last executing test programs:

50m36.30957683s ago: executing program 32 (id=266):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
ioctl$TIOCMGET(r2, 0x541e, &(0x7f00000003c0))
openat$sndseq(0xffffffffffffff9c, 0x0, 0x40041)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x2, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5, 0x8}, {0x3, 0xd}, {0x8, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x40004)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r3, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4045080}, 0x4000884)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
recvmmsg(r4, &(0x7f0000004b40)=[{{0x0, 0x0, &(0x7f00000017c0)=[{0x0}, {&(0x7f0000000200)=""/199, 0xc7}, {&(0x7f00000007c0)=""/4096, 0x1000}], 0x3}, 0x5}, {{0x0, 0x0, 0x0}, 0xffff6e84}, {{0x0, 0x0, 0x0}, 0x4}], 0x3, 0x2, 0x0)

50m35.77359964s ago: executing program 33 (id=267):
socket$nl_generic(0x10, 0x3, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000940)=<r2=>0xffffffffffffffff)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setregid(0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0x7c81, 0x0)
unshare(0x2a020400)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0xa000, 0x1da)
r4 = socket$inet6(0xa, 0x1, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f00000000c0)={0xc, 0x0, 0x0}, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f00000005c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e22, 0x0, @empty}}}, 0x108)
read$FUSE(r3, &(0x7f0000000040)={0x2020}, 0x2020)
close(r3)
fsopen(&(0x7f00000000c0)='hfs\x00', 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5b5d, 0x116245af0baa48c7}, [@IFLA_AF_SPEC={0x4}, @IFLA_ALT_IFNAME={0x14, 0x35, 'wg1\x00'}, @IFLA_PROTO_DOWN={0x5, 0x27, 0x1d}]}, 0x40}}, 0x0)

38m4.785557337s ago: executing program 34 (id=5301):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd25, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1}, {0x0, 0x0, 0x800}, 0x9, 0x0, 0x0, 0x0, 0x1, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@broadcast}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0)

37m23.677470151s ago: executing program 35 (id=5612):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
io_setup(0x7, &(0x7f0000004200)=<r1=>0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x81, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = eventfd(0x5)
r5 = eventfd(0x3)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000280)={r5, 0x4, 0x2, r4})
io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x5, r0, 0x0, 0x0, 0x2, 0x0, 0x1, r5}])

35m28.971319042s ago: executing program 3 (id=6369):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x200000, 0x0)
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x65)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000002c0), 0x101081, 0x0)
dup(r2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

35m13.601672228s ago: executing program 36 (id=6369):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x200000, 0x0)
madvise(&(0x7f0000597000/0x1000)=nil, 0x1000, 0x65)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000002c0), 0x101081, 0x0)
dup(r2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

33m0.225704438s ago: executing program 37 (id=6827):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180))
syz_io_uring_setup(0x44cd, &(0x7f00000002c0)={0x0, 0x5331, 0x10100, 0x400000, 0x3c3}, 0x0, &(0x7f0000000140))
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, 0x0, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
getsockname$l2tp(r5, 0x0, &(0x7f0000000140))

30m0.079139887s ago: executing program 38 (id=7877):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'veth1_vlan\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8088000}, 0x40000)

25m51.29187774s ago: executing program 0 (id=10488):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/dev\x00')
pread64(r3, &(0x7f000001a240)=""/102400, 0x19000, 0x1000000000)

25m49.857195552s ago: executing program 0 (id=10492):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x4, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xffb0}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x1, 0x3801}, {0x2c}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)

25m48.65318162s ago: executing program 0 (id=10494):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406c256d0000000200000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x14, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="002205"], 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3c01}}, 0x0, 0x0, 0x0}, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1000016, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

25m45.30659345s ago: executing program 0 (id=10506):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000201"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0x2000300, 0xe, 0xfffffffffffffc9e, &(0x7f0000000180)="74fa40b249c0d585699ce70fac7b", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

25m45.122416034s ago: executing program 0 (id=10508):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18a8000000000000000000000006000000181100", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

25m43.886531803s ago: executing program 0 (id=10512):
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000240)=0x8000000000000001)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r4=>0x0)
io_submit(r4, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x1, 0x0, r3, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])

25m28.476447509s ago: executing program 39 (id=10512):
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000240)=0x8000000000000001)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r2, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000004882, 0x0)
io_setup(0x1, &(0x7f00000004c0)=<r4=>0x0)
io_submit(r4, 0xf3, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x1, 0x0, r3, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}])

17m1.14658097s ago: executing program 1 (id=14182):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$HIDIOCSUSAGE(0xffffffffffffffff, 0x4018480c, &(0x7f0000000140)={0x1, 0x200, 0x6e5, 0x80000000, 0x1, 0x3})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, 0x0, 0x4051)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x181201, 0x0)
r1 = socket$kcm(0x1e, 0x1, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x40040)
openat$ppp(0xffffffffffffff9c, 0x0, 0x208400, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_mptcp(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000003c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001b700)=""/102392, 0x18ff8)
clock_nanosleep(0x2, 0x1, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x0)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x1f)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x8a, &(0x7f0000000040), 0x44)

17m0.948928485s ago: executing program 1 (id=14186):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x805, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(0x0)
syz_pidfd_open(0x0, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
sendmsg$IEEE802154_LLSEC_DEL_KEY(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x800, 0x70bd25, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004000}, 0x80)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(r1, 0x0)
setpgid(0x0, r1)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={0x0, 0x0, 0x8}, 0x18)
recvmmsg$unix(0xffffffffffffffff, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000003700)}}], 0x1, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}}, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x800000000000001)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)

17m0.626517709s ago: executing program 1 (id=14190):
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
prlimit64(0x0, 0xe, 0x0, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, 0x0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x9, 0x0, 0xe7}}}}}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r4 = dup(r3)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x6, 0x4, 0x9, '\x00', 0x1})
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

17m0.330413026s ago: executing program 1 (id=14193):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000080)={0x2, @short={0x2, 0x2, 0xaaa1}}, 0x14)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000580)=[@in_dx={0x82, 0x20, {0x1961}}, @rdmsr={0x32, 0x18, {0x9ce}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x2}, @set_irq_handler={0xbe, 0x20, {0xf0, 0x2}}, @wr_crn={0x46, 0x20, {0x3}}, @set_irq_handler={0xbe, 0x20, {0xb5}}, @set_irq_handler={0xbe, 0x20, {0x65, 0x1}}, @wrmsr={0x1e, 0x20, {0xac0, 0xe1}}, @in_dx={0x82, 0x20, {0xfe99}}, @set_irq_handler={0xbe, 0x20, {0x31, 0x1}}, @rdmsr={0x32, 0x18, {0x287}}, @out_dx={0xaa, 0x28, {0xb78c, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x9}, @in_dx={0x82, 0x20, {0xae4d, 0x1}}, @code={0xa, 0x59, {"3e0f01c266baf80cb838d89c80ef66bafc0c66b80e0066ef0f78ebb9fe0b0000b800500000ba000000000f30f30f5aef430f01f846d382006800004083d3c2450f380b7cc1d645f4"}}, @out_dx={0xaa, 0x28, {0x8c05, 0x1, 0x9}}, @out_dx={0xaa, 0x28, {0x2726, 0x6}}, @set_irq_handler={0xbe, 0x20, {0x49, 0x2}}, @code={0xa, 0x63, {"b9600a00000f323e2e36450fc75b65c462299741e466430f3a0dde00b8010000000f01d936f26f430f211166baf80cb818ffd38cef66bafc0cb8e27b058cef0f20d835080000000f22d8660f51870018190d"}}, @code={0xa, 0x6b, {"440f2159c482c0f398dab6000066b852008ec8430f01f8b9ef090000b88347d079ba71ef09570f30b8010000000f01d966baf80cb8d28ef783ef66bafc0c66b8edff66eff083143b8e36dbc3b9800000c00f3235004000000f30"}}, @uexit={0x0, 0x18, 0x2}, @wr_drn={0x6e, 0x20, {0x1, 0x3}}, @uexit={0x0, 0x18, 0x3}, @out_dx={0xaa, 0x28, {0x73b3, 0x4, 0xffffffff}}, @wr_crn={0x46, 0x20, {0x3, 0x5}}, @out_dx={0xaa, 0x28, {0x5be9, 0x2}}, @cpuid={0x14, 0x18, {0x8, 0xff}}, @uexit={0x0, 0x18, 0x4e}, @wr_drn={0x6e, 0x20, {0x0, 0xb36f}}, @wrmsr={0x1e, 0x20, {0xdc6, 0xbd93}}], 0x487})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000a40))
socket$inet6_tcp(0xa, 0x1, 0x0)
readv(r3, 0x0, 0x0)

17m0.050814835s ago: executing program 1 (id=14199):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_gettime(0x3, &(0x7f0000000100))
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000100)='clear_refs\x00')
r8 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000000), 0x4)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, 0x0, 0x0)
syz_genetlink_get_family_id$SEG6(0x0, r8)
writev(r7, &(0x7f0000000480)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat$cgroup_int(r0, 0x0, 0x2, 0x0)

16m58.323199324s ago: executing program 1 (id=14208):
syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0xc91, 0x0, 0x9, 0xfffffffffffffffe, 0x10c, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
r6 = socket$netlink(0x10, 0x3, 0x4)
write(r6, &(0x7f0000005c00), 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0x1000})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0xa0, 0x0, &(0x7f00000015c0)=[@register_looper, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x68, 0x18, &(0x7f00000016c0)={@fda={0x66646185, 0x5, 0x0, 0x3a}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2}, @fda={0x66646185, 0x2, 0x0, 0x24}}, &(0x7f0000000180)={0x0, 0x20, 0x48}}}, @dead_binder_done, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000001500)={@fd, @flat=@handle={0x73682a85, 0xa}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x2, 0x32}}, &(0x7f0000001580)={0x0, 0x18, 0x30}}}, @release], 0x0, 0x0, 0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)

16m43.903545589s ago: executing program 40 (id=14208):
syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0xc91, 0x0, 0x9, 0xfffffffffffffffe, 0x10c, 0xfa11, 0xffffffff}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x8000000)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
r6 = socket$netlink(0x10, 0x3, 0x4)
write(r6, &(0x7f0000005c00), 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000440)={0x73622a85, 0x1000})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0xa0, 0x0, &(0x7f00000015c0)=[@register_looper, @reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x68, 0x18, &(0x7f00000016c0)={@fda={0x66646185, 0x5, 0x0, 0x3a}, @ptr={0x70742a85, 0x0, 0x0, 0x0, 0x2}, @fda={0x66646185, 0x2, 0x0, 0x24}}, &(0x7f0000000180)={0x0, 0x20, 0x48}}}, @dead_binder_done, @reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f0000001500)={@fd, @flat=@handle={0x73682a85, 0xa}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x2, 0x32}}, &(0x7f0000001580)={0x0, 0x18, 0x30}}}, @release], 0x0, 0x0, 0x0})
socket$nl_netfilter(0x10, 0x3, 0xc)

14m51.48413285s ago: executing program 4 (id=14816):
dup(0xffffffffffffffff)
pipe2$9p(0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000100)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfff}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, 0x0, 0x0)

14m50.211468777s ago: executing program 4 (id=14825):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100"], 0x128}, 0x0)

14m50.116895354s ago: executing program 4 (id=14829):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x58, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x4}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x58}}, 0x20044000)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x18)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x388, 0x41d9fda7)

14m45.998798732s ago: executing program 4 (id=14836):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0xe0000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)

14m43.87665203s ago: executing program 4 (id=14844):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000302000/0x2000)=nil, 0x2000, 0x62)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x18)

14m42.535873727s ago: executing program 4 (id=14846):
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x4000}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x8080)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000048040)=""/102392, 0x18ff8)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
futex(0x0, 0xd, 0x1, 0x0, 0x0, 0x2)
getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe)
r2 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
syz_emit_ethernet(0x4e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = dup(r3)
listen(r4, 0x0)
io_setup(0x4, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xfffc, 0xffffffffffffffff, 0x0}])
sendto$netrom(r4, 0x0, 0x0, 0x20000004, 0x0, 0x0)

14m27.158277678s ago: executing program 41 (id=14846):
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x4000}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x8080)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000048040)=""/102392, 0x18ff8)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
futex(0x0, 0xd, 0x1, 0x0, 0x0, 0x2)
getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe)
r2 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
syz_emit_ethernet(0x4e, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = dup(r3)
listen(r4, 0x0)
io_setup(0x4, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xfffc, 0xffffffffffffffff, 0x0}])
sendto$netrom(r4, 0x0, 0x0, 0x20000004, 0x0, 0x0)

11m46.097387778s ago: executing program 2 (id=15822):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
dup3(r2, r1, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x100, 0x1})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, &(0x7f0000000140))
mlockall(0x7)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000001000)
brk(0x400000ffc020)

11m43.394538783s ago: executing program 2 (id=15848):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_crypto(0x10, 0x3, 0x15)
syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000009c0)=@o_path={0x0, 0x0, 0x10}, 0x18)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="020000000400000008000000010000008000", @ANYRES32=0x1, @ANYBLOB="0f00"/20, @ANYRES32, @ANYBLOB="01090000000000000000000000275ede00001000eba500"/39], 0x50)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, r4)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x2, 0x34005}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="01180200031100002800128008000100736974001c0002800800"], 0x48}}, 0x4048084)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
connect$ax25(r1, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)

11m42.782470815s ago: executing program 3 (id=14885):
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x4000}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x8080)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000048040)=""/102392, 0x18ff8)
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, 0x0, 0x0, 0x0)
futex(0x0, 0xd, 0x1, 0x0, 0x0, 0x2)
getgroups(0xfffffffffffffdb2, 0xfffffffffffffffe)
r2 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = dup(r3)
listen(r4, 0x0)
io_setup(0x4, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0xfffc, 0xffffffffffffffff, 0x0}])
sendto$netrom(r4, 0x0, 0x0, 0x20000004, 0x0, 0x0)

11m40.451820186s ago: executing program 2 (id=15876):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = mq_open(&(0x7f0000000000)='upperdir', 0x1, 0x6, &(0x7f0000000040)={0x480000000, 0x3, 0x1, 0x8})
r4 = inotify_init1(0x0)
r5 = inotify_add_watch(r4, &(0x7f0000000200)='.\x00', 0x400)
r6 = dup(r4)
read$FUSE(r6, &(0x7f0000002280)={0x2020}, 0x2020)
inotify_rm_watch(r6, r5)
getpeername$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095", @ANYRES16=r3], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, 0x2, r6}, 0x94)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000400), 0x0, &(0x7f00000003c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@volatile}, {@nfs_export_on}]})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x418, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@unspec=@helper={{0x48}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x478)
syz_emit_ethernet(0x5e, &(0x7f0000000ac0)={@random="011e5c5dbbc1", @local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "91eb00", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2}}}}}}, 0x0)

11m39.002130056s ago: executing program 3 (id=15882):
symlinkat(0x0, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140004"], 0xa4}}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
shutdown(r2, 0x1)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xfc}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$team(&(0x7f00000002c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000040)={'team0\x00', <r8=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x58, r7, 0x1, 0x0, 0x25dfdc02, {}, [{{0x8, 0x1, r8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xc}}}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x4c0c4)

11m38.761387433s ago: executing program 2 (id=15884):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, &(0x7f0000000140))
mlockall(0x7)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000001000)
brk(0x400000ffc020)

11m35.438457469s ago: executing program 3 (id=15889):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb47, 0x9, 0x8, 0x80000001, 0x3}, 0x0)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
ioctl$TIOCMGET(0xffffffffffffffff, 0x541e, &(0x7f00000003c0))
openat$sndseq(0xffffffffffffff9c, 0x0, 0x40041)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001a80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x2, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5, 0x8}, {0x3, 0xd}, {0x8, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x40004)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4045080}, 0x4000884)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)

11m35.405555294s ago: executing program 2 (id=15890):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x58, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x4}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}]}]}, 0x58}}, 0x20044000)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000302000/0x2000)=nil, 0x2000, 0x62)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x18)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x388, 0x41d9fda7)

11m33.534954226s ago: executing program 3 (id=15909):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x2, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000240)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0})
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_sco_SCO_CONNINFO(0xffffffffffffffff, 0x11, 0x2, 0x0, &(0x7f0000000140))
mlockall(0x7)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000001000)
brk(0x400000ffc020)

11m32.617967937s ago: executing program 2 (id=15912):
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001280)={0xffffffffffffffff, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x14, "fee8a2ab78fc179fd1f809000000aca7ca64c6a4b4e00d9683dda1af01000000deff1200100000000000000000000000000800", "2809e8dbe1b22d0000b420a1a93c7540f476779e0117613dd4070000ebff08000000000000000000020000000800000000faffffff00", "e7460000102000000000e4440000002000000000000000000000008bd02800", [0xe0]}})
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

11m30.768010327s ago: executing program 3 (id=15922):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}}, 0x14}}, 0x20044000)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000302000/0x2000)=nil, 0x2000, 0x62)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x18)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x388, 0x41d9fda7)

11m17.718489913s ago: executing program 42 (id=15912):
socket$inet6_tcp(0xa, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f0000001280)={0xffffffffffffffff, 0x0, {0x2a12, 0x80010000, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x14, "fee8a2ab78fc179fd1f809000000aca7ca64c6a4b4e00d9683dda1af01000000deff1200100000000000000000000000000800", "2809e8dbe1b22d0000b420a1a93c7540f476779e0117613dd4070000ebff08000000000000000000020000000800000000faffffff00", "e7460000102000000000e4440000002000000000000000000000008bd02800", [0xe0]}})
socket$netlink(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

11m15.204143321s ago: executing program 43 (id=15922):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$PPPIOCGIDLE(r0, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x14, 0x0, 0x1, 0x401, 0x11, 0x0, {0x2}}, 0x14}}, 0x20044000)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000020000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
madvise(&(0x7f0000302000/0x2000)=nil, 0x2000, 0x62)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x18)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$pokeuser(0x6, r7, 0x388, 0x41d9fda7)

