][ T5867] tipc: Node number set to 4269801488
[  449.531741][T10146] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  449.569683][   T29] audit: type=1400 audit(1741195345.705:2920): avc:  denied  { create } for  pid=10715 comm="syz.4.881" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  449.635168][   T29] audit: type=1400 audit(1741195345.865:2921): avc:  denied  { read } for  pid=10729 comm="syz.4.884" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  449.635215][   T29] audit: type=1400 audit(1741195345.875:2922): avc:  denied  { open } for  pid=10729 comm="syz.4.884" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  449.710288][T10146] usb 2-1: Using ep0 maxpacket: 8
[  449.711815][T10146] usb 2-1: config 223 has an invalid interface descriptor of length 8, skipping
[  449.711839][T10146] usb 2-1: config 223 has an invalid descriptor of length 0, skipping remainder of the config
[  449.711859][T10146] usb 2-1: config 223 has 0 interfaces, different from the descriptor's value: 1
[  449.711890][T10146] usb 2-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=b8.92
[  449.711911][T10146] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.723973][T10146] usb 2-1: rejected 1 configuration due to insufficient available bus power
[  449.724000][T10146] usb 2-1: no configuration chosen from 1 choice
[  450.650797][T10247] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  450.823762][T10247] usb 9-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice= 0.7f
[  450.833148][T10247] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.865140][T10247] usb 9-1: config 0 descriptor??
[  450.875176][T10762] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  451.093312][T10247] usb 9-1: string descriptor 0 read error: -71
[  451.115811][T10247] ldusb 9-1:0.0: Interrupt in endpoint not found
[  451.132930][T10247] usb 9-1: USB disconnect, device number 15
[  451.180718][T10146] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  451.341203][T10146] usb 5-1: Using ep0 maxpacket: 16
[  451.350438][T10146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  451.379637][T10146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  451.399059][T10146] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  451.421284][T10146] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  451.435293][T10146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.459503][T10146] usb 5-1: config 0 descriptor??
[  452.431688][ T5865] usb 2-1: USB disconnect, device number 12
[  452.440979][T10146] microsoft 0003:045E:07DA.0004: ignoring exceeding usage max
[  452.542121][T10146] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0004/input/input15
[  452.634569][T10789] netlink: 'syz.8.894': attribute type 1 has an invalid length.
[  452.756548][T10797] netlink: 8 bytes leftover after parsing attributes in process `syz.8.894'.
[  452.771072][T10146] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  452.799286][T10146] usb 5-1: USB disconnect, device number 21
[  452.890522][T10798] netlink: 8 bytes leftover after parsing attributes in process `syz.8.894'.
[  453.007844][T10789] netlink: 52 bytes leftover after parsing attributes in process `syz.8.894'.
[  453.084737][T10789] vlan2: entered promiscuous mode
[  453.140818][T10789] bond1: (slave vlan2): Opening slave failed
[  453.317836][T10808] netlink: 8 bytes leftover after parsing attributes in process `syz.9.897'.
[  454.027189][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  454.027203][   T29] audit: type=1400 audit(1741195350.345:2927): avc:  denied  { append } for  pid=10812 comm="syz.1.899" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  454.030694][T10814] 9pnet_fd: Insufficient options for proto=fd
[  454.056289][    C1] vkms_vblank_simulate: vblank timer overrun
[  454.056396][   T29] audit: type=1400 audit(1741195350.355:2928): avc:  denied  { mounton } for  pid=10812 comm="syz.1.899" path="/15/file0" dev="tmpfs" ino=112 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  454.206737][T10817] tipc: Started in network mode
[  454.225070][T10817] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  454.227522][T10819] 9pnet_fd: Insufficient options for proto=fd
[  454.440451][T10817] tipc: Enabled bearer <udp:syz0>, priority 10
[  454.780489][T10247] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  454.833174][   T29] audit: type=1400 audit(1741195351.165:2929): avc:  denied  { write } for  pid=10836 comm="syz.9.905" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  454.892511][T10837] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  454.911076][    T8] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  454.931524][T10839] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  454.968487][T10247] usb 2-1: Using ep0 maxpacket: 8
[  455.022350][T10247] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  455.054682][T10247] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  455.065759][    T8] usb 9-1: Using ep0 maxpacket: 8
[  455.084579][    T8] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  455.119212][    T8] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  455.134863][T10247] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.155706][    T8] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.167790][T10247] usb 2-1: config 0 descriptor??
[  455.180078][    T8] usb 9-1: config 0 descriptor??
[  455.380950][T10247] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  455.529050][ T5867] tipc: Node number set to 4269801488
[  455.575613][    T8] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  455.645023][T10850] netlink: 'syz.9.906': attribute type 1 has an invalid length.
[  455.653068][T10850] netlink: 224 bytes leftover after parsing attributes in process `syz.9.906'.
[  456.169162][T10247] usb 9-1: USB disconnect, device number 16
[  456.188433][    T8] usb 2-1: USB disconnect, device number 13
[  456.263368][T10861] ubi31: attaching mtd0
[  456.300011][T10861] ubi31: scanning is finished
[  456.304899][T10861] ubi31: empty MTD device detected
[  457.104873][T10861] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  457.112588][T10861] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  457.120558][T10861] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  457.129491][T10861] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  457.137021][T10861] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  457.143936][T10861] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  457.152070][T10861] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 56982240
[  457.155279][   T29] audit: type=1400 audit(1741195353.485:2930): avc:  denied  { write } for  pid=10864 comm="syz.9.908" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  457.162336][T10861] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  457.229617][T10865] ubi31: background thread "ubi_bgt31d" started, PID 10865
[  457.403430][T10872] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  457.528525][T10875] FAULT_INJECTION: forcing a failure.
[  457.528525][T10875] name failslab, interval 1, probability 0, space 0, times 0
[  457.541473][T10875] CPU: 1 UID: 0 PID: 10875 Comm: syz.9.908 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  457.541496][T10875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  457.541507][T10875] Call Trace:
[  457.541513][T10875]  <TASK>
[  457.541521][T10875]  dump_stack_lvl+0x16c/0x1f0
[  457.541550][T10875]  should_fail_ex+0x50a/0x650
[  457.541577][T10875]  ? fs_reclaim_acquire+0xae/0x150
[  457.541604][T10875]  ? tomoyo_realpath_from_path+0xb9/0x720
[  457.541630][T10875]  should_failslab+0xc2/0x120
[  457.541651][T10875]  __kmalloc_noprof+0xcb/0x510
[  457.541670][T10875]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  457.541706][T10875]  tomoyo_realpath_from_path+0xb9/0x720
[  457.541732][T10875]  ? tomoyo_path_number_perm+0x235/0x590
[  457.541756][T10875]  ? tomoyo_path_number_perm+0x235/0x590
[  457.541782][T10875]  tomoyo_path_number_perm+0x248/0x590
[  457.541803][T10875]  ? tomoyo_path_number_perm+0x235/0x590
[  457.541829][T10875]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  457.541862][T10875]  ? __pfx___schedule+0x10/0x10
[  457.541899][T10875]  ? irqentry_exit+0x3b/0x90
[  457.541919][T10875]  ? lockdep_hardirqs_on+0x7c/0x110
[  457.541949][T10875]  ? __x64_sys_ioctl+0x94/0x200
[  457.541973][T10875]  ? security_file_ioctl+0x18/0x240
[  457.542001][T10875]  security_file_ioctl+0x9b/0x240
[  457.542027][T10875]  __x64_sys_ioctl+0xb7/0x200
[  457.542053][T10875]  do_syscall_64+0xcd/0x250
[  457.542078][T10875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.542103][T10875] RIP: 0033:0x7f351058d169
[  457.542118][T10875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  457.542135][T10875] RSP: 002b:00007f350e3b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  457.542152][T10875] RAX: ffffffffffffffda RBX: 00007f35107a6160 RCX: 00007f351058d169
[  457.542164][T10875] RDX: 0000000000000000 RSI: 0000000000007003 RDI: 0000000000000008
[  457.542175][T10875] RBP: 00007f350e3b4090 R08: 0000000000000000 R09: 0000000000000000
[  457.542186][T10875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  457.542197][T10875] R13: 0000000000000000 R14: 00007f35107a6160 R15: 00007ffce1be70c8
[  457.542224][T10875]  </TASK>
[  457.542250][T10875] ERROR: Out of memory at tomoyo_realpath_from_path.
[  457.772907][   T29] audit: type=1400 audit(1741195354.095:2931): avc:  denied  { ioctl } for  pid=10864 comm="syz.9.908" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x7003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  458.795297][T10896] sp0: Synchronizing with TNC
[  459.072037][   T29] audit: type=1400 audit(1741195355.205:2932): avc:  denied  { create } for  pid=10879 comm="syz.8.910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  459.773206][   T29] audit: type=1400 audit(1741195356.085:2933): avc:  denied  { bind } for  pid=10904 comm="syz.4.916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  459.924377][   T29] audit: type=1400 audit(1741195356.135:2934): avc:  denied  { create } for  pid=10899 comm="syz.8.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  459.925585][T10894] nfs: Unknown parameter 'ntext'
[  459.955131][   T29] audit: type=1400 audit(1741195356.135:2935): avc:  denied  { setopt } for  pid=10899 comm="syz.8.915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  460.548111][   T29] audit: type=1400 audit(1741195356.145:2936): avc:  denied  { write } for  pid=10904 comm="syz.4.916" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  460.636550][   T29] audit: type=1400 audit(1741195356.145:2937): avc:  denied  { open } for  pid=10904 comm="syz.4.916" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  460.828425][   T29] audit: type=1400 audit(1741195356.955:2938): avc:  denied  { getopt } for  pid=10899 comm="syz.8.915" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  461.553414][T10247] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  461.768694][T10927] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64
[  461.776448][T10927] audit: out of memory in audit_log_start
[  461.910543][T10247] usb 10-1: device not accepting address 7, error -71
[  462.830331][   T29] audit: type=1400 audit(1741195359.155:2939): avc:  denied  { ioctl } for  pid=10932 comm="syz.1.921" path="socket:[28169]" dev="sockfs" ino=28169 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  462.974436][T10942] netlink: 8 bytes leftover after parsing attributes in process `syz.8.924'.
[  463.131330][T10947] netlink: 8 bytes leftover after parsing attributes in process `syz.8.924'.
[  463.191474][T10942] netlink: 36 bytes leftover after parsing attributes in process `syz.8.924'.
[  463.742877][T10947] netlink: 36 bytes leftover after parsing attributes in process `syz.8.924'.
[  463.951358][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.1.925'.
[  464.142262][ T5950] usb 10-1: new full-speed USB device number 9 using dummy_hcd
[  464.180119][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  464.180134][   T29] audit: type=1400 audit(1741195360.505:2944): avc:  denied  { bind } for  pid=10963 comm="syz.1.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  464.753363][ T5950] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  465.610810][ T5950] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  465.635839][ T5950] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  465.645988][ T5950] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  466.299795][ T5950] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  466.347283][ T5950] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  466.356697][ T5916] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  466.392598][T10983] netlink: 56 bytes leftover after parsing attributes in process `syz.1.932'.
[  466.480704][ T5950] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  466.488830][ T5950] usb 10-1: Product: syz
[  466.504783][ T5950] usb 10-1: Manufacturer: syz
[  466.520649][T10983] netlink: 24 bytes leftover after parsing attributes in process `syz.1.932'.