44.61129618s ago: executing program 8 (id=21614):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r1=>0x0)
sched_setscheduler(r1, 0x5, &(0x7f0000002200)=0x81)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0xe0000, 0x0)
getrlimit(0x3, &(0x7f00000001c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000001000)={{0x1, 0x1, 0x18, <r8=>r2}, './file0\x00'})
lstat(&(0x7f0000001280)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r9=>0x0, <r10=>0x0})
lstat(&(0x7f0000001340)='./file0\x00', &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0})
sendmmsg$unix(r3, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000240)="c72369decfd2f5aaf560af963e147ac012a60150483969d96124e82b4d4589e22570b2f7188a70f29e0e0a2fb06efecf113e232417cc0531080d1e8f6c074d58a540a9253d7a15fc1445732c32108e3da451ea2ed33b6fd7926d44bb743f9ef2972caf96973eff1540c8fe7e4ca6044a6c2c6e37c18ed6ad779e8e48171019f4c843bc9762df99cf8212454a82a7ddcfd239630fb9f804", 0x97}, {&(0x7f00000003c0)="0ff8b78a7299dfebee32ff226df637ce23c9f0722721cee9e78f0fd06ac5b545fcca23a4d9923f5b8e5c322919f350ec79e3048892db8e876ad22c685b611548a2b84d57e33c8c49e694b50882cdbebcf225b16df4679730544e1f7d4cb42989abcc997da334396db44bd4c3744300b95d0f8fb3e34d02285158d9b283f41215f4a04694e5d7e9b098db27cd5f24ca4e6b656c29e80eca6b435c52139d97b724548185137363fd66273a4fbe10382bab67a7e9f4d22e991cafd89f4722435bf20c29185817f89e68640cf4466904ebdc9a947dc8849765c0a2", 0xd9}, {&(0x7f000001b700)="e29866f8e3e5dff8f07fc6f780ed46d0848a8eb1ac2bce1f8eea37fd363a0e482024136410148493074e748287133904d1cfec6ba963e094bf3edbc78bbf4d68feead7290af43488c8ceb459cbb10d5c466130096dae527e553f420262d300756b390d2973997efaf85f97c23942bedc1ece7ec2d75b5df7815bfd0c9f62c19b43cb0aa804f18c16aba10fc40088d7611df731b03fa25a24bec65d0ec8578766c66bda5985476babf1148683cda001c5a332d11e5e4fa30adb9d69baaab0897e7e90712f7efe1221d442b6d47f3118cba824a991bcbeb64dae27558ffc4208b22625fda329c41a728b9a5103fa7faa94f218a40a884b3d9318299e9fb8ac455d20cb29d407e8da06abaa0718b7bb98d31581a771289454ddc802bdea1c98b94b028d97ad4018321b77342ae02373b52344346a8790432412d1ab9f5eb15a4ea8db633c31261da37f86566b8a5e23fd4c7d3fb3d6a8569a39d334fa22908c3fe409bd00bf5185be6c731e83fe9ac5b29945ed4c5274f6415bcaca98fbd1f33bc2f33ba88eba8fe6d0906047eb3e9e852f917b9a2d72f463b3387a8af65410584127d33d2e7b634734b6fd21ec6bfa80a0591757533c89cffd877f9bf155f9095c26b87b73d6aca7864668e74f4e5fb80c4c3c4d6454306b07886b720b239eae657fd1ae555e553b5a81e7950adad0057cf527df5bb3b978fec08ec2a25cd3312e89052d98abcfdf236b01d9377adf7aa581ea1a953a7311c21575154b7509ce366bcca5fbf2ada7c741c568e4256b56ca832d38fe54290d05491150dab8c2bad867a02676b0a99b3b0b6f14046aa5a1b8adc740d7c6a4e62816eb160e98c146e0e5e33797bc874f8bb89a2b7b10d75cc36e976eacea1fa44d56aa1bb939a90dd2bd59525c67f88a48a93e4d200e0bf70c91dfa651f19b23a50e6b28d2ab8c06831a68a4a422a67c2b81ecd356a7616c9ea358dcaadccee29d74f80084c06b70ecda6740caedba84c85d1e41d53414d5272ba57b52cf33a328e2447486b210fafcd856e55155e04617a897307393fb00cc5cb182edf7b979f920dff65d616137cce7cf8064a21f656912471190435e99d5605a238ce84fd9bac0d4bc84e8045ef835f31a99934d95e504cb4a957d8dd5775b155e61b9a9fa56ef975465262d1d7def81d062c36f9c989f9b144b596356adf00babafc1ee3db364aa0eccb1b002c184d79c48bfa0ab91d21e03cdc931945c618c545f2b1065178d75844713ca225e500645afc51d3b1c81818b3e2cefcd520727e1e3a08b0b5cf4499cfe7a5db4d370ce11cd6e941aa9fb79f686f5a8d883c2cd3f4dfbbce04f5f7c0f64e3e645765ca3172e309a3a55bbf7f79b497204b5da26b9b5c12e164e92f61913c86fd6c863d33336e2b50333892930b225373f8c7772845745b9947f91328e8484eb3c28a099dffe513fed2ff742cc6157e10290e33f23bced711dece9ae39678a4cbabf8edbcefa3890d62022a7240be3a010aa3583586ec9ff541e5177d66d332cf35549096abdb7f4037c3d84a12f362caa12a4cedc841b3c6d5d27623e711f8b91dfb21ea4567ea011a8b53ee289ac2c5584ab9f6cd6bcd162c006e76979d79867ff290787470dd3d8a7ddf65aa9b36994a58c880499d9d222852dd25c4400e7c734f32e9e918c3bc616cb084e07a31c16619bb0a6d87254bc319512888f473c88bd67fa64fbd54b4798ea8bf71f3b3faab30ecb4f024dd5e89100d6b030445745c20f2c8320ad4b77bf8ce016281ec07c68a8092425d1065b129fb1fcdb3e2bbb59f51c16a6fec2e5156c648935e5f18adf807d44bbcc34dc6128f7c78ccdc7cedcf7240a1177713a7a0b2b836d7b6073e664092e9e2edbb8b865962ed61bde9de9001ad4ae4f1016fdb681eb6a6834f95006cbf7627630ee245c34e102906df892e224337ea380a580a438f381cfb860f23ad6aa8da6585bd27d72c2ca8d0a258b78c638ff2451b6678c507de607ac0fc315876941f00729c73e325c80d7d1e784275debc809756bc220421db5a85794b7409edd607fc9ef2bc0dad5ffb7a6dd9a3837f966781de58f4f99df52c0dc98e94abc5a8f0c3a63d50d6ed30bea5d9efab9537a151f89f16a138c15dd1f12aa4deaf01023acb9a76b0929de9185d294ed37bad793b9ecaf578c9638f28417af7e2734691162de1245927cc86c1c2a67e78398ab7556078a97581f9310ffd27da903b1d9cb3f8dbfcd71243e4cdd5228d7b9983f1054320f42e29549530e5b6a145b85721a67e38fa73044066f56a55c99eae6c948a16460e566289638e493fedbd206e020f0c06d8f2ede9f7dcd8a77eece08d0e21d7c787d7aa17da66b9eb55a0ed03402fe797008de63bdb013fa0159cc7f452035f484674cdf6192ac82e48b5303e1060477d392255eb33c41393647d5e5f45c019172a56aa263822b0d2b8939a50eb537dbdeec77b912b7ea27dcc2f0d2036763e5e140cb671786747e032b83beed53e7420e1e3c6fd016c4e6469d7b88819c5e73d07374573082ad9b342f9edd9249e8761d456914257f2e0cd517788b303e5caa76fcd08a9b03acc6de75b2d39af94a3f998a6e0950d76844948cd686d28717b74c4cad884d5d0d59bad1e1ddbd1017af44aff4de71887fc9b56031712b71dd4cf9fc0cb97aeb60e185dd172ea2967c7ec589dd2db563ffb36ff600dc1758922a3a78bab24b1bdd4170dcf7fca6ffbed634de14a87898850887b575e37f84121476268acacd26e50c4a0824c3e1bc512418e19b2de2f200a415c6af86828487aaf777cb19df82f4a22c711e7f729ab45c64ef172c6df18d5198a34f72a43306ee426b3cf4a01963faeaf1495913f46f8cac207327e8ef575b032a886e86f6c953052f605925786d599e873c59e901664e9e904d4956e8288a366c6797430b67ce066cdf4966e55cc7f61fd3d31b3c79c07f846aa39586614bc197c82ce8b9833ba9ac1683e66fe913917f7ce6a97e40bf2255758b19d22fa147f18bb87077fcc606d1452cd0f59f2e47dc949a838e50f0928b78d4259616c8c80875c3a4f99d06151ea9703eb4357c5c72a7d9a756e551f7ac9df9ff286d06182975370dfa31ce1817745efc86f4f01de33be8fee667a2bca66b903924cb41a535eeee0c8320b2097f093166c685ff80e7cd90a77244f53926556b97ad0d6c90fa79ee6290172ddade9094d3d89042aca7748474a3ac77f621cefaa5b3146554b7708f7a49e9f4f4f9ffd5ba95713ce7572e69758b6e9ce52a8e149666b2a4a1736d30b5ea93d8f30933b1cc82f553146f12764c7be646ba7d26f100510d3889e7f1d73a7f215b014bec822a090564764556b580cffb915ae51ce69aab5630b10d07fe8208f2113297ada50dc66e63d1e5cf1e0259ee1a0c70e56bacff027445c068c4d9e038c7ec621614d8d15cf43d7adb0fbcee3837918328f948a7f9ca0932f97a61bf0e329ea434ea560c8228d8f907324824aa757d0df5e5e67b50a9504e54665adb33619ec85fe57c9a05511fbd6391848901e53be7acbf956579f5f580c3e4e8399d7f6df4d9a18675ef7d4988f620ed21664c0bef87082d58e018f8228af30886b8229d81ec9c208abf5f6e787a524bcb6d01d59026e2c7bb3a870396ddb0eefd356614b1446d968b09de15bff3e0cb6946f7c80a35a0a359d48ef764e2b6a9536929b1f671c60b644cf829d34105cbaa0bce7b7472d5728265088ffeb4dcac4a2200c1bb3f415f0704f4b8ed66f100e95691a180e1048e3651a4d0387c13296927f487ebb94c5108c7f8931993830153a0b84c5706ab9a391c1d8c06a7c3c9402ae1e4a8070e6932bb8a498518a2f8a27e318813304dbd86adca1a64b277aa45ebb147c339c6da85aa9885e5e9d8f4aacbc5ed169d857b9362cd599480088a22901704e457ea73cbe2d5689c5a6b3bcd8a942b0bedd8caf37b08a6bfc0041b1fef7f637f4d838f2149fefb330a89da702874c9091125c0eccc65945d6787d66b7e7780dfc28ca84dbaba6ed027842233f26f8d6a1cdb1ba3f89ad88fae5670e39621d6589e0978339b80356be8565955ca604b7ff0167920caa0b09a63bc4eb49e00c77b4a2d6be4be4c5fbd6829681ae6082b4fcfd5a811aca668251e1bdb94c24a9ad532ad86838a6614e2aec88e10b0e171adddb99e5f4051e085f0ce0222aea10338da31b59f9e9262e2bc2793c4d284c7008fa1babf636c9851849babebb3b1c835b93e142be97eafe982b4d1985ff7212d2fe5c6dcfaf058eeaac3b82d72b828032a7656d888a04735a43df6c25a219a2cdea0926c95eb086116bb2b49ff283960f544e44d1b5301adf10829c6956d8c596433fedfca994c509964650ed2c73d28ee8ec0c53deb22f8eeec10d751b95e2d9e57f22242af3b32b40fbebfb26063660ca2500a214122cfb09b77d62fa2105d61cc62594b94a2c05ff1dd117868e1371b11a0387f38192bedaf88bcb67390ee5d12e9a56bc1e33d6d56279d81fbb96fbd6561b1f0c2655c05ea85228b8a54d076d5065a1181caf699581cf83961d7e373e91eeb586a25228abb780ef12a16750e4cb31ba82e9116bf6971b5c5933f0641eea9beb41b5afe428484027c5532a939477566cfbab72cfdab1ef88ce6e3da7980ed8ed58e09eb72ab1659e5be102fafc4b073f514a7eef86d7d20a43ec9a13b47d24df7de7120040f5ea97a873c6aadb2ca921735b7b4259c4d1477dc31c61f3fb9a877507e36288e0f31d4bfdddbad6a2122929780a200780fa0ef569eb5181122d4f8aa4c959defdd4954de6b513ed696cc12c801e3d4cbba675692225ee0f0edab5746c7ad493a6106864171f25ddbfd6d9d149681b2c31a06333752527b065fa360d9920ac290891a0d0e65d54bd809594bc95113b276cd1c4361e2f3d9ef08a2db47edb24df3aee65885e1c8f9ec09e88c080488ded970170fb9a560a37930726708ebfa40288458bef1e20edcea0055641d41781a1d19474c162a6456c0cbffcce39d66f58cbcced9fe93c09418df2edfb613f9ba75cec5fbe8f7ea6064644f0658f764168c324fa56b3e5843f50735b98f30f5bcaffa115b42bdf5a8c2deb410c71f3a68f734ac0c980960abe61cb398d03f28f9e1bc81e9fdc308510442a9c3d9cc25dff63b69c289827c56aa7db8c0010c6351c839dd728d3e60962224b1201476f2ebfd914fd5e2eb8791dfd0b845a4966111af4833cdc36a60811da13b58bf0c846dc39b6cbf9165f0aa6e29a2539c0b461a80503c7a707471779be32a9b6e9901af2a4dfcbf54be44bf3b4854367d084da42a04264e39bcfdd99a258821a533f1376695278aa0a703738c1e9c344b45595068c505547860a0743d9bf017ca794763a040a4d1a0e6a13a5d1bdd8196d936be1184f630b1e106a9b303379804d89eb53284bfef125e0537147f0c7d976fb7cd8842f8e3e5718047ecb4bb51148e727a41b277668decf63d1d28ad6fc8f31de687efc193f07383e19974f142a2bcb1d4103ba13ff92c72cd027738be6bc8c5925c17dfa78c2bbec428f8759731211072af72b365aef7ec1361b43be7d8c89c8f3812092c06a80bc64b874809c3dabfef21e01cf3aa9f17caa24033d2d9620dfd7c648ac35e477d02cd43224da032a936f8c9a41ae6c2b2480e68f6f39c516dcd6a91a38fe1b29f35ade7a09bfd2a528706308b67c02c1ad9d607c29db726e6b5526cc85eddf3230ad3307f75c65608eada82d213b94dac797e96e7ba69dd2c", 0x1000}, {&(0x7f0000000540)="8306b494c09043fff6246e4927296cf7dd7b1179dbf3b39c8f409c8db778264993789572027f6886e7146991b0df51e100e9c6f44d6a474119d8938ca9909388fe8e91f142b6081df4910c2ee8a9a255c8bf26b0089bc1c754a7569c7626a2d5368a36e48cd631517d90b5cfde51c5acbd4ae5e56eb3cb5eb104c726ddc06dc1cdf622a4a0aef115c50207123193c3e51fa1356754f2e2ff201848ecd4a0aba3ca19b6b2f11c0d4c030d9ffe410339e5261446db9d28808503235903", 0xbc}, {&(0x7f0000001400)="d53b31594758d56cbf880b698f3d6b5fba67867b68447e05662c44315e3c01cf39fe4fd120ad377a126082a93c94a950bf2c5ac3ce9d913375841b810d70893a16fd43882bc5475ca93156536a8c560a2d7bd8c5f854fcd99736742cbbed512e934616380f5275183bbd35738ec51d", 0x6f}, {&(0x7f0000000600)="332098e68e9e04ba325ac3e218a55635784966688b063859e352daef49d0385a9f75322ca0d1e69e8b6b43ecf92d98867aa02d5abb9ff95f5980f452a8aa62c448e83c1ca1563ecf15ff6d9c6793bd8fa2bc652c5b6786b0c5923aa11f72e5285be219e1bed79f858df524f8b98284780f15b849ed66d441c3d4f9c0e4db4de2c446287ff394450a6fd565919e1b188cb23f049fc620f51d34456a7533e5223aea29465aba8aa8a760d4051e767e68e66d2f872f8f064d6ff01ef14e5ee1ec2da8eee9eb5077aee43ae4b639100ddb828ba141d0", 0xd4}], 0x6, 0x0, 0x0, 0x44}}, {{&(0x7f0000000a00)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000000f40)=[{&(0x7f0000000700)="e3", 0x1}, {&(0x7f0000000a80)="9e7e43f382bafa064352e8297ddbd9755c5a43178ad6acb22643a2b9bf1d7a818962adbc9b786aefc6f6dfe722edf3c2c07e9820", 0x34}, {&(0x7f0000000ac0)="0e3335c36f9fc80a0dd5926d59f10b1497f37b210d582f39fce6376c78f23edb59bbeabb84273d5338a7af4dee4894a656960ad0749d805f43523cca34a7", 0x3e}, {&(0x7f0000000b00)="4d25d0eadbcb3191bcdecd9b0e4b439fbf1e540ab5ba7c975f4a2063b912d719a9d3ffb14511d5c03eb4b7574bd8637298aeb76a24d2f9e45b222be3f5b3185d8ecaf54ccf50aaaf720598e15b9d0a1bd58379128f2666b8dcf391fa01ac06e45be006f89c7bbb843926ba72f634efc9663f6950f0d7791c27d19eb33e8e108b2a5f10e093385e055de52d97b04f3438c5cfe2336810bd6493db80122d8009cc26f189633bde5e82b2f00394d7b6307081c4d5d62e4339fc8efa", 0xba}, {&(0x7f0000000bc0)="98bcf31a8c3d3c905444472d4dd5a34d822c030787329c06d53c37c9c2e49bec37214ca746f139491564ad8aab557ac6c771fbf2a1795989e270adfc89c8f3457d0df0bcff96d6adf663b21e42859b6d0110e8ed79c5a2d07a579cd4a9d7fb3394c5e4cd1ad9f3031513fc8cb1f3cbc57e5ac056c57455ef1427d52ddb1c4b14da7b20d8c50a1ff0d4988c1efd429dc81d0efb767088ccec54dea0d36bbe1b66d4ac20d41e71e0e6d0e93ab29dd76d47e4704c0ddbd39a3da6ea91e9cac4d68b83e72fcd05058a460d0cbe869d0583d679793a", 0xd3}, {&(0x7f0000000cc0)="9b893b98320b7b40ab0097bd64c0f45fe981d700dc55e13962", 0x19}, {&(0x7f0000000d00)="f8b61241011120184239eb00116f5a41d2b2512fa92df1678628d2633ec6057bc22e8f60ed8f2d22ec", 0x29}, {&(0x7f0000000d40)="bd510bdfb76835891616390adbb60cb66656e73d659f8f6f6f15228bc007cec3df50727a983f955a38770363f910a946636baf6cd4e69ce6b8c4a1b92430b6628befab10", 0x44}, {&(0x7f0000000dc0)="e8646adb872c2e4202c906472cb960ee2731223d11fa34f929e609a0d816aa11499b92424dce857bc964dfbb31112aa839a79f5018eac8e932e90e3cd75b20465b64981de69a7ea106cd66aa736c3e2829279b63684985d200907f1ffd19200c8c18ac13662946a1220fafeff57fde846f295c3ff268e1b181fa36efd60704c7d2e9eb33ea0b38a35db6480bb292e73a06ee10e790ddcfe7dc3b0e053f85d8bc0add7ccca45268f45ef6455e23a8111b", 0xb0}, {&(0x7f0000000e80)="a60e8f58c685a1cdd790a6223f70f425ee337fd136fef50c8644a4874b69f226d39e9db7361ee4e75fb4645629f3aa4d73a53db10b629b9681e3fb5d146c897cb000f2f3fc911afc27a3876024d8770c08e8e771055ab00d1caf17cb504cee3aa71350ef12deef002894d4ff5128714787ea9ca68973f0ae7b9ccab8246bd27e03", 0x81}], 0xa, &(0x7f0000001040)=[@cred={{0x1c, 0x1, 0x2, {r1, r9, r10}}}], 0x20, 0x30000015}}, {{&(0x7f0000001080)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001240)=[{&(0x7f0000001100)="93be3dcad4be77f7bec38af42b86b1591aedbefa22427aa754241f7e524c60ab564884675e8e1c2dcaea7a2c8ef0ad16a5e82e8d65942c5d4a5b1a4611622b3bdaf92fbd203efb2ce1fe8cc9ea0499e634ebc926b0f47ef1981e3f11576a76972a04ca66b6de29b11cd1f5d753954c8cbd997be43728c4573b571f78ead116c11168a52ef4f14db6c3acbcecd4", 0x8d}, {&(0x7f00000011c0)="6662284482ca5ca67934d73e8d33646ec03e93d348f26a6a68c4622814db60125de2d6e1fd00f29fb1d9be4ec19289f8794488572733ed90d9744bfb624375bd4a5307661ce8fd4620a4828fe5ef30ae4a3e6a4da9", 0x55}], 0x2, &(0x7f0000001640)=[@cred={{0x1c, 0x1, 0x2, {r1, r9, r11}}}, @rights={{0x1c, 0x1, 0x1, [r3, r8, r4]}}, @rights={{0x20, 0x1, 0x1, [r4, r6, r8, r2]}}, @rights={{0x14, 0x1, 0x1, [r7]}}, @rights={{0x20, 0x1, 0x1, [r2, r3, r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x30, 0x1, 0x1, [r2, 0xffffffffffffffff, r7, r0, 0xffffffffffffffff, r8, 0xffffffffffffffff, r2]}}, @cred={{0x1c, 0x1, 0x2, {r5}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}], 0x120, 0x8001}}], 0x3, 0x20000040)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r13, 0x4020aeb2, &(0x7f0000000740)={0x0, 0x12c, @pic={0x0, 0x0, 0x0, 0x0, 0x1}})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00}\x00'/28], 0x48)

42.2545539s ago: executing program 7 (id=21637):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500))
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}}, 0x20}}, 0x884) (fail_nth: 1)

42.170644568s ago: executing program 7 (id=21638):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x9c000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b66, 0x12, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x8a05f664f2838ea, 0x4})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x840)

42.039581706s ago: executing program 7 (id=21640):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x52, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x4c07e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r0=>0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_open_dev$hidraw(&(0x7f0000000080), 0xfffffffffffff0aa, 0x418000)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0x4}, 0x10, 0x0)
read(r1, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.1GB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
io_submit(r0, 0x0, 0x0)

40.749100048s ago: executing program 8 (id=21663):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1d19cb307b3472ab9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x18}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x7, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
mount$9p_fd(0x0, 0x0, 0x0, 0xa, &(0x7f0000000100)=ANY=[@ANYBLOB="7472618d733d6664"])
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2, <r3=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1009, &(0x7f0000002500)=""/4105, 0x0, 0x48}, 0x94)
recvmmsg(r0, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001400)=""/226, 0x94}], 0x1}, 0x5}], 0x1, 0x10000, 0x0)
socket$inet_udp(0x2, 0x2, 0x0) (async)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) (async)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c045942824251d7d17b5191584bcd4fbe40a23424d", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1d19cb307b3472ab9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x18}}, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x41000}, 0x94) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x7, 0x0, 0x0, 0x41000}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) (async)
mount$9p_fd(0x0, 0x0, 0x0, 0xa, &(0x7f0000000100)=ANY=[@ANYBLOB="7472618d733d6664"]) (async)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2}, 0x4) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x11, 0x10, &(0x7f00000003c0)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}]}, &(0x7f0000000240)='GPL\x00', 0x4, 0x1009, &(0x7f0000002500)=""/4105, 0x0, 0x48}, 0x94) (async)
recvmmsg(r0, &(0x7f0000002a40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001400)=""/226, 0x94}], 0x1}, 0x5}], 0x1, 0x10000, 0x0) (async)

40.695106589s ago: executing program 5 (id=21666):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000080)={0x2, @short={0x2, 0x2, 0xaaa1}}, 0x14)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000580)=[@in_dx={0x82, 0x20, {0x1961}}, @rdmsr={0x32, 0x18, {0x9ce}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x2}, @set_irq_handler={0xbe, 0x20, {0xf0, 0x2}}, @wr_crn={0x46, 0x20, {0x3}}, @set_irq_handler={0xbe, 0x20, {0xb5}}, @set_irq_handler={0xbe, 0x20, {0x65, 0x1}}, @wrmsr={0x1e, 0x20, {0xac0, 0xe1}}, @in_dx={0x82, 0x20, {0xfe99}}, @set_irq_handler={0xbe, 0x20, {0x31, 0x1}}, @rdmsr={0x32, 0x18, {0x287}}, @out_dx={0xaa, 0x28, {0xb78c, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x9}, @in_dx={0x82, 0x20, {0xae4d, 0x1}}, @code={0xa, 0x59, {"3e0f01c266baf80cb838d89c80ef66bafc0c66b80e0066ef0f78ebb9fe0b0000b800500000ba000000000f30f30f5aef430f01f846d382006800004083d3c2450f380b7cc1d645f4"}}, @out_dx={0xaa, 0x28, {0x8c05, 0x1, 0x9}}, @out_dx={0xaa, 0x28, {0x2726, 0x6}}, @set_irq_handler={0xbe, 0x20, {0x49, 0x2}}, @code={0xa, 0x63, {"b9600a00000f323e2e36450fc75b65c462299741e466430f3a0dde00b8010000000f01d936f26f430f211166baf80cb818ffd38cef66bafc0cb8e27b058cef0f20d835080000000f22d8660f51870018190d"}}, @code={0xa, 0x6b, {"440f2159c482c0f398dab6000066b852008ec8430f01f8b9ef090000b88347d079ba71ef09570f30b8010000000f01d966baf80cb8d28ef783ef66bafc0c66b8edff66eff083143b8e36dbc3b9800000c00f3235004000000f30"}}, @uexit={0x0, 0x18, 0x2}, @wr_drn={0x6e, 0x20, {0x1, 0x3}}, @uexit={0x0, 0x18, 0x3}, @out_dx={0xaa, 0x28, {0x73b3, 0x4, 0xffffffff}}, @wr_crn={0x46, 0x20, {0x3, 0x5}}, @out_dx={0xaa, 0x28, {0x5be9, 0x2}}, @cpuid={0x14, 0x18, {0x8, 0xff}}, @uexit={0x0, 0x18, 0x4e}, @wr_drn={0x6e, 0x20, {0x0, 0xb36f}}, @wrmsr={0x1e, 0x20, {0xdc6, 0xbd93}}], 0x487})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000a40))
socket$inet6_tcp(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
readv(r3, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000640)=0x10)
fsopen(&(0x7f0000000340)='afs\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

40.450936006s ago: executing program 8 (id=21670):
socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)={<r1=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f00000000c0)={r1})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000280))
io_setup(0x3, &(0x7f0000000040)=<r2=>0x0)
pipe2$watch_queue(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
io_cancel(r2, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x6, 0x0, r3, &(0x7f0000000100)="9b9e094f327f6dc2a44caddccc2a4b3b729fe5ef2ddb3a4722fc6dcbd9aed515b198282fb745372c984a824b5a8dc6a32b08a81c94fc70d5e653ea41b54d646f7bffc7891d6c6eac5cda53bd5c0e15ef495901e5ad3441cba62f402ed4963f997dfd24fca964f216a648d9ad3defb23a374286c99cdd4796ded5c79986af39ce6a1bf134f9318879257ace060000000000000035854dcb880e157a3804eb049a8f2f3bdb10713a1ae398c33a00"/187, 0xbb, 0xfffffffffffffffd, 0x0, 0x1, r4}, &(0x7f0000000240))
socketpair$unix(0x1, 0x3, 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r5=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r5, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r6 = mq_open(&(0x7f0000000340)='late_1\x00\x00\x00\x00\x00\x00\x00\x004\x8b&\x19\xc7\xff\xa1k8\a\x1c\xe2\xf0@\xebE,sD\xf2;SGK\x1bV\xb7%\xcc\x97!E?\x05\x90M\x8dO\xea\x8d\x9b\xa1-\xf0\xf7\xe3#X\x00\x00E\x15\xe4s\x98\xcf\x87\n\xdba\xa8\xb46', 0x8c2, 0x17, &(0x7f00000003c0)={0x7ffffffffffffffd, 0xb, 0xf, 0x6857})
mq_getsetattr(r6, &(0x7f0000000040)={0x0, 0x40, 0x4, 0x7ff}, 0x0)
mq_timedreceive(r6, &(0x7f0000000440)=""/90, 0x5a, 0x0, &(0x7f00000001c0)={0x77359400})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
getitimer(0x0, &(0x7f0000000040))
r7 = socket(0x10, 0x3, 0x5)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x4)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x8, 0x0)
creat(0x0, 0x88)

39.715393014s ago: executing program 5 (id=21681):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = epoll_create1(0x0)
epoll_wait(r2, &(0x7f0000000480)=[{}], 0x1, 0x10000203)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
epoll_pwait(r2, &(0x7f0000000040)=[{}], 0x1, 0xea5, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x9d32f4b220c67360})
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000002240)="2d12376647d788ad2cdbd0e68c140c7f72d35ae5869c470a1f53ea73c32220190e02cb0b770bb154d1d5d1b343cb1feadca1752e4397955e1a151721f1b28b9e32b7966f9ddd7ad3822c5ff3dc03786c1c86c2a6f7c271710c573396ca95e95a524201b0bf0539042ae14072693f9734306f7a21f92421e8e0ea335d07d1f2839c4c195930cd35c65dfc527de84f2cab4f0c78474734d7c5cba0c70ee0fd10ad5ed3f4b70308c29000e8cd98d57c90c7d9298ee4a2c41b141614627880ace9cfde45a0ae5f6f5cf3eb31254454e92eacdab64eb048b144e4fcc16afe59e7d7dad7696df64aa223d14d69bbe8ee2f76e1d4a32477a7cf108fea86a7e085c1575f683857cff342574109f74cf05e3f63f328f46735ba0578d84b4978ce545621b1666ca7da451d40e961a037822eebcbba9bf9e92af7281442efcaa8e0d3ecd6111d8fc1c742d0e7efe8e51a1c5e6ea04fec02a986cba677d9dc642d110df6f55c786c73f7ce4ebf9415bdb2680d0ff4597006d96e3c164114a4effae84380e492822c002b2e96f160a0784fd0ebe448eddaa801921576287f61a15be332a94eea951c0826874d105173a6b3f2a6e420ed5ef00b1f699b74c524a1859cb7d6dfb7257b6f0b92e17ce21237da0ec892735601b29693dce455876447f76df303a8cb34bd9c9241da9904c1c17d416753c71aeed9cc07d26b4a438df4e302cf120cda73c04d5a1b7295f1cb7ff88084211adde5fdf991f97cb522b56c561ad1119a4675fbf566b77660dfd457467652d23c739cc9ba93bbd5b464c46e46187ce71d7aab533e670c861b227454d7c21f9f16000eee0c1772a152c26acd2744c5553ace622369f15d5354a3b5ac4bb9261a766830d351fa931558dee7ff30768b2e29025c3b115179ed6a12ea76a23db3626bc033f85a43c3c3f50b75b89a418277837ba571189e708f4aaaacc19537e7aa156b7058c200e8f9be1da8a63c7e878f3e733060a1cb24a2a09ea76413efdc4e0b1027a09c6830b4ca5ccd4695e2e0bb1610a21b0cc66012aab283b6c5dfbd20aef8d7ad04e4c618a065a588d05e3f780126eee290cf0f94fb4a2c5a8cb97f60d9e50301a4f01f3787ab052ef8782d6ef0f92385ab59015670a054dab1ab0400be74fdc4ac3d18fb5b5da13e55a05e29ad14dd0abf0435dea601ce80573548f3c8f21ecfcbe5361d1505a91c355d8477fe7e3866be005acae25cbab7bd8684294963c3c95924f7d62ca0ed2d7aa01048cbdcd4d7ae9717d4feb97e1e825f6156e9c5fc456509798d2f5adc9356752a8974894ff5bf9d14aab3ddf18fd4f9af23c66f7e4ef7e345e769260fd9d2a22ddd078dd7e44f904ea78dd3db5b0f4a8d7ce9ae7909cedde165b7458da24d576fc0e18d3c27cccaff21146ad51c1681c629a8f0b8a4ae213c88910c54de9af7890b0a4414e0d38c31d76a130b587b764260655f17f901f96b835a1fecb1f7438f5e18ff60720d37d19b1a9ae3e03dc10aa1c4f2abb918883d56ddd4e74b48a4aeadccf2329956ed18b2001d1e1e80bdf325449beda911916f802234f5b182264754cd3bb26b2ae658cc0ee185a19cba7f9e54e47c32f8b87d0fed97c911d28f971e70be5fb830109a57b600f734a4cc734cbb67a58e6a696ccb39c328c537fe467fd194183aad728f95b0a4afb4557615408a83785c0d313e666d1dab18d49a4feaf12993e73f5537998a1ed25b93f9bca346376129dee3a5a78675d30bd19a78b77f45ea8b5b48cb4c78a1bc30df00badb811585966b8f8ef42d89236f5e99f849a44d62d1431eb187333dcde91582a29e777b9cd6e1bc86eff512ba48d6030681d395bfb8c5259b0c22028400a1d3929a6e3fa0fcda3deb9cf8e7e079c21d7c20b1670eb880789ae809608bac2b05c45da5a3a0377d1d06b917a5a6ee7dbf35f54c327d7d7921266bcb4e8e816b02872139d03d575c491ee077140f7d1aca286f977869288bf90eedaf41727abcd79056936d830bf6480bf6b4573e4dd402f6206099716593a04813cd07437ffa80f10f72ef64e320e48fa59b5ac0e412d9ed14bfc2e9365c67fc21c327d5699f58c3984db4f3ec0c362b633a784c4dfba44187801a0f0fc0f6b7a4610594556b33f1617c7b8b4f95d5d6fba7553512a6098a2e64d10a45347f3a41d11e19f7690ebcbfb9239c59b489061aad4317a08c435fa92c4f5feb662f6413c3d06dca92647fef304d9f8e96a78b5251b0a4d15710937428ab676cc7da5f0006cd04f7fa884625116a0cbddabc012cf55e3f26a4b411cfa1ba8473c3aef570cd23fe2165bf1f9b54632c7e76e5a5818bb70086c5fa609f2199424b8f2de5387a5bf44d3f246bec62433182b0c950ecc2968dba1e6a845c48c506daf90ffb0c13d376be0ac8283abb4e4283f703206a47c2b9c6a642d4bf4a245b8ec978b09d8620fc5d9f917842f83bf5e2efd976e9b98c38a8f836773357ad6d23fca68ee26431acf0196ef0fcef25a979782dc2f1688acacc53b1b2c2f694b638c1256a869f56098b89bb4a14b2dc2d187773e6a75f7d37ed91b8f8aee84c0bdbaeec229139809eaa9948e7a5e18d783ece0cd7ea8996dc3e650b1cff351ad9fbd661f303f40de084d111ec1489ae42d2fc55ce8d892a3d6290f2d2eb72733b4fdc8c433569c34854a84653884b3d90652f499eeb83886bd4246b41f231141cf1a412f1c7840fb8a1595895cfdec1961d887ac9dd1f5ad4b66bbb451d5471fcb1fb4bb25a4c4d43b9c0e3c72a00e8fc83f700c812b1b9c2f37e40bd746c39cbbca41e6fecb8d64424c82e640d8f887cb7d8e75828b2969e1628c7000fba626381dcfdc7262b2b06f47f898d0aa0dab8636c089d4339a37e80f20f8f5196608a3d1ac1418ff9ac0ac54c45c124b15a77d61d50ca05e1603b1b6476cf09d79b138a7f7394a9cf35e6d64654504663db381712da505d0985cd9a4edbd067c0f09c393486b138f01deb4771566d987ac16a6ed0ac5c9b592a20878e5b4050e594f376523697a0aba321a6704db28b0f0fcdf0d8e2a6f1788064d49807f080d7aa29f795935d61bcf152fe39a45a713fd0a3b2982f65437828e110b2edcdbd7b462d5ef8e87ad0aa2352cf3fb1e05787602ed66efd77a7b88c73e76dd1b368e5845cc032ed719635b0db27b39ddc12d899b742a1499ffaa4b95c0a1f29cd85a7d2d30be5bd1fd384a6e4dd3b93b46352ece5144a2ce989bcb8e6255e04e6d5d0a6b4b2736715b116b06189491b4a4a9fd9e482413b2b8851b273b10820040b490de9414fcdee5126ddbedaaddcb8c844cc7e0264f65c4d3607dddf0dbd88a7f3d1ff35bea1bcb48eb576e7083fd8bf8d6a6a1567f77819c3bbe93ff92418632d30fa2b933b33fcf163b5a942d870f22d13ad6be938ddf61de391b35e68fc9ad71aeb7cddfb73e071162bfd1c7facd10e50e9f8046c7ee6f89830b70955a3908c18cc79138c335a5159adb3229e02576cbd1829b4c67504fbe785e3c2129d53cbc3b00a62b232e16a01e01b2dc159fea676ea8c0ad0d8f41ea1840092f4900d26f48b5c549211240a5c5ab663b4f9ac463df05c86af9a3f2e595d4f9981b108d44e9ee060fc8736d7ff71a609252fe6becd2aacb23b7ac66ad8a3dfca068fb7846b9588a0b027e45f96d73cdf6c2d9494c6c5c129a8f5a1e8c4f4e6a1adec722ba74e5a002b1c87793cfc5c689ac82881ac346c3e5be4f6570d3669f797916e2018a784d6a88671c6cd803585ba49cabea506177c5e41145d2c7f192012e1478e409d2dde7de2ac2b03b9d808afaf5f761032fd562d587c653eb07ad8ede76dc1aa8a1e7fb5a56f04e3dfa10e77ee1e51f6879c2670278c8471e03b0f62eee8ec60336b604b6721a81d8ef630749dac6298b488ec09a4aa61ced579231d4231a9cf6d7f20683194e6709fbea4ed66cfdec9a7238bbad6894ceb6c0ca3307274f2749be8450180456280289d0179d8396902250cddd7a440c24ae7df78bc8e146b1b8e5c9924d2b07646ff577da61968503bad37d240aacc9dbba0f665acf1d56667d1aa7e497b7947cca22f7a55113f5e10bc9987e9b5d9405f625a604f7099cf365ea8d3530dfba6b9977f8441e23147049ae8bf0231d824397e885589c693d8a7e756e46baf67f21b062cf6d8db25140c4301233bcb18b408e3c7959056a3307546f09f13e2e732dc26b9bab0ac74d72bc0f115f7cf682aed23d9c627da1c4e4b221bd85a6c19f0391b23137f551cfb99cb1da33d42840439d0ec5f2d0e75c74d15918460e915c18dccf2f9d0ee508292c871ec9f4f2a2d1628a914487df2e8aa43bbb0bf1427e2f99e8eaaa588df310b9e50aeba057b2ce863eaaf9ecca3fc190d88bf10", 0xfffffffffffffee9, 0x4004085, 0x0, 0x49)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100)=0xb329, 0x4)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0)
socket$inet6(0xa, 0x1, 0x0)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f00000001c0))
signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)

38.872441784s ago: executing program 7 (id=21694):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0xa0082, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x10000012, 0x4)
unshare(0x20000400)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x5802, 0x0)
ioctl$PTP_SYS_OFFSET(r3, 0x43403d05, 0x0)

38.734560943s ago: executing program 8 (id=21695):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x9c000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b66, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x8a05f664f2838ea, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x840)

38.625994959s ago: executing program 8 (id=21697):
r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount$cgroup(0x0, &(0x7f0000000000)='.\x00', &(0x7f00000000c0), 0x10012, &(0x7f0000000100)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, ','}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = syz_open_procfs(0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_int(r6, &(0x7f0000000200)='cpuset.mem_exclusive\x00', 0x2, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x3, 0x6, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41100, 0x0, '\x00', 0x0, @sched_cls, r5, 0x6}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

38.349832938s ago: executing program 5 (id=21703):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000080)={0x2, @short={0x2, 0x2, 0xaaa1}}, 0x14)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000580)=[@in_dx={0x82, 0x20, {0x1961}}, @rdmsr={0x32, 0x18, {0x9ce}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x2}, @set_irq_handler={0xbe, 0x20, {0xf0, 0x2}}, @wr_crn={0x46, 0x20, {0x3}}, @set_irq_handler={0xbe, 0x20, {0xb5}}, @set_irq_handler={0xbe, 0x20, {0x65, 0x1}}, @wrmsr={0x1e, 0x20, {0xac0, 0xe1}}, @in_dx={0x82, 0x20, {0xfe99}}, @set_irq_handler={0xbe, 0x20, {0x31, 0x1}}, @rdmsr={0x32, 0x18, {0x287}}, @out_dx={0xaa, 0x28, {0xb78c, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x9}, @in_dx={0x82, 0x20, {0xae4d, 0x1}}, @code={0xa, 0x59, {"3e0f01c266baf80cb838d89c80ef66bafc0c66b80e0066ef0f78ebb9fe0b0000b800500000ba000000000f30f30f5aef430f01f846d382006800004083d3c2450f380b7cc1d645f4"}}, @out_dx={0xaa, 0x28, {0x8c05, 0x1, 0x9}}, @out_dx={0xaa, 0x28, {0x2726, 0x6}}, @set_irq_handler={0xbe, 0x20, {0x49, 0x2}}, @code={0xa, 0x63, {"b9600a00000f323e2e36450fc75b65c462299741e466430f3a0dde00b8010000000f01d936f26f430f211166baf80cb818ffd38cef66bafc0cb8e27b058cef0f20d835080000000f22d8660f51870018190d"}}, @code={0xa, 0x6b, {"440f2159c482c0f398dab6000066b852008ec8430f01f8b9ef090000b88347d079ba71ef09570f30b8010000000f01d966baf80cb8d28ef783ef66bafc0c66b8edff66eff083143b8e36dbc3b9800000c00f3235004000000f30"}}, @uexit={0x0, 0x18, 0x2}, @wr_drn={0x6e, 0x20, {0x1, 0x3}}, @uexit={0x0, 0x18, 0x3}, @out_dx={0xaa, 0x28, {0x73b3, 0x4, 0xffffffff}}, @wr_crn={0x46, 0x20, {0x3, 0x5}}, @out_dx={0xaa, 0x28, {0x5be9, 0x2}}, @cpuid={0x14, 0x18, {0x8, 0xff}}, @uexit={0x0, 0x18, 0x4e}, @wr_drn={0x6e, 0x20, {0x0, 0xb36f}}, @wrmsr={0x1e, 0x20, {0xdc6, 0xbd93}}], 0x487})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000a40))
socket$inet6_tcp(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
readv(r3, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000640)=0x10)
fsopen(&(0x7f0000000340)='afs\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

37.518650022s ago: executing program 7 (id=21705):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
wait4(r0, 0x0, 0x40000000, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc040ff0b, &(0x7f0000000180))
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xa, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x20000000005, 0x20000002})
ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x560e, &(0x7f0000000140))
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

35.891059378s ago: executing program 5 (id=21711):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x1, 0x141000)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000180)={{0x3, 0x1, 0xd08d, 0xffff}, 0x3, 0x4, 0x7, 0x0, 0x0, 0x5, 'syz1\x00', 0x0})
syz_emit_ethernet(0x5e, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "041800", 0x28, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @mcast1, @private1}}}}}}, 0x0)

35.734019058s ago: executing program 5 (id=21713):
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000300)={0xa4, 0x7a}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46}, 0x94)
clock_settime(0x0, &(0x7f0000000000)={0x77359400})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)) (async)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000002040), 0x82401, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000300)={0x40, 0x6, 0x4, 0x0, 0x7, 0x8, 0x652, 0x7, 0x8000009657, 0x1, 0x6, 0x0, 0x10, 0x7fffffff, 0x80000000000000, 0xcc0, 0x3, 0x1, 0x94d6, 0x10000000000001, 0x0, 0x809, 0x6, 0xfffffffffffffffa, 0x7, 0xf64d})
r0 = gettid()
sched_rr_get_interval(r0, &(0x7f0000000040)) (async)
sched_rr_get_interval(r0, &(0x7f0000000040))
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000100)={'a', ' *:* ', 'r\x00'}, 0x8) (async)
write$cgroup_devices(r1, &(0x7f0000000100)={'a', ' *:* ', 'r\x00'}, 0x8)

35.533097905s ago: executing program 5 (id=21714):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x3, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000040100000800000002"], 0x50)
syz_usb_connect$uac1(0x5, 0x93, &(0x7f0000000400)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x3, 0x1, 0x40, 0x80, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0xfe}, [@processing_unit={0xc, 0x24, 0x7, 0x4, 0x0, 0x3, "8a54206c4e"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x9, 0x5, 0x5}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x1, 0x1, 0x40, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7f, 0x1, 0xb, {0x7, 0x25, 0x1, 0x1, 0x9, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0xf, 0x8}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x38, 0x3, {0x7, 0x25, 0x1, 0x83, 0x2, 0x101}}}}}}}]}}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000040)={0x3d2, @tick=0x5, 0x0, {0x3}})

34.938532507s ago: executing program 7 (id=21718):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x52, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x4c07e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r0=>0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_open_dev$hidraw(&(0x7f0000000080), 0xfffffffffffff0aa, 0x418000)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0x4}, 0x10, 0x0)
read(r1, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.1GB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
io_submit(r0, 0x0, 0x0)

32.078771171s ago: executing program 8 (id=21743):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = epoll_create1(0x0)
epoll_wait(r2, &(0x7f0000000480)=[{}], 0x1, 0x10000203)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x9d32f4b220c67360})
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000002240)="2d12376647d788ad2cdbd0e68c140c7f72d35ae5869c470a1f53ea73c32220190e02cb0b770bb154d1d5d1b343cb1feadca1752e4397955e1a151721f1b28b9e32b7966f9ddd7ad3822c5ff3dc03786c1c86c2a6f7c271710c573396ca95e95a524201b0bf0539042ae14072693f9734306f7a21f92421e8e0ea335d07d1f2839c4c195930cd35c65dfc527de84f2cab4f0c78474734d7c5cba0c70ee0fd10ad5ed3f4b70308c29000e8cd98d57c90c7d9298ee4a2c41b141614627880ace9cfde45a0ae5f6f5cf3eb31254454e92eacdab64eb048b144e4fcc16afe59e7d7dad7696df64aa223d14d69bbe8ee2f76e1d4a32477a7cf108fea86a7e085c1575f683857cff342574109f74cf05e3f63f328f46735ba0578d84b4978ce545621b1666ca7da451d40e961a037822eebcbba9bf9e92af7281442efcaa8e0d3ecd6111d8fc1c742d0e7efe8e51a1c5e6ea04fec02a986cba677d9dc642d110df6f55c786c73f7ce4ebf9415bdb2680d0ff4597006d96e3c164114a4effae84380e492822c002b2e96f160a0784fd0ebe448eddaa801921576287f61a15be332a94eea951c0826874d105173a6b3f2a6e420ed5ef00b1f699b74c524a1859cb7d6dfb7257b6f0b92e17ce21237da0ec892735601b29693dce455876447f76df303a8cb34bd9c9241da9904c1c17d416753c71aeed9cc07d26b4a438df4e302cf120cda73c04d5a1b7295f1cb7ff88084211adde5fdf991f97cb522b56c561ad1119a4675fbf566b77660dfd457467652d23c739cc9ba93bbd5b464c46e46187ce71d7aab533e670c861b227454d7c21f9f16000eee0c1772a152c26acd2744c5553ace622369f15d5354a3b5ac4bb9261a766830d351fa931558dee7ff30768b2e29025c3b115179ed6a12ea76a23db3626bc033f85a43c3c3f50b75b89a418277837ba571189e708f4aaaacc19537e7aa156b7058c200e8f9be1da8a63c7e878f3e733060a1cb24a2a09ea76413efdc4e0b1027a09c6830b4ca5ccd4695e2e0bb1610a21b0cc66012aab283b6c5dfbd20aef8d7ad04e4c618a065a588d05e3f780126eee290cf0f94fb4a2c5a8cb97f60d9e50301a4f01f3787ab052ef8782d6ef0f92385ab59015670a054dab1ab0400be74fdc4ac3d18fb5b5da13e55a05e29ad14dd0abf0435dea601ce80573548f3c8f21ecfcbe5361d1505a91c355d8477fe7e3866be005acae25cbab7bd8684294963c3c95924f7d62ca0ed2d7aa01048cbdcd4d7ae9717d4feb97e1e825f6156e9c5fc456509798d2f5adc9356752a8974894ff5bf9d14aab3ddf18fd4f9af23c66f7e4ef7e345e769260fd9d2a22ddd078dd7e44f904ea78dd3db5b0f4a8d7ce9ae7909cedde165b7458da24d576fc0e18d3c27cccaff21146ad51c1681c629a8f0b8a4ae213c88910c54de9af7890b0a4414e0d38c31d76a130b587b764260655f17f901f96b835a1fecb1f7438f5e18ff60720d37d19b1a9ae3e03dc10aa1c4f2abb918883d56ddd4e74b48a4aeadccf2329956ed18b2001d1e1e80bdf325449beda911916f802234f5b182264754cd3bb26b2ae658cc0ee185a19cba7f9e54e47c32f8b87d0fed97c911d28f971e70be5fb830109a57b600f734a4cc734cbb67a58e6a696ccb39c328c537fe467fd194183aad728f95b0a4afb4557615408a83785c0d313e666d1dab18d49a4feaf12993e73f5537998a1ed25b93f9bca346376129dee3a5a78675d30bd19a78b77f45ea8b5b48cb4c78a1bc30df00badb811585966b8f8ef42d89236f5e99f849a44d62d1431eb187333dcde91582a29e777b9cd6e1bc86eff512ba48d6030681d395bfb8c5259b0c22028400a1d3929a6e3fa0fcda3deb9cf8e7e079c21d7c20b1670eb880789ae809608bac2b05c45da5a3a0377d1d06b917a5a6ee7dbf35f54c327d7d7921266bcb4e8e816b02872139d03d575c491ee077140f7d1aca286f977869288bf90eedaf41727abcd79056936d830bf6480bf6b4573e4dd402f6206099716593a04813cd07437ffa80f10f72ef64e320e48fa59b5ac0e412d9ed14bfc2e9365c67fc21c327d5699f58c3984db4f3ec0c362b633a784c4dfba44187801a0f0fc0f6b7a4610594556b33f1617c7b8b4f95d5d6fba7553512a6098a2e64d10a45347f3a41d11e19f7690ebcbfb9239c59b489061aad4317a08c435fa92c4f5feb662f6413c3d06dca92647fef304d9f8e96a78b5251b0a4d15710937428ab676cc7da5f0006cd04f7fa884625116a0cbddabc012cf55e3f26a4b411cfa1ba8473c3aef570cd23fe2165bf1f9b54632c7e76e5a5818bb70086c5fa609f2199424b8f2de5387a5bf44d3f246bec62433182b0c950ecc2968dba1e6a845c48c506daf90ffb0c13d376be0ac8283abb4e4283f703206a47c2b9c6a642d4bf4a245b8ec978b09d8620fc5d9f917842f83bf5e2efd976e9b98c38a8f836773357ad6d23fca68ee26431acf0196ef0fcef25a979782dc2f1688acacc53b1b2c2f694b638c1256a869f56098b89bb4a14b2dc2d187773e6a75f7d37ed91b8f8aee84c0bdbaeec229139809eaa9948e7a5e18d783ece0cd7ea8996dc3e650b1cff351ad9fbd661f303f40de084d111ec1489ae42d2fc55ce8d892a3d6290f2d2eb72733b4fdc8c433569c34854a84653884b3d90652f499eeb83886bd4246b41f231141cf1a412f1c7840fb8a1595895cfdec1961d887ac9dd1f5ad4b66bbb451d5471fcb1fb4bb25a4c4d43b9c0e3c72a00e8fc83f700c812b1b9c2f37e40bd746c39cbbca41e6fecb8d64424c82e640d8f887cb7d8e75828b2969e1628c7000fba626381dcfdc7262b2b06f47f898d0aa0dab8636c089d4339a37e80f20f8f5196608a3d1ac1418ff9ac0ac54c45c124b15a77d61d50ca05e1603b1b6476cf09d79b138a7f7394a9cf35e6d64654504663db381712da505d0985cd9a4edbd067c0f09c393486b138f01deb4771566d987ac16a6ed0ac5c9b592a20878e5b4050e594f376523697a0aba321a6704db28b0f0fcdf0d8e2a6f1788064d49807f080d7aa29f795935d61bcf152fe39a45a713fd0a3b2982f65437828e110b2edcdbd7b462d5ef8e87ad0aa2352cf3fb1e05787602ed66efd77a7b88c73e76dd1b368e5845cc032ed719635b0db27b39ddc12d899b742a1499ffaa4b95c0a1f29cd85a7d2d30be5bd1fd384a6e4dd3b93b46352ece5144a2ce989bcb8e6255e04e6d5d0a6b4b2736715b116b06189491b4a4a9fd9e482413b2b8851b273b10820040b490de9414fcdee5126ddbedaaddcb8c844cc7e0264f65c4d3607dddf0dbd88a7f3d1ff35bea1bcb48eb576e7083fd8bf8d6a6a1567f77819c3bbe93ff92418632d30fa2b933b33fcf163b5a942d870f22d13ad6be938ddf61de391b35e68fc9ad71aeb7cddfb73e071162bfd1c7facd10e50e9f8046c7ee6f89830b70955a3908c18cc79138c335a5159adb3229e02576cbd1829b4c67504fbe785e3c2129d53cbc3b00a62b232e16a01e01b2dc159fea676ea8c0ad0d8f41ea1840092f4900d26f48b5c549211240a5c5ab663b4f9ac463df05c86af9a3f2e595d4f9981b108d44e9ee060fc8736d7ff71a609252fe6becd2aacb23b7ac66ad8a3dfca068fb7846b9588a0b027e45f96d73cdf6c2d9494c6c5c129a8f5a1e8c4f4e6a1adec722ba74e5a002b1c87793cfc5c689ac82881ac346c3e5be4f6570d3669f797916e2018a784d6a88671c6cd803585ba49cabea506177c5e41145d2c7f192012e1478e409d2dde7de2ac2b03b9d808afaf5f761032fd562d587c653eb07ad8ede76dc1aa8a1e7fb5a56f04e3dfa10e77ee1e51f6879c2670278c8471e03b0f62eee8ec60336b604b6721a81d8ef630749dac6298b488ec09a4aa61ced579231d4231a9cf6d7f20683194e6709fbea4ed66cfdec9a7238bbad6894ceb6c0ca3307274f2749be8450180456280289d0179d8396902250cddd7a440c24ae7df78bc8e146b1b8e5c9924d2b07646ff577da61968503bad37d240aacc9dbba0f665acf1d56667d1aa7e497b7947cca22f7a55113f5e10bc9987e9b5d9405f625a604f7099cf365ea8d3530dfba6b9977f8441e23147049ae8bf0231d824397e885589c693d8a7e756e46baf67f21b062cf6d8db25140c4301233bcb18b408e3c7959056a3307546f09f13e2e732dc26b9bab0ac74d72bc0f115f7cf682aed23d9c627da1c4e4b221bd85a6c19f0391b23137f551cfb99cb1da33d42840439d0ec5f2d0e75c74d15918460e915c18dccf2f9d0ee508292c871ec9f4f2a2d1628a914487df2e8aa43bbb0bf1427e2f99e8eaaa588df310b9e50aeba057b2ce863eaaf9ecca3fc190d88bf10", 0xfffffffffffffee9, 0x4004085, 0x0, 0x49)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100)=0xb329, 0x4)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0)
socket$inet6(0xa, 0x1, 0x0)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f00000001c0))
signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)

31.164104041s ago: executing program 9 (id=21753):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/16], 0x0}, 0x94)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x2f, 0x28, 0x66, 0x0, 0xd, 0x4, 0x0, @private=0xa010101, @local}, "2d51ae3610ca4afd997745ee54d7a863b8f91694"}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff})
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
pipe2$9p(&(0x7f0000000340)={<r2=>0xffffffffffffffff}, 0x400)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000040), 0x80010, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%.,:', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0f000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1e, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000427a00038625486106029075c91dedeeb64df0697bb82c79b01ec4f10bd1a68cc27963bb15c73076a80f4c571f49ea6060ac43c675a5af436d18b548a424ac6a73ac500a295fd0ed57d28d811570e5fe2f9c251973082dcc7abf0ec2b4aa08083b8659d8be21d20d53759e156c9a8b9bd2449274a1b241732ccc7b", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000ff0700007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

30.226335261s ago: executing program 9 (id=21763):
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e0204094300060000000ce0100000000d0085a168d0bf46d323452f8f653600648d0a00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000200000032000400160005000a0000000000e000e218d1ddf66ed538f252", 0x78, 0x44040, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[], 0x7)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x80}, 0x2)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000580)={@broadcast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0)
r2 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x6ba]}, 0x8)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f00000000c0)=<r6=>0x0)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
write$nci(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="61050402b0010609ab0606f5cc16fa5e933e5f180901a148aeebb0a15d2eb90222d67317f0af029c7af77ef16f9db98ce06cfaa7fbd35215db519170bbd6e99236be1f8810f98b250d5defbc7a5eb267dedbb1e48e3cfc8993c887ebed379a0bfd"], 0x61)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})
signalfd4(r1, &(0x7f0000000080), 0x8, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x19, 0x4, 0x8, 0x1}, 0x50)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r10}, &(0x7f0000000240), &(0x7f00000006c0)=r7}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={r11, r9, 0x25, 0x2, @val=@tcx}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000440)={@link_local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @empty}, @address_request={0x11, 0x0, 0x0, 0x5}}}}}, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x60, r13, 0x1, 0x0, 0x25dfdc01, {}, [{{0x8}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8}}}]}}]}, 0x60}}, 0x40000)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00', 0x0, 0x4}, 0x18)

30.182565128s ago: executing program 9 (id=21764):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5090}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0xe0000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000200)='bridge0\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
mkdir(&(0x7f00000020c0)='./file0\x00', 0x82)
open(&(0x7f00000014c0)='./file0\x00', 0x301040, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)