[  466.534112][ T5950] cdc_wdm 10-1:1.0: skipping garbage
[  466.539432][ T5950] cdc_wdm 10-1:1.0: skipping garbage
[  466.564792][ T5916] usb 9-1: config index 0 descriptor too short (expected 9, got 0)
[  466.724298][T10990] syz_tun: entered allmulticast mode
[  466.761514][ T5950] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  466.766986][T10990] syz_tun: left allmulticast mode
[  466.767616][ T5916] usb 9-1: can't read configurations, error -22
[  466.793420][ T5950] cdc_wdm 10-1:1.0: Unknown control protocol
[  466.810597][ T5950] usb 10-1: USB disconnect, device number 9
[  466.987083][ T5916] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  467.686345][   T29] audit: type=1400 audit(1741195364.015:2945): avc:  denied  { map } for  pid=10999 comm="syz.6.937" path="socket:[28873]" dev="sockfs" ino=28873 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  467.786865][   T29] audit: type=1400 audit(1741195364.115:2946): avc:  denied  { lock } for  pid=10999 comm="syz.6.937" path="socket:[28875]" dev="sockfs" ino=28875 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  467.950420][ T5916] usb 9-1: device descriptor read/64, error -71
[  468.060454][ T5916] usb usb9-port1: attempt power cycle
[  468.068210][   T29] audit: type=1400 audit(1741195364.395:2947): avc:  denied  { read write } for  pid=11016 comm="syz.9.938" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  468.071067][T11017] loop6: detected capacity change from 0 to 524287999
[  468.120117][T11020] netlink: 12 bytes leftover after parsing attributes in process `syz.6.940'.
[  468.188521][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.197888][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.268357][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.277533][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.516551][   T29] audit: type=1400 audit(1741195364.395:2948): avc:  denied  { open } for  pid=11016 comm="syz.9.938" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  468.553268][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.580186][    C0] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.589679][ T5916] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  468.597904][ T5988] loop: Write error at byte offset 129, length 4096.
[  468.605009][   T29] audit: type=1400 audit(1741195364.395:2949): avc:  denied  { append } for  pid=11016 comm="syz.9.938" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  468.625353][    C1] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0
[  468.638096][    C1] Buffer I/O error on dev loop6, logical block 0, lost async page write
[  468.646591][    C1] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.655818][    C1] Buffer I/O error on dev loop6, logical block 1, async page read
[  468.667948][T11017] Dev loop6: unable to read RDB block 8
[  468.680838][    C0] I/O error, dev loop6, sector 24 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.680871][    C0] Buffer I/O error on dev loop6, logical block 3, async page read
[  468.681848][T11017]  loop6: unable to read partition table
[  468.682063][T11017] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  468.693487][ T5916] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  468.693522][ T5916] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  468.693555][ T5916] usb 9-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  468.693579][ T5916] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.695314][ T5916] usb 9-1: config 0 descriptor??
[  468.699977][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.700019][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.700375][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.700402][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.700556][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  468.700586][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.700732][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.700875][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  468.701352][ T5193] ldm_validate_partition_table(): Disk read failed.
[  468.701910][ T5193] Dev loop6: unable to read RDB block 0
[  468.702652][ T5193]  loop6: unable to read partition table
[  468.783305][   T29] audit: type=1400 audit(1741195364.635:2950): avc:  denied  { create } for  pid=11014 comm="syz.1.939" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  468.783348][   T29] audit: type=1400 audit(1741195364.925:2951): avc:  denied  { write } for  pid=11016 comm="syz.9.938" path="socket:[28272]" dev="sockfs" ino=28272 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  469.094396][T11039] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  469.710296][ T5916] usbhid 9-1:0.0: can't add hid device: -71
[  469.710388][ T5916] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  469.732206][ T5916] usb 9-1: USB disconnect, device number 19
[  470.053511][    C1] vkms_vblank_simulate: vblank timer overrun
[  470.180462][T11024] tty tty1: ldisc open failed (-12), clearing slot 0
[  470.572006][T11052] 8021q: adding VLAN 0 to HW filter on device bond1
[  470.590219][T11056] netlink: 60 bytes leftover after parsing attributes in process `syz.6.944'.
[  470.843131][T11065] netlink: 56 bytes leftover after parsing attributes in process `syz.8.946'.
[  470.989037][T11065] netlink: 24 bytes leftover after parsing attributes in process `syz.8.946'.
[  471.750254][   T29] audit: type=1400 audit(1741195368.075:2952): avc:  denied  { read write } for  pid=11073 comm="syz.9.947" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  471.754212][T11076] ipt_rpfilter: unknown options
[  471.858295][   T29] audit: type=1400 audit(1741195368.075:2953): avc:  denied  { open } for  pid=11073 comm="syz.9.947" path="/dev/input/event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  471.969995][   T29] audit: type=1400 audit(1741195368.295:2954): avc:  denied  { create } for  pid=11081 comm="syz.1.950" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  472.074686][T11089] FAULT_INJECTION: forcing a failure.
[  472.074686][T11089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  472.096203][T10247] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  472.213598][T11089] CPU: 0 UID: 0 PID: 11089 Comm: syz.1.950 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  472.213626][T11089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  472.213636][T11089] Call Trace:
[  472.213642][T11089]  <TASK>
[  472.213649][T11089]  dump_stack_lvl+0x16c/0x1f0
[  472.213677][T11089]  should_fail_ex+0x50a/0x650
[  472.213709][T11089]  _copy_to_user+0x32/0xd0
[  472.213731][T11089]  simple_read_from_buffer+0xd0/0x160
[  472.213760][T11089]  proc_fail_nth_read+0x198/0x270
[  472.213785][T11089]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  472.213812][T11089]  ? rw_verify_area+0xcf/0x680
[  472.213837][T11089]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  472.213862][T11089]  vfs_read+0x1df/0xbf0
[  472.213893][T11089]  ? __fget_files+0x1fc/0x3a0
[  472.213912][T11089]  ? __pfx___mutex_lock+0x10/0x10
[  472.213937][T11089]  ? __pfx_vfs_read+0x10/0x10
[  472.213970][T11089]  ? __fget_files+0x206/0x3a0
[  472.213996][T11089]  ksys_read+0x12b/0x250
[  472.214022][T11089]  ? __pfx_ksys_read+0x10/0x10
[  472.214055][T11089]  do_syscall_64+0xcd/0x250
[  472.214079][T11089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.214104][T11089] RIP: 0033:0x7f1481f8bb7c
[  472.214119][T11089] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  472.214136][T11089] RSP: 002b:00007f1482d25030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  472.214153][T11089] RAX: ffffffffffffffda RBX: 00007f14821a6080 RCX: 00007f1481f8bb7c
[  472.214166][T11089] RDX: 000000000000000f RSI: 00007f1482d250a0 RDI: 0000000000000006
[  472.214177][T11089] RBP: 00007f1482d25090 R08: 0000000000000000 R09: 0000000000000000
[  472.214188][T11089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  472.214199][T11089] R13: 0000000000000001 R14: 00007f14821a6080 R15: 00007ffd1a39b1b8
[  472.214224][T11089]  </TASK>
[  473.399956][   T29] audit: type=1400 audit(1741195369.095:2955): avc:  denied  { connect } for  pid=11073 comm="syz.9.947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  473.469344][T10247] usb 7-1: Using ep0 maxpacket: 32
[  473.477016][   T29] audit: type=1400 audit(1741195369.725:2956): avc:  denied  { write } for  pid=5175 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  473.518135][T10247] usb 7-1: unable to get BOS descriptor or descriptor too short
[  473.699012][   T29] audit: type=1400 audit(1741195369.725:2957): avc:  denied  { remove_name } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  473.726345][   T29] audit: type=1400 audit(1741195369.725:2958): avc:  denied  { rename } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  474.053983][T10247] usb 7-1: unable to read config index 0 descriptor/start: -71
[  474.061726][T10247] usb 7-1: can't read configurations, error -71
[  474.670323][   T29] audit: type=1400 audit(1741195369.725:2959): avc:  denied  { add_name } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  474.694199][T11104] FAULT_INJECTION: forcing a failure.
[  474.694199][T11104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.783669][T11104] CPU: 0 UID: 0 PID: 11104 Comm: syz.1.955 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  474.783703][T11104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  474.783713][T11104] Call Trace:
[  474.783719][T11104]  <TASK>
[  474.783727][T11104]  dump_stack_lvl+0x16c/0x1f0
[  474.783756][T11104]  should_fail_ex+0x50a/0x650
[  474.783788][T11104]  _copy_from_user+0x2e/0xd0
[  474.783811][T11104]  move_addr_to_kernel+0x68/0x160
[  474.783834][T11104]  __sys_bind+0x11c/0x260
[  474.783856][T11104]  ? __pfx___sys_bind+0x10/0x10
[  474.783875][T11104]  ? __fget_files+0x206/0x3a0
[  474.783903][T11104]  ? __pfx_ksys_write+0x10/0x10
[  474.783936][T11104]  __x64_sys_bind+0x72/0xb0
[  474.783955][T11104]  ? lockdep_hardirqs_on+0x7c/0x110
[  474.783976][T11104]  do_syscall_64+0xcd/0x250
[  474.784001][T11104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.784026][T11104] RIP: 0033:0x7f1481f8d169
[  474.784042][T11104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.784059][T11104] RSP: 002b:00007f1482d46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  474.784077][T11104] RAX: ffffffffffffffda RBX: 00007f14821a5fa0 RCX: 00007f1481f8d169
[  474.784090][T11104] RDX: 0000000000000010 RSI: 00004000000001c0 RDI: 0000000000000003
[  474.784102][T11104] RBP: 00007f1482d46090 R08: 0000000000000000 R09: 0000000000000000
[  474.784113][T11104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.784124][T11104] R13: 0000000000000000 R14: 00007f14821a5fa0 R15: 00007ffd1a39b1b8
[  474.784150][T11104]  </TASK>
[  475.185592][   T29] audit: type=1400 audit(1741195369.725:2960): avc:  denied  { unlink } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  475.316188][   T29] audit: type=1400 audit(1741195369.725:2961): avc:  denied  { create } for  pid=5175 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  475.370997][T11116] trusted_key: encrypted_key: insufficient parameters specified
[  475.440243][   T54] Bluetooth: hci4: command tx timeout
[  476.028934][T11132] nfs: Unknown parameter 'ntext'
[  476.278789][T11133] x_tables: ip_tables: osf match: only valid for protocol 6
[  476.338707][T11124] 8021q: adding VLAN 0 to HW filter on device bond2
[  476.552758][ T5867] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  476.591446][T11130] @: renamed from vlan0 (while UP)
[  476.875265][T11144] netlink: 5 bytes leftover after parsing attributes in process `syz.4.962'.
[  477.081061][ T5867] usb 2-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  477.098193][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.319563][T11152] FAULT_INJECTION: forcing a failure.
[  477.319563][T11152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  477.319747][T11152] CPU: 1 UID: 0 PID: 11152 Comm: syz.6.964 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  477.319771][T11152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  477.319783][T11152] Call Trace:
[  477.319789][T11152]  <TASK>
[  477.319797][T11152]  dump_stack_lvl+0x16c/0x1f0
[  477.319826][T11152]  should_fail_ex+0x50a/0x650
[  477.319858][T11152]  _copy_to_user+0x32/0xd0
[  477.319880][T11152]  snd_pcm_oss_read2+0x292/0x3e0
[  477.319904][T11152]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  477.319933][T11152]  snd_pcm_oss_read+0x5a3/0x750
[  477.319957][T11152]  ? rw_verify_area+0xcf/0x680
[  477.319983][T11152]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  477.320005][T11152]  vfs_read+0x1df/0xbf0
[  477.320032][T11152]  ? __fget_files+0x1fc/0x3a0
[  477.320050][T11152]  ? __pfx_lock_release+0x10/0x10
[  477.320076][T11152]  ? __pfx_vfs_read+0x10/0x10
[  477.320104][T11152]  ? lock_acquire+0x2f/0xb0
[  477.320127][T11152]  ? __fget_files+0x40/0x3a0
[  477.320151][T11152]  ? __fget_files+0x206/0x3a0
[  477.320174][T11152]  ksys_read+0x12b/0x250
[  477.320198][T11152]  ? __pfx_ksys_read+0x10/0x10
[  477.320232][T11152]  do_syscall_64+0xcd/0x250
[  477.320259][T11152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.320284][T11152] RIP: 0033:0x7f61ac58d169
[  477.320305][T11152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.320323][T11152] RSP: 002b:00007f61ad3f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  477.320341][T11152] RAX: ffffffffffffffda RBX: 00007f61ac7a6160 RCX: 00007f61ac58d169
[  477.320354][T11152] RDX: 000000000000004f RSI: 0000400000000300 RDI: 0000000000000003
[  477.320366][T11152] RBP: 00007f61ad3f9090 R08: 0000000000000000 R09: 0000000000000000
[  477.320377][T11152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.320388][T11152] R13: 0000000000000000 R14: 00007f61ac7a6160 R15: 00007ffd7c3410f8
[  477.320414][T11152]  </TASK>
[  478.077951][ T5867] usb 2-1: config 0 descriptor??
[  478.849364][ T5867] usbhid 2-1:0.0: can't add hid device: -71
[  478.849453][ T5867] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  478.860561][ T5867] usb 2-1: USB disconnect, device number 14
[  479.052497][T11164] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  479.052534][T11164] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  479.430404][T10146] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  479.594149][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  479.594165][   T29] audit: type=1400 audit(1741195375.915:2969): avc:  denied  { bind } for  pid=11167 comm="syz.1.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  479.603640][T10146] usb 7-1: Using ep0 maxpacket: 32
[  479.607739][T10146] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[  479.607767][T10146] usb 7-1: config 0 has no interface number 0
[  479.607804][T10146] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  479.607831][T10146] usb 7-1: config 0 interface 85 has no altsetting 0
[  479.615925][T10146] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  479.615955][T10146] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.615977][T10146] usb 7-1: Product: syz
[  479.615993][T10146] usb 7-1: Manufacturer: syz
[  479.616009][T10146] usb 7-1: SerialNumber: syz
[  479.626884][T10146] usb 7-1: config 0 descriptor??
[  479.940765][   T29] audit: type=1400 audit(1741195376.245:2970): avc:  denied  { read } for  pid=11167 comm="syz.1.968" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  479.940896][   T29] audit: type=1400 audit(1741195376.245:2971): avc:  denied  { open } for  pid=11167 comm="syz.1.968" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  479.940999][   T29] audit: type=1400 audit(1741195376.255:2972): avc:  denied  { create } for  pid=11167 comm="syz.1.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  479.941066][   T29] audit: type=1400 audit(1741195376.265:2973): avc:  denied  { ioctl } for  pid=11167 comm="syz.1.968" path="/dev/dri/card1" dev="devtmpfs" ino=628 ioctlcmd=0x64ce scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  480.658701][T11187] FAULT_INJECTION: forcing a failure.
[  480.658701][T11187] name failslab, interval 1, probability 0, space 0, times 0
[  480.658762][T11187] CPU: 1 UID: 0 PID: 11187 Comm: syz.1.971 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  480.658783][T11187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  480.658794][T11187] Call Trace:
[  480.658799][T11187]  <TASK>
[  480.658807][T11187]  dump_stack_lvl+0x16c/0x1f0
[  480.658834][T11187]  should_fail_ex+0x50a/0x650
[  480.658865][T11187]  should_failslab+0xc2/0x120
[  480.658888][T11187]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  480.658908][T11187]  ? skb_clone+0x190/0x3f0
[  480.658938][T11187]  skb_clone+0x190/0x3f0
[  480.658963][T11187]  netlink_deliver_tap+0xabd/0xd30
[  480.658993][T11187]  netlink_unicast+0x5e1/0x7f0
[  480.659020][T11187]  ? __pfx_netlink_unicast+0x10/0x10
[  480.659051][T11187]  netlink_sendmsg+0x8b8/0xd70
[  480.659086][T11187]  ? __pfx_netlink_sendmsg+0x10/0x10
[  480.659118][T11187]  ____sys_sendmsg+0xaaf/0xc90
[  480.659136][T11187]  ? copy_msghdr_from_user+0x10b/0x160
[  480.659161][T11187]  ? __pfx_____sys_sendmsg+0x10/0x10
[  480.659193][T11187]  ___sys_sendmsg+0x135/0x1e0
[  480.659220][T11187]  ? __pfx____sys_sendmsg+0x10/0x10
[  480.659256][T11187]  ? __pfx_lock_release+0x10/0x10
[  480.659281][T11187]  ? trace_lock_acquire+0x14e/0x1f0
[  480.659311][T11187]  ? __fget_files+0x206/0x3a0
[  480.659335][T11187]  __sys_sendmsg+0x16e/0x220
[  480.659360][T11187]  ? __pfx___sys_sendmsg+0x10/0x10
[  480.659400][T11187]  do_syscall_64+0xcd/0x250
[  480.659424][T11187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.659448][T11187] RIP: 0033:0x7f1481f8d169
[  480.659464][T11187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.659480][T11187] RSP: 002b:00007f1482d46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  480.659497][T11187] RAX: ffffffffffffffda RBX: 00007f14821a5fa0 RCX: 00007f1481f8d169
[  480.659509][T11187] RDX: 0000000000000000 RSI: 0000400000000240 RDI: 0000000000000003
[  480.659520][T11187] RBP: 00007f1482d46090 R08: 0000000000000000 R09: 0000000000000000
[  480.659531][T11187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.659542][T11187] R13: 0000000000000000 R14: 00007f14821a5fa0 R15: 00007ffd1a39b1b8
[  480.659568][T11187]  </TASK>
[  480.874938][T11193] netlink: 56 bytes leftover after parsing attributes in process `syz.8.973'.
[  480.875051][T11193] netlink: 16 bytes leftover after parsing attributes in process `syz.8.973'.
[  481.060742][T11198] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 3, id = 0
[  481.690302][ T5867] usb 9-1: new high-speed USB device number 20 using dummy_hcd
[  481.759914][T11206] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  481.848262][ T5867] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  481.848296][ T5867] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.869872][T10146] appletouch 7-1:0.85: Failed to request geyser raw mode
[  481.869986][T10146] appletouch 7-1:0.85: probe with driver appletouch failed with error -5
[  481.873701][T10146] usb 7-1: USB disconnect, device number 11
[  481.881113][ T5867] usb 9-1: config 0 descriptor??
[  481.886180][ T5867] cp210x 9-1:0.0: cp210x converter detected
[  482.133074][   T29] audit: type=1400 audit(1741195378.465:2974): avc:  denied  { ioctl } for  pid=11200 comm="syz.8.975" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  482.138950][ T5867] cp210x 9-1:0.0: failed to get vendor val 0x370b size 1: -121
[  482.138996][ T5867] cp210x 9-1:0.0: querying part number failed
[  482.145536][   T29] audit: type=1400 audit(1741195378.475:2975): avc:  denied  { append } for  pid=5175 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  482.167278][ T5867] usb 9-1: cp210x converter now attached to ttyUSB0
[  482.172335][   T29] audit: type=1400 audit(1741195378.505:2976): avc:  denied  { read write } for  pid=9961 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  482.172377][   T29] audit: type=1400 audit(1741195378.505:2977): avc:  denied  { open } for  pid=9961 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  482.172411][   T29] audit: type=1400 audit(1741195378.505:2978): avc:  denied  { ioctl } for  pid=9961 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  482.979417][ T5867] usb 9-1: USB disconnect, device number 20
[  482.991214][ T5867] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  482.993039][ T5867] cp210x 9-1:0.0: device disconnected
[  483.981272][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  483.981337][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  483.981913][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  483.989694][T11236] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  484.085079][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.089338][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.092808][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.093280][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.093754][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.094193][T11236] virt_wifi0 speed is unknown, defaulting to 1000
[  484.227591][    C0] vkms_vblank_simulate: vblank timer overrun
[  484.330496][T10146] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  484.500610][T10146] usb 7-1: Using ep0 maxpacket: 16
[  484.513025][T10146] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  484.527872][T11251] netlink: 56 bytes leftover after parsing attributes in process `syz.8.985'.
[  484.550275][T10146] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.597932][T11251] netlink: 16 bytes leftover after parsing attributes in process `syz.8.985'.
[  484.718697][   T29] kauditd_printk_skb: 57 callbacks suppressed
[  484.718715][   T29] audit: type=1400 audit(1741195381.045:3036): avc:  denied  { name_bind } for  pid=11219 comm="syz.1.979" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  484.746645][    C0] vkms_vblank_simulate: vblank timer overrun
[  485.000321][   T29] audit: type=1400 audit(1741195381.045:3037): avc:  denied  { node_bind } for  pid=11219 comm="syz.1.979" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  485.405070][   T29] audit: type=1400 audit(1741195381.685:3038): avc:  denied  { unmount } for  pid=10052 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  485.529277][T10146] usb 7-1: Product: syz
[  485.534060][T10146] usb 7-1: Manufacturer: syz
[  485.540195][T10146] usb 7-1: SerialNumber: syz
[  485.551045][T10146] usb 7-1: config 0 descriptor??
[  485.657147][   T29] audit: type=1400 audit(1741195381.895:3039): avc:  denied  { create } for  pid=11262 comm="syz.8.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  486.370470][   T29] audit: type=1400 audit(1741195381.895:3040): avc:  denied  { setopt } for  pid=11262 comm="syz.8.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  486.443664][   T29] audit: type=1400 audit(1741195381.895:3041): avc:  denied  { read write } for  pid=11262 comm="syz.8.986" name="video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  486.515732][   T29] audit: type=1400 audit(1741195381.895:3042): avc:  denied  { open } for  pid=11262 comm="syz.8.986" path="/dev/video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  486.577062][T10146] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  486.720472][   T29] audit: type=1400 audit(1741195381.895:3043): avc:  denied  { ioctl } for  pid=11262 comm="syz.8.986" path="/dev/video1" dev="devtmpfs" ino=931 ioctlcmd=0x563c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  486.750935][   T29] audit: type=1400 audit(1741195381.955:3044): avc:  denied  { create } for  pid=11262 comm="syz.8.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  486.770706][   T29] audit: type=1400 audit(1741195381.955:3045): avc:  denied  { connect } for  pid=11262 comm="syz.8.986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  486.798797][T11276] netlink: 68 bytes leftover after parsing attributes in process `syz.8.989'.
[  486.846645][T10146] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  486.883164][T10146] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  486.910071][T10146] usb 7-1: media controller created
[  487.034548][T11288] FAULT_INJECTION: forcing a failure.