30.088066964s ago: executing program 9 (id=21765):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000080)={0x2, @short={0x2, 0x2, 0xaaa1}}, 0x14)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r4 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000500)={0x0, &(0x7f0000000580)=[@in_dx={0x82, 0x20, {0x1961}}, @rdmsr={0x32, 0x18, {0x9ce}}, @uexit={0x0, 0x18, 0x1}, @uexit={0x0, 0x18, 0x2}, @set_irq_handler={0xbe, 0x20, {0xf0, 0x2}}, @wr_crn={0x46, 0x20, {0x3}}, @set_irq_handler={0xbe, 0x20, {0xb5}}, @set_irq_handler={0xbe, 0x20, {0x65, 0x1}}, @wrmsr={0x1e, 0x20, {0xac0, 0xe1}}, @in_dx={0x82, 0x20, {0xfe99}}, @set_irq_handler={0xbe, 0x20, {0x31, 0x1}}, @rdmsr={0x32, 0x18, {0x287}}, @out_dx={0xaa, 0x28, {0xb78c, 0x6, 0x2}}, @uexit={0x0, 0x18, 0x9}, @in_dx={0x82, 0x20, {0xae4d, 0x1}}, @code={0xa, 0x59, {"3e0f01c266baf80cb838d89c80ef66bafc0c66b80e0066ef0f78ebb9fe0b0000b800500000ba000000000f30f30f5aef430f01f846d382006800004083d3c2450f380b7cc1d645f4"}}, @out_dx={0xaa, 0x28, {0x8c05, 0x1, 0x9}}, @out_dx={0xaa, 0x28, {0x2726, 0x6}}, @set_irq_handler={0xbe, 0x20, {0x49, 0x2}}, @code={0xa, 0x63, {"b9600a00000f323e2e36450fc75b65c462299741e466430f3a0dde00b8010000000f01d936f26f430f211166baf80cb818ffd38cef66bafc0cb8e27b058cef0f20d835080000000f22d8660f51870018190d"}}, @code={0xa, 0x6b, {"440f2159c482c0f398dab6000066b852008ec8430f01f8b9ef090000b88347d079ba71ef09570f30b8010000000f01d966baf80cb8d28ef783ef66bafc0c66b8edff66eff083143b8e36dbc3b9800000c00f3235004000000f30"}}, @uexit={0x0, 0x18, 0x2}, @wr_drn={0x6e, 0x20, {0x1, 0x3}}, @uexit={0x0, 0x18, 0x3}, @out_dx={0xaa, 0x28, {0x73b3, 0x4, 0xffffffff}}, @wr_crn={0x46, 0x20, {0x3, 0x5}}, @out_dx={0xaa, 0x28, {0x5be9, 0x2}}, @cpuid={0x14, 0x18, {0x8, 0xff}}, @uexit={0x0, 0x18, 0x4e}, @wr_drn={0x6e, 0x20, {0x0, 0xb36f}}, @wrmsr={0x1e, 0x20, {0xdc6, 0xbd93}}], 0x487})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000a40))
socket$inet6_tcp(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
readv(r3, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000000c0))
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000640)=0x10)
fsopen(&(0x7f0000000340)='afs\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})

29.946361546s ago: executing program 9 (id=21766):
r0 = openat$kvm(0x0, &(0x7f00000000c0), 0x800, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000dc0000000000000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
pread64(r4, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sendmsg$netlink(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x0, 0x40}, 0x10)
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x7, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0x1, 0x8, 0x8, 0xb, 0xec, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x81, 0x6, 0x15, 0x3, 0x2, 0x87}, {0x6000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x4, 0xc2, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x2000, 0x0, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0xfd, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xf046e43327cf9826, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x3, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x1000, 0x24, 0x5, 0x8d00, 0x3000, [0x6800000000000000, 0x9, 0x5e, 0x8]})
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, 0x0, 0x20000810)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x82)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r8, 0x0)
ioctl$USBDEVFS_SUBMITURB(r8, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20020009, 0x0, &(0x7f0000000240)={0x20, 0x0, 0xfffc, 0x360, 0x7}, 0x1a, 0x7, 0x60000000, 0x0, 0x4, 0x101, 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
close(r8)
r9 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r10, 0xc048aeca, &(0x7f0000000080))

29.883417836s ago: executing program 9 (id=21767):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f00000000c0)={'bond0\x00', 0x1, 0x8}) (fail_nth: 1)

21.166506824s ago: executing program 44 (id=21714):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r0 = syz_io_uring_setup(0x231, &(0x7f0000000140)={0x0, 0x3, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000040100000800000002"], 0x50)
syz_usb_connect$uac1(0x5, 0x93, &(0x7f0000000400)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x81, 0x3, 0x1, 0x40, 0x80, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x7fff, 0xfe}, [@processing_unit={0xc, 0x24, 0x7, 0x4, 0x0, 0x3, "8a54206c4e"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x9, 0x5, 0x5}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x1, 0x1, 0x40, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x8, 0x7f, 0x1, 0xb, {0x7, 0x25, 0x1, 0x1, 0x9, 0x9}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0xf, 0x8}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x3, 0x38, 0x3, {0x7, 0x25, 0x1, 0x83, 0x2, 0x101}}}}}}}]}}, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000040)={0x3d2, @tick=0x5, 0x0, {0x3}})

20.183139101s ago: executing program 45 (id=21718):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x52, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
open(&(0x7f0000000780)='./bus\x00', 0x4c07e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r0=>0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_open_dev$hidraw(&(0x7f0000000080), 0xfffffffffffff0aa, 0x418000)
syz_usb_connect$cdc_ncm(0x2, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000080)={0x4}, 0x10, 0x0)
read(r1, 0x0, 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r2, &(0x7f0000000080)='hugetlb.1GB.rsvd.max_usage_in_bytes\x00', 0x2, 0x0)
io_submit(r0, 0x0, 0x0)

17.690595613s ago: executing program 46 (id=21743):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
close(0x3)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = epoll_create1(0x0)
epoll_wait(r2, &(0x7f0000000480)=[{}], 0x1, 0x10000203)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000080)={0x9d32f4b220c67360})
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/mdstat\x00', 0x0, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000002240)="2d12376647d788ad2cdbd0e68c140c7f72d35ae5869c470a1f53ea73c32220190e02cb0b770bb154d1d5d1b343cb1feadca1752e4397955e1a151721f1b28b9e32b7966f9ddd7ad3822c5ff3dc03786c1c86c2a6f7c271710c573396ca95e95a524201b0bf0539042ae14072693f9734306f7a21f92421e8e0ea335d07d1f2839c4c195930cd35c65dfc527de84f2cab4f0c78474734d7c5cba0c70ee0fd10ad5ed3f4b70308c29000e8cd98d57c90c7d9298ee4a2c41b141614627880ace9cfde45a0ae5f6f5cf3eb31254454e92eacdab64eb048b144e4fcc16afe59e7d7dad7696df64aa223d14d69bbe8ee2f76e1d4a32477a7cf108fea86a7e085c1575f683857cff342574109f74cf05e3f63f328f46735ba0578d84b4978ce545621b1666ca7da451d40e961a037822eebcbba9bf9e92af7281442efcaa8e0d3ecd6111d8fc1c742d0e7efe8e51a1c5e6ea04fec02a986cba677d9dc642d110df6f55c786c73f7ce4ebf9415bdb2680d0ff4597006d96e3c164114a4effae84380e492822c002b2e96f160a0784fd0ebe448eddaa801921576287f61a15be332a94eea951c0826874d105173a6b3f2a6e420ed5ef00b1f699b74c524a1859cb7d6dfb7257b6f0b92e17ce21237da0ec892735601b29693dce455876447f76df303a8cb34bd9c9241da9904c1c17d416753c71aeed9cc07d26b4a438df4e302cf120cda73c04d5a1b7295f1cb7ff88084211adde5fdf991f97cb522b56c561ad1119a4675fbf566b77660dfd457467652d23c739cc9ba93bbd5b464c46e46187ce71d7aab533e670c861b227454d7c21f9f16000eee0c1772a152c26acd2744c5553ace622369f15d5354a3b5ac4bb9261a766830d351fa931558dee7ff30768b2e29025c3b115179ed6a12ea76a23db3626bc033f85a43c3c3f50b75b89a418277837ba571189e708f4aaaacc19537e7aa156b7058c200e8f9be1da8a63c7e878f3e733060a1cb24a2a09ea76413efdc4e0b1027a09c6830b4ca5ccd4695e2e0bb1610a21b0cc66012aab283b6c5dfbd20aef8d7ad04e4c618a065a588d05e3f780126eee290cf0f94fb4a2c5a8cb97f60d9e50301a4f01f3787ab052ef8782d6ef0f92385ab59015670a054dab1ab0400be74fdc4ac3d18fb5b5da13e55a05e29ad14dd0abf0435dea601ce80573548f3c8f21ecfcbe5361d1505a91c355d8477fe7e3866be005acae25cbab7bd8684294963c3c95924f7d62ca0ed2d7aa01048cbdcd4d7ae9717d4feb97e1e825f6156e9c5fc456509798d2f5adc9356752a8974894ff5bf9d14aab3ddf18fd4f9af23c66f7e4ef7e345e769260fd9d2a22ddd078dd7e44f904ea78dd3db5b0f4a8d7ce9ae7909cedde165b7458da24d576fc0e18d3c27cccaff21146ad51c1681c629a8f0b8a4ae213c88910c54de9af7890b0a4414e0d38c31d76a130b587b764260655f17f901f96b835a1fecb1f7438f5e18ff60720d37d19b1a9ae3e03dc10aa1c4f2abb918883d56ddd4e74b48a4aeadccf2329956ed18b2001d1e1e80bdf325449beda911916f802234f5b182264754cd3bb26b2ae658cc0ee185a19cba7f9e54e47c32f8b87d0fed97c911d28f971e70be5fb830109a57b600f734a4cc734cbb67a58e6a696ccb39c328c537fe467fd194183aad728f95b0a4afb4557615408a83785c0d313e666d1dab18d49a4feaf12993e73f5537998a1ed25b93f9bca346376129dee3a5a78675d30bd19a78b77f45ea8b5b48cb4c78a1bc30df00badb811585966b8f8ef42d89236f5e99f849a44d62d1431eb187333dcde91582a29e777b9cd6e1bc86eff512ba48d6030681d395bfb8c5259b0c22028400a1d3929a6e3fa0fcda3deb9cf8e7e079c21d7c20b1670eb880789ae809608bac2b05c45da5a3a0377d1d06b917a5a6ee7dbf35f54c327d7d7921266bcb4e8e816b02872139d03d575c491ee077140f7d1aca286f977869288bf90eedaf41727abcd79056936d830bf6480bf6b4573e4dd402f6206099716593a04813cd07437ffa80f10f72ef64e320e48fa59b5ac0e412d9ed14bfc2e9365c67fc21c327d5699f58c3984db4f3ec0c362b633a784c4dfba44187801a0f0fc0f6b7a4610594556b33f1617c7b8b4f95d5d6fba7553512a6098a2e64d10a45347f3a41d11e19f7690ebcbfb9239c59b489061aad4317a08c435fa92c4f5feb662f6413c3d06dca92647fef304d9f8e96a78b5251b0a4d15710937428ab676cc7da5f0006cd04f7fa884625116a0cbddabc012cf55e3f26a4b411cfa1ba8473c3aef570cd23fe2165bf1f9b54632c7e76e5a5818bb70086c5fa609f2199424b8f2de5387a5bf44d3f246bec62433182b0c950ecc2968dba1e6a845c48c506daf90ffb0c13d376be0ac8283abb4e4283f703206a47c2b9c6a642d4bf4a245b8ec978b09d8620fc5d9f917842f83bf5e2efd976e9b98c38a8f836773357ad6d23fca68ee26431acf0196ef0fcef25a979782dc2f1688acacc53b1b2c2f694b638c1256a869f56098b89bb4a14b2dc2d187773e6a75f7d37ed91b8f8aee84c0bdbaeec229139809eaa9948e7a5e18d783ece0cd7ea8996dc3e650b1cff351ad9fbd661f303f40de084d111ec1489ae42d2fc55ce8d892a3d6290f2d2eb72733b4fdc8c433569c34854a84653884b3d90652f499eeb83886bd4246b41f231141cf1a412f1c7840fb8a1595895cfdec1961d887ac9dd1f5ad4b66bbb451d5471fcb1fb4bb25a4c4d43b9c0e3c72a00e8fc83f700c812b1b9c2f37e40bd746c39cbbca41e6fecb8d64424c82e640d8f887cb7d8e75828b2969e1628c7000fba626381dcfdc7262b2b06f47f898d0aa0dab8636c089d4339a37e80f20f8f5196608a3d1ac1418ff9ac0ac54c45c124b15a77d61d50ca05e1603b1b6476cf09d79b138a7f7394a9cf35e6d64654504663db381712da505d0985cd9a4edbd067c0f09c393486b138f01deb4771566d987ac16a6ed0ac5c9b592a20878e5b4050e594f376523697a0aba321a6704db28b0f0fcdf0d8e2a6f1788064d49807f080d7aa29f795935d61bcf152fe39a45a713fd0a3b2982f65437828e110b2edcdbd7b462d5ef8e87ad0aa2352cf3fb1e05787602ed66efd77a7b88c73e76dd1b368e5845cc032ed719635b0db27b39ddc12d899b742a1499ffaa4b95c0a1f29cd85a7d2d30be5bd1fd384a6e4dd3b93b46352ece5144a2ce989bcb8e6255e04e6d5d0a6b4b2736715b116b06189491b4a4a9fd9e482413b2b8851b273b10820040b490de9414fcdee5126ddbedaaddcb8c844cc7e0264f65c4d3607dddf0dbd88a7f3d1ff35bea1bcb48eb576e7083fd8bf8d6a6a1567f77819c3bbe93ff92418632d30fa2b933b33fcf163b5a942d870f22d13ad6be938ddf61de391b35e68fc9ad71aeb7cddfb73e071162bfd1c7facd10e50e9f8046c7ee6f89830b70955a3908c18cc79138c335a5159adb3229e02576cbd1829b4c67504fbe785e3c2129d53cbc3b00a62b232e16a01e01b2dc159fea676ea8c0ad0d8f41ea1840092f4900d26f48b5c549211240a5c5ab663b4f9ac463df05c86af9a3f2e595d4f9981b108d44e9ee060fc8736d7ff71a609252fe6becd2aacb23b7ac66ad8a3dfca068fb7846b9588a0b027e45f96d73cdf6c2d9494c6c5c129a8f5a1e8c4f4e6a1adec722ba74e5a002b1c87793cfc5c689ac82881ac346c3e5be4f6570d3669f797916e2018a784d6a88671c6cd803585ba49cabea506177c5e41145d2c7f192012e1478e409d2dde7de2ac2b03b9d808afaf5f761032fd562d587c653eb07ad8ede76dc1aa8a1e7fb5a56f04e3dfa10e77ee1e51f6879c2670278c8471e03b0f62eee8ec60336b604b6721a81d8ef630749dac6298b488ec09a4aa61ced579231d4231a9cf6d7f20683194e6709fbea4ed66cfdec9a7238bbad6894ceb6c0ca3307274f2749be8450180456280289d0179d8396902250cddd7a440c24ae7df78bc8e146b1b8e5c9924d2b07646ff577da61968503bad37d240aacc9dbba0f665acf1d56667d1aa7e497b7947cca22f7a55113f5e10bc9987e9b5d9405f625a604f7099cf365ea8d3530dfba6b9977f8441e23147049ae8bf0231d824397e885589c693d8a7e756e46baf67f21b062cf6d8db25140c4301233bcb18b408e3c7959056a3307546f09f13e2e732dc26b9bab0ac74d72bc0f115f7cf682aed23d9c627da1c4e4b221bd85a6c19f0391b23137f551cfb99cb1da33d42840439d0ec5f2d0e75c74d15918460e915c18dccf2f9d0ee508292c871ec9f4f2a2d1628a914487df2e8aa43bbb0bf1427e2f99e8eaaa588df310b9e50aeba057b2ce863eaaf9ecca3fc190d88bf10", 0xfffffffffffffee9, 0x4004085, 0x0, 0x49)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000100)=0xb329, 0x4)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0)
socket$inet6(0xa, 0x1, 0x0)
timer_create(0x3, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f00000001c0))
signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)

15.577614029s ago: executing program 6 (id=21951):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010004000000fedbdf252100000008000300", @ANYRES32=r3, @ANYBLOB="0c007d80040002"], 0x28}, 0x1, 0x0, 0x0, 0x4004010}, 0x4004000)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
close(r4)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff4)
r5 = syz_open_dev$vcsn(&(0x7f0000000000), 0x6, 0x242)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fsetxattr$security_capability(r5, &(0x7f0000001cc0), &(0x7f0000000300)=@v3={0x3000000, [{0x8001, 0x9}, {0xfff, 0x100}]}, 0x18, 0x1)
write$RDMA_USER_CM_CMD_CONNECT(r5, &(0x7f00000003c0)={0x6, 0x118, 0xfa00, {{0xfcc, 0x93, "9c3829a054934c06767d21d1713702fb70f3c804ed661cb2af7dfe4fa115a6203282eea2ec31d9c741392f9bb734d7c264d46da2b2106ae15172ae371c45091e714109997b6b8e6faecd9f601006b7da854a83f710bf8aba126948b4b03f881afcdb85f9a8e53480b3c0f0f977f6c8ace8b6b27c8b2aaa4f60472b8f97a6fdaea37a4c2290688ae6f27bcf17140a01014d39dcdfbcbe8865461048f43a123261e59f3e4e0ca66223eeae341d1bfcb02720c14147eba44992131c0d002a63f82587e848a075b93c254f0b4df79c1a4aca99f8fcbf2e5bbd973d14ac2baeca85048dbd67370e80e6887f105ad5dcbc8414703a4a02e94f418bd984fc635394544e", 0x2, 0x8, 0x5, 0x0, 0x1, 0x9, 0x4}}}, 0x120)

15.528342438s ago: executing program 47 (id=21767):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f00000000c0)={'bond0\x00', 0x1, 0x8}) (fail_nth: 1)

15.462487162s ago: executing program 6 (id=21953):
openat$kvm(0x0, &(0x7f00000000c0), 0x800, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000300)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000dc0000000000000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sendmsg$netlink(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x0, 0x40}, 0x10)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x7, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x8080000, 0x1, 0x8, 0x8, 0xb, 0xec, 0x40, 0x0, 0x0, 0x2e, 0x80}, {0x5000, 0x4000, 0x3, 0x0, 0x42, 0x5, 0x81, 0x6, 0x15, 0x3, 0x2, 0x87}, {0x6000, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0xd, 0x6, 0x4, 0xc2, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x2000, 0x0, 0xf, 0x3, 0x15, 0x7, 0xab, 0x8, 0x9, 0x83, 0xf7, 0x83}, {0x1000, 0x3909e40c33606d9c, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0xf, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0xfd, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xf046e43327cf9826, 0x4000, 0xe, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x3, 0xc, 0xb0, 0x9}, {0xeeef0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x1000, 0x24, 0x5, 0x8d00, 0x3000, [0x6800000000000000, 0x9, 0x5e, 0x8]})
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20020009, 0x0, &(0x7f0000000240)={0x20, 0x0, 0xfffc, 0x360, 0x7}, 0x1a, 0x7, 0x60000000, 0x0, 0x4, 0x101, 0x0})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

15.244164981s ago: executing program 6 (id=21954):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000080000000000000000400000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000600)={'macvtap0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r3, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x24044851)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a60000000060a090400000000000000000200fffe0900020073797a32000000000900010073797a300000000034000480300001800a0001006d617463680000002000028005000300000000000b000100736f636b657400000800024000000003"], 0x88}, 0x1, 0x0, 0x0, 0x24044800}, 0x0)
mmap$xdp(&(0x7f0000016000/0x4000)=nil, 0x4000, 0x700000d, 0x110, 0xffffffffffffffff, 0x180000000)
write(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$UI_SET_FFBIT(r6, 0x4004556b, 0x47)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)

15.070144163s ago: executing program 6 (id=21955):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x4, 0x0, 0x0}, 0x94)

14.754419537s ago: executing program 6 (id=21956):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
kexec_load(0x0, 0x0, &(0x7f0000000400), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000001b80)={&(0x7f0000000080)={0x28, 0x3, 0x8, 0x201, 0x0, 0x0, {0xa, 0x0, 0x8000}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_FIN_WAIT={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x28}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000940)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x20, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x48}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ioctl$KDFONTOP_SET(r0, 0x4b72, &(0x7f0000000080)={0x4, 0x1fd, 0x16, 0x2, 0x100, &(0x7f0000000440)="387ed7626d850509a2d6c1aa38f15cd0c234cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a750ecb3421143c5c4ded0f06affc524dcf3418272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955582efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284a3e90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def9122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a7e58b4f8c6a1c6b9b5ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef72c5d42cece59181fcb5bad8c24bd9f8f78dd85b82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2b046c6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd600000013139929cefec965c0c761785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829ed0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1aa1ab704782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c413923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29a814bd8fed1ab6d2846c73345962895d289ac718aacac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x12, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0})
ptrace$getsig(0x4202, r1, 0xffffffffffffffff, &(0x7f0000000840))
r6 = syz_usb_connect(0x0, 0x2d, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870fd00090582020002"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r6, 0x82, 0xa8, &(0x7f0000000400)=ANY=[@ANYBLOB="1b1b"])

14.742268362s ago: executing program 6 (id=21957):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, 0x0) (fail_nth: 2)

0s ago: executing program 48 (id=21957):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, 0x0) (fail_nth: 2)

kernel console output (not intermixed with test programs):