[  487.034548][T11288] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  487.100544][T10146] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  487.126561][T11288] CPU: 1 UID: 0 PID: 11288 Comm: syz.9.991 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  487.126587][T11288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  487.126597][T11288] Call Trace:
[  487.126602][T11288]  <TASK>
[  487.126610][T11288]  dump_stack_lvl+0x16c/0x1f0
[  487.126637][T11288]  should_fail_ex+0x50a/0x650
[  487.126662][T11288]  ? __pfx___might_resched+0x10/0x10
[  487.126692][T11288]  should_fail_alloc_page+0xe7/0x130
[  487.126715][T11288]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  487.126742][T11288]  ? __pfx_mark_lock+0x10/0x10
[  487.126770][T11288]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  487.126792][T11288]  ? __pfx_mark_lock+0x10/0x10
[  487.126820][T11288]  ? hlock_class+0x4e/0x130
[  487.126841][T11288]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  487.126880][T11288]  ? __pfx___lock_acquire+0x10/0x10
[  487.126908][T11288]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  487.126938][T11288]  ? policy_nodemask+0xea/0x4e0
[  487.126961][T11288]  alloc_pages_mpol+0x1fc/0x540
[  487.126981][T11288]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  487.126999][T11288]  ? __pfx_lock_release+0x10/0x10
[  487.127022][T11288]  ? do_raw_spin_lock+0x12d/0x2c0
[  487.127039][T11288]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  487.127058][T11288]  alloc_pages_noprof+0x131/0x390
[  487.127079][T11288]  __pmd_alloc+0x3f/0x870
[  487.127108][T11288]  __handle_mm_fault+0x9fb/0x2c60
[  487.127135][T11288]  ? __pfx___handle_mm_fault+0x10/0x10
[  487.127153][T11288]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  487.127195][T11288]  ? find_vma+0xc0/0x140
[  487.127218][T11288]  ? __pfx_find_vma+0x10/0x10
[  487.127246][T11288]  handle_mm_fault+0x3fa/0xaa0
[  487.127271][T11288]  do_user_addr_fault+0x7a3/0x13f0
[  487.127304][T11288]  exc_page_fault+0x5c/0xc0
[  487.127326][T11288]  asm_exc_page_fault+0x26/0x30
[  487.127350][T11288] RIP: 0010:rep_movs_alternative+0x30/0x70
[  487.127378][T11288] Code: f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08
[  487.127395][T11288] RSP: 0018:ffffc900032e7b58 EFLAGS: 00050202
[  487.127411][T11288] RAX: 0000000000000001 RBX: 0000400000000100 RCX: 0000000000000018
[  487.127423][T11288] RDX: fffff5200065cf85 RSI: 0000400000000100 RDI: ffffc900032e7c10
[  487.127436][T11288] RBP: 0000000000000018 R08: 0000000000000001 R09: fffff5200065cf84
[  487.127447][T11288] R10: ffffc900032e7c27 R11: 0000000000000000 R12: 0000000000000000
[  487.127458][T11288] R13: ffffc900032e7c10 R14: 00000000800452d3 R15: 0000400000000100
[  487.127486][T11288]  _copy_from_user+0x98/0xd0
[  487.127507][T11288]  rfcomm_dev_ioctl+0x350/0x1ca0
[  487.127535][T11288]  ? __pfx_rfcomm_dev_ioctl+0x10/0x10
[  487.127560][T11288]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  487.127593][T11288]  rfcomm_sock_ioctl+0xaa/0xd0
[  487.127620][T11288]  sock_do_ioctl+0x116/0x280
[  487.127641][T11288]  ? __pfx_sock_do_ioctl+0x10/0x10
[  487.127666][T11288]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  487.127695][T11288]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  487.127725][T11288]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  487.127757][T11288]  sock_ioctl+0x228/0x6c0
[  487.127778][T11288]  ? __pfx_sock_ioctl+0x10/0x10
[  487.127805][T11288]  ? selinux_file_ioctl+0x180/0x270
[  487.127830][T11288]  ? selinux_file_ioctl+0xb4/0x270
[  487.127865][T11288]  ? __pfx_sock_ioctl+0x10/0x10
[  487.127886][T11288]  __x64_sys_ioctl+0x190/0x200
[  487.127914][T11288]  do_syscall_64+0xcd/0x250
[  487.127939][T11288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.127962][T11288] RIP: 0033:0x7f351058d169
[  487.127978][T11288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  487.127994][T11288] RSP: 002b:00007f350e3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  487.128010][T11288] RAX: ffffffffffffffda RBX: 00007f35107a5fa0 RCX: 00007f351058d169
[  487.128021][T11288] RDX: 0000400000000100 RSI: 00000000800452d3 RDI: 0000000000000004
[  487.128032][T11288] RBP: 00007f350e3f6090 R08: 0000000000000000 R09: 0000000000000000
[  487.128043][T11288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.128053][T11288] R13: 0000000000000000 R14: 00007f35107a5fa0 R15: 00007ffce1be70c8
[  487.128075][T11288]  </TASK>
[  488.130081][T10146] zl10353_read_register: readreg error (reg=127, ret==0)
[  488.140224][T10146] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  488.148143][T10146] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  488.221199][ T5865] usb 7-1: USB disconnect, device number 12
[  488.280307][ T5865] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  488.636850][ T5867] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  489.109235][T11310] can0: slcan on ttyS3.
[  489.682885][ T5867] usb 5-1: Using ep0 maxpacket: 32
[  489.705998][ T5867] usb 5-1: config 0 has an invalid interface number: 89 but max is 0
[  489.937881][ T5867] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  489.970228][ T5867] usb 5-1: config 0 has no interface number 0
[  489.976368][ T5867] usb 5-1: config 0 interface 89 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  490.012186][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  490.012202][   T29] audit: type=1400 audit(1741195386.345:3074): avc:  denied  { write } for  pid=11313 comm="syz.6.996" laddr=::ffff:127.0.0.1 lport=5 faddr=::ffff:127.0.0.1 fport=24099 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  490.046754][ T5867] usb 5-1: config 0 interface 89 has no altsetting 0
[  490.851488][   T29] audit: type=1400 audit(1741195386.795:3075): avc:  denied  { write } for  pid=11313 comm="syz.6.996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  490.885901][   T29] audit: type=1400 audit(1741195386.805:3076): avc:  denied  { read } for  pid=11313 comm="syz.6.996" path="socket:[28621]" dev="sockfs" ino=28621 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  490.930806][ T5867] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  490.939886][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  490.957750][T11323] netlink: 5 bytes leftover after parsing attributes in process `syz.9.997'.
[  491.018600][   T29] audit: type=1400 audit(1741195387.285:3077): avc:  denied  { read } for  pid=11316 comm="syz.9.997" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  491.042234][ T5867] usb 5-1: Product: syz
[  491.046421][ T5867] usb 5-1: Manufacturer: syz
[  491.100258][ T5867] usb 5-1: SerialNumber: syz
[  491.122037][T11292] can0 (unregistered): slcan off ttyS3.
[  491.141128][ T5867] usb 5-1: config 0 descriptor??
[  491.143136][   T29] audit: type=1400 audit(1741195387.285:3078): avc:  denied  { open } for  pid=11316 comm="syz.9.997" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  491.143238][   T29] audit: type=1400 audit(1741195387.415:3079): avc:  denied  { read } for  pid=5487 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=1
[  491.143271][   T29] audit: type=1400 audit(1741195387.425:3080): avc:  denied  { read write } for  pid=11316 comm="syz.9.997" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  491.143303][   T29] audit: type=1400 audit(1741195387.425:3081): avc:  denied  { open } for  pid=11316 comm="syz.9.997" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  491.143339][   T29] audit: type=1400 audit(1741195387.425:3082): avc:  denied  { mounton } for  pid=11316 comm="syz.9.997" path="/41/file0" dev="tmpfs" ino=250 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  491.143371][   T29] audit: type=1400 audit(1741195387.425:3083): avc:  denied  { mount } for  pid=11316 comm="syz.9.997" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  491.145461][ T5867] em28xx 5-1:0.89: audio device (0ccd:10af): interface 89, class 1
[  491.573170][    C1] vkms_vblank_simulate: vblank timer overrun
[  491.628983][T11342] FAULT_INJECTION: forcing a failure.
[  491.628983][T11342] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  491.629045][T11342] CPU: 1 UID: 0 PID: 11342 Comm: syz.8.1002 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  491.629068][T11342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  491.629079][T11342] Call Trace:
[  491.629084][T11342]  <TASK>
[  491.629091][T11342]  dump_stack_lvl+0x16c/0x1f0
[  491.629119][T11342]  should_fail_ex+0x50a/0x650
[  491.629151][T11342]  _copy_from_user+0x2e/0xd0
[  491.629171][T11342]  move_addr_to_kernel+0x68/0x160
[  491.629194][T11342]  __sys_connect+0xb0/0x170
[  491.629216][T11342]  ? __pfx___sys_connect+0x10/0x10
[  491.629256][T11342]  __x64_sys_connect+0x72/0xb0
[  491.629277][T11342]  ? lockdep_hardirqs_on+0x7c/0x110
[  491.629299][T11342]  do_syscall_64+0xcd/0x250
[  491.629328][T11342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.629353][T11342] RIP: 0033:0x7fd047d8d169
[  491.629368][T11342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.629386][T11342] RSP: 002b:00007fd048b3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  491.629405][T11342] RAX: ffffffffffffffda RBX: 00007fd047fa6160 RCX: 00007fd047d8d169
[  491.629418][T11342] RDX: 0000000000000018 RSI: 0000400000000280 RDI: 0000000000000007
[  491.629429][T11342] RBP: 00007fd048b3f090 R08: 0000000000000000 R09: 0000000000000000
[  491.629441][T11342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  491.629452][T11342] R13: 0000000000000000 R14: 00007fd047fa6160 R15: 00007ffdb0618ae8
[  491.629478][T11342]  </TASK>
[  492.226909][T11348] netlink: 4 bytes leftover after parsing attributes in process `syz.4.992'.
[  492.226966][T11348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.226997][T11348] batman_adv: batadv0: Removing interface: batadv_slave_0
[  492.261493][T11348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  492.261524][T11348] batman_adv: batadv0: Removing interface: batadv_slave_1
[  493.261082][T11365] FAULT_INJECTION: forcing a failure.
[  493.261082][T11365] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.299924][T11365] CPU: 1 UID: 0 PID: 11365 Comm: syz.8.1005 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  493.299953][T11365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  493.299964][T11365] Call Trace:
[  493.299970][T11365]  <TASK>
[  493.299977][T11365]  dump_stack_lvl+0x16c/0x1f0
[  493.300006][T11365]  should_fail_ex+0x50a/0x650
[  493.300037][T11365]  _copy_to_user+0x32/0xd0
[  493.300058][T11365]  simple_read_from_buffer+0xd0/0x160
[  493.300083][T11365]  proc_fail_nth_read+0x198/0x270
[  493.300104][T11365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  493.300126][T11365]  ? rw_verify_area+0xcf/0x680
[  493.300166][T11365]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  493.300188][T11365]  vfs_read+0x1df/0xbf0
[  493.300213][T11365]  ? __fget_files+0x1fc/0x3a0
[  493.300230][T11365]  ? __pfx___mutex_lock+0x10/0x10
[  493.300253][T11365]  ? __pfx_vfs_read+0x10/0x10
[  493.300283][T11365]  ? __fget_files+0x206/0x3a0
[  493.300304][T11365]  ksys_read+0x12b/0x250
[  493.300325][T11365]  ? __pfx_ksys_read+0x10/0x10
[  493.300353][T11365]  do_syscall_64+0xcd/0x250
[  493.300373][T11365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.300394][T11365] RIP: 0033:0x7fd047d8bb7c
[  493.300407][T11365] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  493.300424][T11365] RSP: 002b:00007fd048b81030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  493.300439][T11365] RAX: ffffffffffffffda RBX: 00007fd047fa5fa0 RCX: 00007fd047d8bb7c
[  493.300449][T11365] RDX: 000000000000000f RSI: 00007fd048b810a0 RDI: 0000000000000004
[  493.300458][T11365] RBP: 00007fd048b81090 R08: 0000000000000000 R09: 0000000000000000
[  493.300466][T11365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.300475][T11365] R13: 0000000000000000 R14: 00007fd047fa5fa0 R15: 00007ffdb0618ae8
[  493.300494][T11365]  </TASK>
[  493.334150][T10247] usb 5-1: USB disconnect, device number 22
[  493.336877][    C1] vkms_vblank_simulate: vblank timer overrun
[  493.496585][    C1] vkms_vblank_simulate: vblank timer overrun
[  493.502555][    C1] hrtimer: interrupt took 202046890 ns
[  493.551629][T11367] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1006'.
[  493.602592][    C1] vkms_vblank_simulate: vblank timer overrun
[  493.931089][ T5867] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[  494.100065][T11380] Bluetooth: MGMT ver 1.23
[  494.297109][T11371] netlink: 'syz.6.1000': attribute type 1 has an invalid length.
[  494.304892][T11371] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1000'.
[  494.324511][ T5867] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  494.988074][ T5867] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  495.071231][ T5867] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  495.176262][ T5867] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  495.236332][T11395] nfs: Unknown parameter 'ntext'
[  495.503111][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  495.503154][   T29] audit: type=1400 audit(1741195391.825:3091): avc:  denied  { read } for  pid=11391 comm="syz.9.1011" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  495.562704][ T5867] usb 9-1: SerialNumber: syz
[  495.649579][T11399] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1012'.
[  495.777981][   T29] audit: type=1400 audit(1741195392.105:3092): avc:  denied  { setopt } for  pid=11402 comm="syz.4.1013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  495.806910][ T5867] usb 9-1: 0:2 : does not exist
[  495.844368][   T29] audit: type=1400 audit(1741195392.125:3093): avc:  denied  { setopt } for  pid=11372 comm="syz.8.1008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  495.932386][ T5867] usb 9-1: USB disconnect, device number 21
[  496.030576][T10146] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  496.172532][ T8962] udevd[8962]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  496.202341][T10146] usb 10-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  496.223643][T10146] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.259557][T10146] usb 10-1: config 0 descriptor??
[  496.499103][T11419] FAULT_INJECTION: forcing a failure.
[  496.499103][T11419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.548106][T11419] CPU: 0 UID: 0 PID: 11419 Comm: syz.8.1014 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  496.548133][T11419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  496.548144][T11419] Call Trace:
[  496.548149][T11419]  <TASK>
[  496.548157][T11419]  dump_stack_lvl+0x16c/0x1f0
[  496.548185][T11419]  should_fail_ex+0x50a/0x650
[  496.548217][T11419]  _copy_from_user+0x2e/0xd0
[  496.548237][T11419]  kstrtouint_from_user+0xd7/0x1c0
[  496.548261][T11419]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  496.548292][T11419]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  496.548320][T11419]  proc_fail_nth_write+0x84/0x250
[  496.548345][T11419]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  496.548367][T11419]  ? ksys_write+0x12b/0x250
[  496.548400][T11419]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  496.548422][T11419]  vfs_write+0x24c/0x1150
[  496.548449][T11419]  ? __fget_files+0x1fc/0x3a0
[  496.548467][T11419]  ? __pfx___mutex_lock+0x10/0x10
[  496.548490][T11419]  ? __pfx_vfs_write+0x10/0x10
[  496.548525][T11419]  ? __fget_files+0x206/0x3a0
[  496.548551][T11419]  ksys_write+0x12b/0x250
[  496.548576][T11419]  ? __pfx_ksys_write+0x10/0x10
[  496.548611][T11419]  do_syscall_64+0xcd/0x250
[  496.548636][T11419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.548661][T11419] RIP: 0033:0x7fd047d8bc1f
[  496.548677][T11419] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  496.548693][T11419] RSP: 002b:00007fd048b81030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  496.548711][T11419] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd047d8bc1f
[  496.548723][T11419] RDX: 0000000000000001 RSI: 00007fd048b810a0 RDI: 0000000000000003
[  496.548734][T11419] RBP: 00007fd048b81090 R08: 0000000000000000 R09: 0000000000000000
[  496.548745][T11419] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  496.548756][T11419] R13: 0000000000000000 R14: 00007fd047fa5fa0 R15: 00007ffdb0618ae8
[  496.548782][T11419]  </TASK>
[  496.762537][T11421] 9pnet_fd: Insufficient options for proto=fd
[  496.795884][T11421] syzkaller1: entered promiscuous mode
[  496.840140][T11421] syzkaller1: entered allmulticast mode
[  496.848443][T10146] usbhid 10-1:0.0: can't add hid device: -71
[  496.857336][T10146] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  496.929312][T10146] usb 10-1: USB disconnect, device number 10
[  496.944565][T11421] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  496.944565][T11421] The task syz.1.1015 (11421) triggered the difference, watch for misbehavior.
[  497.191013][T11436] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1017'.
[  497.882569][   T29] audit: type=1400 audit(1741195394.195:3094): avc:  denied  { create } for  pid=11437 comm="syz.6.1018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  497.939011][T11451] loop6: detected capacity change from 0 to 524287999
[  497.989175][   T29] audit: type=1400 audit(1741195394.195:3095): avc:  denied  { write } for  pid=11437 comm="syz.6.1018" name="pfkey" dev="proc" ino=4026533704 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  498.044313][    C1] blk_print_req_error: 16 callbacks suppressed
[  498.044325][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.059608][    C1] buffer_io_error: 13 callbacks suppressed
[  498.059618][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.078577][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.087768][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.105920][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.115114][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.124183][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.133331][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.146774][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.155930][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.164195][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.173319][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.181369][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.190559][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.202141][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.211526][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.220312][ T6883] ldm_validate_partition_table(): Disk read failed.
[  498.231221][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.240434][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.249981][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  498.259289][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  498.270377][ T6883] Dev loop6: unable to read RDB block 0
[  498.275163][   T29] audit: type=1400 audit(1741195394.265:3096): avc:  denied  { read write } for  pid=11450 comm="syz.1.1020" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  498.316406][T11454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1020'.
[  498.331913][ T6883]  loop6: unable to read partition table
[  498.337341][   T29] audit: type=1400 audit(1741195394.265:3097): avc:  denied  { open } for  pid=11450 comm="syz.1.1020" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  498.381428][T11451] ldm_validate_partition_table(): Disk read failed.
[  498.389794][   T29] audit: type=1400 audit(1741195394.265:3098): avc:  denied  { append } for  pid=11450 comm="syz.1.1020" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  498.433625][T11451] Dev loop6: unable to read RDB block 0
[  498.546350][   T29] audit: type=1400 audit(1741195394.645:3099): avc:  denied  { ioctl } for  pid=11450 comm="syz.1.1020" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=29557 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  498.557850][T11451]  loop6: unable to read partition table
[  498.584438][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  498.590870][T11451] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  498.635961][ T5193] ldm_validate_partition_table(): Disk read failed.
[  498.653139][ T5193] Dev loop6: unable to read RDB block 0
[  498.676477][ T5193]  loop6: unable to read partition table
[  498.745915][   T29] audit: type=1400 audit(1741195394.645:3100): avc:  denied  { create } for  pid=11450 comm="syz.1.1020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  499.248910][T11468] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 3, id = 0
[  499.313482][T11470] fuse: Unknown parameter 'Bd'
[  499.483097][T11478] FAULT_INJECTION: forcing a failure.
[  499.483097][T11478] name failslab, interval 1, probability 0, space 0, times 0
[  499.643533][T11480] netlink: 'syz.8.1027': attribute type 1 has an invalid length.
[  499.651611][T11480] netlink: 224 bytes leftover after parsing attributes in process `syz.8.1027'.
[  499.870254][T11478] CPU: 1 UID: 0 PID: 11478 Comm: syz.9.1026 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  499.870281][T11478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  499.870291][T11478] Call Trace:
[  499.870297][T11478]  <TASK>
[  499.870304][T11478]  dump_stack_lvl+0x16c/0x1f0
[  499.870336][T11478]  should_fail_ex+0x50a/0x650
[  499.870368][T11478]  should_failslab+0xc2/0x120
[  499.870389][T11478]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  499.870409][T11478]  ? skb_clone+0x190/0x3f0
[  499.870437][T11478]  skb_clone+0x190/0x3f0
[  499.870463][T11478]  netlink_deliver_tap+0xabd/0xd30
[  499.870492][T11478]  netlink_unicast+0x5e1/0x7f0
[  499.870517][T11478]  ? __pfx_netlink_unicast+0x10/0x10
[  499.870539][T11478]  ? __phys_addr+0xc6/0x150
[  499.870564][T11478]  netlink_sendmsg+0x8b8/0xd70
[  499.870592][T11478]  ? __pfx_netlink_sendmsg+0x10/0x10
[  499.870626][T11478]  ____sys_sendmsg+0xaaf/0xc90
[  499.870644][T11478]  ? copy_msghdr_from_user+0x10b/0x160
[  499.870669][T11478]  ? __pfx_____sys_sendmsg+0x10/0x10
[  499.870702][T11478]  ___sys_sendmsg+0x135/0x1e0
[  499.870729][T11478]  ? __pfx____sys_sendmsg+0x10/0x10
[  499.870766][T11478]  ? __pfx_lock_release+0x10/0x10
[  499.870791][T11478]  ? trace_lock_acquire+0x14e/0x1f0
[  499.870821][T11478]  ? __fget_files+0x206/0x3a0
[  499.870847][T11478]  __sys_sendmsg+0x16e/0x220
[  499.870873][T11478]  ? __pfx___sys_sendmsg+0x10/0x10
[  499.870916][T11478]  do_syscall_64+0xcd/0x250
[  499.870942][T11478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.870967][T11478] RIP: 0033:0x7f351058d169
[  499.870983][T11478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  499.871000][T11478] RSP: 002b:00007f350e3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  499.871019][T11478] RAX: ffffffffffffffda RBX: 00007f35107a5fa0 RCX: 00007f351058d169
[  499.871031][T11478] RDX: 0000000000000000 RSI: 0000400000000100 RDI: 0000000000000003
[  499.871043][T11478] RBP: 00007f350e3f6090 R08: 0000000000000000 R09: 0000000000000000
[  499.871060][T11478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.871071][T11478] R13: 0000000000000000 R14: 00007f35107a5fa0 R15: 00007ffce1be70c8
[  499.871097][T11478]  </TASK>
[  499.872667][T11478] netlink: del zone limit has 4 unknown bytes
[  500.228968][T11488] 9pnet_fd: Insufficient options for proto=fd
[  500.526489][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  500.526525][   T29] audit: type=1400 audit(1741195396.815:3114): avc:  denied  { map } for  pid=11485 comm="syz.4.1028" path="socket:[29867]" dev="sockfs" ino=29867 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  500.984432][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  501.160277][    T8] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  501.460441][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  501.530487][    T8] usb 2-1: Using ep0 maxpacket: 8
[  501.545900][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  501.557099][    T8] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  501.567073][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.638083][    T8] usb 2-1: config 0 descriptor??
[  501.646802][T11499] netlink: 5 bytes leftover after parsing attributes in process `syz.8.1032'.
[  501.881581][    T8] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  501.968264][   T29] audit: type=1400 audit(1741195398.225:3115): avc:  denied  { write } for  pid=11516 comm="syz.6.1035" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  501.991082][    C1] vkms_vblank_simulate: vblank timer overrun
[  502.771819][T11526] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 3, id = 0
[  503.180273][    T8] usb 2-1: USB disconnect, device number 15
[  503.187647][T11529] virt_wifi0 speed is unknown, defaulting to 1000
[  503.660786][T11535] netlink: 'syz.4.1038': attribute type 10 has an invalid length.