asm_exc_page_fault+0x26/0x30
[ 3254.634581][ T3591] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 3254.634600][ T3591] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 3254.634615][ T3591] RSP: 0018:ffffc900166afd58 EFLAGS: 00050212
[ 3254.634632][ T3591] RAX: 00007ffffffff001 RBX: 0000000000000010 RCX: 0000000000000010
[ 3254.634644][ T3591] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: ffffc900166afdc0
[ 3254.634655][ T3591] RBP: ffffc900166afea8 R08: ffffc900166afdcf R09: 1ffff92002cd5fb9
[ 3254.634667][ T3591] R10: dffffc0000000000 R11: fffff52002cd5fba R12: 00002000000000c0
[ 3254.634679][ T3591] R13: 1ffff92002cd5fb4 R14: ffffc900166afdc0 R15: 00002000000000c0
[ 3254.634712][ T3591]  _copy_from_user+0x7a/0xb0
[ 3254.634732][ T3591]  __sys_connect+0x124/0x450
[ 3254.634754][ T3591]  ? __pfx___sys_connect+0x10/0x10
[ 3254.634785][ T3591]  ? __pfx_ksys_write+0x10/0x10
[ 3254.634813][ T3591]  __x64_sys_connect+0x7a/0x90
[ 3254.634833][ T3591]  do_syscall_64+0xfa/0xfa0
[ 3254.634852][ T3591]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3254.634872][ T3591]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3254.634888][ T3591]  ? clear_bhb_loop+0x60/0xb0
[ 3254.634910][ T3591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3254.634926][ T3591] RIP: 0033:0x7f6c2edaefc9
[ 3254.634942][ T3591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3254.634957][ T3591] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 3254.634973][ T3591] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3254.634987][ T3591] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000003
[ 3254.634997][ T3591] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3254.635008][ T3591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3254.635017][ T3591] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3254.635050][ T3591]  </TASK>
[ 3254.787675][ T3597] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[ 3254.787696][ T3597] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 3255.150107][ T3614] 9pnet_fd: p9_fd_create_tcp (3614): problem binding to privport
[ 3255.927364][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3255.935333][ T3642] FAULT_INJECTION: forcing a failure.
[ 3255.935333][ T3642] name failslab, interval 1, probability 0, space 0, times 0
[ 3255.935363][ T3642] CPU: 1 UID: 0 PID: 3642 Comm: syz.9.20957 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3255.935381][ T3642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3255.935391][ T3642] Call Trace:
[ 3255.935402][ T3642]  <TASK>
[ 3255.935409][ T3642]  dump_stack_lvl+0x189/0x250
[ 3255.935435][ T3642]  ? __pfx____ratelimit+0x10/0x10
[ 3255.935455][ T3642]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3255.935475][ T3642]  ? __pfx__printk+0x10/0x10
[ 3255.935498][ T3642]  ? __pfx___might_resched+0x10/0x10
[ 3255.935515][ T3642]  ? fs_reclaim_acquire+0x7d/0x100
[ 3255.935539][ T3642]  should_fail_ex+0x46c/0x600
[ 3255.935563][ T3642]  ? getname_flags+0xb8/0x540
[ 3255.935583][ T3642]  should_failslab+0xa8/0x100
[ 3255.935604][ T3642]  ? getname_flags+0xb8/0x540
[ 3255.935622][ T3642]  kmem_cache_alloc_noprof+0x6f/0x6b0
[ 3255.935648][ T3642]  getname_flags+0xb8/0x540
[ 3255.935672][ T3642]  do_sys_openat2+0xbc/0x1c0
[ 3255.935690][ T3642]  ? __pfx_do_sys_openat2+0x10/0x10
[ 3255.935708][ T3642]  ? exc_page_fault+0x82/0x100
[ 3255.935730][ T3642]  ? do_user_addr_fault+0xc85/0x1380
[ 3255.935751][ T3642]  __x64_sys_openat+0x138/0x170
[ 3255.935771][ T3642]  do_syscall_64+0xfa/0xfa0
[ 3255.935789][ T3642]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3255.935807][ T3642]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3255.935822][ T3642]  ? clear_bhb_loop+0x60/0xb0
[ 3255.935841][ T3642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3255.935855][ T3642] RIP: 0033:0x7f53938cd810
[ 3255.935870][ T3642] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[ 3255.935883][ T3642] RSP: 002b:00007f5391b2bef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3255.935900][ T3642] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f53938cd810
[ 3255.935911][ T3642] RDX: 0000000000000002 RSI: 00007f5393951c6c RDI: 00000000ffffff9c
[ 3255.935921][ T3642] RBP: 00007f5393951c6c R08: 0000000000000000 R09: 0000000000000000
[ 3255.935931][ T3642] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3255.935940][ T3642] R13: 0000000000000024 R14: 0000200000000040 R15: 00007fff1bbedea8
[ 3255.935968][ T3642]  </TASK>
[ 3256.198716][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3256.724719][ T6111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3256.724997][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3256.825588][  T979] libceph: connect (1)[c::]:6789 error -101
[ 3256.825797][  T979] libceph: mon0 (1)[c::]:6789 connect error
[ 3256.827001][  T979] libceph: connect (1)[c::]:6789 error -101
[ 3256.827192][  T979] libceph: mon0 (1)[c::]:6789 connect error
[ 3256.866132][ T3645] ceph: No mds server is up or the cluster is laggy
[ 3258.575350][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3258.627872][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3258.852178][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3259.364227][ T3705] netlink: 12 bytes leftover after parsing attributes in process `syz.6.20983'.
[ 3259.409847][ T3705] 8021q: adding VLAN 0 to HW filter on device bond1
[ 3259.424228][T16017] usb 6-1: new full-speed USB device number 98 using dummy_hcd
[ 3259.577924][T16017] usb 6-1: config 8 has an invalid interface number: 223 but max is 0
[ 3259.577953][T16017] usb 6-1: config 8 has no interface number 0
[ 3259.578024][T16017] usb 6-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[ 3259.582210][T16017] usb 6-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[ 3259.582237][T16017] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3259.582256][T16017] usb 6-1: Product: syz
[ 3259.582270][T16017] usb 6-1: Manufacturer: syz
[ 3259.582283][T16017] usb 6-1: SerialNumber: syz
[ 3259.682554][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3259.847563][ T3692] Invalid option length (938168) for dns_resolver key
[ 3259.939016][T16017] usb 6-1: USB disconnect, device number 98
[ 3260.217243][ T3746] FAULT_INJECTION: forcing a failure.
[ 3260.217243][ T3746] name failslab, interval 1, probability 0, space 0, times 0
[ 3260.217276][ T3746] CPU: 1 UID: 0 PID: 3746 Comm: syz.6.20999 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3260.217297][ T3746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3260.217306][ T3746] Call Trace:
[ 3260.217313][ T3746]  <TASK>
[ 3260.217322][ T3746]  dump_stack_lvl+0x189/0x250
[ 3260.217350][ T3746]  ? __pfx____ratelimit+0x10/0x10
[ 3260.217372][ T3746]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3260.217395][ T3746]  ? __pfx__printk+0x10/0x10
[ 3260.217420][ T3746]  ? __pfx___might_resched+0x10/0x10
[ 3260.217440][ T3746]  ? fs_reclaim_acquire+0x7d/0x100
[ 3260.217466][ T3746]  should_fail_ex+0x46c/0x600
[ 3260.217494][ T3746]  ? getname_flags+0xb8/0x540
[ 3260.217516][ T3746]  should_failslab+0xa8/0x100
[ 3260.217546][ T3746]  ? getname_flags+0xb8/0x540
[ 3260.217566][ T3746]  kmem_cache_alloc_noprof+0x6f/0x6b0
[ 3260.217587][ T3746]  ? ksys_write+0x230/0x260
[ 3260.217614][ T3746]  getname_flags+0xb8/0x540
[ 3260.217642][ T3746]  __x64_sys_symlink+0x5d/0x90
[ 3260.217672][ T3746]  do_syscall_64+0xfa/0xfa0
[ 3260.217692][ T3746]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3260.217713][ T3746]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3260.217732][ T3746]  ? clear_bhb_loop+0x60/0xb0
[ 3260.217754][ T3746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3260.217771][ T3746] RIP: 0033:0x7f6c2edaefc9
[ 3260.217787][ T3746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3260.217803][ T3746] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 3260.217823][ T3746] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3260.217836][ T3746] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000200000000540
[ 3260.217849][ T3746] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3260.217861][ T3746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3260.217873][ T3746] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3260.217906][ T3746]  </TASK>
[ 3260.985382][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3261.410057][ T3748] netlink: 24 bytes leftover after parsing attributes in process `syz.8.21000'.
[ 3261.497924][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3261.566324][T30923] usb 6-1: new high-speed USB device number 99 using dummy_hcd
[ 3261.728163][T30923] usb 6-1: Using ep0 maxpacket: 32
[ 3261.731022][T30923] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3261.731052][T30923] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3261.731073][T30923] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 3261.737383][T30923] usb 6-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[ 3261.737407][T30923] usb 6-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[ 3261.737424][T30923] usb 6-1: Product: syz
[ 3261.737436][T30923] usb 6-1: Manufacturer: syz
[ 3261.737448][T30923] usb 6-1: SerialNumber: syz
[ 3261.760463][T30923] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input101
[ 3262.086242][ T3775] netlink: 40 bytes leftover after parsing attributes in process `syz.5.21010'.
[ 3262.100899][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3262.101552][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3262.136869][ T3775] netlink: 212360 bytes leftover after parsing attributes in process `syz.5.21010'.
[ 3262.387063][  T979] usb 6-1: USB disconnect, device number 99
[ 3262.528968][  T979] appletouch 6-1:1.0: input: appletouch disconnected
[ 3262.712477][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3263.634771][T16017] usb 6-1: new high-speed USB device number 100 using dummy_hcd
[ 3263.634935][T30923] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 3263.796499][T30923] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3263.796542][T30923] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 3263.796594][T30923] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3263.799712][T30923] usb 9-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[ 3263.799800][T30923] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3263.799819][T30923] usb 9-1: Product: syz
[ 3263.799833][T30923] usb 9-1: Manufacturer: syz
[ 3263.799845][T30923] usb 9-1: SerialNumber: syz
[ 3263.806971][T16017] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3263.808456][T16017] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3263.808481][T16017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3263.808499][T16017] usb 6-1: SerialNumber: syz
[ 3263.813892][T30923] usb 9-1: config 0 descriptor??
[ 3263.821066][T30923] uvcvideo 9-1:0.0: probe with driver uvcvideo failed with error -22
[ 3264.581958][ T3853] hub 2-0:1.0: USB hub found
[ 3264.593787][ T3853] hub 2-0:1.0: 1 port detected
[ 3265.113098][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3265.143690][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3265.337128][T16017] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 3266.156632][ T3897] FAULT_INJECTION: forcing a failure.
[ 3266.156632][ T3897] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3266.156665][ T3897] CPU: 0 UID: 0 PID: 3897 Comm: syz.9.21065 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3266.156685][ T3897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3266.156696][ T3897] Call Trace:
[ 3266.156704][ T3897]  <TASK>
[ 3266.156713][ T3897]  dump_stack_lvl+0x189/0x250
[ 3266.156742][ T3897]  ? __pfx____ratelimit+0x10/0x10
[ 3266.156765][ T3897]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3266.156789][ T3897]  ? __pfx__printk+0x10/0x10
[ 3266.156812][ T3897]  ? fs_reclaim_acquire+0x7d/0x100
[ 3266.156845][ T3897]  should_fail_ex+0x46c/0x600
[ 3266.156874][ T3897]  prepare_alloc_pages+0x213/0x670
[ 3266.156908][ T3897]  __alloc_frozen_pages_noprof+0x123/0x370
[ 3266.156935][ T3897]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 3266.156967][ T3897]  ? policy_nodemask+0x27c/0x720
[ 3266.156988][ T3897]  ? rt_spin_lock+0x1c1/0x3e0
[ 3266.157011][ T3897]  alloc_pages_mpol+0xd1/0x380
[ 3266.157040][ T3897]  alloc_pages_noprof+0xcf/0x1e0
[ 3266.157073][ T3897]  pte_alloc_one+0x23/0x330
[ 3266.157093][ T3897]  ? __pte_alloc+0x1d/0x1a0
[ 3266.157113][ T3897]  __pte_alloc+0x25/0x1a0
[ 3266.157135][ T3897]  handle_mm_fault+0x297d/0x3400
[ 3266.157160][ T3897]  ? mt_find+0x15c/0x5e0
[ 3266.157180][ T3897]  ? __pfx_mt_find+0x10/0x10
[ 3266.157202][ T3897]  ? handle_mm_fault+0xdb/0x3400
[ 3266.157231][ T3897]  ? __pfx_handle_mm_fault+0x10/0x10
[ 3266.157272][ T3897]  ? lock_mm_and_find_vma+0x9c/0x300
[ 3266.157299][ T3897]  do_user_addr_fault+0x764/0x1380
[ 3266.157337][ T3897]  exc_page_fault+0x82/0x100
[ 3266.157362][ T3897]  asm_exc_page_fault+0x26/0x30
[ 3266.157378][ T3897] RIP: 0010:rep_movs_alternative+0x30/0x90
[ 3266.157397][ T3897] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[ 3266.157412][ T3897] RSP: 0018:ffffc90015bdfd58 EFLAGS: 00050212
[ 3266.157428][ T3897] RAX: 00007ffffffff001 RBX: 0000000000000010 RCX: 0000000000000010
[ 3266.157441][ T3897] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: ffffc90015bdfdc0
[ 3266.157454][ T3897] RBP: ffffc90015bdfea8 R08: ffffc90015bdfdcf R09: 1ffff92002b7bfb9
[ 3266.157468][ T3897] R10: dffffc0000000000 R11: fffff52002b7bfba R12: 00002000000000c0
[ 3266.157482][ T3897] R13: 1ffff92002b7bfb4 R14: ffffc90015bdfdc0 R15: 00002000000000c0
[ 3266.157516][ T3897]  _copy_from_user+0x7a/0xb0
[ 3266.157537][ T3897]  __sys_connect+0x124/0x450
[ 3266.157559][ T3897]  ? __pfx___sys_connect+0x10/0x10
[ 3266.157602][ T3897]  __x64_sys_connect+0x7a/0x90
[ 3266.157621][ T3897]  do_syscall_64+0xfa/0xfa0
[ 3266.157642][ T3897]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3266.157663][ T3897]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3266.157680][ T3897]  ? clear_bhb_loop+0x60/0xb0
[ 3266.157703][ T3897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3266.157720][ T3897] RIP: 0033:0x7f53938cefc9
[ 3266.157736][ T3897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3266.157751][ T3897] RSP: 002b:00007f5391b2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 3266.157769][ T3897] RAX: ffffffffffffffda RBX: 00007f5393b25fa0 RCX: 00007f53938cefc9
[ 3266.157783][ T3897] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000003
[ 3266.157795][ T3897] RBP: 00007f5391b2e090 R08: 0000000000000000 R09: 0000000000000000
[ 3266.157807][ T3897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3266.157819][ T3897] R13: 00007f5393b26038 R14: 00007f5393b25fa0 R15: 00007fff1bbedea8
[ 3266.157852][ T3897]  </TASK>
[ 3266.370478][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3266.610381][  T979] usb 9-1: USB disconnect, device number 42
[ 3266.808781][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3266.815282][T30923] usb 6-1: USB disconnect, device number 100
[ 3266.819319][T30923] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device
[ 3267.167051][ T5998] usb 9-1: new full-speed USB device number 43 using dummy_hcd
[ 3267.293317][ T3907] netlink: 24 bytes leftover after parsing attributes in process `syz.7.21075'.
[ 3267.322021][ T5998] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 3267.322046][ T5998] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 3267.322070][ T5998] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 3267.322088][ T5998] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 3267.324806][ T5998] usb 9-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 3267.324833][ T5998] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3267.324851][ T5998] usb 9-1: Product: syz
[ 3267.324865][ T5998] usb 9-1: Manufacturer: syz
[ 3267.324878][ T5998] usb 9-1: SerialNumber: syz
[ 3267.365943][ T5998] usb 9-1: config 0 descriptor??
[ 3267.579651][T20055] usb 9-1: USB disconnect, device number 43
[ 3267.587653][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3267.588006][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3268.009463][ T3954] IPv6: NLM_F_CREATE should be specified when creating new route
[ 3268.202260][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3268.725507][ T3977] FAULT_INJECTION: forcing a failure.
[ 3268.725507][ T3977] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3268.725541][ T3977] CPU: 0 UID: 0 PID: 3977 Comm: syz.6.21103 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3268.725563][ T3977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3268.725574][ T3977] Call Trace:
[ 3268.725582][ T3977]  <TASK>
[ 3268.725591][ T3977]  dump_stack_lvl+0x189/0x250
[ 3268.725620][ T3977]  ? __pfx____ratelimit+0x10/0x10
[ 3268.725642][ T3977]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3268.725667][ T3977]  ? __pfx__printk+0x10/0x10
[ 3268.725702][ T3977]  should_fail_ex+0x46c/0x600
[ 3268.725732][ T3977]  strncpy_from_user+0x36/0x290
[ 3268.725758][ T3977]  getname_flags+0xf3/0x540
[ 3268.725786][ T3977]  do_sys_openat2+0xbc/0x1c0
[ 3268.725808][ T3977]  ? __pfx_do_sys_openat2+0x10/0x10
[ 3268.725829][ T3977]  ? exc_page_fault+0x82/0x100
[ 3268.725855][ T3977]  ? do_user_addr_fault+0xc85/0x1380
[ 3268.725879][ T3977]  __x64_sys_openat+0x138/0x170
[ 3268.725903][ T3977]  do_syscall_64+0xfa/0xfa0
[ 3268.725923][ T3977]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3268.725945][ T3977]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3268.725963][ T3977]  ? clear_bhb_loop+0x60/0xb0
[ 3268.725985][ T3977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3268.726003][ T3977] RIP: 0033:0x7f6c2edad810
[ 3268.726020][ T3977] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[ 3268.726042][ T3977] RSP: 002b:00007f6c2d013ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3268.726062][ T3977] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6c2edad810
[ 3268.726079][ T3977] RDX: 0000000000000002 RSI: 00007f6c2ee31c6c RDI: 00000000ffffff9c
[ 3268.726091][ T3977] RBP: 00007f6c2ee31c6c R08: 0000000000000000 R09: 0000000000000000
[ 3268.726103][ T3977] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3268.726114][ T3977] R13: 0000000000000024 R14: 0000200000000040 R15: 00007ffca99be008
[ 3268.726148][ T3977]  </TASK>
[ 3269.651880][ T3980] netlink: 24 bytes leftover after parsing attributes in process `syz.5.21104'.
[ 3270.049287][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3270.739390][ T5998] usb 10-1: new full-speed USB device number 40 using dummy_hcd
[ 3270.915689][ T5998] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3270.915750][ T5998] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[ 3270.915773][ T5998] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[ 3270.915797][ T5998] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[ 3270.915820][ T5998] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 3270.915853][ T5998] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 3270.915873][ T5998] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3270.929876][  T979] usb 9-1: new high-speed USB device number 44 using dummy_hcd
[ 3271.007787][ T5998] usb 10-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[ 3271.007805][ T5998] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=8
[ 3271.007816][ T5998] usb 10-1: Product: syz
[ 3271.007824][ T5998] usb 10-1: Manufacturer: syz
[ 3271.007831][ T5998] usb 10-1: SerialNumber: syz
[ 3271.011364][ T5998] usb 10-1: config 0 descriptor??
[ 3271.012149][ T4018] raw-gadget.3 gadget.9: fail, usb_ep_enable returned -22
[ 3271.014661][ T5998] ati_remote 10-1:0.0: ati_remote_probe: Unexpected endpoint_out
[ 3271.121072][  T979] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 3271.121123][  T979] usb 9-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[ 3271.121145][  T979] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3271.125408][  T979] usb 9-1: config 0 descriptor??
[ 3271.206605][ T5998] usb 10-1: USB disconnect, device number 40
[ 3271.272576][ T6731] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[ 3271.415390][ T6731] usb 6-1: Using ep0 maxpacket: 16
[ 3271.422006][ T6731] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[ 3271.422029][ T6731] usb 6-1: config 0 has no interface number 0
[ 3271.422058][ T6731] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 3271.422072][ T6731] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 3271.422084][ T6731] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 3271.423832][ T6731] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 3271.423846][ T6731] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 3271.423899][ T6731] usb 6-1: Product: syz
[ 3271.423907][ T6731] usb 6-1: SerialNumber: syz
[ 3271.435417][ T6731] usb 6-1: config 0 descriptor??
[ 3271.454392][ T4025] raw-gadget.4 gadget.5: fail, usb_ep_enable returned -22
[ 3271.461696][ T6731] cm109 6-1:0.8: invalid payload size 1024, expected 4
[ 3271.467345][ T6731] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input102
[ 3271.563106][  T979] logitech 0003:046D:C626.0042: nested delimiters
[ 3271.563120][  T979] logitech 0003:046D:C626.0042: item 0 4 2 10 parsing failed
[ 3271.563769][  T979] logitech 0003:046D:C626.0042: parse failed
[ 3271.563869][  T979] logitech 0003:046D:C626.0042: probe with driver logitech failed with error -22
[ 3271.672468][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.672722][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.673046][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.673345][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.673581][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.673814][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.674025][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.674219][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.674409][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.674610][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 3271.681082][ T6731] usb 6-1: USB disconnect, device number 101
[ 3271.681168][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 3271.728288][ T6731] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 3271.764967][  T979] usb 9-1: USB disconnect, device number 44
[ 3271.868379][T31674] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3272.034998][ T6731] usb 6-1: new full-speed USB device number 102 using dummy_hcd
[ 3272.158776][ T6731] usb 6-1: device descriptor read/64, error -71
[ 3272.387299][ T6731] usb 6-1: new full-speed USB device number 103 using dummy_hcd
[ 3272.473346][T31674] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3272.473592][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3272.511147][ T6731] usb 6-1: device descriptor read/64, error -71
[ 3272.616237][ T6731] usb usb6-port1: attempt power cycle
[ 3272.887741][ T4080] FAULT_INJECTION: forcing a failure.
[ 3272.887741][ T4080] name failslab, interval 1, probability 0, space 0, times 0
[ 3272.887779][ T4080] CPU: 0 UID: 0 PID: 4080 Comm: syz.6.21145 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3272.887801][ T4080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3272.887811][ T4080] Call Trace:
[ 3272.887819][ T4080]  <TASK>
[ 3272.887828][ T4080]  dump_stack_lvl+0x189/0x250
[ 3272.887859][ T4080]  ? __pfx____ratelimit+0x10/0x10
[ 3272.887881][ T4080]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3272.887906][ T4080]  ? __pfx__printk+0x10/0x10
[ 3272.887933][ T4080]  ? __pfx___might_resched+0x10/0x10
[ 3272.887958][ T4080]  should_fail_ex+0x46c/0x600
[ 3272.887988][ T4080]  should_failslab+0xa8/0x100
[ 3272.888014][ T4080]  __kmalloc_noprof+0xcc/0x7d0
[ 3272.888036][ T4080]  ? kfree+0x51/0x950
[ 3272.888053][ T4080]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 3272.888081][ T4080]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 3272.888117][ T4080]  tomoyo_check_open_permission+0x1c1/0x3b0
[ 3272.888144][ T4080]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 3272.888169][ T4080]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 3272.888232][ T4080]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 3272.888256][ T4080]  ? tomoyo_file_open+0x169/0x230
[ 3272.888283][ T4080]  security_file_open+0xb1/0x270
[ 3272.888303][ T4080]  do_dentry_open+0x378/0x1350
[ 3272.888327][ T4080]  ? devcgroup_check_permission+0x2f/0x950
[ 3272.888359][ T4080]  vfs_open+0x3b/0x350
[ 3272.888374][ T4080]  ? path_openat+0x2ed9/0x3840
[ 3272.888404][ T4080]  path_openat+0x2ef1/0x3840
[ 3272.888431][ T4080]  ? try_to_take_rt_mutex+0x840/0xb00
[ 3272.888481][ T4080]  ? __pfx_path_openat+0x10/0x10
[ 3272.888502][ T4080]  ? do_raw_spin_lock+0x121/0x290
[ 3272.888534][ T4080]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 3272.888556][ T4080]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3272.888580][ T4080]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 3272.888609][ T4080]  do_filp_open+0x1fa/0x410
[ 3272.888632][ T4080]  ? __pfx_do_filp_open+0x10/0x10
[ 3272.888649][ T4080]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 3272.888695][ T4080]  ? alloc_fd+0x64f/0x6c0
[ 3272.888730][ T4080]  do_sys_openat2+0x121/0x1c0
[ 3272.888752][ T4080]  ? __pfx_do_sys_openat2+0x10/0x10
[ 3272.888776][ T4080]  ? ksys_write+0x230/0x260
[ 3272.888799][ T4080]  ? __pfx_ksys_write+0x10/0x10
[ 3272.888822][ T4080]  __x64_sys_openat+0x138/0x170
[ 3272.888847][ T4080]  do_syscall_64+0xfa/0xfa0
[ 3272.888867][ T4080]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3272.888888][ T4080]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3272.888906][ T4080]  ? clear_bhb_loop+0x60/0xb0
[ 3272.888929][ T4080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3272.888946][ T4080] RIP: 0033:0x7f6c2edaefc9
[ 3272.888963][ T4080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3272.888979][ T4080] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 3272.888999][ T4080] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3272.889013][ T4080] RDX: 0000000000080040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 3272.889026][ T4080] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3272.889037][ T4080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3272.889047][ T4080] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3272.889081][ T4080]  </TASK>
[ 3272.889089][ T4080] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3273.008090][ T6731] usb 6-1: new full-speed USB device number 104 using dummy_hcd
[ 3273.026521][ T6731] usb 6-1: device descriptor read/8, error -71
[ 3273.307583][ T6731] usb 6-1: new full-speed USB device number 105 using dummy_hcd
[ 3273.340720][ T6731] usb 6-1: device descriptor read/8, error -71
[ 3273.445143][ T6731] usb usb6-port1: unable to enumerate USB device
[ 3273.578468][T21804] IPVS: starting estimator thread 0...
[ 3273.683959][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3273.687755][ T4098] IPVS: using max 8 ests per chain, 19200 per kthread
[ 3274.392441][ T4115] FAULT_INJECTION: forcing a failure.
[ 3274.392441][ T4115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3274.392463][ T4115] CPU: 0 UID: 0 PID: 4115 Comm: syz.6.21158 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3274.392475][ T4115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3274.392481][ T4115] Call Trace:
[ 3274.392486][ T4115]  <TASK>
[ 3274.392491][ T4115]  dump_stack_lvl+0x189/0x250
[ 3274.392509][ T4115]  ? __pfx____ratelimit+0x10/0x10
[ 3274.392523][ T4115]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3274.392536][ T4115]  ? __pfx__printk+0x10/0x10
[ 3274.392557][ T4115]  should_fail_ex+0x46c/0x600
[ 3274.392573][ T4115]  _copy_to_user+0x31/0xb0
[ 3274.392585][ T4115]  simple_read_from_buffer+0xe1/0x170
[ 3274.392602][ T4115]  proc_fail_nth_read+0x1b6/0x220
[ 3274.392615][ T4115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3274.392627][ T4115]  ? rw_verify_area+0x2ac/0x4e0
[ 3274.392640][ T4115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3274.392651][ T4115]  vfs_read+0x206/0xa30
[ 3274.392667][ T4115]  ? __pfx_vfs_read+0x10/0x10
[ 3274.392677][ T4115]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 3274.392693][ T4115]  ? mutex_lock_nested+0x154/0x1d0
[ 3274.392703][ T4115]  ? fdget_pos+0x253/0x320
[ 3274.392721][ T4115]  ksys_read+0x14b/0x260
[ 3274.392734][ T4115]  ? __pfx_ksys_read+0x10/0x10
[ 3274.392748][ T4115]  ? do_syscall_64+0xbe/0xfa0
[ 3274.392762][ T4115]  do_syscall_64+0xfa/0xfa0
[ 3274.392773][ T4115]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3274.392785][ T4115]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3274.392795][ T4115]  ? clear_bhb_loop+0x60/0xb0
[ 3274.392808][ T4115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3274.392817][ T4115] RIP: 0033:0x7f6c2edad9dc
[ 3274.392827][ T4115] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 3274.392836][ T4115] RSP: 002b:00007f6c2d016030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3274.392847][ T4115] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edad9dc
[ 3274.392855][ T4115] RDX: 000000000000000f RSI: 00007f6c2d0160a0 RDI: 0000000000000005
[ 3274.392861][ T4115] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3274.392868][ T4115] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000001
[ 3274.392874][ T4115] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3274.392893][ T4115]  </TASK>
[ 3275.436656][ T4117] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[ 3275.515352][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3276.074614][ T4169] overlayfs: missing 'lowerdir'
[ 3276.290454][ T4175] FAULT_INJECTION: forcing a failure.
[ 3276.290454][ T4175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3276.290476][ T4175] CPU: 0 UID: 0 PID: 4175 Comm: syz.7.21180 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3276.290488][ T4175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3276.290494][ T4175] Call Trace:
[ 3276.290498][ T4175]  <TASK>
[ 3276.290503][ T4175]  dump_stack_lvl+0x189/0x250
[ 3276.290521][ T4175]  ? __pfx____ratelimit+0x10/0x10
[ 3276.290535][ T4175]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3276.290548][ T4175]  ? __pfx__printk+0x10/0x10
[ 3276.290566][ T4175]  should_fail_ex+0x46c/0x600
[ 3276.290583][ T4175]  _copy_to_user+0x31/0xb0
[ 3276.290596][ T4175]  btf_new_fd+0x560/0xcf0
[ 3276.290610][ T4175]  ? safesetid_security_capable+0xa9/0x1a0
[ 3276.290630][ T4175]  ? __pfx_btf_new_fd+0x10/0x10
[ 3276.290643][ T4175]  ? bpf_token_put+0x143/0x160
[ 3276.290653][ T4175]  ? bpf_btf_load+0x126/0x190
[ 3276.290668][ T4175]  __sys_bpf+0x3ed/0x860
[ 3276.290682][ T4175]  ? __pfx___sys_bpf+0x10/0x10
[ 3276.290693][ T4175]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 3276.290713][ T4175]  ? ksys_write+0x230/0x260
[ 3276.290726][ T4175]  ? __pfx_ksys_write+0x10/0x10
[ 3276.290741][ T4175]  __x64_sys_bpf+0x7c/0x90
[ 3276.290753][ T4175]  do_syscall_64+0xfa/0xfa0
[ 3276.290765][ T4175]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3276.290777][ T4175]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3276.290787][ T4175]  ? clear_bhb_loop+0x60/0xb0
[ 3276.290798][ T4175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3276.290808][ T4175] RIP: 0033:0x7f63a1a0efc9
[ 3276.290817][ T4175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3276.290826][ T4175] RSP: 002b:00007f639fc6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3276.290837][ T4175] RAX: ffffffffffffffda RBX: 00007f63a1c65fa0 RCX: 00007f63a1a0efc9
[ 3276.290845][ T4175] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 0000000000000012
[ 3276.290851][ T4175] RBP: 00007f639fc6e090 R08: 0000000000000000 R09: 0000000000000000
[ 3276.290857][ T4175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3276.290863][ T4175] R13: 00007f63a1c66038 R14: 00007f63a1c65fa0 R15: 00007ffe99ad11e8
[ 3276.290881][ T4175]  </TASK>
[ 3276.496132][ T4179] netlink: 8 bytes leftover after parsing attributes in process `syz.7.21181'.
[ 3276.927960][ T4202] netlink: 'syz.8.21192': attribute type 6 has an invalid length.
[ 3276.927983][ T4202] netlink: 12 bytes leftover after parsing attributes in process `syz.8.21192'.
[ 3277.024948][T21775] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xb0
[ 3277.126329][ T4212] FAULT_INJECTION: forcing a failure.
[ 3277.126329][ T4212] name failslab, interval 1, probability 0, space 0, times 0
[ 3277.126362][ T4212] CPU: 1 UID: 0 PID: 4212 Comm: syz.7.21195 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3277.126383][ T4212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3277.126399][ T4212] Call Trace:
[ 3277.126407][ T4212]  <TASK>
[ 3277.126416][ T4212]  dump_stack_lvl+0x189/0x250
[ 3277.126445][ T4212]  ? __pfx____ratelimit+0x10/0x10
[ 3277.126467][ T4212]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3277.126491][ T4212]  ? __pfx__printk+0x10/0x10
[ 3277.126517][ T4212]  ? __pfx___might_resched+0x10/0x10
[ 3277.126536][ T4212]  ? fs_reclaim_acquire+0x7d/0x100
[ 3277.126564][ T4212]  should_fail_ex+0x46c/0x600
[ 3277.126593][ T4212]  should_failslab+0xa8/0x100
[ 3277.126619][ T4212]  __kmalloc_noprof+0xcc/0x7d0
[ 3277.126642][ T4212]  ? sock_kmalloc+0xd6/0x160
[ 3277.126669][ T4212]  sock_kmalloc+0xd6/0x160
[ 3277.126693][ T4212]  ____sys_sendmsg+0x1b5/0x820
[ 3277.126720][ T4212]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3277.126751][ T4212]  ? import_iovec+0x74/0xa0
[ 3277.126774][ T4212]  ___sys_sendmsg+0x21f/0x2a0
[ 3277.126798][ T4212]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3277.126858][ T4212]  ? __fget_files+0x2a/0x420
[ 3277.126880][ T4212]  ? __fget_files+0x3a6/0x420
[ 3277.126914][ T4212]  __x64_sys_sendmsg+0x1a1/0x260
[ 3277.126937][ T4212]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 3277.126975][ T4212]  ? __pfx_ksys_write+0x10/0x10
[ 3277.127001][ T4212]  ? do_syscall_64+0xbe/0xfa0
[ 3277.127028][ T4212]  do_syscall_64+0xfa/0xfa0
[ 3277.127055][ T4212]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3277.127080][ T4212]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3277.127098][ T4212]  ? clear_bhb_loop+0x60/0xb0
[ 3277.127119][ T4212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3277.127137][ T4212] RIP: 0033:0x7f63a1a0efc9
[ 3277.127153][ T4212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3277.127169][ T4212] RSP: 002b:00007f639fc6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3277.127188][ T4212] RAX: ffffffffffffffda RBX: 00007f63a1c65fa0 RCX: 00007f63a1a0efc9
[ 3277.127202][ T4212] RDX: 0000000000000040 RSI: 0000200000001580 RDI: 0000000000000003
[ 3277.127214][ T4212] RBP: 00007f639fc6e090 R08: 0000000000000000 R09: 0000000000000000
[ 3277.127226][ T4212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3277.127237][ T4212] R13: 00007f63a1c66038 R14: 00007f63a1c65fa0 R15: 00007ffe99ad11e8
[ 3277.127270][ T4212]  </TASK>
[ 3277.344643][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3277.349332][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3277.349970][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3279.160234][ T5998] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 3279.219332][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3279.852199][ T5998] usb 6-1: device not accepting address 106, error -71
[ 3280.252952][   T37] kauditd_printk_skb: 44 callbacks suppressed
[ 3280.252968][   T37] audit: type=1326 audit(3434.468:1736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.253360][   T37] audit: type=1326 audit(3434.468:1737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.253663][   T37] audit: type=1326 audit(3434.468:1738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.254077][   T37] audit: type=1326 audit(3434.468:1739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.284755][T20055] usb 9-1: new high-speed USB device number 45 using dummy_hcd
[ 3280.361679][   T37] audit: type=1326 audit(3434.468:1740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.362303][   T37] audit: type=1326 audit(3434.584:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.362612][   T37] audit: type=1326 audit(3434.584:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4281 comm="syz.5.21223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3280.433755][T20055] usb 9-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 3280.433784][T20055] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3280.433802][T20055] usb 9-1: Product: syz
[ 3280.433815][T20055] usb 9-1: Manufacturer: syz
[ 3280.433828][T20055] usb 9-1: SerialNumber: syz
[ 3280.449227][T20055] usb 9-1: config 0 descriptor??
[ 3280.454361][T20055] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 3280.614566][ T1775] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 3280.636624][ T4296] netlink: 12 bytes leftover after parsing attributes in process `syz.5.21227'.
[ 3280.909451][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909451][ T4312] Use struct sctp_sack_info instead
[ 3280.909502][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909502][ T4312] Use struct sctp_sack_info instead
[ 3280.909534][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909534][ T4312] Use struct sctp_sack_info instead
[ 3280.909565][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909565][ T4312] Use struct sctp_sack_info instead
[ 3280.909595][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909595][ T4312] Use struct sctp_sack_info instead
[ 3280.909626][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909626][ T4312] Use struct sctp_sack_info instead
[ 3280.909656][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909656][ T4312] Use struct sctp_sack_info instead
[ 3280.909687][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909687][ T4312] Use struct sctp_sack_info instead
[ 3280.909718][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909718][ T4312] Use struct sctp_sack_info instead
[ 3280.909748][ T4312] sctp: [Deprecated]: syz.6.21234 (pid 4312) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 3280.909748][ T4312] Use struct sctp_sack_info instead
[ 3281.010318][ T5998] usb 9-1: USB disconnect, device number 45
[ 3281.021257][ T7830] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3281.474939][ T5998] usb 9-1: new high-speed USB device number 46 using dummy_hcd
[ 3281.642670][ T5998] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3281.644093][ T5998] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3281.644119][ T5998] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3281.644138][ T5998] usb 9-1: SerialNumber: syz
[ 3281.856071][T21804] usb 6-1: new high-speed USB device number 108 using dummy_hcd
[ 3281.873476][ T4353] netlink: 8 bytes leftover after parsing attributes in process `syz.9.21252'.
[ 3281.873496][ T4353] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 3283.166195][T21804] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3283.167852][T21804] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3283.167877][T21804] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3283.167896][T21804] usb 6-1: SerialNumber: syz
[ 3283.172787][ T7830] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3283.173383][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3283.205423][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3283.231891][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3283.284492][ T6731] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 3283.378765][ T4337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3283.379198][ T4337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3283.394725][T21804] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[ 3283.407436][T21804] usb 6-1: USB disconnect, device number 108
[ 3283.455764][ T6731] usb 10-1: Using ep0 maxpacket: 32
[ 3283.458076][ T6731] usb 10-1: config 0 has an invalid interface number: 244 but max is 0
[ 3283.458099][ T6731] usb 10-1: config 0 has no interface number 0
[ 3283.458129][ T6731] usb 10-1: config 0 interface 244 has no altsetting 0
[ 3283.461642][ T6731] usb 10-1: New USB device found, idVendor=0e41, idProduct=4750, bcdDevice=26.9c
[ 3283.461667][ T6731] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3283.461686][ T6731] usb 10-1: Product: syz
[ 3283.461699][ T6731] usb 10-1: Manufacturer: syz
[ 3283.461711][ T6731] usb 10-1: SerialNumber: syz
[ 3283.489563][ T6731] usb 10-1: config 0 descriptor??
[ 3283.566757][ T6731] snd_usb_toneport 10-1:0.244: Line 6 GuitarPort found
[ 3283.896239][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3284.442792][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3284.552000][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3284.668850][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3284.904701][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3284.907505][ T5998] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -71
[ 3284.945525][ T5998] usb 9-1: USB disconnect, device number 46
[ 3285.101905][   T37] audit: type=1326 audit(3439.549:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.102019][   T37] audit: type=1326 audit(3439.549:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.147600][   T37] audit: type=1326 audit(3439.612:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.147720][   T37] audit: type=1326 audit(3439.612:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.147949][   T37] audit: type=1326 audit(3439.612:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.148057][   T37] audit: type=1326 audit(3439.612:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.148530][   T37] audit: type=1326 audit(3439.612:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.177356][   T37] audit: type=1326 audit(3439.633:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.177673][   T37] audit: type=1326 audit(3439.633:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.183387][   T37] audit: type=1326 audit(3439.633:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4380 comm="syz.7.21260" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3285.339079][ T6731] snd_usb_toneport 10-1:0.244: set_interface failed
[ 3285.339389][ T6731] snd_usb_toneport 10-1:0.244: Line 6 GuitarPort now disconnected
[ 3285.339608][ T6731] snd_usb_toneport 10-1:0.244: probe with driver snd_usb_toneport failed with error -71
[ 3285.368615][ T6731] usb 10-1: USB disconnect, device number 41
[ 3286.695352][ T4403] random: crng reseeded on system resumption
[ 3287.594240][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3287.627369][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3287.711439][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3287.836004][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3288.314656][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3288.315491][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3288.893741][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3289.674678][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3289.885226][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3290.103596][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3290.124350][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3290.680753][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3290.746003][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3290.898247][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3291.532421][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3291.816738][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3292.066498][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3292.386393][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3292.388081][ T5998] usb 9-1: new high-speed USB device number 47 using dummy_hcd
[ 3292.552412][ T5998] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3292.554186][ T5998] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3292.554214][ T5998] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3292.554233][ T5998] usb 9-1: SerialNumber: syz
[ 3293.530714][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3293.564121][ T6111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3293.564407][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3293.817929][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3293.896622][ T7830] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3293.936236][ T4500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3293.936675][ T4500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3293.939133][ T5998] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -71
[ 3294.009258][ T5998] usb 9-1: USB disconnect, device number 47
[ 3294.525366][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3295.011229][ T6731] usb 9-1: new low-speed USB device number 48 using dummy_hcd
[ 3295.155960][ T6731] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[ 3295.155986][ T6731] usb 9-1: config 0 has no interface number 0
[ 3295.156035][ T6731] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 3295.156060][ T6731] usb 9-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 3295.156097][ T6731] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 3295.156117][ T6731] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3295.159526][ T6731] usb 9-1: config 0 descriptor??
[ 3295.165811][ T6731] iowarrior 9-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 3295.263859][ T4556] netlink: 660 bytes leftover after parsing attributes in process `syz.5.21332'.
[ 3295.263901][ T4556] FAULT_INJECTION: forcing a failure.
[ 3295.263901][ T4556] name failslab, interval 1, probability 0, space 0, times 0
[ 3295.263927][ T4556] CPU: 1 UID: 0 PID: 4556 Comm: syz.5.21332 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3295.263946][ T4556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3295.263956][ T4556] Call Trace:
[ 3295.263964][ T4556]  <TASK>
[ 3295.263972][ T4556]  dump_stack_lvl+0x189/0x250
[ 3295.264001][ T4556]  ? __pfx____ratelimit+0x10/0x10
[ 3295.264024][ T4556]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3295.264048][ T4556]  ? __pfx__printk+0x10/0x10
[ 3295.264076][ T4556]  ? __pfx___might_resched+0x10/0x10
[ 3295.264094][ T4556]  ? fs_reclaim_acquire+0x7d/0x100
[ 3295.264123][ T4556]  should_fail_ex+0x46c/0x600
[ 3295.264150][ T4556]  ? __alloc_skb+0x112/0x2d0
[ 3295.264168][ T4556]  should_failslab+0xa8/0x100
[ 3295.264193][ T4556]  ? __alloc_skb+0x112/0x2d0
[ 3295.264208][ T4556]  kmem_cache_alloc_node_noprof+0x78/0x6e0
[ 3295.264239][ T4556]  __alloc_skb+0x112/0x2d0
[ 3295.264268][ T4556]  netlink_ack+0x146/0xa50
[ 3295.264285][ T4556]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 3295.264313][ T4556]  ? __lock_acquire+0xab9/0xd20
[ 3295.264344][ T4556]  netlink_rcv_skb+0x28c/0x470
[ 3295.264363][ T4556]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 3295.264386][ T4556]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3295.264422][ T4556]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3295.264440][ T4556]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3295.264463][ T4556]  genl_rcv+0x28/0x40
[ 3295.264482][ T4556]  netlink_unicast+0x846/0xa10
[ 3295.264516][ T4556]  ? __pfx_netlink_unicast+0x10/0x10
[ 3295.264543][ T4556]  ? netlink_sendmsg+0x642/0xb30
[ 3295.264559][ T4556]  ? skb_put+0x11b/0x210
[ 3295.264581][ T4556]  netlink_sendmsg+0x805/0xb30
[ 3295.264597][ T4556]  ? is_bpf_text_address+0x26/0x2b0
[ 3295.264631][ T4556]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3295.264660][ T4556]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3295.264683][ T4556]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3295.264703][ T4556]  __sock_sendmsg+0x21c/0x270
[ 3295.264730][ T4556]  ____sys_sendmsg+0x508/0x820
[ 3295.264757][ T4556]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3295.264787][ T4556]  ? import_iovec+0x74/0xa0
[ 3295.264811][ T4556]  ___sys_sendmsg+0x21f/0x2a0
[ 3295.264835][ T4556]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3295.264892][ T4556]  ? __fget_files+0x2a/0x420
[ 3295.264913][ T4556]  ? __fget_files+0x3a6/0x420
[ 3295.264948][ T4556]  __x64_sys_sendmsg+0x1a1/0x260
[ 3295.264972][ T4556]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 3295.265004][ T4556]  ? __pfx_ksys_write+0x10/0x10
[ 3295.265030][ T4556]  ? do_syscall_64+0xbe/0xfa0
[ 3295.265056][ T4556]  do_syscall_64+0xfa/0xfa0
[ 3295.265075][ T4556]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3295.265097][ T4556]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3295.265115][ T4556]  ? clear_bhb_loop+0x60/0xb0
[ 3295.265137][ T4556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3295.265154][ T4556] RIP: 0033:0x7faa3932efc9
[ 3295.265171][ T4556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3295.265186][ T4556] RSP: 002b:00007faa37596038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3295.265205][ T4556] RAX: ffffffffffffffda RBX: 00007faa39585fa0 RCX: 00007faa3932efc9
[ 3295.265218][ T4556] RDX: 000000002404c140 RSI: 00002000000000c0 RDI: 0000000000000003
[ 3295.265231][ T4556] RBP: 00007faa37596090 R08: 0000000000000000 R09: 0000000000000000
[ 3295.265242][ T4556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3295.265258][ T4556] R13: 00007faa39586038 R14: 00007faa39585fa0 R15: 00007ffd53673968
[ 3295.265292][ T4556]  </TASK>
[ 3295.637447][ T1318] ieee802154 phy1 wpan1: encryption failed: -22
[ 3295.688002][ T6731] usb 9-1: USB disconnect, device number 48
[ 3295.928293][   T37] kauditd_printk_skb: 11 callbacks suppressed
[ 3295.928311][   T37] audit: type=1326 audit(3450.919:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.932447][   T37] audit: type=1326 audit(3450.919:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.932771][   T37] audit: type=1326 audit(3450.919:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.934803][   T37] audit: type=1326 audit(3450.919:1768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.964412][   T37] audit: type=1326 audit(3450.919:1767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.999090][   T37] audit: type=1326 audit(3450.992:1769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.999141][   T37] audit: type=1326 audit(3450.992:1770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.999546][   T37] audit: type=1326 audit(3450.992:1771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3295.999813][   T37] audit: type=1326 audit(3450.992:1772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3296.000163][   T37] audit: type=1326 audit(3450.992:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4564 comm="syz.5.21337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3296.241060][ T7830] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3297.033423][ T4591] netlink: 'syz.8.21348': attribute type 8 has an invalid length.
[ 3297.033855][ T4591] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 3297.035093][ T4591] netlink: 'syz.8.21348': attribute type 29 has an invalid length.
[ 3297.331377][ T4608] FAULT_INJECTION: forcing a failure.
[ 3297.331377][ T4608] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3297.331397][ T4608] CPU: 0 UID: 0 PID: 4608 Comm: syz.5.21347 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3297.331409][ T4608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3297.331415][ T4608] Call Trace:
[ 3297.331419][ T4608]  <TASK>
[ 3297.331424][ T4608]  dump_stack_lvl+0x189/0x250
[ 3297.331443][ T4608]  ? __pfx____ratelimit+0x10/0x10
[ 3297.331456][ T4608]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3297.331470][ T4608]  ? __pfx__printk+0x10/0x10
[ 3297.331482][ T4608]  ? __might_fault+0xb0/0x130
[ 3297.331501][ T4608]  should_fail_ex+0x46c/0x600
[ 3297.331517][ T4608]  _copy_from_user+0x2d/0xb0
[ 3297.331528][ T4608]  __sys_bpf+0x1e3/0x860
[ 3297.331543][ T4608]  ? __pfx___sys_bpf+0x10/0x10
[ 3297.331554][ T4608]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 3297.331574][ T4608]  ? ksys_write+0x230/0x260
[ 3297.331587][ T4608]  ? __pfx_ksys_write+0x10/0x10
[ 3297.331602][ T4608]  __x64_sys_bpf+0x7c/0x90
[ 3297.331614][ T4608]  do_syscall_64+0xfa/0xfa0
[ 3297.331626][ T4608]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3297.331638][ T4608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3297.331648][ T4608]  ? clear_bhb_loop+0x60/0xb0
[ 3297.331660][ T4608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3297.331669][ T4608] RIP: 0033:0x7faa3932efc9
[ 3297.331679][ T4608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3297.331687][ T4608] RSP: 002b:00007faa37596038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3297.331699][ T4608] RAX: ffffffffffffffda RBX: 00007faa39585fa0 RCX: 00007faa3932efc9
[ 3297.331706][ T4608] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[ 3297.331713][ T4608] RBP: 00007faa37596090 R08: 0000000000000000 R09: 0000000000000000
[ 3297.331719][ T4608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3297.331725][ T4608] R13: 00007faa39586038 R14: 00007faa39585fa0 R15: 00007ffd53673968
[ 3297.331742][ T4608]  </TASK>
[ 3297.759599][ T4610] ceph: No mds server is up or the cluster is laggy
[ 3297.859104][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3298.068641][    C0] vkms_vblank_simulate: vblank timer overrun
[ 3298.107738][ T4624] netlink: 40 bytes leftover after parsing attributes in process `syz.7.21360'.
[ 3299.395090][ T7830] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3299.395328][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3299.398527][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3299.400093][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3299.806297][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3300.140462][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3300.780943][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3301.372909][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3302.253515][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3302.263018][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3302.467498][   T37] kauditd_printk_skb: 252 callbacks suppressed
[ 3302.467510][   T37] audit: type=1326 audit(3457.784:2026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.467708][   T37] audit: type=1326 audit(3457.784:2027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.467907][   T37] audit: type=1326 audit(3457.784:2028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.468067][   T37] audit: type=1326 audit(3457.784:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.566694][   T37] audit: type=1326 audit(3457.889:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.583660][   T37] audit: type=1326 audit(3457.900:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.583717][   T37] audit: type=1326 audit(3457.900:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.586132][   T37] audit: type=1326 audit(3457.910:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.586179][   T37] audit: type=1326 audit(3457.910:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.586843][   T37] audit: type=1326 audit(3457.910:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4695 comm="syz.5.21389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3302.973407][ T4713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3302.974991][ T4713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3303.058452][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3303.566008][ T3355] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[ 3303.937869][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3304.003073][ T3355] usb 10-1: Using ep0 maxpacket: 8
[ 3304.039633][ T3355] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3304.039663][ T3355] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3304.039698][ T3355] usb 10-1: New USB device found, idVendor=0853, idProduct=0148, bcdDevice= 0.00
[ 3304.039720][ T3355] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3304.086061][ T3355] usb 10-1: config 0 descriptor??
[ 3304.374456][ T3355] usbhid 10-1:0.0: can't add hid device: -71
[ 3304.374593][ T3355] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 3304.378614][ T3355] usb 10-1: USB disconnect, device number 42
[ 3304.720608][ T4746] FAULT_INJECTION: forcing a failure.
[ 3304.720608][ T4746] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3304.720639][ T4746] CPU: 0 UID: 0 PID: 4746 Comm: syz.6.21408 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3304.720658][ T4746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3304.720669][ T4746] Call Trace:
[ 3304.720676][ T4746]  <TASK>
[ 3304.720684][ T4746]  dump_stack_lvl+0x189/0x250
[ 3304.720713][ T4746]  ? __pfx____ratelimit+0x10/0x10
[ 3304.720734][ T4746]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3304.720757][ T4746]  ? __pfx__printk+0x10/0x10
[ 3304.720781][ T4746]  ? __asan_memcpy+0x40/0x70
[ 3304.720806][ T4746]  should_fail_ex+0x46c/0x600
[ 3304.720832][ T4746]  _copy_to_user+0x31/0xb0
[ 3304.720852][ T4746]  bpf_verifier_vlog+0x48c/0x900
[ 3304.720887][ T4746]  __btf_verifier_log+0xd4/0x120
[ 3304.720911][ T4746]  ? __pfx___btf_verifier_log+0x10/0x10
[ 3304.720927][ T4746]  ? __might_fault+0xb0/0x130
[ 3304.720954][ T4746]  ? btf_parse_hdr+0x1e2/0x6d0
[ 3304.720980][ T4746]  btf_parse_hdr+0x282/0x6d0
[ 3304.721006][ T4746]  btf_new_fd+0x36d/0xcf0
[ 3304.721027][ T4746]  ? safesetid_security_capable+0xa9/0x1a0
[ 3304.721059][ T4746]  ? __pfx_btf_new_fd+0x10/0x10
[ 3304.721081][ T4746]  ? bpf_token_put+0x143/0x160
[ 3304.721099][ T4746]  ? bpf_btf_load+0x126/0x190
[ 3304.721123][ T4746]  __sys_bpf+0x3ed/0x860
[ 3304.721145][ T4746]  ? __pfx___sys_bpf+0x10/0x10
[ 3304.721163][ T4746]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 3304.721196][ T4746]  ? ksys_write+0x230/0x260