[  503.678858][T11535] 8021q: adding VLAN 0 to HW filter on device team0
[  503.689817][T11535] bond0: (slave team0): Enslaving as an active interface with an up link
[  503.713881][T11535] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  503.730369][T11546] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1039'.
[  503.739356][T11546] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1039'.
[  503.753214][T11546] erspan0: entered promiscuous mode
[  503.836613][   T29] audit: type=1400 audit(1741195399.985:3116): avc:  denied  { read } for  pid=11534 comm="syz.4.1038" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  504.287167][   T29] audit: type=1400 audit(1741195399.985:3117): avc:  denied  { open } for  pid=11534 comm="syz.4.1038" path="/dev/input/event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  504.320278][T11546] erspan0: left promiscuous mode
[  504.350423][   T29] audit: type=1400 audit(1741195399.985:3118): avc:  denied  { ioctl } for  pid=11534 comm="syz.4.1038" path="/dev/input/event0" dev="devtmpfs" ino=918 ioctlcmd=0x4504 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  504.783529][T11557] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1042'.
[  505.950379][    T8] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[  506.141934][    T8] usb 9-1: too many configurations: 193, using maximum allowed: 8
[  506.547707][    T8] usb 9-1: unable to read config index 0 descriptor/start: -61
[  506.599743][    T8] usb 9-1: can't read configurations, error -61
[  506.903084][    T8] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[  507.078917][   T29] audit: type=1400 audit(1741195403.405:3119): avc:  denied  { connect } for  pid=11579 comm="syz.1.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  507.099363][    T8] usb 9-1: too many configurations: 193, using maximum allowed: 8
[  507.550575][    T8] usb 9-1: unable to read config index 0 descriptor/start: -61
[  507.570916][    T8] usb 9-1: can't read configurations, error -61
[  507.590470][   T29] audit: type=1400 audit(1741195403.485:3120): avc:  denied  { shutdown } for  pid=11579 comm="syz.1.1047" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  507.673381][    T8] usb usb9-port1: attempt power cycle
[  507.714545][T11597] tipc: Started in network mode
[  507.760436][T11597] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  507.793705][   T29] audit: type=1400 audit(1741195404.125:3121): avc:  denied  { write } for  pid=11596 comm="syz.9.1051" name="event2" dev="devtmpfs" ino=927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  507.856674][T11597] tipc: Enabled bearer <udp:syz0>, priority 10
[  507.890687][T10146] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  508.072063][T10146] usb 7-1: Using ep0 maxpacket: 16
[  508.100185][T10146] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.120383][   T29] audit: type=1400 audit(1741195404.445:3122): avc:  denied  { mount } for  pid=11609 comm="syz.9.1053" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  508.120457][T10146] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  508.152177][   T25] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  508.200571][    T8] usb usb9-port1: Cannot enable. Maybe the USB cable is bad?
[  508.208229][T10146] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.229126][   T29] audit: type=1400 audit(1741195404.545:3123): avc:  denied  { unmount } for  pid=9902 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  508.259282][T10146] usb 7-1: config 0 descriptor??
[  508.336679][   T25] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  508.350419][    T8] usb 9-1: new full-speed USB device number 25 using dummy_hcd
[  508.361993][   T29] audit: type=1400 audit(1741195404.695:3124): avc:  denied  { create } for  pid=11614 comm="syz.9.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  508.365643][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.414341][   T29] audit: type=1400 audit(1741195404.715:3125): avc:  denied  { setopt } for  pid=11614 comm="syz.9.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  508.422884][   T25] usb 5-1: Product: syz
[  508.453518][    T8] usb 9-1: unable to get BOS descriptor or descriptor too short
[  508.473062][    T8] usb 9-1: not running at top speed; connect to a high speed hub
[  508.490618][    T8] usb 9-1: config 3 has an invalid interface number: 91 but max is 2
[  508.499059][   T29] audit: type=1400 audit(1741195404.795:3126): avc:  denied  { connect } for  pid=11614 comm="syz.9.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  508.502322][   T25] usb 5-1: Manufacturer: syz
[  508.524779][    T8] usb 9-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  508.543154][    T8] usb 9-1: config 3 has an invalid interface number: 20 but max is 2
[  508.559677][   T29] audit: type=1400 audit(1741195404.795:3127): avc:  denied  { write } for  pid=11614 comm="syz.9.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  508.567719][   T25] usb 5-1: SerialNumber: syz
[  508.585211][    T8] usb 9-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  508.628363][    T8] usb 9-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  508.630186][   T25] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  508.650112][T11588] Bluetooth: hci5: command 0x0406 tx timeout
[  508.658201][    T8] usb 9-1: config 3 has no interface number 0
[  508.665638][   T29] audit: type=1400 audit(1741195404.795:3128): avc:  denied  { getopt } for  pid=11614 comm="syz.9.1055" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  508.710913][    T8] usb 9-1: config 3 has no interface number 2
[  508.712647][T10146] mcp2221 0003:04D8:00DD.0005: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.6-1/input0
[  508.747723][    T8] usb 9-1: config 3 interface 91 altsetting 4 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  508.771704][ T5950] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  508.809974][    T8] usb 9-1: config 3 interface 91 altsetting 4 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  508.822333][T10146] gpio gpiochip0: gpiochip_add_data_with_key: get_direction failed: -38
[  508.831876][T10146] gpio gpiochip0: gpiochip_add_data_with_key: get_direction failed: -38
[  508.840942][T10146] gpio gpiochip0: gpiochip_add_data_with_key: get_direction failed: -38
[  508.849564][T10146] gpio gpiochip0: gpiochip_add_data_with_key: get_direction failed: -38
[  508.850286][ T5867] tipc: Node number set to 4269801488
[  508.878502][    T8] usb 9-1: config 3 interface 91 altsetting 4 endpoint 0x7 has invalid maxpacket 1024, setting to 64
[  508.895289][    T8] usb 9-1: config 3 interface 91 altsetting 4 has a duplicate endpoint with address 0x7, skipping
[  508.902361][T11623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1056'.
[  508.906963][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0x1, skipping
[  508.925960][    T8] usb 9-1: config 3 interface 20 altsetting 16 endpoint 0xC has an invalid bInterval 0, changing to 10
[  508.938926][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0xC, skipping
[  508.992418][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  509.049919][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0x6, skipping
[  509.099559][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0x1, skipping
[  509.120551][ T5825] Bluetooth: hci4: command 0x0405 tx timeout
[  509.134223][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0xE, skipping
[  509.162896][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0xC, skipping
[  509.247576][T11630] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1057'.
[  509.279468][    T8] usb 9-1: config 3 interface 20 altsetting 16 has an invalid descriptor for endpoint zero, skipping
[  509.291154][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1057'.
[  509.326451][ T5865] usb 5-1: USB disconnect, device number 23
[  509.337254][ T5867] usb 7-1: USB disconnect, device number 13
[  509.361208][    T8] usb 9-1: config 3 interface 20 altsetting 16 has a duplicate endpoint with address 0x7, skipping
[  509.389256][    T8] usb 9-1: config 3 interface 1 altsetting 3 has a duplicate endpoint with address 0x7, skipping
[  509.406971][    T8] usb 9-1: config 3 interface 91 has no altsetting 0
[  509.414757][    T8] usb 9-1: config 3 interface 20 has no altsetting 0
[  509.427312][    T8] usb 9-1: config 3 interface 1 has no altsetting 0
[  509.436207][    T8] usb 9-1: New USB device found, idVendor=134c, idProduct=0003, bcdDevice=d4.c9
[  509.459154][    T8] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.504709][    T8] usb 9-1: Product: 속骃ꡠ쪎巠퀓쵞슷阹鳘蕋㫨顳ꜹ끵偔ቤὌᏧ兺̋帛崏鑱卑ᜲ邞쎋觨䔑*㤖㜧凧骘勀맭縦ꯖắ씖㸡옏뻁ꈙ緕䲖浪ỏ䧾읜킋嚕㔰雯蹬슆攤먋䔟
[  509.542863][    T8] usb 9-1: Manufacturer: ఇ
[  509.547846][    T8] usb 9-1: SerialNumber: syz
[  509.564496][T11607] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  509.587776][T11607] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  509.631301][    T8] input: ఇ 속骃ꡠ쪎巠퀓쵞슷阹鳘蕋㫨顳ꜹ끵偔ቤὌᏧ兺̋帛崏鑱卑ᜲ邞쎋觨䔑*㤖㜧 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:3.91/input/input17
[  509.719126][T11649] FAULT_INJECTION: forcing a failure.
[  509.719126][T11649] name failslab, interval 1, probability 0, space 0, times 0
[  509.749864][T11649] CPU: 0 UID: 0 PID: 11649 Comm: syz.1.1059 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  509.749892][T11649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  509.749903][T11649] Call Trace:
[  509.749908][T11649]  <TASK>
[  509.749916][T11649]  dump_stack_lvl+0x16c/0x1f0
[  509.749946][T11649]  should_fail_ex+0x50a/0x650
[  509.749973][T11649]  ? fs_reclaim_acquire+0xae/0x150
[  509.750000][T11649]  ? sctp_auth_create_key+0x35/0xd0
[  509.750020][T11649]  should_failslab+0xc2/0x120
[  509.750049][T11649]  __kmalloc_noprof+0xcb/0x510
[  509.750069][T11649]  ? __asan_memcpy+0x3c/0x60
[  509.750100][T11649]  sctp_auth_create_key+0x35/0xd0
[  509.750122][T11649]  sctp_auth_asoc_create_secret+0x2c7/0x6c0
[  509.750152][T11649]  sctp_auth_asoc_init_active_key+0x1b8/0x5b0
[  509.750179][T11649]  sctp_auth_set_active_key+0x1dc/0x380
[  509.750205][T11649]  sctp_setsockopt+0x9c93/0xb810
[  509.750230][T11649]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  509.750260][T11649]  ? __pfx_sctp_setsockopt+0x10/0x10
[  509.750292][T11649]  ? selinux_socket_setsockopt+0x6a/0x80
[  509.750312][T11649]  ? sock_common_setsockopt+0x2e/0xf0
[  509.750330][T11649]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  509.750346][T11649]  do_sock_setsockopt+0x222/0x480
[  509.750373][T11649]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  509.750399][T11649]  ? lock_acquire+0x2f/0xb0
[  509.750435][T11649]  __sys_setsockopt+0x1a0/0x230
[  509.750463][T11649]  __x64_sys_setsockopt+0xbd/0x160
[  509.750484][T11649]  ? do_syscall_64+0x91/0x250
[  509.750505][T11649]  ? lockdep_hardirqs_on+0x7c/0x110
[  509.750526][T11649]  do_syscall_64+0xcd/0x250
[  509.750549][T11649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.750573][T11649] RIP: 0033:0x7f1481f8d169
[  509.750588][T11649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.750605][T11649] RSP: 002b:00007f1482d04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  509.750623][T11649] RAX: ffffffffffffffda RBX: 00007f14821a6160 RCX: 00007f1481f8d169
[  509.750636][T11649] RDX: 0000000000000018 RSI: 0000000000000084 RDI: 0000000000000003
[  509.750647][T11649] RBP: 00007f1482d04090 R08: 0000000000000008 R09: 0000000000000000
[  509.750658][T11649] R10: 0000400000000340 R11: 0000000000000246 R12: 0000000000000001
[  509.750669][T11649] R13: 0000000000000001 R14: 00007f14821a6160 R15: 00007ffd1a39b1b8
[  509.750692][T11649]  </TASK>
[  509.997944][ T5950] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  510.015585][ T5950] ath9k_htc: Failed to initialize the device
[  510.280723][ T5865] usb 5-1: ath9k_htc: USB layer deinitialized
[  510.475220][    T8] usb 9-1: USB disconnect, device number 25
[  510.612174][T11669] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1065'.