[ 3304.721218][ T4746]  ? __pfx_ksys_write+0x10/0x10
[ 3304.721246][ T4746]  __x64_sys_bpf+0x7c/0x90
[ 3304.721268][ T4746]  do_syscall_64+0xfa/0xfa0
[ 3304.721287][ T4746]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3304.721307][ T4746]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3304.721324][ T4746]  ? clear_bhb_loop+0x60/0xb0
[ 3304.721345][ T4746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3304.721370][ T4746] RIP: 0033:0x7f6c2edaefc9
[ 3304.721387][ T4746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3304.721400][ T4746] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3304.721420][ T4746] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3304.721433][ T4746] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 0000000000000012
[ 3304.721446][ T4746] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3304.721456][ T4746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3304.721466][ T4746] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3304.721497][ T4746]  </TASK>
[ 3305.067993][ T7848] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3305.091699][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3305.706620][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3305.706878][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3306.024944][ T4755] /dev/nullb0: Can't lookup blockdev
[ 3306.102813][ T4759] netlink: 60 bytes leftover after parsing attributes in process `syz.8.21409'.
[ 3306.102857][ T4759] netlink: 32 bytes leftover after parsing attributes in process `syz.8.21409'.
[ 3306.308524][T20055] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[ 3306.477843][T20055] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3306.500454][T20055] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3306.500495][T20055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3306.500534][T20055] usb 6-1: SerialNumber: syz
[ 3307.522538][ T4778] hub 2-0:1.0: USB hub found
[ 3307.533291][ T4778] hub 2-0:1.0: 1 port detected
[ 3308.027576][ T6111] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3308.361105][T20055] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 3310.244458][ T7871] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 3310.272599][T20055] usb 6-1: USB disconnect, device number 109
[ 3310.276079][T20055] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device
[ 3310.517612][ T6081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3310.518104][ T6081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3311.160020][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3311.160270][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3311.660737][ T4828] 9pnet_fd: p9_fd_create_tcp (4828): problem binding to privport
[ 3313.260523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3313.310578][ T7871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3314.135505][ T4888] netlink: 'syz.5.21466': attribute type 6 has an invalid length.
[ 3314.135527][ T4888] netlink: 12 bytes leftover after parsing attributes in process `syz.5.21466'.
[ 3314.170212][   T37] kauditd_printk_skb: 31 callbacks suppressed
[ 3314.170230][   T37] audit: type=1326 audit(3470.078:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.170280][   T37] audit: type=1326 audit(3470.078:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.170320][   T37] audit: type=1326 audit(3470.078:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.170360][   T37] audit: type=1326 audit(3470.078:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.170397][   T37] audit: type=1326 audit(3470.078:2071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.177153][   T37] audit: type=1326 audit(3470.088:2072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.177212][   T37] audit: type=1326 audit(3470.088:2073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.178413][   T37] audit: type=1326 audit(3470.088:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.178459][   T37] audit: type=1326 audit(3470.088:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.178499][   T37] audit: type=1326 audit(3470.088:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4887 comm="syz.8.21465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e25aaefc9 code=0x7ffc0000
[ 3314.266790][T31022] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xb0
[ 3315.530240][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3315.563029][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3315.563509][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3315.737434][ T4954] netlink: 'syz.8.21493': attribute type 6 has an invalid length.
[ 3315.737457][ T4954] netlink: 12 bytes leftover after parsing attributes in process `syz.8.21493'.
[ 3315.842533][ T7871] nci: nci_rf_intf_activated_ntf_packet: unsupported rf_interface 0xb0
[ 3315.872095][T20055] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[ 3316.026036][T20055] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3316.027143][T20055] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3316.027168][T20055] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3316.027187][T20055] usb 6-1: SerialNumber: syz
[ 3316.226692][ T4935] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3316.227094][ T4935] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3316.229475][T20055] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[ 3316.272445][T20055] usb 6-1: USB disconnect, device number 110
[ 3316.461861][ T7871] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3316.462765][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3316.507575][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3316.623756][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3316.725245][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3316.845440][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3316.944153][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3317.209234][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3317.447724][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3317.654943][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3318.613123][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3318.800660][ T6081] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3318.942692][   T37] kauditd_printk_skb: 349 callbacks suppressed
[ 3318.942710][   T37] audit: type=1326 audit(3475.085:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.943002][   T37] audit: type=1326 audit(3475.085:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.944842][   T37] audit: type=1326 audit(3475.085:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.945062][   T37] audit: type=1326 audit(3475.085:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.945107][   T37] audit: type=1326 audit(3475.085:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.953658][   T37] audit: type=1326 audit(3475.096:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.953712][   T37] audit: type=1326 audit(3475.096:2432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.953750][   T37] audit: type=1326 audit(3475.096:2433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.953791][   T37] audit: type=1326 audit(3475.096:2434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3318.953831][   T37] audit: type=1326 audit(3475.096:2435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5029 comm="syz.5.21524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faa3932efc9 code=0x7ffc0000
[ 3319.552247][ T5061] IPv6: NLM_F_CREATE should be specified when creating new route
[ 3320.215199][ T8040] usb 6-1: new high-speed USB device number 111 using dummy_hcd
[ 3320.366636][ T8040] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3320.372037][ T8040] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3320.372066][ T8040] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3320.372084][ T8040] usb 6-1: SerialNumber: syz
[ 3320.626414][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3320.627421][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3320.880888][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3321.224255][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3321.339935][ T5117] hub 2-0:1.0: USB hub found
[ 3321.350301][ T5117] hub 2-0:1.0: 1 port detected
[ 3321.364807][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3321.533432][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3321.859506][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3321.860224][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3321.879003][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3322.223406][ T8040] cdc_ether 6-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.5-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 3322.368785][T30923] usb 9-1: new high-speed USB device number 49 using dummy_hcd
[ 3322.521177][T30923] usb 9-1: Using ep0 maxpacket: 16
[ 3322.533707][T30923] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 3322.533731][T30923] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3322.533808][T30923] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 3322.533829][T30923] usb 9-1: too many endpoints for config 1 interface 2 altsetting 0: 255, using maximum allowed: 30
[ 3322.533881][T30923] usb 9-1: config 1 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 3322.538124][T30923] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3322.538149][T30923] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3322.538168][T30923] usb 9-1: Product: syz
[ 3322.538181][T30923] usb 9-1: Manufacturer: syz
[ 3322.538194][T30923] usb 9-1: SerialNumber: syz
[ 3322.813072][ T5127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3322.821190][ T5127] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3322.897072][T30923] usb 9-1: USB disconnect, device number 49
[ 3323.551441][T30923] usb 6-1: USB disconnect, device number 111
[ 3323.554953][T30923] cdc_ether 6-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.5-1, CDC Ethernet Device
[ 3324.290173][ T5120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3325.016325][T30923] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 3325.173965][T30923] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3325.175664][T30923] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3325.175690][T30923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3325.175708][T30923] usb 6-1: SerialNumber: syz
[ 3325.482375][ T5188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3325.484643][ T5188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3325.499852][T30923] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[ 3325.540952][T30923] usb 6-1: USB disconnect, device number 112
[ 3326.113688][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3326.137041][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3326.138133][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3326.593427][ T5255] netlink: 'syz.5.21621': attribute type 6 has an invalid length.
[ 3326.593451][ T5255] netlink: 12 bytes leftover after parsing attributes in process `syz.5.21621'.
[ 3327.053237][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3327.077930][   T37] kauditd_printk_skb: 290 callbacks suppressed
[ 3327.077947][   T37] audit: type=1326 audit(3483.610:2726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.077994][   T37] audit: type=1326 audit(3483.610:2727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.078035][   T37] audit: type=1326 audit(3483.620:2728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.078075][   T37] audit: type=1326 audit(3483.620:2729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.078116][   T37] audit: type=1326 audit(3483.620:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.078164][   T37] audit: type=1326 audit(3483.620:2731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.085245][   T37] audit: type=1326 audit(3483.631:2732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.085294][   T37] audit: type=1326 audit(3483.631:2733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.086101][   T37] audit: type=1326 audit(3483.631:2734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.086868][   T37] audit: type=1326 audit(3483.631:2735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5271 comm="syz.7.21626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f63a1a0efc9 code=0x7ffc0000
[ 3327.261644][ T5274] netlink: 'syz.7.21628': attribute type 6 has an invalid length.
[ 3327.261665][ T5274] netlink: 12 bytes leftover after parsing attributes in process `syz.7.21628'.
[ 3327.338160][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3327.338403][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3327.444060][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3327.642457][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3327.767323][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3328.098772][    C1] vkms_vblank_simulate: vblank timer overrun
[ 3328.257198][ T5301] FAULT_INJECTION: forcing a failure.
[ 3328.257198][ T5301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3328.257220][ T5301] CPU: 1 UID: 0 PID: 5301 Comm: syz.7.21637 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3328.257232][ T5301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3328.257239][ T5301] Call Trace:
[ 3328.257244][ T5301]  <TASK>
[ 3328.257250][ T5301]  dump_stack_lvl+0x189/0x250
[ 3328.257268][ T5301]  ? __pfx____ratelimit+0x10/0x10
[ 3328.257286][ T5301]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3328.257300][ T5301]  ? __pfx__printk+0x10/0x10
[ 3328.257312][ T5301]  ? __might_fault+0xb0/0x130
[ 3328.257332][ T5301]  should_fail_ex+0x46c/0x600
[ 3328.257349][ T5301]  _copy_from_user+0x2d/0xb0
[ 3328.257360][ T5301]  ___sys_sendmsg+0x158/0x2a0
[ 3328.257374][ T5301]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3328.257406][ T5301]  ? __fget_files+0x2a/0x420
[ 3328.257419][ T5301]  ? __fget_files+0x3a6/0x420
[ 3328.257437][ T5301]  __x64_sys_sendmsg+0x1a1/0x260
[ 3328.257450][ T5301]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 3328.257467][ T5301]  ? __pfx_ksys_write+0x10/0x10
[ 3328.257481][ T5301]  ? do_syscall_64+0xbe/0xfa0
[ 3328.257495][ T5301]  do_syscall_64+0xfa/0xfa0
[ 3328.257506][ T5301]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3328.257519][ T5301]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3328.257529][ T5301]  ? clear_bhb_loop+0x60/0xb0
[ 3328.257541][ T5301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3328.257550][ T5301] RIP: 0033:0x7f63a1a0efc9
[ 3328.257561][ T5301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3328.257570][ T5301] RSP: 002b:00007f639fc6e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3328.257581][ T5301] RAX: ffffffffffffffda RBX: 00007f63a1c65fa0 RCX: 00007f63a1a0efc9
[ 3328.257589][ T5301] RDX: 0000000000000884 RSI: 0000200000000240 RDI: 0000000000000003
[ 3328.257596][ T5301] RBP: 00007f639fc6e090 R08: 0000000000000000 R09: 0000000000000000
[ 3328.257602][ T5301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3328.257607][ T5301] R13: 00007f63a1c66038 R14: 00007f63a1c65fa0 R15: 00007ffe99ad11e8
[ 3328.257625][ T5301]  </TASK>
[ 3329.160822][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3330.140214][ T5380] FAULT_INJECTION: forcing a failure.
[ 3330.140214][ T5380] name failslab, interval 1, probability 0, space 0, times 0
[ 3330.140247][ T5380] CPU: 1 UID: 0 PID: 5380 Comm: syz.6.21672 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3330.140268][ T5380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3330.140279][ T5380] Call Trace:
[ 3330.140286][ T5380]  <TASK>
[ 3330.140295][ T5380]  dump_stack_lvl+0x189/0x250
[ 3330.140324][ T5380]  ? __pfx____ratelimit+0x10/0x10
[ 3330.140346][ T5380]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3330.140369][ T5380]  ? __pfx__printk+0x10/0x10
[ 3330.140397][ T5380]  ? __pfx___might_resched+0x10/0x10
[ 3330.140420][ T5380]  should_fail_ex+0x46c/0x600
[ 3330.140449][ T5380]  should_failslab+0xa8/0x100
[ 3330.140474][ T5380]  __kmalloc_noprof+0xcc/0x7d0
[ 3330.140496][ T5380]  ? kfree+0x51/0x950
[ 3330.140512][ T5380]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 3330.140540][ T5380]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 3330.140562][ T5380]  ? tomoyo_domain+0xda/0x130
[ 3330.140588][ T5380]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 3330.140612][ T5380]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 3330.140639][ T5380]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3330.140669][ T5380]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 3330.140691][ T5380]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3330.140743][ T5380]  ? __fget_files+0x2a/0x420
[ 3330.140770][ T5380]  ? __fget_files+0x3a6/0x420
[ 3330.140790][ T5380]  ? __fget_files+0x2a/0x420
[ 3330.140814][ T5380]  security_file_ioctl+0xcb/0x2d0
[ 3330.140842][ T5380]  __se_sys_ioctl+0x47/0x170
[ 3330.140864][ T5380]  do_syscall_64+0xfa/0xfa0
[ 3330.140883][ T5380]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3330.140903][ T5380]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3330.140920][ T5380]  ? clear_bhb_loop+0x60/0xb0
[ 3330.140943][ T5380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3330.140958][ T5380] RIP: 0033:0x7f6c2edaefc9
[ 3330.140973][ T5380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3330.140988][ T5380] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3330.141006][ T5380] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3330.141019][ T5380] RDX: 0000200000000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 3330.141031][ T5380] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3330.141042][ T5380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3330.141052][ T5380] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3330.141083][ T5380]  </TASK>
[ 3330.144682][ T5380] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3330.629056][ T5360] ceph: No mds server is up or the cluster is laggy
[ 3331.196301][ T5417] FAULT_INJECTION: forcing a failure.
[ 3331.196301][ T5417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3331.196332][ T5417] CPU: 0 UID: 0 PID: 5417 Comm: syz.6.21688 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3331.196352][ T5417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3331.196363][ T5417] Call Trace:
[ 3331.196371][ T5417]  <TASK>
[ 3331.196380][ T5417]  dump_stack_lvl+0x189/0x250
[ 3331.196408][ T5417]  ? __pfx____ratelimit+0x10/0x10
[ 3331.196430][ T5417]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3331.196455][ T5417]  ? __pfx__printk+0x10/0x10
[ 3331.196491][ T5417]  should_fail_ex+0x46c/0x600
[ 3331.196521][ T5417]  _copy_to_user+0x31/0xb0
[ 3331.196542][ T5417]  simple_read_from_buffer+0xe1/0x170
[ 3331.196570][ T5417]  proc_fail_nth_read+0x1b6/0x220
[ 3331.196593][ T5417]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3331.196615][ T5417]  ? rw_verify_area+0x2ac/0x4e0
[ 3331.196636][ T5417]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3331.196656][ T5417]  vfs_read+0x206/0xa30
[ 3331.196686][ T5417]  ? __pfx_vfs_read+0x10/0x10
[ 3331.196702][ T5417]  ? try_to_take_rt_mutex+0x7fd/0xac0
[ 3331.196731][ T5417]  ? mutex_lock_nested+0x154/0x1d0
[ 3331.196756][ T5417]  ? fdget_pos+0x253/0x320
[ 3331.196786][ T5417]  ksys_read+0x14b/0x260
[ 3331.196809][ T5417]  ? __pfx_ksys_read+0x10/0x10
[ 3331.196833][ T5417]  ? do_syscall_64+0xbe/0xfa0
[ 3331.196858][ T5417]  do_syscall_64+0xfa/0xfa0
[ 3331.196876][ T5417]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3331.196895][ T5417]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3331.196912][ T5417]  ? clear_bhb_loop+0x60/0xb0
[ 3331.196933][ T5417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3331.196949][ T5417] RIP: 0033:0x7f6c2edad9dc
[ 3331.196965][ T5417] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 3331.196979][ T5417] RSP: 002b:00007f6c2d016030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 3331.196996][ T5417] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edad9dc
[ 3331.197009][ T5417] RDX: 000000000000000f RSI: 00007f6c2d0160a0 RDI: 0000000000000004
[ 3331.197019][ T5417] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3331.197029][ T5417] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 3331.197039][ T5417] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3331.197070][ T5417]  </TASK>
[ 3331.599321][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3331.600335][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3332.335369][ T3355] usb 9-1: new high-speed USB device number 50 using dummy_hcd
[ 3332.748069][ T3355] usb 9-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3332.776073][ T3355] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3332.776105][ T3355] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3332.776124][ T3355] usb 9-1: SerialNumber: syz
[ 3332.820128][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3332.820384][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3333.399078][ T5451] ceph: No mds server is up or the cluster is laggy
[ 3333.694491][ T5463] hub 2-0:1.0: USB hub found
[ 3333.705263][ T5463] hub 2-0:1.0: 1 port detected
[ 3334.165482][T11199] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3334.531205][ T3355] cdc_ether 9-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.8-1, CDC Ethernet Device, 42:42:42:42:42:42
[ 3335.685945][ T5998] usb 6-1: new high-speed USB device number 113 using dummy_hcd
[ 3335.847768][ T5998] usb 6-1: Using ep0 maxpacket: 16
[ 3335.850408][ T5998] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 3335.850431][ T5998] usb 6-1: config 1 has no interface number 1
[ 3335.850477][ T5998] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 3335.853958][ T5998] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3335.853984][ T5998] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3335.854003][ T5998] usb 6-1: Product: syz
[ 3335.854016][ T5998] usb 6-1: Manufacturer: syz
[ 3335.854028][ T5998] usb 6-1: SerialNumber: syz
[ 3336.486043][T31674] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3337.096691][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3337.763581][ T3355] usb 9-1: USB disconnect, device number 50
[ 3337.779525][ T3355] cdc_ether 9-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.8-1, CDC Ethernet Device
[ 3340.666410][ T5601] FAULT_INJECTION: forcing a failure.
[ 3340.666410][ T5601] name failslab, interval 1, probability 0, space 0, times 0
[ 3340.666443][ T5601] CPU: 0 UID: 0 PID: 5601 Comm: syz.9.21767 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3340.666467][ T5601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3340.666479][ T5601] Call Trace:
[ 3340.666487][ T5601]  <TASK>
[ 3340.666496][ T5601]  dump_stack_lvl+0x189/0x250
[ 3340.666526][ T5601]  ? __pfx____ratelimit+0x10/0x10
[ 3340.666549][ T5601]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3340.666574][ T5601]  ? __pfx__printk+0x10/0x10
[ 3340.666602][ T5601]  ? __pfx___might_resched+0x10/0x10
[ 3340.666627][ T5601]  should_fail_ex+0x46c/0x600
[ 3340.666657][ T5601]  should_failslab+0xa8/0x100
[ 3340.666684][ T5601]  __kmalloc_noprof+0xcc/0x7d0
[ 3340.666706][ T5601]  ? kfree+0x51/0x950
[ 3340.666723][ T5601]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 3340.666751][ T5601]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 3340.666773][ T5601]  ? tomoyo_domain+0xda/0x130
[ 3340.666807][ T5601]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 3340.666833][ T5601]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 3340.666861][ T5601]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3340.666892][ T5601]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 3340.666915][ T5601]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3340.666962][ T5601]  ? __fget_files+0x2a/0x420
[ 3340.666991][ T5601]  ? __fget_files+0x3a6/0x420
[ 3340.667012][ T5601]  ? __fget_files+0x2a/0x420
[ 3340.667037][ T5601]  security_file_ioctl+0xcb/0x2d0
[ 3340.667060][ T5601]  __se_sys_ioctl+0x47/0x170
[ 3340.667083][ T5601]  do_syscall_64+0xfa/0xfa0
[ 3340.667104][ T5601]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3340.667125][ T5601]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3340.667144][ T5601]  ? clear_bhb_loop+0x60/0xb0
[ 3340.667166][ T5601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3340.667184][ T5601] RIP: 0033:0x7f53938cefc9
[ 3340.667201][ T5601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3340.667216][ T5601] RSP: 002b:00007f5391b2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3340.667235][ T5601] RAX: ffffffffffffffda RBX: 00007f5393b25fa0 RCX: 00007f53938cefc9
[ 3340.667249][ T5601] RDX: 00002000000000c0 RSI: 00000000000089e0 RDI: 0000000000000004
[ 3340.667262][ T5601] RBP: 00007f5391b2e090 R08: 0000000000000000 R09: 0000000000000000
[ 3340.667273][ T5601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3340.667285][ T5601] R13: 00007f5393b26038 R14: 00007f5393b25fa0 R15: 00007fff1bbedea8
[ 3340.667319][ T5601]  </TASK>
[ 3340.948424][ T5998] usb 6-1: 2:1 : no UAC_FORMAT_TYPE desc
[ 3340.989114][ T5601] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3341.286304][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3341.391722][ T5617] FAULT_INJECTION: forcing a failure.
[ 3341.391722][ T5617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3341.391766][ T5617] CPU: 0 UID: 0 PID: 5617 Comm: syz.6.21775 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3341.391786][ T5617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3341.391797][ T5617] Call Trace:
[ 3341.391805][ T5617]  <TASK>
[ 3341.391814][ T5617]  dump_stack_lvl+0x189/0x250
[ 3341.391846][ T5617]  ? __pfx____ratelimit+0x10/0x10
[ 3341.391870][ T5617]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3341.391894][ T5617]  ? __pfx__printk+0x10/0x10
[ 3341.391915][ T5617]  ? __might_fault+0xb0/0x130
[ 3341.391950][ T5617]  should_fail_ex+0x46c/0x600
[ 3341.391979][ T5617]  _copy_from_user+0x2d/0xb0
[ 3341.392003][ T5617]  __sys_sendto+0x262/0x520
[ 3341.392026][ T5617]  ? __pfx___sys_sendto+0x10/0x10
[ 3341.392077][ T5617]  ? ksys_write+0x230/0x260
[ 3341.392102][ T5617]  ? __pfx_ksys_write+0x10/0x10
[ 3341.392127][ T5617]  __x64_sys_sendto+0xde/0x100
[ 3341.392153][ T5617]  do_syscall_64+0xfa/0xfa0
[ 3341.392173][ T5617]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3341.392195][ T5617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3341.392213][ T5617]  ? clear_bhb_loop+0x60/0xb0
[ 3341.392235][ T5617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3341.392252][ T5617] RIP: 0033:0x7f6c2edaefc9
[ 3341.392269][ T5617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3341.392284][ T5617] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 3341.392303][ T5617] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3341.392316][ T5617] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 3341.392328][ T5617] RBP: 00007f6c2d016090 R08: 0000200000000140 R09: 0000000000000012
[ 3341.392340][ T5617] R10: 0000000024048800 R11: 0000000000000246 R12: 0000000000000001
[ 3341.392352][ T5617] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3341.392386][ T5617]  </TASK>
[ 3341.601105][T31674] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 3341.963438][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3344.541366][ T5723] FAULT_INJECTION: forcing a failure.
[ 3344.541366][ T5723] name failslab, interval 1, probability 0, space 0, times 0
[ 3344.541397][ T5723] CPU: 0 UID: 0 PID: 5723 Comm: syz.6.21826 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3344.541418][ T5723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3344.541429][ T5723] Call Trace:
[ 3344.541438][ T5723]  <TASK>
[ 3344.541446][ T5723]  dump_stack_lvl+0x189/0x250
[ 3344.541475][ T5723]  ? __pfx____ratelimit+0x10/0x10
[ 3344.541498][ T5723]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3344.541522][ T5723]  ? __pfx__printk+0x10/0x10
[ 3344.541550][ T5723]  ? __pfx___might_resched+0x10/0x10
[ 3344.541586][ T5723]  ? fs_reclaim_acquire+0x7d/0x100
[ 3344.541615][ T5723]  should_fail_ex+0x46c/0x600
[ 3344.541645][ T5723]  should_failslab+0xa8/0x100
[ 3344.541670][ T5723]  __kmalloc_noprof+0xcc/0x7d0
[ 3344.541698][ T5723]  ? tomoyo_encode+0x28b/0x550
[ 3344.541725][ T5723]  tomoyo_encode+0x28b/0x550
[ 3344.541753][ T5723]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 3344.541785][ T5723]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 3344.541811][ T5723]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 3344.541839][ T5723]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3344.541870][ T5723]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 3344.541893][ T5723]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3344.541948][ T5723]  ? __fget_files+0x2a/0x420