[  510.630290][ T5950] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  510.650318][T11669] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  511.254954][ T5950] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  511.264124][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.280368][ T5950] usb 2-1: Product: syz
[  511.285813][ T5950] usb 2-1: Manufacturer: syz
[  511.300363][ T5950] usb 2-1: SerialNumber: syz
[  511.310958][ T5950] usb 2-1: config 0 descriptor??
[  511.586441][T11690] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1068'.
[  511.603231][T11690] Cannot find add_set index 0 as target
[  512.188665][   T25] usb 2-1: USB disconnect, device number 16
[  512.246001][   T29] kauditd_printk_skb: 31 callbacks suppressed
[  512.246017][   T29] audit: type=1400 audit(1741195408.565:3160): avc:  denied  { unlink } for  pid=10052 comm="syz-executor" name="file0" dev="tmpfs" ino=283 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  513.464387][   T29] audit: type=1400 audit(1741195409.795:3161): avc:  denied  { getopt } for  pid=11714 comm="syz.8.1074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  514.145728][   T29] audit: type=1400 audit(1741195410.475:3162): avc:  denied  { create } for  pid=11722 comm="syz.1.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  515.071749][T11725] FAULT_INJECTION: forcing a failure.
[  515.071749][T11725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.637308][T11725] CPU: 0 UID: 0 PID: 11725 Comm: syz.1.1075 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  515.637336][T11725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  515.637347][T11725] Call Trace:
[  515.637353][T11725]  <TASK>
[  515.637361][T11725]  dump_stack_lvl+0x16c/0x1f0
[  515.637389][T11725]  should_fail_ex+0x50a/0x650
[  515.637421][T11725]  core_sys_select+0x91b/0xb80
[  515.637455][T11725]  ? __pfx_core_sys_select+0x10/0x10
[  515.637480][T11725]  ? get_pid_task+0xfc/0x250
[  515.637528][T11725]  ? set_user_sigmask+0x217/0x2a0
[  515.637552][T11725]  ? __pfx_set_user_sigmask+0x10/0x10
[  515.637583][T11725]  do_pselect.constprop.0+0x1a0/0x1f0
[  515.637618][T11725]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  515.637657][T11725]  __x64_sys_pselect6+0x183/0x240
[  515.637676][T11725]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  515.637702][T11725]  do_syscall_64+0xcd/0x250
[  515.637726][T11725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.637751][T11725] RIP: 0033:0x7f1481f8d169
[  515.637767][T11725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.637783][T11725] RSP: 002b:00007f1482d46038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  515.637802][T11725] RAX: ffffffffffffffda RBX: 00007f14821a5fa0 RCX: 00007f1481f8d169
[  515.637815][T11725] RDX: 0000000000000000 RSI: 00004000000000c0 RDI: 0000000000000040
[  515.637826][T11725] RBP: 00007f1482d46090 R08: 0000000000000000 R09: 0000000000000000
[  515.637837][T11725] R10: 0000400000000140 R11: 0000000000000246 R12: 0000000000000001
[  515.637848][T11725] R13: 0000000000000000 R14: 00007f14821a5fa0 R15: 00007ffd1a39b1b8
[  515.637872][T11725]  </TASK>
[  517.390110][   T29] audit: type=1400 audit(1741195413.695:3163): avc:  denied  { mount } for  pid=11754 comm="syz.1.1081" name="/" dev="autofs" ino=31365 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  517.440797][T11755] autofs4:pid:11755:validate_dev_ioctl: invalid path supplied for cmd(0xc018937a)
[  517.442948][   T29] audit: type=1400 audit(1741195413.765:3164): avc:  denied  { read } for  pid=11754 comm="syz.1.1081" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  517.488066][   T29] audit: type=1400 audit(1741195413.765:3165): avc:  denied  { open } for  pid=11754 comm="syz.1.1081" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  517.511734][    C1] vkms_vblank_simulate: vblank timer overrun
[  517.524865][   T29] audit: type=1400 audit(1741195413.765:3166): avc:  denied  { ioctl } for  pid=11754 comm="syz.1.1081" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  517.560308][T11761] FAULT_INJECTION: forcing a failure.
[  517.560308][T11761] name failslab, interval 1, probability 0, space 0, times 0
[  517.585677][T11761] CPU: 1 UID: 0 PID: 11761 Comm: syz.9.1084 Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  517.585701][T11761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  517.585711][T11761] Call Trace:
[  517.585716][T11761]  <TASK>
[  517.585722][T11761]  dump_stack_lvl+0x16c/0x1f0
[  517.585749][T11761]  should_fail_ex+0x50a/0x650
[  517.585775][T11761]  ? fs_reclaim_acquire+0xae/0x150
[  517.585801][T11761]  ? vma_node_allow+0x56/0x300
[  517.585816][T11761]  should_failslab+0xc2/0x120
[  517.585836][T11761]  __kmalloc_cache_noprof+0x68/0x410
[  517.585861][T11761]  ? __pfx_lock_release+0x10/0x10
[  517.585883][T11761]  ? idr_alloc+0xde/0x130
[  517.585907][T11761]  vma_node_allow+0x56/0x300
[  517.585927][T11761]  drm_gem_handle_create_tail+0x222/0x550
[  517.585956][T11761]  ? drm_gem_prime_import_dev+0x24d/0x440
[  517.585981][T11761]  drm_gem_prime_fd_to_handle+0x223/0x590
[  517.586007][T11761]  drm_prime_fd_to_handle_ioctl+0xd6/0x110
[  517.586033][T11761]  drm_ioctl_kernel+0x1e6/0x3d0
[  517.586049][T11761]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  517.586071][T11761]  ? __might_fault+0xe3/0x190
[  517.586091][T11761]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  517.586107][T11761]  ? __might_fault+0xe3/0x190
[  517.586134][T11761]  drm_ioctl+0x5d6/0xc00
[  517.586154][T11761]  ? __pfx_drm_prime_fd_to_handle_ioctl+0x10/0x10
[  517.586178][T11761]  ? __pfx_drm_ioctl+0x10/0x10
[  517.586193][T11761]  ? __pfx_lock_release+0x10/0x10
[  517.586228][T11761]  ? selinux_file_ioctl+0x180/0x270
[  517.586255][T11761]  ? selinux_file_ioctl+0xb4/0x270
[  517.586282][T11761]  ? __pfx_drm_ioctl+0x10/0x10
[  517.586300][T11761]  __x64_sys_ioctl+0x190/0x200
[  517.586325][T11761]  do_syscall_64+0xcd/0x250
[  517.586350][T11761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.586374][T11761] RIP: 0033:0x7f351058d169
[  517.586390][T11761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.586406][T11761] RSP: 002b:00007f350e3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  517.586424][T11761] RAX: ffffffffffffffda RBX: 00007f35107a5fa0 RCX: 00007f351058d169
[  517.586435][T11761] RDX: 0000400000000200 RSI: 00000000c00c642e RDI: 0000000000000005
[  517.586446][T11761] RBP: 00007f350e3f6090 R08: 0000000000000000 R09: 0000000000000000
[  517.586467][T11761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.586477][T11761] R13: 0000000000000000 R14: 00007f35107a5fa0 R15: 00007ffce1be70c8
[  517.586501][T11761]  </TASK>
[  517.586685][   T29] audit: type=1400 audit(1741195413.855:3167): avc:  denied  { write } for  pid=11757 comm="syz.9.1084" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  518.081365][   T29] audit: type=1400 audit(1741195413.915:3168): avc:  denied  { unmount } for  pid=9961 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  518.685681][   T29] audit: type=1400 audit(1741195414.225:3169): avc:  denied  { bind } for  pid=11771 comm="syz.1.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  518.950503][   T29] audit: type=1400 audit(1741195415.005:3170): avc:  denied  { create } for  pid=11771 comm="syz.1.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  519.245034][   T29] audit: type=1400 audit(1741195415.005:3171): avc:  denied  { bind } for  pid=11771 comm="syz.1.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  519.337116][   T29] audit: type=1400 audit(1741195415.015:3172): avc:  denied  { write } for  pid=11771 comm="syz.1.1086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  520.605602][T11809] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1094'.
[  520.622802][T11809] Cannot find add_set index 0 as target
[  521.288321][T11816] fuse: Unknown parameter 'fdC0x0000000000000005'
[  521.560581][    T8] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  521.742881][    T8] usb 2-1: Using ep0 maxpacket: 32
[  521.765014][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.825716][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  521.867809][    T8] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  521.899362][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.068096][    T8] usb 2-1: config 0 descriptor??
[  522.372327][T11838] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1102'.
[  522.529648][T11854] syzkaller0: entered allmulticast mode
[  522.880115][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  522.880130][   T29] audit: type=1400 audit(1741195419.025:3178): avc:  denied  { getopt } for  pid=11819 comm="syz.1.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  522.902156][T11820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  522.936950][T11865] IPVS: sync thread started: state = BACKUP, mcast_ifn = dummy0, syncid = 3, id = 0
[  522.962187][T11820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  523.011698][T11820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  523.020537][T11820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  523.491018][T11854] netlink: 152 bytes leftover after parsing attributes in process `syz.6.1105'.
[  524.214209][    T8] usbhid 2-1:0.0: can't add hid device: -71
[  524.220445][    T8] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  524.234609][    T8] usb 2-1: USB disconnect, device number 17
[  524.480472][   T30] INFO: task syz.7.696:9696 blocked for more than 143 seconds.
[  524.488427][   T30]       Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  524.521096][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  524.549375][   T30] task:syz.7.696       state:D stack:24272 pid:9696  tgid:9693  ppid:7280   task_flags:0x400140 flags:0x00004006
[  524.645150][   T30] Call Trace:
[  524.648536][   T30]  <TASK>
[  524.651580][   T30]  __schedule+0xf43/0x5890
[  524.656085][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  524.670351][   T30]  ? mark_lock+0xb5/0xc60
[  524.675255][   T30]  ? __pfx___schedule+0x10/0x10
[  524.745887][   T30]  ? schedule+0x298/0x350
[  524.757092][   T30]  ? __pfx_lock_release+0x10/0x10
[  525.322554][   T30]  ? __pfx_lock_release+0x10/0x10
[  525.327732][   T30]  ? lock_acquire+0x2f/0xb0
[  525.332359][   T30]  ? schedule+0x1fd/0x350
[  525.336901][   T30]  schedule+0xe7/0x350
[  525.341730][   T30]  bit_wait+0x15/0xe0
[  525.394024][   T30]  __wait_on_bit+0x62/0x180
[  525.398581][   T30]  ? __pfx_bit_wait+0x10/0x10
[  525.750261][   T30]  out_of_line_wait_on_bit+0xda/0x110
[  525.750288][ T5865] caif:caif_disconnect_client(): nothing to disconnect
[  525.777116][   T30]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  525.810248][   T30]  ? __pfx_wake_bit_function+0x10/0x10
[  525.828027][   T30]  ? netfs_create_write_req+0x50d/0x870
[  525.843757][   T30]  netfs_unbuffered_write_iter_locked+0xaa1/0xd30
[  525.864423][   T30]  netfs_unbuffered_write_iter+0x413/0x6d0
[  525.878898][   T30]  v9fs_file_write_iter+0xbf/0x100
[  525.890427][   T30]  do_iter_readv_writev+0x655/0x950
[  525.900223][   T30]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  525.912613][   T30]  ? rcu_is_watching+0x12/0xc0
[  525.921878][   T30]  ? do_pwritev+0x1b1/0x270
[  525.929273][   T30]  vfs_writev+0x363/0xdd0
[  525.934738][   T30]  ? __pfx_vfs_writev+0x10/0x10
[  525.945220][   T30]  ? find_held_lock+0x2d/0x110
[  525.955659][   T30]  ? __pfx_lock_release+0x10/0x10
[  525.970226][   T30]  ? trace_lock_acquire+0x14e/0x1f0
[  525.976712][   T30]  ? __fget_files+0x206/0x3a0
[  525.985716][   T30]  ? do_pwritev+0x1b1/0x270
[  525.993622][   T30]  do_pwritev+0x1b1/0x270
[  525.998064][   T30]  ? __pfx_do_pwritev+0x10/0x10
[  526.006310][   T30]  ? __pfx___x64_sys_futex+0x10/0x10
[  526.014747][   T30]  ? rcu_is_watching+0x12/0xc0
[  526.019680][   T30]  __x64_sys_pwritev2+0xef/0x160
[  526.024969][   T30]  do_syscall_64+0xcd/0x250
[  526.029554][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.035726][   T30] RIP: 0033:0x7f53a578d169
[  526.040324][   T30] RSP: 002b:00007f53a6576038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  526.048940][   T30] RAX: ffffffffffffffda RBX: 00007f53a59a5fa0 RCX: 00007f53a578d169
[  526.060284][   T30] RDX: 0000000000000001 RSI: 0000400000000080 RDI: 0000000000000007
[  526.068263][   T30] RBP: 00007f53a580e2a0 R08: 0000000000000007 R09: 0000000000000004
[  526.077766][   T30] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  526.086820][   T30] R13: 0000000000000000 R14: 00007f53a59a5fa0 R15: 00007ffdd19646c8
[  526.094984][   T30]  </TASK>
[  526.098343][   T30] 
[  526.098343][   T30] Showing all locks held in the system:
[  526.108049][   T30] 1 lock held by khungtaskd/30:
[  526.112967][   T30]  #0: ffffffff8e1bccc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  526.128631][   T30] 2 locks held by getty/5584:
[  526.148016][   T30]  #0: ffff8880318a30a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  526.163374][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  526.178345][   T30] 2 locks held by kworker/u8:11/6556:
[  526.183874][   T30]  #0: ffff88801b081148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  526.195211][   T30]  #1: ffffc90005507d18 ((work_completion)(&rreq->work)#2){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  526.206657][   T30] 2 locks held by syz.7.696/9696:
[  526.211876][   T30]  #0: ffff8880599ae420 (sb_writers#18){.+.+}-{0:0}, at: do_pwritev+0x1b1/0x270
[  526.224357][   T30]  #1: ffff888057a69498 (&sb->s_type->i_mutex_key#22){++++}-{4:4}, at: netfs_start_io_direct+0x116/0x260
[  526.235699][   T30] 3 locks held by dhcpcd-run-hook/11898:
[  526.241726][   T30]  #0: ffff8880b873ec18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  526.251780][   T30]  #1: ffff8880b8728a88 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[  526.263444][   T30]  #2: ffff888024909498 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: __pte_offset_map_lock+0xf1/0x300
[  526.274243][   T30] 
[  526.278073][   T30] =============================================
[  526.278073][   T30] 
[  526.286749][   T30] NMI backtrace for cpu 0
[  526.286760][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  526.286781][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  526.286790][   T30] Call Trace:
[  526.286795][   T30]  <TASK>
[  526.286800][   T30]  dump_stack_lvl+0x116/0x1f0
[  526.286825][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  526.286855][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  526.286876][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  526.286902][   T30]  watchdog+0xf62/0x12b0
[  526.286927][   T30]  ? __pfx_watchdog+0x10/0x10
[  526.286948][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  526.286967][   T30]  ? __kthread_parkme+0x148/0x220
[  526.286982][   T30]  ? __pfx_watchdog+0x10/0x10
[  526.287004][   T30]  kthread+0x3af/0x750
[  526.287022][   T30]  ? __pfx_kthread+0x10/0x10
[  526.287042][   T30]  ? __pfx_kthread+0x10/0x10
[  526.287060][   T30]  ret_from_fork+0x45/0x80
[  526.287079][   T30]  ? __pfx_kthread+0x10/0x10
[  526.287096][   T30]  ret_from_fork_asm+0x1a/0x30
[  526.287122][   T30]  </TASK>
[  526.287130][   T30] Sending NMI from CPU 0 to CPUs 1:
[  526.401994][    C1] NMI backtrace for cpu 1
[  526.402018][    C1] CPU: 1 UID: 0 PID: 11910 Comm: rm Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  526.402039][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  526.402050][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70
[  526.402083][    C1] Code: 7e 60 e8 a3 ff ff ff 31 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 74 f7 49 7e 65 8b 05 75 f7 49 7e a9 00 01
[  526.402105][    C1] RSP: 0018:ffffc9000511f3a0 EFLAGS: 00000246
[  526.402124][    C1] RAX: 0000000000000000 RBX: ffff88803277a800 RCX: ffffffff8b507e28
[  526.402136][    C1] RDX: ffff88807eef0000 RSI: 0000000000000003 RDI: 0000000000000005
[  526.402148][    C1] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000003
[  526.402158][    C1] R10: 0000000000000003 R11: 0000000000000002 R12: ffff888079e24640
[  526.402169][    C1] R13: 0000000000000000 R14: 0000000000000001 R15: 00007fe16f5fafff
[  526.402180][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  526.402197][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  526.402209][    C1] CR2: 00007fe16f425ba8 CR3: 000000007ef30000 CR4: 00000000003526f0
[  526.402221][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  526.402231][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  526.402243][    C1] Call Trace:
[  526.402248][    C1]  <NMI>
[  526.402255][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  526.402285][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  526.402308][    C1]  ? nmi_handle+0x1ac/0x5d0
[  526.402335][    C1]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  526.402363][    C1]  ? default_do_nmi+0x6a/0x160
[  526.402390][    C1]  ? exc_nmi+0x170/0x1e0
[  526.402417][    C1]  ? end_repeat_nmi+0xf/0x53
[  526.402445][    C1]  ? mt_validate+0x2518/0x41e0
[  526.402469][    C1]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  526.402498][    C1]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  526.402526][    C1]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  526.402555][    C1]  </NMI>
[  526.402560][    C1]  <TASK>
[  526.402566][    C1]  mt_validate+0x27f5/0x41e0
[  526.402594][    C1]  ? __pfx_mt_validate+0x10/0x10
[  526.402623][    C1]  validate_mm+0xb1/0x530
[  526.402644][    C1]  ? __pfx_validate_mm+0x10/0x10
[  526.402664][    C1]  ? vma_complete+0xa0b/0xda0
[  526.402683][    C1]  __split_vma+0xc09/0x1160
[  526.402702][    C1]  ? __pfx___split_vma+0x10/0x10
[  526.402722][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  526.402749][    C1]  vms_gather_munmap_vmas+0x1c3/0x1730
[  526.402771][    C1]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  526.402792][    C1]  ? mas_walk+0x6a6/0x910
[  526.402815][    C1]  __mmap_region+0x328/0x2760
[  526.402835][    C1]  ? __pfx___mmap_region+0x10/0x10
[  526.402857][    C1]  ? hlock_class+0x4e/0x130
[  526.402876][    C1]  ? mark_lock+0xb5/0xc60
[  526.402899][    C1]  ? __pfx_mark_lock+0x10/0x10
[  526.402921][    C1]  ? ima_free_modsig+0xd/0x50
[  526.402945][    C1]  ? process_measurement+0x1e8/0x2370
[  526.402984][    C1]  ? mm_get_unmapped_area_vmflags+0x97/0xe0
[  526.403018][    C1]  mmap_region+0x1ab/0x3f0
[  526.403041][    C1]  do_mmap+0xd8d/0x11b0
[  526.403067][    C1]  ? __pfx_do_mmap+0x10/0x10
[  526.403098][    C1]  ? __pfx_down_write_killable+0x10/0x10
[  526.403126][    C1]  vm_mmap_pgoff+0x203/0x3a0
[  526.403156][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  526.403185][    C1]  ? __fget_files+0x206/0x3a0
[  526.403204][    C1]  ksys_mmap_pgoff+0x32c/0x5c0
[  526.403230][    C1]  ? __pfx___x64_sys_pread64+0x10/0x10
[  526.403249][    C1]  __x64_sys_mmap+0x125/0x190
[  526.403275][    C1]  do_syscall_64+0xcd/0x250
[  526.403298][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.403322][    C1] RIP: 0033:0x7fe16f6d2b74
[  526.403336][    C1] Code: 63 08 44 89 e8 5b 41 5c 41 5d c3 41 89 ca 41 f7 c1 ff 0f 00 00 74 0c c7 05 f5 46 01 00 16 00 00 00 eb 17 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 0c f7 d8 89 05 dc 46 01 00 48 83 c8 ff c3 0f
[  526.403352][    C1] RSP: 002b:00007ffd2d464948 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  526.403368][    C1] RAX: ffffffffffffffda RBX: 00007ffd2d464988 RCX: 00007fe16f6d2b74
[  526.403380][    C1] RDX: 0000000000000005 RSI: 000000000002c000 RDI: 00007fe16f3b1000
[  526.403391][    C1] RBP: 00007ffd2d464ce0 R08: 0000000000000003 R09: 0000000000002000
[  526.403403][    C1] R10: 0000000000000812 R11: 0000000000000246 R12: 00007fe16f6b0880
[  526.403414][    C1] R13: 00007ffd2d464d68 R14: 0000000000001fd8 R15: 0000000000000000
[  526.403431][    C1]  </TASK>
[  526.404124][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  526.841398][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc5-syzkaller-00016-g48a5eed9ad58 #0
[  526.851887][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  526.861926][   T30] Call Trace:
[  526.865202][   T30]  <TASK>
[  526.868123][   T30]  dump_stack_lvl+0x3d/0x1f0
[  526.872709][   T30]  panic+0x71d/0x800
[  526.876597][   T30]  ? __pfx_panic+0x10/0x10
[  526.881004][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  526.886374][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  526.892345][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  526.897706][   T30]  ? watchdog+0xdcc/0x12b0
[  526.902116][   T30]  ? watchdog+0xdbf/0x12b0
[  526.906524][   T30]  watchdog+0xddd/0x12b0
[  526.910759][   T30]  ? __pfx_watchdog+0x10/0x10
[  526.915423][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  526.920608][   T30]  ? __kthread_parkme+0x148/0x220
[  526.925615][   T30]  ? __pfx_watchdog+0x10/0x10
[  526.930297][   T30]  kthread+0x3af/0x750
[  526.934372][   T30]  ? __pfx_kthread+0x10/0x10
[  526.938965][   T30]  ? __pfx_kthread+0x10/0x10
[  526.943549][   T30]  ret_from_fork+0x45/0x80
[  526.947962][   T30]  ? __pfx_kthread+0x10/0x10
[  526.952544][   T30]  ret_from_fork_asm+0x1a/0x30
[  526.957316][   T30]  </TASK>
[  526.960530][   T30] Kernel Offset: disabled
[  526.964832][   T30] Rebooting in 86400 seconds..