[ 3344.541977][ T5723]  ? __fget_files+0x3a6/0x420
[ 3344.541997][ T5723]  ? __fget_files+0x2a/0x420
[ 3344.542025][ T5723]  security_file_ioctl+0xcb/0x2d0
[ 3344.542047][ T5723]  __se_sys_ioctl+0x47/0x170
[ 3344.542070][ T5723]  do_syscall_64+0xfa/0xfa0
[ 3344.542091][ T5723]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3344.542113][ T5723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3344.542131][ T5723]  ? clear_bhb_loop+0x60/0xb0
[ 3344.542154][ T5723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3344.542171][ T5723] RIP: 0033:0x7f6c2edaefc9
[ 3344.542188][ T5723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3344.542205][ T5723] RSP: 002b:00007f6c2cff5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3344.542225][ T5723] RAX: ffffffffffffffda RBX: 00007f6c2f006090 RCX: 00007f6c2edaefc9
[ 3344.542239][ T5723] RDX: 0000200000000240 RSI: 0000000000005412 RDI: 0000000000000003
[ 3344.542251][ T5723] RBP: 00007f6c2cff5090 R08: 0000000000000000 R09: 0000000000000000
[ 3344.542264][ T5723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3344.542275][ T5723] R13: 00007f6c2f006128 R14: 00007f6c2f006090 R15: 00007ffca99be008
[ 3344.542310][ T5723]  </TASK>
[ 3344.542330][ T5723] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3345.268725][ T5727] FAULT_INJECTION: forcing a failure.
[ 3345.268725][ T5727] name failslab, interval 1, probability 0, space 0, times 0
[ 3345.268757][ T5727] CPU: 0 UID: 0 PID: 5727 Comm: syz.6.21828 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3345.268778][ T5727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3345.268789][ T5727] Call Trace:
[ 3345.268797][ T5727]  <TASK>
[ 3345.268806][ T5727]  dump_stack_lvl+0x189/0x250
[ 3345.268835][ T5727]  ? __pfx____ratelimit+0x10/0x10
[ 3345.268858][ T5727]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3345.268883][ T5727]  ? __pfx__printk+0x10/0x10
[ 3345.268910][ T5727]  ? __pfx___might_resched+0x10/0x10
[ 3345.268930][ T5727]  ? fs_reclaim_acquire+0x7d/0x100
[ 3345.268958][ T5727]  should_fail_ex+0x46c/0x600
[ 3345.268985][ T5727]  ? __alloc_skb+0x112/0x2d0
[ 3345.269002][ T5727]  should_failslab+0xa8/0x100
[ 3345.269027][ T5727]  ? __alloc_skb+0x112/0x2d0
[ 3345.269042][ T5727]  kmem_cache_alloc_node_noprof+0x78/0x6e0
[ 3345.269065][ T5727]  ? netlink_autobind+0xdb/0x300
[ 3345.269090][ T5727]  __alloc_skb+0x112/0x2d0
[ 3345.269113][ T5727]  netlink_sendmsg+0x5c6/0xb30
[ 3345.269130][ T5727]  ? is_bpf_text_address+0x26/0x2b0
[ 3345.269164][ T5727]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3345.269192][ T5727]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3345.269214][ T5727]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3345.269235][ T5727]  __sock_sendmsg+0x21c/0x270
[ 3345.269263][ T5727]  ____sys_sendmsg+0x508/0x820
[ 3345.269290][ T5727]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3345.269321][ T5727]  ? import_iovec+0x74/0xa0
[ 3345.269345][ T5727]  ___sys_sendmsg+0x21f/0x2a0
[ 3345.269368][ T5727]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3345.269435][ T5727]  ? __fget_files+0x2a/0x420
[ 3345.269456][ T5727]  ? __fget_files+0x3a6/0x420
[ 3345.269490][ T5727]  __x64_sys_sendmsg+0x1a1/0x260
[ 3345.269514][ T5727]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 3345.269545][ T5727]  ? __pfx_ksys_write+0x10/0x10
[ 3345.269571][ T5727]  ? do_syscall_64+0xbe/0xfa0
[ 3345.269597][ T5727]  do_syscall_64+0xfa/0xfa0
[ 3345.269617][ T5727]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3345.269638][ T5727]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3345.269656][ T5727]  ? clear_bhb_loop+0x60/0xb0
[ 3345.269678][ T5727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3345.269696][ T5727] RIP: 0033:0x7f6c2edaefc9
[ 3345.269712][ T5727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3345.269727][ T5727] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3345.269746][ T5727] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3345.269760][ T5727] RDX: 0000000000000884 RSI: 0000200000000240 RDI: 0000000000000003
[ 3345.269772][ T5727] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3345.269784][ T5727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3345.269795][ T5727] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3345.269828][ T5727]  </TASK>
[ 3346.849597][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3347.449702][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3348.668653][ T5856] FAULT_INJECTION: forcing a failure.
[ 3348.668653][ T5856] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3348.668684][ T5856] CPU: 0 UID: 0 PID: 5856 Comm: syz.6.21884 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3348.668705][ T5856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3348.668715][ T5856] Call Trace:
[ 3348.668723][ T5856]  <TASK>
[ 3348.668732][ T5856]  dump_stack_lvl+0x189/0x250
[ 3348.668761][ T5856]  ? __pfx____ratelimit+0x10/0x10
[ 3348.668783][ T5856]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3348.668807][ T5856]  ? __pfx__printk+0x10/0x10
[ 3348.668834][ T5856]  ? __asan_memcpy+0x40/0x70
[ 3348.668862][ T5856]  should_fail_ex+0x46c/0x600
[ 3348.668891][ T5856]  _copy_to_user+0x31/0xb0
[ 3348.668913][ T5856]  bpf_verifier_vlog+0x48c/0x900
[ 3348.668949][ T5856]  __btf_verifier_log+0xd4/0x120
[ 3348.668975][ T5856]  ? __pfx___btf_verifier_log+0x10/0x10
[ 3348.668992][ T5856]  ? __might_fault+0xb0/0x130
[ 3348.669033][ T5856]  ? btf_parse_hdr+0x1e2/0x6d0
[ 3348.669061][ T5856]  btf_parse_hdr+0x2d8/0x6d0
[ 3348.669089][ T5856]  btf_new_fd+0x36d/0xcf0
[ 3348.669111][ T5856]  ? safesetid_security_capable+0xa9/0x1a0
[ 3348.669146][ T5856]  ? __pfx_btf_new_fd+0x10/0x10
[ 3348.669170][ T5856]  ? bpf_token_put+0x143/0x160
[ 3348.669188][ T5856]  ? bpf_btf_load+0x126/0x190
[ 3348.669214][ T5856]  __sys_bpf+0x3ed/0x860
[ 3348.669238][ T5856]  ? __pfx___sys_bpf+0x10/0x10
[ 3348.669258][ T5856]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 3348.669340][ T5856]  ? ksys_write+0x230/0x260
[ 3348.669368][ T5856]  ? __pfx_ksys_write+0x10/0x10
[ 3348.669392][ T5856]  __x64_sys_bpf+0x7c/0x90
[ 3348.669414][ T5856]  do_syscall_64+0xfa/0xfa0
[ 3348.669436][ T5856]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3348.669458][ T5856]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3348.669478][ T5856]  ? clear_bhb_loop+0x60/0xb0
[ 3348.669500][ T5856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3348.669518][ T5856] RIP: 0033:0x7f6c2edaefc9
[ 3348.669536][ T5856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3348.669552][ T5856] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 3348.669578][ T5856] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3348.669592][ T5856] RDX: 0000000000000028 RSI: 00002000000000c0 RDI: 0000000000000012
[ 3348.669605][ T5856] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3348.669616][ T5856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3348.669628][ T5856] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3348.669662][ T5856]  </TASK>
[ 3349.545715][ T5878] FAULT_INJECTION: forcing a failure.
[ 3349.545715][ T5878] name failslab, interval 1, probability 0, space 0, times 0
[ 3349.545746][ T5878] CPU: 0 UID: 0 PID: 5878 Comm: syz.6.21893 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3349.545767][ T5878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3349.545778][ T5878] Call Trace:
[ 3349.545785][ T5878]  <TASK>
[ 3349.545794][ T5878]  dump_stack_lvl+0x189/0x250
[ 3349.545823][ T5878]  ? __pfx____ratelimit+0x10/0x10
[ 3349.545844][ T5878]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3349.545869][ T5878]  ? __pfx__printk+0x10/0x10
[ 3349.545897][ T5878]  ? __pfx___might_resched+0x10/0x10
[ 3349.545915][ T5878]  ? fs_reclaim_acquire+0x7d/0x100
[ 3349.545952][ T5878]  should_fail_ex+0x46c/0x600
[ 3349.545981][ T5878]  should_failslab+0xa8/0x100
[ 3349.546006][ T5878]  __kmalloc_node_track_caller_noprof+0xcf/0x7e0
[ 3349.546030][ T5878]  ? ip6_setup_cork+0x58f/0x10e0
[ 3349.546049][ T5878]  ? __kmalloc_cache_noprof+0x1ef/0x6c0
[ 3349.546076][ T5878]  kmemdup_noprof+0x2b/0x70
[ 3349.546099][ T5878]  ip6_setup_cork+0x58f/0x10e0
[ 3349.546130][ T5878]  ip6_append_data+0x237/0x380
[ 3349.546150][ T5878]  ? __pfx_ip_generic_getfrag+0x10/0x10
[ 3349.546175][ T5878]  l2tp_ip6_sendmsg+0x1286/0x17c0
[ 3349.546200][ T5878]  ? smack_ipv6host_label+0x81d/0x8e0
[ 3349.546235][ T5878]  ? __pfx_l2tp_ip6_sendmsg+0x10/0x10
[ 3349.546255][ T5878]  ? smack_socket_sendmsg+0x460/0x520
[ 3349.546301][ T5878]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[ 3349.546332][ T5878]  ? inet_sendmsg+0x2f4/0x370
[ 3349.546354][ T5878]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3349.546381][ T5878]  __sock_sendmsg+0x19c/0x270
[ 3349.546409][ T5878]  ____sys_sendmsg+0x508/0x820
[ 3349.546435][ T5878]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3349.546467][ T5878]  ? import_iovec+0x74/0xa0
[ 3349.546490][ T5878]  ___sys_sendmsg+0x21f/0x2a0
[ 3349.546514][ T5878]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3349.546575][ T5878]  ? __fget_files+0x2a/0x420
[ 3349.546596][ T5878]  ? __fget_files+0x3a6/0x420
[ 3349.546630][ T5878]  __x64_sys_sendmsg+0x1a1/0x260
[ 3349.546654][ T5878]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 3349.546684][ T5878]  ? __pfx_ksys_write+0x10/0x10
[ 3349.546710][ T5878]  ? do_syscall_64+0xbe/0xfa0
[ 3349.546736][ T5878]  do_syscall_64+0xfa/0xfa0
[ 3349.546756][ T5878]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3349.546777][ T5878]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3349.546796][ T5878]  ? clear_bhb_loop+0x60/0xb0
[ 3349.546817][ T5878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3349.546834][ T5878] RIP: 0033:0x7f6c2edaefc9
[ 3349.546851][ T5878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3349.546866][ T5878] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 3349.546886][ T5878] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3349.546899][ T5878] RDX: 0000000000000040 RSI: 0000200000001580 RDI: 0000000000000003
[ 3349.546910][ T5878] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3349.546928][ T5878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3349.546939][ T5878] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3349.546974][ T5878]  </TASK>
[ 3349.935325][ T5880] FAULT_INJECTION: forcing a failure.
[ 3349.935325][ T5880] name failslab, interval 1, probability 0, space 0, times 0
[ 3349.935381][ T5880] CPU: 0 UID: 0 PID: 5880 Comm: syz.6.21894 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3349.935402][ T5880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3349.935413][ T5880] Call Trace:
[ 3349.935421][ T5880]  <TASK>
[ 3349.935430][ T5880]  dump_stack_lvl+0x189/0x250
[ 3349.935459][ T5880]  ? __pfx____ratelimit+0x10/0x10
[ 3349.935482][ T5880]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3349.935506][ T5880]  ? __pfx__printk+0x10/0x10
[ 3349.935542][ T5880]  should_fail_ex+0x46c/0x600
[ 3349.935577][ T5880]  should_failslab+0xa8/0x100
[ 3349.935602][ T5880]  __kmalloc_noprof+0xcc/0x7d0
[ 3349.935624][ T5880]  ? bit_cursor+0xeb5/0x1f80
[ 3349.935648][ T5880]  bit_cursor+0xeb5/0x1f80
[ 3349.935664][ T5880]  ? preempt_schedule_notrace_thunk+0x16/0x30
[ 3349.935711][ T5880]  ? __pfx_bit_cursor+0x10/0x10
[ 3349.935725][ T5880]  ? __queue_work+0x146/0x1010
[ 3349.935761][ T5880]  ? __pfx_bit_cursor+0x10/0x10
[ 3349.935787][ T5880]  hide_cursor+0xd8/0x480
[ 3349.935810][ T5880]  ? __pfx_hide_cursor+0x10/0x10
[ 3349.935829][ T5880]  ? rt_spin_unlock+0x161/0x200
[ 3349.935856][ T5880]  redraw_screen+0x1eb/0xe90
[ 3349.935885][ T5880]  ? __pfx_redraw_screen+0x10/0x10
[ 3349.935900][ T5880]  ? kasan_quarantine_put+0xdd/0x220
[ 3349.935921][ T5880]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3349.935946][ T5880]  ? is_console_locked+0x9/0x20
[ 3349.935963][ T5880]  ? fbcon_clear_margins+0x24c/0x3b0
[ 3349.935991][ T5880]  fbcon_do_set_font+0xb3d/0x1120
[ 3349.936041][ T5880]  con_font_op+0xc08/0xfd0
[ 3349.936071][ T5880]  ? __pfx_con_font_op+0x10/0x10
[ 3349.936099][ T5880]  ? __might_fault+0xb0/0x130
[ 3349.936154][ T5880]  vt_ioctl+0x1a89/0x1f20
[ 3349.936179][ T5880]  ? __pfx_vt_ioctl+0x10/0x10
[ 3349.936198][ T5880]  ? __asan_memset+0x22/0x50
[ 3349.936218][ T5880]  ? smack_file_ioctl+0x24d/0x340
[ 3349.936244][ T5880]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 3349.936279][ T5880]  ? tty_jobctrl_ioctl+0x360/0xb50
[ 3349.936296][ T5880]  ? __fget_files+0x3a6/0x420
[ 3349.936318][ T5880]  ? __fget_files+0x2a/0x420
[ 3349.936344][ T5880]  tty_ioctl+0x92f/0xde0
[ 3349.936365][ T5880]  ? __pfx_tty_ioctl+0x10/0x10
[ 3349.936386][ T5880]  __se_sys_ioctl+0xff/0x170
[ 3349.936409][ T5880]  do_syscall_64+0xfa/0xfa0
[ 3349.936430][ T5880]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3349.936451][ T5880]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3349.936470][ T5880]  ? clear_bhb_loop+0x60/0xb0
[ 3349.936492][ T5880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3349.936510][ T5880] RIP: 0033:0x7f6c2edaefc9
[ 3349.936527][ T5880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3349.936543][ T5880] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3349.936563][ T5880] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3349.936577][ T5880] RDX: 0000200000000080 RSI: 0000000000004b72 RDI: 0000000000000003
[ 3349.936590][ T5880] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3349.936602][ T5880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3349.936614][ T5880] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3349.936648][ T5880]  </TASK>
[ 3351.108275][T27010] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 3351.147565][T27010] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 3351.150720][T27010] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 3351.151919][T27010] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 3351.177978][T27010] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 3351.518301][T27010] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 3351.538305][T27010] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 3351.540257][T27010] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 3351.543834][T27010] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 3351.544672][T27010] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 3351.726586][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3352.337033][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3353.174139][T11800] Bluetooth: hci0: command tx timeout
[ 3353.628474][T27010] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 3353.656772][T27010] Bluetooth: hci3: command tx timeout
[ 3353.678018][T27010] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 3353.688802][T27010] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 3353.690100][T27010] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 3353.692195][T27010] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 3355.155415][T21828] Bluetooth: hci0: command tx timeout
[ 3355.523080][T27010] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 3355.555928][T27010] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 3355.557984][T27010] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 3355.559248][T27010] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 3355.560079][T27010] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 3355.605168][T21828] Bluetooth: hci3: command tx timeout
[ 3355.690390][T27010] Bluetooth: hci7: command tx timeout
[ 3355.778189][ T6015] FAULT_INJECTION: forcing a failure.
[ 3355.778189][ T6015] name failslab, interval 1, probability 0, space 0, times 0
[ 3355.778221][ T6015] CPU: 0 UID: 0 PID: 6015 Comm: syz.6.21957 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 3355.778242][ T6015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 3355.778253][ T6015] Call Trace:
[ 3355.778262][ T6015]  <TASK>
[ 3355.778271][ T6015]  dump_stack_lvl+0x189/0x250
[ 3355.778300][ T6015]  ? __pfx____ratelimit+0x10/0x10
[ 3355.778323][ T6015]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 3355.778348][ T6015]  ? __pfx__printk+0x10/0x10
[ 3355.778376][ T6015]  ? __pfx___might_resched+0x10/0x10
[ 3355.778394][ T6015]  ? fs_reclaim_acquire+0x7d/0x100
[ 3355.778423][ T6015]  should_fail_ex+0x46c/0x600
[ 3355.778453][ T6015]  should_failslab+0xa8/0x100
[ 3355.778479][ T6015]  __kmalloc_noprof+0xcc/0x7d0
[ 3355.778502][ T6015]  ? tomoyo_encode+0x28b/0x550
[ 3355.778528][ T6015]  tomoyo_encode+0x28b/0x550
[ 3355.778555][ T6015]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 3355.778593][ T6015]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 3355.778619][ T6015]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 3355.778648][ T6015]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3355.778677][ T6015]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 3355.778701][ T6015]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3355.778756][ T6015]  ? __fget_files+0x2a/0x420
[ 3355.778785][ T6015]  ? __fget_files+0x3a6/0x420
[ 3355.778806][ T6015]  ? __fget_files+0x2a/0x420
[ 3355.778833][ T6015]  security_file_ioctl+0xcb/0x2d0
[ 3355.778855][ T6015]  __se_sys_ioctl+0x47/0x170
[ 3355.778878][ T6015]  do_syscall_64+0xfa/0xfa0
[ 3355.778899][ T6015]  ? lockdep_hardirqs_on+0x9c/0x150
[ 3355.778920][ T6015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3355.778939][ T6015]  ? clear_bhb_loop+0x60/0xb0
[ 3355.778961][ T6015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 3355.778979][ T6015] RIP: 0033:0x7f6c2edaefc9
[ 3355.778995][ T6015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3355.779011][ T6015] RSP: 002b:00007f6c2d016038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3355.779030][ T6015] RAX: ffffffffffffffda RBX: 00007f6c2f005fa0 RCX: 00007f6c2edaefc9
[ 3355.779044][ T6015] RDX: 0000000000000000 RSI: 00000000000007b1 RDI: 0000000000000003
[ 3355.779056][ T6015] RBP: 00007f6c2d016090 R08: 0000000000000000 R09: 0000000000000000
[ 3355.779067][ T6015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 3355.779079][ T6015] R13: 00007f6c2f006038 R14: 00007f6c2f005fa0 R15: 00007ffca99be008
[ 3355.779113][ T6015]  </TASK>
[ 3355.779133][ T6015] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3357.136468][T27010] Bluetooth: hci0: command tx timeout
[ 3357.213212][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3357.584644][T27010] Bluetooth: hci8: command tx timeout
[ 3357.585835][T27010] Bluetooth: hci3: command tx timeout
[ 3357.669950][T27010] Bluetooth: hci7: command tx timeout
[ 3357.823275][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3359.118324][T27010] Bluetooth: hci0: command tx timeout
[ 3359.566045][T21828] Bluetooth: hci3: command tx timeout
[ 3359.566096][T27010] Bluetooth: hci8: command tx timeout
[ 3359.642208][T27010] Bluetooth: hci7: command tx timeout
[ 3361.556965][T27010] Bluetooth: hci8: command tx timeout
[ 3361.633123][T27010] Bluetooth: hci7: command tx timeout
[ 3362.690749][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3362.691275][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3363.538259][T27010] Bluetooth: hci8: command tx timeout
[ 3368.188695][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3368.189160][T21775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3370.969784][T21828] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 3371.002515][T21828] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 3371.014446][T21828] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 3371.020636][T21828] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 3371.036994][T21828] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 3372.978064][T21828] Bluetooth: hci9: command tx timeout
[ 3373.664618][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3373.665608][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3374.959367][T21828] Bluetooth: hci9: command tx timeout
[ 3376.950200][T21828] Bluetooth: hci9: command tx timeout
[ 3378.922049][T21828] Bluetooth: hci9: command tx timeout
[ 3379.151091][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3379.152021][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3384.638055][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3384.644492][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3390.143492][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3390.145077][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3395.611329][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3395.611848][ T7855] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3400.495329][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3401.108899][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3405.365480][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3406.585215][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3407.380937][T27010] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 3407.408288][T27010] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 3407.412201][T27010] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 3407.431050][T27010] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 3407.431847][T27010] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 3408.415712][T21828] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 3408.436388][T21828] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 3408.440321][T21828] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 3408.453772][T21828] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 3408.457177][T21828] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 3409.404792][T21828] Bluetooth: hci10: command tx timeout
[ 3410.470935][T21828] Bluetooth: hci11: command tx timeout
[ 3410.861753][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3410.960743][T27010] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 3410.976252][T27010] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 3410.984229][T27010] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 3411.001532][T27010] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 3411.002364][T27010] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 3411.385416][T21828] Bluetooth: hci10: command tx timeout
[ 3411.462122][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3412.452247][T21828] Bluetooth: hci11: command tx timeout
[ 3413.008035][T27010] Bluetooth: hci12: command tx timeout
[ 3413.018114][ T6030] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 3413.080829][ T6030] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 3413.083438][ T6030] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 3413.084747][ T6030] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 3413.085607][ T6030] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 3413.369225][T21828] Bluetooth: hci10: command tx timeout
[ 3414.433496][T21828] Bluetooth: hci11: command tx timeout
[ 3414.967283][T21828] Bluetooth: hci12: command tx timeout
[ 3415.043267][T21828] Bluetooth: hci13: command tx timeout
[ 3415.348299][T21828] Bluetooth: hci10: command tx timeout
[ 3416.344525][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3416.414797][T21828] Bluetooth: hci11: command tx timeout
[ 3416.958470][T21828] Bluetooth: hci12: command tx timeout
[ 3416.959662][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3417.033906][T21828] Bluetooth: hci13: command tx timeout
[ 3418.939453][T21828] Bluetooth: hci12: command tx timeout
[ 3419.005877][T21828] Bluetooth: hci13: command tx timeout
[ 3420.987195][T21828] Bluetooth: hci13: command tx timeout
[ 3421.835787][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3422.436959][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3426.627097][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3427.931694][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3428.506751][ T6030] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 3428.545009][ T6030] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 3428.549881][ T6030] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 3428.566492][ T6030] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 3428.567338][ T6030] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 3430.522504][T21828] Bluetooth: hci14: command tx timeout
[ 3432.191324][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3432.503885][T21828] Bluetooth: hci14: command tx timeout
[ 3433.414340][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3434.475578][T21828] Bluetooth: hci14: command tx timeout
[ 3434.913477][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 3434.913497][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P29
[ 3434.913524][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=186181, q=25584 ncpus=2)
[ 3434.913541][    C1] task:ktimers/1       state:R  running task     stack:18992 pid:29    tgid:29    ppid:2      task_flags:0x4208040 flags:0x00080000
[ 3434.913569][    C1] Call Trace:
[ 3434.913576][    C1]  <IRQ>
[ 3434.913583][    C1]  sched_show_task+0x49d/0x630
[ 3434.913600][    C1]  ? __pfx_sched_show_task+0x10/0x10
[ 3434.913610][    C1]  ? rcu_dump_cpu_stacks+0x79/0x4e0
[ 3434.913625][    C1]  ? wq_watchdog_touch+0xef/0x180
[ 3434.913638][    C1]  print_other_cpu_stall+0xf78/0x1340
[ 3434.913657][    C1]  ? __pfx_print_other_cpu_stall+0x10/0x10
[ 3434.913680][    C1]  rcu_sched_clock_irq+0xa47/0x11b0
[ 3434.913689][    C1]  ? do_raw_spin_unlock+0x122/0x240
[ 3434.913709][    C1]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 3434.913723][    C1]  update_process_times+0x235/0x2d0
[ 3434.913737][    C1]  tick_nohz_handler+0x39a/0x520
[ 3434.913751][    C1]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 3434.913762][    C1]  __hrtimer_run_queues+0x506/0xd40
[ 3434.913785][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 3434.913797][    C1]  ? read_tsc+0x9/0x20
[ 3434.913812][    C1]  hrtimer_interrupt+0x45d/0xa90
[ 3434.913840][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[ 3434.913855][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 3434.913868][    C1]  </IRQ>
[ 3434.913872][    C1]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 3434.913877][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 3434.913888][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x29/0x80
[ 3434.913902][    C1] Code: 90 f3 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 70 a2 91 65 8b 35 08 b0 e3 0f 81 e6 00 00 ff 00 ba 00 01 00 00 23 91 4c 0b 00 00 <89> d7 09 f7 74 11 85 f6 75 39 85 d2 74 35 83 b9 14 16 00 00 00 74
[ 3434.913913][    C1] RSP: 0018:ffffc90000a3f8c8 EFLAGS: 00000206
[ 3434.913923][    C1] RAX: ffffffff88ddb24e RBX: 0000000000000000 RCX: ffff88801baf1e00
[ 3434.913930][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[ 3434.913938][    C1] RBP: 1ffff11007a0ed01 R08: 0000000000000000 R09: 0000000000000100
[ 3434.913946][    C1] R10: dffffc0000000000 R11: fffffbfff1dac5af R12: 0000000004000001
[ 3434.913953][    C1] R13: ffff88803d0768c8 R14: ffff88803d076808 R15: 0000000000000001
[ 3434.913967][    C1]  ? advance_sched+0x59e/0xc90
[ 3434.913983][    C1]  advance_sched+0x59e/0xc90
[ 3434.914003][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 3434.914013][    C1]  __hrtimer_run_queues+0x552/0xd40
[ 3434.914039][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 3434.914056][    C1]  ? ktime_get_update_offsets_now+0x3b2/0x3d0
[ 3434.914076][    C1]  hrtimer_run_softirq+0x1a3/0x2e0
[ 3434.914088][    C1]  handle_softirqs+0x22f/0x710
[ 3434.914105][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 3434.914127][    C1]  run_ktimerd+0xcf/0x190
[ 3434.914141][    C1]  ? __pfx_run_ktimerd+0x10/0x10
[ 3434.914152][    C1]  ? schedule+0x91/0x360
[ 3434.914172][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 3434.914185][    C1]  smpboot_thread_fn+0x542/0xa60
[ 3434.914198][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[ 3434.914214][    C1]  kthread+0x711/0x8a0
[ 3434.914230][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 3434.914241][    C1]  ? __pfx_kthread+0x10/0x10
[ 3434.914255][    C1]  ? rt_spin_unlock+0x150/0x200
[ 3434.914268][    C1]  ? rt_spin_unlock+0x161/0x200
[ 3434.914276][    C1]  ? __pfx_kthread+0x10/0x10
[ 3434.914289][    C1]  ret_from_fork+0x4bc/0x870
[ 3434.914304][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 3434.914322][    C1]  ? __switch_to_asm+0x39/0x70
[ 3434.914331][    C1]  ? __switch_to_asm+0x33/0x70
[ 3434.914340][    C1]  ? __pfx_kthread+0x10/0x10
[ 3434.914353][    C1]  ret_from_fork_asm+0x1a/0x30
[ 3434.914372][    C1]  </TASK>
[ 3436.466463][ T6030] Bluetooth: hci14: command tx timeout
[ 3437.067441][T31022] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3438.914727][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3441.954019][ T1775] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 3444.382505][   T88] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog